Researchers from Tel Aviv University have demonstrated an attack against the GnuPG encryption software that enables them to retrieve decryption keys by touching exposed metal parts of laptop computers.
Activists just got another reason to worry about what spooks might be able to learn about them, with boffins demonstrating that a decent traffic fingerprint can tell an attacker what's going on, even if an app is defended by encryption.
The researchers from the Universities of Padua and Rome have found that for activities like posting messages on a friend's Facebook wall, browsing a profile on a social network, or sending an e-mail, there's no need to decrypt an encrypted data flow.
Nearly all of Facebook’s outbound notification emails are now encrypted while traveling the Internet, a collaborative feat that comes from the technology industry’s push to thwart the NSA’s spying programs.
In May, only 58 percent of the social networking site’s email was encrypted when it was sent since the receiving entity must have the technology, called STARTTLS, enabled, wrote Michael Adkins, a messaging integrity engineer at Facebook, on a company blog.
Synolocker crypto-malware affecting Synology network access (NAS) devices in particular, has hit the Faculty of Medicine of Chinese University and took hostage no less than 10,000 patient records.
It appears that the affected data belongs to the Centre for Liver Health and Institute of Digestive Disease at the Prince of Wales Hospital in Sha Tin, and the police confirmed that the crooks used Synolocker for the deed.
Yahoo users may have benefited most from the “Snowden effect.” The tech company was a laggard when it came to security practices until the NSA leaker’s disclosures made clear the extent to which weak security practices by tech companies are being exploited by talented hackers.