A private encryption key embedded into widely used mission-critical routers could be exploited by hackers to attack electric substations, railroad switches, and other critical infrastructure, security researchers have warned.
In late 2010, Sean Brooks received three e-mails over a span of 30 hours warning that his accounts on LinkedIn, Battle.net, and other popular websites were at risk. He was tempted to dismiss them as hoaxes—until he noticed they included specifics that weren't typical of mass-produced phishing scams. The e-mails said that his login credentials for various Gawker websites had been exposed by hackers who rooted the sites' servers, then bragged about it online; if Brooks used the same e-mail and password for other accounts, they would be compromised too.
Next month the National Institute of Standards and Technology (NIST) plans to put out for public review its draft for a new government encryption standard that, when finalized, is going to compel federal agencies with older websites to replace them.
Swinburne and Taiwanese researchers have demonstrated technology that can use a single laser beam to create 3D polarization in nanomaterials.
What’s cool about this is that they demonstrate that the polarization can be used to encrypt information – as well as expanding the storage capacity of optical media like DVDs.
During the past week, I had an idea on how to easily red flag potential employers: ask to see one row of their user table, and look at the password field. If the password is in plaintext, then run for the door.
When companies such as Blizzard are suffering from authentication system hacks, and appear to be vulnerable to dictionary-style attacks, then there exists a problem that is endemic across the industry.