Help is on the way for Web surfers who run the risk of having their Facebook, Twitter, and other Web accounts hijacked over unsecured Wi-Fi networks and other security issues that result from sites not using encryption.
The Electronic Frontier Foundation (EFF) reports that it has filed lawsuits against three agencies of the US Department of Justice demanding the release of documents justifying the need for stronger internet surveillance measures. The civil rights organisation justifies its action by citing the head of the FBI, who has publicly claimed that it is necessary to install back doors in electronic communication systems in order to preserve the ability of the security services to intercept information. The FBI is now being called on to provide evidence of the posited gaps in protection.
From time to time it’s good to take a break from all the ultra-low-level stuff, like e.g. chipset or TXT hacking, and do something simple, yet still important. Recently Alex Tereshkin and I got some spare time and we implemented the Evil Maid Attack against TrueCrypt system disk encryption in a form of a small bootable USB stick image that allows to perform the attack in an easy “plug-and-play” way. The whole infection process takes about 1 minute, and it’s well suited to be used by hotel maids.
As we mentioned last week, France has started their government-funded effort to prop up the entertainment industry's inability to adapt to the broadband age. They're doing this via the ingenious practice of tracking, stalking and booting P2P users (and future content customers) off of the Internet. The system is expected to ramp up quickly, up to 150,000 IP-addresses per day -- so ISPs (at least those without one foot in the content arena) are justifiably worried about the added costs.
A Russian company that specialises in cracking tools claims it has broken the password protection used to secure data backups from BlackBerry smartphones.
According to Elcomsoft, a weakness in the way BlackBerry has implemented the apparently secure 256-bit AES encryption in its PC and Mac backup program BlackBerry Desktop Software makes it possible to carry out a successful password recovery attack on the backup archive with relative ease.
Encryption is hot. Perhaps that's because its been around so long it's no longer seen as a black art. Or perhaps security issues have grown so prevalent, everyone wants some sort of encryption as a truly secure way of stopping the pain of those problems. Indeed whatever the reason, encryption technologies seem to be behind a series of important security happenings of late. Here's a look at some of the more interesting happenings shaping encryption today:
I have been working with True-Crypt for several years now, and like the open source program a lot. That much, that I’m still using it and not Microsoft’s Bitlocker which is an alternative in select Windows Vista and Windows 7 editions.
Over the years, I discovered a few aspects of the software that made my life a lot easier, and this article is about them. Don’t expect the eights world wonder in here, but if you use True Crypt regularly you will probably appreciate them. That is, if you do not know them already.
Passware Inc. says it has come up with a way to access files on USB drives secured by the BitLocker encryption feature of Microsoft Corp.’s Windows.
Mountain view, Calif.-based Passware announced this week the release of Passware Kit Forensic version 10.1. The vendor said its software now lets investigators recover BitLocker encryption keys and getting “full access” to the contents of encrypted disks.
Hackers are a unique bunch of folks that will work without rest to achieve the ultimate crack. According to code that was released online, someone has cracked the code that encrypts most high-definition video content. Is this that big of a deal you ask? Well, for now, there isn’t really a whole lot someone can do with this crack.
A new technique that exploits imperfections in quantum cryptography systems has been developed and tested by the Norwegian University of Science and Technology (NTNU), the University of Erlangen-Nürnberg and the Max Planck Institute for the Science of Light. Countermeasures were also implemented within an ongoing collaboration with leading manufacturer ID Quantique.
