Items Tagged with "Encryption"
January 19, 2013 Added by:Tripwire Inc
Security professionals today identify lack of qualified talent and lack of organizational funding as a key problem to their daily job; which probably implies that they are doing what they can with what they have; which likely may not meet expectations...
December 20, 2012 Added by:Larry Karisny
Paul “Prem” Sobel is a Cal Tech MS in electrical engineering and has dedicated a 40-year career to protecting mission-critical systems. He worked with IBM, NASA, Northrop and Intel before launching MerlinCryption LLC. In this edited interview, Sobel discusses security technologies and critical infrastructure vulnerabilities...
November 26, 2012 Added by:Marc Quibell
There are improvements you can introduce that are seamless, low-cost , don't present a new burden to your users, and/or are easy to implement. So in between your major IT Security projects that may or may not happen, why not improve you security posture and lower your overall risks?
November 20, 2012 Added by:Ben Rothke
Key management is one of the most important aspects of cryptography and often the most difficult. Part of the difficulty around key management is at the user level, with key updates, passphrase management and more. Ultimately, effective key management is essential to the underlying security of the cryptosystem...
November 12, 2012 Added by:Electronic Frontier Foundation
Full Disk Encryption (FDE) is one of the best ways you can ensure all of the private information on your laptop stays private in case it's lost, seized, stolen, or if you choose to sell or give away your computer in the future. This feature has been built-in to many GNU/Linux distributions, including Ubuntu...
November 10, 2012 Added by:Fergal Glynn
Amusingly, the plugin’s flood of attention means it is already racking up quite the bug count. For example, it does not currently do any NSFW prevention, and the results are returned in plaintext also. Have fun explaining that one to the ol’ boss-a-roni...
October 31, 2012 Added by:Electronic Frontier Foundation
We released version 3.0 of HTTPS Everywhere, which adds encryption protection to 1,500 more websites, twice as many as previous stable releases. Our current estimate is that HTTPS Everywhere 3 should encrypt at least a hundred billion page views in the next year, and trillions of individual HTTP requests...
October 18, 2012 Added by:Alan Woodward
I recently wrote a piece for the BBC in which I tried to explain why steganography (as opposed to cryptography) posed a threat. Or least it might. The trouble is we don't really know, and the default position has been to assume that because we haven't discovered it being used en masse the threat is negligible...
October 02, 2012 Added by:Patrick Oliver Graf
For a long time, hackers only targeted the IT systems of offices or individuals. This, however, has changed as the bad guys more frequently go after unconventional targets, like industrial and oil plants, refineries of all kinds, power grids or water utilities...
September 28, 2012 Added by:Tripwire Inc
The fact that usernames and passwords were being logged to a plaintext file itself is problematic, even if the passwords are being hashed when stored in a database, if such data is logged in plain text it defeats the entire purpose...
September 19, 2012 Added by:Rob Fuller
First you have to get rid of all other services. That’s harder than you would first assume, because you have to admin the box some how. You could toss SSH on a really high port, or have some kind of backend management, or just remove things from running on a multi-IP’d box...
September 17, 2012 Added by:Electronic Frontier Foundation
Rather than waiting for bad legislation, Wikipedians should take this opportunity to make one relatively small technical change that could serve as a bulwark against all kinds of government surveillance, filtering and data retention laws...
September 06, 2012 Added by:Dan Dieterle
A recently released article explains in detail how to crack MS-CHAPv2 communication used in many PPTP based VPNs with a 100% success rate. But that is not all, the protocol is also used in WPA2 enterprise environments for connecting to Radius authentication servers. Ouch...
September 06, 2012 Added by:Scott Thomas
Learn about file versus whole disk encryption, as well as where keys are stored. Also learn to move the keys if you're going to wipe a drive. If I can offer anything to anyone about file encryption it would be to completely understand how it works before you play with live data...
September 04, 2012 Added by:Robert Siciliano
“EMV transactions require an authentic card validated either online by the issuer using a dynamic cryptogram or offline with the terminal... EMV transactions also create unique transaction data, so that any captured data cannot be used to execute new transactions...”
August 31, 2012 Added by:Dan Dieterle
The “Deep Web”, Dark Web or hidden internet, is a massive collection of sites and databases that don’t show up in standard search engines. So, is this a place that you want ANYONE on your corporate network to visit? NO WAY. Though many use Tor for legitimate purposes, the deep web just isn’t that kind of place...