Encryption

The U.S. National Security Agency's reported efforts to weaken encryption standards have prompted an encrypted communications company to move away from cryptographic algorithms sanctioned by the U.S. National Institute of Standards and Technology (NIST).

Silent Circle, a provider of encrypted mobile Voice over Internet Protocol (VoIP) and text messaging apps and services, will stop using the Advanced Encryption Standard (AES) cipher and Secure Hash Algorithm 2 (SHA-2) hash functions as default cryptographic algorithms in its products.

L33tdawg: The finalized #HITB2013KUL conference agenda is here. Do note that prices for the conference increase after Sept 25th. You can register oniine here.

The U.S. National Institute of Standards and Technology (NIST) has vigorously denied that the U.S. National Security Agency (NSA) tampered with NIST's process of vetting and choosing encryption algorithms.

"NIST would not deliberately weaken a cryptographic standard," NIST said in a statement Tuesday. "We will continue in our mission to work with the cryptographic community to create the strongest possible encryption standards for the U.S. government and industry at large."

What is the worst thing that would happen if someone steals your PC? I'm not talking about the financial loss here but about the data that you have on your computer system. If the system is not properly protected, a thief could gain access to emails, important local documents, personal photos, and other files of importance.

This alone can lead to information leaks or unpleasant situations where private photos or information are shared publicly on the Internet. Once it has been spread, it is virtually impossible to get it off the Internet again.

The latest Snowden-supplied bombshell shook the technology world to its core on Thursday: The NSA can crack many of the encryption technologies in place today, using a mixture of backdoors baked into software at the government's behest, a $250 million per year budget to encourage commercial software vendors to make its security "exploitable," and sheer computer-cracking technological prowess.

Thursday's revelation that US and British intelligence agencies are able to decode most Internet traffic was a transforming moment for many, akin to getting definitive proof of intelligent extraterrestrial life. It fundamentally changed the assumptions that many of us have about the tools hundreds of millions of people rely on to shield their most private information from prying eyes. And it challenged the trust placed in the people who build and provide those tools.

AFORE Solutions today announced encryption software aimed at securing data in virtualized environments where Microsoft Windows applications are used, including virtualized desktop infrastructure deployments based on VMware, Citrix or Microsoft VDI.

Google said Thursday it will by default encrypt data warehoused in its Cloud Storage service.

The server-side encryption is now active for all new data written to Cloud Storage, and older data will be encrypted in the coming months, wrote Dave Barth, a Google product manager, in a blog post.

 The secure voice and communication service, headed by PGP founder Phil Zimmermann, announced in a blog post that it was not able to offer the same security for email as it was for phone, video and text services, and has decided to shut down Silent Mail.

Jon Callas, Silent Circle co-founder and CTO of said that the voice communications were designed to be completely end-to-end secure with all cryptography done on the clients and our exposure to your data to be nil. “The reasons are obvious — the less of your information we have, the better it is for you and for us,” he said.

"We knew USG would come after us”. That’s why Silent Circle CEO Michael Janke tells TechCrunch his company shut down its Silent Mail encrypted email service. It hadn’t been told to provide data to the government, but after Lavabit shut down today rather than be “complicit” with NSA spying, Silent Circle told customers it has killed off Silent Mail rather than risk their privacy.