Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that's passing between a webserver and an end-user browser.
TechCrunch Disrupt finalist Bitcasa, a new cloud storage provider, was met with a healthy dose of skepticism last week when it claimed to be able to provide “infinite storage.” How does it do that? It can’t do what it promises! That’s not how encryption works! And so on. VC firm Andreessen Horowitz, along with First Round Capital, Pelion Venture Partners, and TechCrunch founder Michael Arrington’s CrunchFund have invested $1.3 million in the technology, which seems to suggest there’s valuable IP behind the startup’s overly broad promises of cheap, infinite and secure storage.
A programming glitch in Apple's OS X operating system is making it hard for Mac users to tell their computers not to trust digital certificates, exacerbating an ongoing security problem with a Dutch certificate authority that was recently hacked.
Hackers who obtained a fraudulent digital certificate for Google may have actually obtained more than 200 digital certificates for other top internet entities such as Mozilla, Yahoo and even the privacy and anonymizing service Tor.
Dutch certificate authority DigiNotar, which was hacked in July, has never acknowledged the number of fraudulent certificates the hackers managed to obtain, nor identified the possible targets other than Google.
Cryptographic algorithms are high-performance, secure engines that require considerable space in a design. When countermeasures are added to thwart security attacks, the space and memory requirements grow even more demanding.
For these reasons, cryptographic algorithms have traditionally been embedded as proprietary designs (i.e., intellectual property, IP) in hardware on smart cards or 8-bit chips. With recent improvements in core design and frequency performance, designers are now asking whether the customized IP blocks are still needed for these secure algorithms.