Archive for the 'cryptography' Category
One of the recurring themes of the past few years in the UK is data lost by the public sector on USB drives, CDs and so on. The National Health Service seems to have been particularly prone to this sort of haemorrhage. So I wouldn't normally flag yet another such incident (at any rate, to … Read More…
In the wake of the flood of recent mortgage/housing fraud, a police raid in Colorado resulted in a laptop seizure they feel may contain evidence to help a case. Turns out it’s encrypted. Citing suspicion of nastiness contained therein, the U.S. Government has asked a federal judge to compel the owner, Ramona Fricosu, to enter … Read More…
In an effort to deal with the security woes of .com websites, the U.S. Government has a solution: build a new “internet” around .secure instead. The problem? Apparently, people have too much freedom on the .com’s, allowing cyber-dirtbags to skulk around anonymously. This would aim to cure all that by requiring “visitors to use certified … Read More…
The results (released yesterday) from a study conducted by the Ponemon Institute yielded some interesting data points. The most visible of these was the finding that 85% of U.S. organizations experienced data breaches of varying magnitudes. This study, entitled "U.S. Enterprise Encryption Trends", has completed its fourth annual publication. The data was directly obtained from … Read More…
Lots of fuss about the paper presented at the Chaos Communication Congress in Berlin yesterday by Alexander Sotirov et al. The paper describes a proof-of-concept attack using a weakness in the MD5 cryptographic hash function to create a rogue Cerification Authority certificate using a hash collision (essentially, two messages with the same MD5 hash value). … Read More…
We’re closing in on the end of 2008 and about to start 7D9, or 2009 for those who do not speak hex. I thought it might be a good time to remind you to change your passwords. There are some important things to remember about passwords. Despite the IT policies that are prevalent throughout the … Read More…
Well, not so much about punishment, but I’m sitting in the lounge with Andrew Davies’s version of Dr. Zhivago in the background, so I’m in a Russian mood…
My colleague Jeff Debrosse, Director of Research in our San Diego office, drew my attention to the latest FBI challenge at http://www.fbi.gov/page2/dec08/code_122908.html. Like many people in this business, … Read More…
- David Harley (770)
- Randy Abrams (437)
- Cameron Camp (102)
- ESET Research (61)
- Pierre-Marc Bureau (50)
- Stephen Cobb (47)
- Aryeh Goretsky (30)
- Paul Laudanski (17)
- Jeff Debrosse (14)
- Andrew Lee (14)
- Robert Lipovsky (10)
- Sebastian Bortnik (9)
- Dan Clark (8)
- Sébastien Duquette (5)
- Tasneem Patanwala (3)
- Peter Stancik (2)
- Andrea Kokavcova (1)
- David Carnevale (1)
- C. Nicholas Burnett (1)
RSS
