Linux Cryptography - Page 8 - Results from #140

Discover Cryptography News

You need to apply the OpenSSL patches today, not tomorrow

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

At first glance, you might not think that the latest set of OpenSSL security patches are that important. Sure, there's a dozen of them and two are serious, but are they really that bad? Yes, actually they're not just bad, they're awful.

LinuxSecurity.com Team
Mar 19, 2015

How to Sabotage Encryption Software (And Not Get Caught)

In the field of cryptography, a secretly planted

LinuxSecurity.com Team
Mar 17, 2015

Yahoo puts email encryption plugin source code up for review

Yahoo released the source code for a plugin that will enable end-to-end encryption of email messages, a planned data-security improvement prompted by disclosures of U.S. National Security Agency snooping.

LinuxSecurity.com Team
Mar 16, 2015

New FREAK Attack Threatens Many SSL Clients

For the nth time in the last couple of years, security experts are warning about a new Internet-scale vulnerability, this time in some popular SSL clients. The flaw allows an attacker to force clients to downgrade to weakened ciphers and break their supposedly encrypted communications through a man-in-the-middle attack.

LinuxSecurity.com Team
Mar 04, 2015

Gemalto Confirms It Was Hacked But Insists the NSA Didn

Gemalto, the Dutch maker of billions of mobile phone SIM cards, confirmed this morning that it was the target of attacks in 2010 and 2011

LinuxSecurity.com Team
Feb 27, 2015

Yahoo exec goes mano a mano with NSA director over crypto backdoors

Echoing the concerns many US-based technology companies have about US-led surveillance programs, Yahoo Chief Information Security Officer Alex Stamos asked the director of the National Security Agency some pointed questions concerning proposed or existing backdoors placed in encryption technologies.

LinuxSecurity.com Team
Feb 25, 2015

Lenovo Superfish Certificate Password Cracked

Lenovo laptop owners are at risk for man-in-the-middle attacks as a vulnerability disclosed in pre-installed Superfish adware went nuclear this morning.

LinuxSecurity.com Team
Feb 20, 2015

A Crypto Trick That Makes Software Nearly Impossible to Reverse-Engineer

Software reverse engineering, the art of pulling programs apart to figure out how they work, is what makes it possible for sophisticated hackers to scour code for exploitable bugs. It

LinuxSecurity.com Team
Feb 12, 2015

SSL Is Officially Declared Dead

On January 30, 2015, QSAs received the latest edition of the Council

LinuxSecurity.com Team
Feb 11, 2015

Once-starving GnuPG crypto project gets a windfall. Now comes the hard part

For almost two decades, the open source GnuPG encryption project has teetered on the brink of insolvency. Now, following word of that plight, the lone developer keeping the project alive has received more than $135,000

LinuxSecurity.com Team
Feb 09, 2015

The World

The man who built the free email encryption software used by whistleblower Edward Snowden, as well as hundreds of thousands of journalists, dissidents and security-minded people around the world, is running out of money to keep his project alive.

LinuxSecurity.com Team
Feb 06, 2015

PSA: Your crypto apps are useless unless you check them for backdoors

At the beginning of the year, I did something I've never done before: I made a new year's resolution. From here on out, I pledged, I would install only digitally signed software I could verify hadn't been tampered with by someone sitting between me and the website that made it available for download.

LinuxSecurity.com Team
Feb 05, 2015

Backdoor in a Public RSA Key

Hello, %username%! When I saw how it works, say that I was shocked is to say nothing. It's a pretty simple trick, but after reading this article, you will never look at the RSA as before. This is not a way to hijack RSA, but something that will make your paranoia greatly swell.

LinuxSecurity.com Team
Jan 21, 2015

Is banning encryption a crazy plan or an absolute necessity? The reality is much more complicated

Comments this week by UK prime minister David Cameron have re-ignited the debate about how to weigh individuals' online privacy against the needs of law enforcement to be able to detect and prevent crime.

LinuxSecurity.com Team
Jan 13, 2015

Post-POODLE, OpenSSL shakes off some fleas

OpenSSL has squashed eight low severity vulnerabilities bugs that could result in denial of service or the removal of forward secrecy. The holes, two graded "moderate", were addressed in OpenSSL updates 1.0.0p, 0.98zd, and 1.0.1k.

LinuxSecurity.com Team
Jan 09, 2015

Next gen ransomware: Elliptic cryptic, talks on Tor, demands Bitcoin

Cybercrooks have brewed a strain of ransomware that uses elliptic curve cryptography for file encryption, and Tor for communication. The malware, dubbed OphionLocker, is spreading using a malicious advertising (malvertising) campaign featuring the RIG exploit kit.

LinuxSecurity.com Team
Dec 15, 2014

Mozilla to Support Certificate Transparency in Firefox

Mozilla is planning to add support for Certificate Transparency checks in Firefox in the near future, but the company says that the feature won

LinuxSecurity.com Team
Dec 11, 2014

Hacker Lexicon: What Is End-to-End Encryption?

Plenty of companies brag that their communications app is encrypted. But that marketing claim demands a followup question: Who has the key? In many cases, the company itself holds the cryptographic key data that lets it decrypt your messages

LinuxSecurity.com Team
Nov 25, 2014

Finally, a New Clue to Solve the CIA

In 1989, the year the Berlin Wall began to fall, American artist Jim Sanborn was busy working on his Kryptos sculpture, a cryptographic puzzle wrapped in a riddle that he created for the CIA

LinuxSecurity.com Team
Nov 24, 2014

How to weed out the next Heartbleed bug: ENISA details crypto worries

The cryptographic protocols used to secure data moving across the web are putting users at risk due to design flaws that date back many years. Given the current push to encrypt everything in response to revelations of government surveillance, it's important that the protocols being used to do the job are actually secure.

LinuxSecurity.com Team
Nov 24, 2014

Linux Cryptography - Page 8

How Passkey Solutions Enhance Open-Source Security

Abyss Locker Ransomware Targets Linux & Windows Users

Linux Foundation Joins Post-Quantum Cryptography Alliance