HITBSecConf2017 Amsterdam (April 10th - 14th)
Register Online Now!
Here’s a quick story you’ve probably heard before, followed by one you probably haven’t. In 1979 a young Steve Jobs paid a visit to Xerox PARC, the legendary R&D lab in Palo Alto, California, and witnessed a demonstration of something now called the graphical user interface. An engineer from PARC used a prototype mouse to navigate a computer screen studded with icons, drop-down menus, and “windows” that overlapped each other like sheets of paper on a desktop. It was unlike anything Jobs had seen before, and he was beside himself.
Enterprises – particularly those in the healthcare and defense sectors – have the same need for real-time communications as any other company but differ in the level of security they require. To address this market, one-time Canadian smartphone manufacturer BlackBerry just announced the launch of BBM Enterprise SDK.
Google is planning to appeal a ruling made Friday that it must comply with search warrants involving customer data stored on servers outside of the United States. The case is similar to an earlier case involving Microsoft. In July 2016, the 2nd U.S. Circuit Court of Appeals in New York said Microsoft could not be forced to turn over emails stored on a server outside of the US. Now, however, Magistrate Judge Thomas Rueter in Philadelphia has taken the opposite view with Google.
It’s safe to say that any digital privacy bill written more than three years before the invention of the World Wide Web is probably due for an overhaul. But the Electronic Communications Privacy Act has persisted intact for more than three decades, including its anachronistic loophole that allows the warrantless collection of emails from US citizens. Now, in its second attempt in two years, Congress is poised to reform the most outdated elements of ECPA. With Trump’s incoming Justice Department, that reform seems more urgent than ever.
While developing a tool for evaluating mobile application security, researchers at Sudo Security Group Inc. found out something unexpected. Seventy-six popular applications in Apple's iOS App Store, they discovered, had implemented encrypted communications with their back-end services in such a way that user information could be intercepted by a man-in-the-middle attack. The applications could be fooled by a forged certificate sent back by a proxy, allowing their Transport Layer Security to be unencrypted and examined as it is passed over the Internet.