Unraveling a mystery that eluded the researchers analyzing the highly advanced Equation Group the world learned about Monday, password crackers have deciphered a cryptographic hash buried in one of the hacking crew's exploits. It's Arabic for "unregistered."
Software reverse engineering, the art of pulling programs apart to figure out how they work, is what makes it possible for sophisticated hackers to scour code for exploitable bugs. It’s also what allows those same hackers’ dangerous malware to be deconstructed and neutered. Now a new encryption trick could make both those tasks much, much harder.
In June 2015, the U.N's free speech watchdog, David Kaye, intends to present a new report on anonymity and encryption before the 47 Member States of the Geneva-based Human Rights Council. Yesterday, EFF filed comments urging Mr. Kaye to reaffirm the freedom to use encryption technology and to protect the right to speak, access and read information anonymously. Mr. Kaye’s report could be one of the most significant opportunities to strengthen our fundamental freedoms in the digital age at the international level.
Werner Koch is looking at a big payday after pulling in over $150,000 to fund the continuing development of his crucial open-source GNU Privacy Guard encryption tools.
Koch, 53, is a leading light in the free software movement: in 1999, he released GPG, which uses the OpenPGP standard to safeguard the communications of millions of people around the world from eavesdroppers and other miscreants. It also provides protection for much of the multibillion-dollar technology industry.
Recent world events have gotten many tech companies concerned about security and privacy. Some of them have scrambled to add, enhance, or even enforce security measures like encryption while governments and their leaders, like Cameron and now Obama, have scrambled to have them blocked or at the very least weakened. Chat apps and services are one of the common targets and we've seen many old and new ones wave the encryption flag as a major feature. MEGAchat is just one of the latest to join that roster and it comes from a man who should know the situation all too well.
Governments need to build more privacy into legislation,technology vendors need to step up and compliance cops should crack down to push privacy-enhancing technologies out of the labs, says the European Union Agency for Network and Information Security (ENISA).
Colonel Jose Espejo was a man with a problem. As the Colombian army’s communications expert watched the grainy video again, he saw kidnapped soldiers chained up inside barbed-wire pens in a hostage camp deep in the jungle, guarded by armed FARC guerillas. Some had been hostages for more than 10 years, and many suffered from a grim, flesh-eating disease caused by insect bites.
It’s generally easier to keep safe the files we have under our control, on our internal and external drives, than those that waft far away from us on cloud-storage backup systems. Different backup services handle how they send data for storage and how they encrypt it once it arrives.
Researchers from Tel Aviv University have demonstrated an attack against the GnuPG encryption software that enables them to retrieve decryption keys by touching exposed metal parts of laptop computers.
Activists just got another reason to worry about what spooks might be able to learn about them, with boffins demonstrating that a decent traffic fingerprint can tell an attacker what's going on, even if an app is defended by encryption.
The researchers from the Universities of Padua and Rome have found that for activities like posting messages on a friend's Facebook wall, browsing a profile on a social network, or sending an e-mail, there's no need to decrypt an encrypted data flow.