Encryption

(get it in RSS or Atom)

LinkedIn settles class action suit over 2012 unsalted password leak

LinkedIn settles class action suit over 2012 unsalted password leak

LinkedIn is privately settling the 2012 unsalted password leak. Were you one of the 800,000 affected users? Here's what you need to know.

SCADA programmers? It's time for security by default! 60 Sec Security [VIDEO]

Here's the latest episode of our weekly 60-second security video.

Enjoy the news in just one minute...

SSCC 182 - What would the Pirate Party do? [PODCAST]

This week's episode of our quarter-hour security podcast.

Entertaining as well as accurate and educational - why not give it a listen?

"Cheaper car insurance" dongle could lead to a privacy wreck

snapshot-250

You'd hope that the developers of a dongle that tracks your driving paid a lot of attention to computer security.

Or, in fact, any attention at all...

David Cameron wants to ban encrypted apps like iMessage and Whatsapp

David Cameron. Image courtesy of Frederic Legrand - COMEO / Shutterstock.

In the wake of the Paris attacks, UK Prime Minister David Cameron is targeting encrypted communications that governments can't read.

Moonpig takes down customer data-leaking apps after vulnerability found

Greetings card maker Moonpig takes down customer data-leaking apps

A developer says he disclosed a security hole to Moonpig and finally went public after it went unfixed for 17 months.

Whatsapp now provides end-to-end encryption by default for messages

Whatsapp

A new update to the Android version of WhatsApp includes an unexpected but pleasant surprise – end-to-end encryption that is enabled by default.

Naked Security bids farewell to HTTP

pcullis-250

From now on Naked Security will only be available over secure, encrypted HTTPS with Strict Transport Security and Forward Secrecy.

Would you allow access to Facebook at Work? [POLL]

What would you say to a variant of Facebook that you could use at work?

And not just *at* work, but *for* work?

POODLEs, Sandworms and getting safe online - 60 Sec Security [VIDEO]

The week's security news, turned into an entertaining lesson, turned into a 1-minute video.

Enjoy...

POODLE attack takes bytes out of your encrypted data - here's what to do

Heartbleed, Shellshock, Sandworm...and now POODLE.

It's a security hole that could let crooks read your encrypted web traffic.

Paul Ducklin takes you through how it works, and what you can do to avoid it, in plain (well, plain-ish) English...

Mummy, my schoolbooks are spying on me! 60 Sec Security [VIDEO]

Here's our latest 60 Second Security video for your viewing pleasure.

The wry side of the week's news, in just a minute...

US Attorney General urges tech companies to leave back doors open on gadgets for police

US Attorney General urges tech companies to leave back doors open on gadgets for police

Don't lock police out of popular consumer gadgets, lest law enforcement's efforts to nab kidnappers or child predators be stymied, the US AG said, becoming the latest of a string of government officials to speak out since Google and Apple announced they were changing encryption on their mobile operating systems.

We need to talk about email

Email

Today the people of the world will exchange about 250 *billion* messages using a system that has been shockingly insecure for decades: email.

That's why we need to talk about email...

5 excuses for doing nothing about computer security!

Here are five security excuses that we hear a lot, both from individuals and from small businesses.

We've given you some advice to help you argue back that security really does matter...

SSCC 159 - What can we learn from the "honeybot"? [PODCAST]

For your listening pleasure!

Here's this week's episode of the Sophos Security Chet Chat podcast...

SSCC 154: Fraud, viruses, patches and encryption (in that order!) [PODCAST]

Where does your country sit on the fraud list? Just how much can you trust SMSes on Android? Is Apple serious enough about iOS security? And will Google's End-To-End email encryption plugin save the world?

Find out with Chet and Duck in this week's Chet Chat podcast...

Google looks to make OpenPGP easier for Gmail users

Google switches Gmail to HTTPS only

In early June Google announced a new project designed to create a Chrome plugin to allow end-to-end encryption of web-based emails using OpenPGP. We take a look at its current state and explain how it works.

US House votes "overwhelmingly" to cut funding of NSA surveillance

NSA surveillance funding cuts OKed by US House

A strong majority of the US House have voted to cut funding for surveillance on citizens or for planting backdoors that let the government slip past encryption that's supposed to shield communications.

SSCC 152 - PF Chang's, TrueCrypt (still!), the Twitter worm and the cost of scammers [PODCAST]

Sophos security experts Chester Wisniewski and Paul Ducklin turn their attention on the week's security news.

As usual, they extract plenty of useful lessons during their insightful dissection of the latest issues...