Encryption

Google researchers discover SSL 3.0 bug

Google researchers discover SSL 3.0 bug

We've heard about a lot of bugs this year, not the least of which being the recent "Shellshock" bug. Now Google researchers have discovered a bug in SSL 3.0 that could allow hackers to nab user data. The discovery was detailed today in a report published by the team, which says they were able to breach the protocol using what they call a "POODLE" attack -- Padding Oracle On Downgraded Legacy Encryption attack. With this, they have recommended that SSL 3.0 be disabled to mitigate the problem.

Continue Reading

Adobe Digital Editions caught calling home with user logs

Adobe Digital Editions caught calling home with user logs

Home and mobile users might be more familiar with Adobe's Acrobat software for reading PDFs, but those who live on ebooks, particular in the EPUB format, also live in another program called Adobe Digital Editions or ADE. Popular (relatively) and widespread, this program has just been discovered to have one frightening flaw. Apparently, ADE transmits the app's activity logs to Adobe's servers, presumably for copyright protection purposes, but also seemingly includes unnecessary user data. Worse, it transmits them in a manner that can be easily read by unauthorized snooping third parties.

Continue Reading

Google to implement encryption by default in Android L

Google to implement encryption by default in Android L

Following Apple's privacy policy statement yesterday, Google is reported to be coming out with a similar hard-line stance in its next Android release. Devices that will be running the upcoming Android L, sometimes called Android 5.0 or Lemon Meringue Pie, will have their phone's data encrypted and password-protected by default, which would hinder both authorities and miscreants alike from gathering users' private data.

Continue Reading

Fox-IT, FireEye DecryptCryptoLocker saves ransomware victims

Fox-IT, FireEye DecryptCryptoLocker saves ransomware victims

At the height of the CryptoLocker ransomware plague, security companies Fox-IT and FireEye have teamed up to offer unwitting victims a way out of their predicament without paying any ransom. With DecryptCryptoLocker, these users can send a sample encrypted file and receive a private decryption key, as well a program that can then decrypt all of their affected files. All for free!

Continue Reading

BitTorrent Bleep “bleeps out” your chats from prying eyes

BitTorrent Bleep “bleeps out” your chats from prying eyes

BitTorrent, the company, will perhaps forever be remembered for creating bittorrent, the file sharing protocol. However, the concept of a serverless system of sending packets to and fro the Internet isn't just useful for downloading large videos and files, legally acquired or otherwise. It can also be used to ensure secure and private communication lines, as Bleep, BitTorrent's latest product, tries to demonstrate.

Continue Reading

Signal iPhone app keeps eavesdroppers out of your calls

Signal iPhone app keeps eavesdroppers out of your calls

If you've ever gotten that eerie feeling that someone might be snooping in on your calls, then this app might just be the right fit for you. Open WhisperSystems has just made available their open source Signal app for iPhone that will encrypt your voice calls so that no one can eavesdrop. It won't even cost you a single cent.

Continue Reading

1 2 3 4 5