Keyword: encryption
-
Senior U.S. military officers working for the Joint Chiefs of Staff discussed the danger of Russia and China intercepting and doctoring video from drone aircraft in 2004, but the Pentagon didn't begin securing the signals until this year, according to people familiar with the matter. The disclosure came after The Wall Street Journal reported insurgents in Iraq had intercepted video feeds from drones, downloading unencrypted communications from the unmanned planes. Shiite fighters in Iraq used software programs such as SkyGrabber -- available for as little as $25.95 on the Internet -- to regularly capture drone video feeds, said a person...
-
A MAN who established a sophisticated network of peepholes and cameras to spy on his flatmates has escaped a jail sentence after police were unable to crack an encryption code on his home computer. Rohan James Wyllie, 39, yesterday pleaded guilty in Southport District Court to charges of attempting to visually record one of his flatmates when she was in a private place without her consent. But police were unable to prove his elaborate surveillance system had actually been used. Wyllie's three flatmates, two women and a man, grew suspicious that he was up to something when they noticed lights...
-
Computer scientists in Japan say they've developed a way to break the WPA encryption system used in wireless routers in about one minute. The attack gives hackers a way to read encrypted traffic sent between computers and certain types of routers that use the WPA (Wi-Fi Protected Access) encryption system. The attack was developed by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, who plan to discuss further details at a technical conference set for Sept. 25 in Hiroshima. Last November, security researchers first showed how WPA could be broken, but the Japanese researchers have taken the...
-
An Apple expert and hacker has shown that the iPhone, in all its various forms and moltings, is child’s play to compromise. This comes despite assurances from Apple regarding the 3GS’s encryption feature. Bad news for businesspeople of the 21st century, who have glommed onto the iPhone and its service halo like no other device. The wonder-phone has certainly changed the way smartphones and other devices are made, but this isn’t the first time Apple’s security measures have been described as being seriously lacking. It seems that with a little creative coding, or access to an insecure computer, the iPhone...
-
Note: The following text is a quote: Former State Department Official and Wife Arrested for Serving as Illegal Agents of Cuba for Nearly 30 Years Couple Allegedly Conspired to Provide Classified Information to Cuban Government A former State Department official and his wife have been arrested on charges of serving as illegal agents of the Cuban government for nearly 30 years and conspiring to provide classified U.S. information to the Cuban government. The arrests were announced today by David Kris, Assistant Attorney General for National Security; Channing D. Phillips, Acting U.S. Attorney for the District of Columbia; Joseph Persichini, Jr.,...
-
DVDs are set to explore new dimensions.Punchstock Spreading into extra dimensions could help next-generation DVDs to store even more data than they currently do. The new technique could squeeze around 140 times the capacity of the best Blu-rays into a standard-sized disk. Traditional DVDs and Blu-ray disks store data in two dimensions, and there's been a recent push to increase their capacity by creating multi-layered disks that store data across three dimensions. But, asks James Chon at the Swinburne University of Technology in Melbourne, Australia, why stop there?Chon and his colleagues are stepping into hyperspace, by encoding information in two...
-
For some, the internet is merely a hiding place — a web of secret corridors where all manner of shameful deeds unfold. But the police never expected that it might become a strategic platform where two groups of society's outcasts, terrorists and child sex abusers, could meet to exchange operational secrets. The realisation that there might be something in common between violent Muslim fanatics known for their supposed piety and sexual deviants who prey on children has only slowly dawned on officers. Cracking the mystery of how these worlds overlap is expected to improve understanding of the mindsets of both...
-
Defendants can't deny police an encryption key because of fears the data it unlocks will incriminate them, a British appeals court has ruled. The case marked an interesting challenge to the UK's Regulation of Investigatory Powers Act (RIPA), which in part compels someone served under the act to divulge an encryption key used to scramble data on a PC's hard drive. Failure to do so could mean a two-year prison sentence or up to five years if the case involves national security. The appeals court heard a case in which two suspects refused to give up encryption keys, arguing that...
-
New mathematical attack works against a broad range cryptographic functions.Unless you're a dyed in the wool cryptographic geek you probably didn't know that there was a Crypto conference, or even a chain of worldwide crypto conferences that take place each year. Fortunately, for the most of us that aren't crypto geeks there are a handful of very highly skilled people who are; they can take the highly theoretical and complex mathematical proofs and arguments that make up most of modern cryptographic and cryptanalytic research and put it into plain language. Probably the best known is Bruce Schneier, who is a...
-
The growing use of encryption software -- like Microsoft's own BitLocker -- by cyber criminals has led Microsoft to develop a set of tools that law enforcement agents can use to get around the software, executives at the company said...Microsoft first released the toolset, called the Computer Online Forensic Evidence Extractor (COFEE)...Microsoft gives the software to agents for free.
-
Security approach common on Vista, Apple and Linux laptops The disk encryption technology used to secure the data in your Windows, Apple and Linux laptops can be easily circumvented, according to new research out of Princeton University. The flaw in this approach, the researchers say, is that data previously thought to disappear immediately from dynamic RAM (DRAM) actually takes its time to dissolve, leaving the data on the computer vulnerable to thievery regardless of whether the laptop is on or off. That's because the disk encryption key, unlocked via a password when you log on to your computer, then is...
-
Today eight colleagues and I are releasing a significant new research result. We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux. The research team includes J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten. Our site has links to the...
-
A recently released tool that allegedly was designed to help al-Qaeda supporters encrypt their Internet-based communications is a well-written and easily portable piece of code, according to a security researcher who has analyzed the software.
-
An Arabic-language Web site hosted on a server located in Tampa, Fla., is apparently offering a new version of software that was designed to help al-Qaeda supporters encrypt their Internet communications. The new encryption tool is called Mujahideen Secrets 2 and appears to be an updated version of easier-to-crack software that was released early last year, said Paul Henry, vice president of technology evangelism at Secure Computing Corp. in San Jose. The tool is being distributed free of charge on a password-protected Web site that belongs to an Islamic forum known as al-Ekhlaas, according to Henry and a blog posting...
-
A couple of years ago, Michael T. Arnold landed at the Los Angeles International Airport after a 20-hour flight from the Philippines. He had his laptop with him, and a customs officer took a look at what was on his hard drive. Clicking on folders called “Kodak pictures” and “Kodak memories,” the officer found child pornography. The search was not unusual: the government contends that it is perfectly free to inspect every laptop that enters the country, whether or not there is anything suspicious about the computer or its owner. Rummaging through a computer’s hard drive, the government says, is...
-
An international team of mathematicians announced in May that they had factored a 307-digit number—a record for the largest factored number and a feat that suggests Internet security may be on its last legs. “Things are becoming less and less secure,” says Arjen Lenstra, a computer scientist at the École Polytechnique Fédérale (EPFL) in Switzerland, who organized the effort. Messages in cyberspace are encrypted with a random 1,024-bit number generated by multiplying two large primes together. But if hackers using factorization can break the number into its prime multipliers, they can intercept the message. Factorization currently takes too long to...
-
Random numbers are critical for cryptography: for encryption keys, random authentication challenges, initialization vectors, nonces, key-agreement schemes, generating prime numbers and so on. Break the random-number generator, and most of the time you break the entire security system. Which is why you should worry about a new random-number standard that includes an algorithm that is slow, badly designed and just might contain a backdoor for the National Security Agency. Generating random numbers isn't easy, and researchers have discovered lots of problems and attacks over the years. A recent paper found a flaw in the Windows 2000 random-number generator. Another paper...
-
Canadian encryption vendor Certicom yesterday filed a wide-ranging lawsuit against Sony, claiming that many of the products offered by the electronics giant infringe on two Certicom patents. This might sound like business as usual until you realize what's being targeted: AACS and (by extension) the PlayStation 3. Certicom has done extensive work in elliptic curve cryptography (ECC), and the patents in question build on this work. The patents have already been licensed by groups like the US National Security Agency, which paid $25 million back in 2003 for the right to use 26 Certicom patents, including the two in the...
-
Excerpt - The folks at Digg.com have let the social news genie out of the bottle, and now they can't control it. Since the HD-DVD encryption code was discovered and published, readers at Digg have been repeatedly submitting stories with the 16 digit hex code in the titles and bodies. Just as quickly as these posts crawl up the Digg charts, admins seem to be deleting them. Just search Google for 09 F9 and you'll find the key. Will AACS send a Cease and Desist to InfoWorld because I posted the text "09 F9"? If so, we might as well...
-
TAIPEI—Within four years, the U.S. government will cease to use SHA-1 (Secure Hash Algorithm) for digital signatures, and convert to a new and more advanced "hash" algorithm, according to the article "Security Cracked!" from New Scientist . The reason for this change is that associate professor Wang Xiaoyun of Beijing's Tsinghua University and Shandong University of Technology, and her associates, have already cracked SHA-1. Wang also cracked MD5 (Message Digest 5), the hash algorithm most commonly used before SHA-1 became popular. Previous attacks on MD5 required over a million years of supercomputer time, but Wang and her research team obtained...
-
"Second Life," the fast-growing online site where hundreds of thousands of people play out fantasy lives online, has suffered a computer security breach that exposed the real-world personal data of its users. Linden Lab, the San Francisco-based company behind the "Second Life" site, said in a letter to its 650,000 users this weekend that its customer database, including names, addresses, passwords and some credit card data, had been compromised. All users--or residents in "Second Life" parlance--are being required to request a new password. Some 286,000 residents have used the site in the past 60 days, according to a count on...
-
Two Atlanta-area men met with Islamic extremists in Toronto, where they discussed "strategic locations in the United States suitable for a terrorist strike," according to an FBI affidavit made public Friday. Syed Haris Ahmed and Ehsanul Islam Sadequee -- U.S. citizens from the Atlanta area -- met with at least three other targets of FBI terrorism investigations during a trip to Toronto last month, according to the affidavit. The affidavit said the men discussed attacks against oil refineries and military bases. They also planned to travel to Pakistan for military training at a terrorist camp, which authorities said the 21-year-old...
-
INTELLIGENCE OPERATIONS: Phone Taps Just Got Impossible April 12, 2006: Eavesdropping on phone calls just got a lot harder. Phil Zimmermann, the guy who invented PGP encryption for Internet mail, has developed a similar product, Zfone, for VOIP (telephone calls over the Internet). Zfone, like PGP, is free and easy to use. PGP drove intelligence agencies nuts, because it gave criminals and terrorists access to industrial grade cryptography. PGP doesn't stop the police or intel people from reading encrypted email, but it does slow them down. Zfone, however, uses stronger encryption. This means more delays, perhaps fatal delays, in finding...
-
BEIJING (AP) - The world industrial-standards association has rejected China's controversial wireless encryption standard for global use, news reports said Monday, dealing a blow to Beijing's effort to promote its own standards for computers and telecoms. China is promoting its WAPI system in a campaign to reduce reliance on foreign technology and give its companies a competitive edge. Members of the International Organization for Standardization rejected WAPI in favor of an American standard known as 802.11i in balloting that ended March 8, the U.S.-based electronics industry newspaper EE Times and the Chinese government's Xinhua News Agency said. But Chinese officials...
-
UK officials are talking to Microsoft over fears the new version of Windows could make it harder for police to read suspects' computer files. Windows Vista is due to be rolled out later this year. Cambridge academic Ross Anderson told MPs it would mean more computer files being encrypted. He urged the government to look at establishing "back door" ways of getting around encryptions. The Home Office later told the BBC News website it is in talks with Microsoft....
-
New 'spy' cell phone costs $2,500 06/11/2005 13:59 Russian Federal Security Service (FSB) has unveiled a cell phone at the International Show of Military Equipment, Technologies, and Arms VTTV-Omsk-2005 held in the city of Omsk. The special cell phone SPM-Atlas (M-539) was developed by Atlas Research and Development Center under the FSB. It is designed for scrambling voice data transmission. According to a representative of the FSB, the phone is already on sale in Moscow cell phone stores, its retail price is $2,500, Newsru.com reports. Western data encoding algorithms used to ensure the safety of cell phone conversations have not...
-
A Minnesota appeals court has ruled that the presence of encryption software on a computer may be viewed as evidence of criminal intent. Ari David Levie, who was convicted of photographing a nude 9-year-old girl, argued on appeal that the PGP encryption utility on his computer was irrelevant and should not have been admitted as evidence during his trial. PGP stands for Pretty Good Privacy and is sold by PGP Inc. of Palo Alto, Calif. But the Minnesota appeals court ruled 3-0 that the trial judge was correct to let that information be used when handing down a guilty verdict....
-
Internet security takes a hit Report says computer-code experts concerned after flaw discovered in popular encryption technique. NEW YORK (CNN/Money) - The discovery of a crack in a commonly used Internet encryption technique raised concerns among government agencies and computer-code experts, according to a report by The Wall Street Journal. "Our heads have been spun around," Jon Callas, chief technology officer at encryption supplier PGP Corp., told the newspaper. The technique, called a "hash function," has been commonly used by Web site operators to scramble online transmissions containing credit-card information, Social Security numbers and other personal information. Hash functions were...
-
Microsoft RC4 Flaw One of the most important rules of stream ciphers is to never use the same keystream to encrypt two different documents. If someone does, you can break the encryption by XORing the two ciphertext streams together. The keystream drops out, and you end up with plaintext XORed with plaintext -- and you can easily recover the two plaintexts using letter frequency analysis and other basic techniques. It's an amateur crypto mistake. The easy way to prevent this attack is to use a unique initialization vector (IV) in addition to the key whenever you encrypt a document. Microsoft...
-
"The Electronic Frontier Foundation (EFF) just announced that it has become a financial sponsor of Tor, an open-source project to help people 'engage in anonymous communication online.' It sounds like a simpler version of Freenet, e.g. 'a network-within-a-network that protects communication from ... traffic analysis.' Like Freenet, the source-code is freely available and binaries exist for Windows, Linux, etc." Read on for more details.The submitter continues "It also allows you to install Tor-aware apps, such as an HTTP proxy (for private browsing), or maybe private P2P? Unlike Freenet, it doesn't use massive encryption (as far as I can tell) and...
-
RFID Passports Since the terrorist attacks of 2001, the Bush administration--specifically, the Department of Homeland Security--has wanted the world to agree on a standard for machine-readable passports. Countries whose citizens currently do not have visa requirements to enter the United States will have to issue passports that conform to the standard or risk losing their nonvisa status. These future passports, currently being tested, will include an embedded computer chip. This chip will allow the passport to contain much more information than a simple machine-readable character font, and will allow passport officials to quickly and easily read that information. That is...
-
Be advised. This will show you some nefarious things that can happen to your system. You're all reading this online so, yes, it affects you. Please read, then act accordingly. Click here. This is not a joke. You'll now be returned to your regular programming. A.K.A. Sleepy Brown
-
'This goes no further...'By Brian Wheeler BBC News Online Magazine Following revelations about bugging at the United Nations, is there any way of ensuring that your private conversations stay that way? News that Kofi Annan and other senior UN figures may have been routinely bugged by US or British security services has caused a huge political row around the world. But it will also have caused alarm among other people in the public eye who deal with sensitive information - or anyone, indeed, who values their privacy. If the secretary general of the United Nations cannot prevent his private conversations...
-
Intel's CTO to meet Chinese government over WAPI Pat Gelsinger to discuss concerns over China's national WLAN security standard By Martyn Williams, IDG News Service March 04, 2004 Pat Gelsinger, chief technology officer of Intel Corp., is to meet with Chinese government officials during the next few days to discuss Intel's concerns over China's national wireless LAN (WLAN) security standard and an impending June 1 deadline for compliance with the standard. The Standardization Administration of China (SAC) announced the development of a national WLAN standard in May 2003 and is demanding that all WLAN products sold in the country from...
-
Electronic Frontier Foundation Media Advisory DVD Descrambling Code Not a Trade Secret DVD CCA Surrenders in Bunner DVD Descrambling Case For Immediate Release: Thursday, January 22, 2004 San Jose, California - In a surprising retreat today, the consortium of entertainment and technology companies known as DVD CCA is seeking dismissal of a lawsuit against Andrew Bunner, a republisher of a computer program created to allow movie lovers to play their DVDs on computers running the Linux operating system. DVD CCA effectively gave up a multi-year effort to have the republication of the program, called DeCSS, declared a violation of trade...
-
The RIAA Succeeds Where the Cypherpunks Failed First published December 17, 2003 on the "Networks, Economics, and Culture" mailing list. Subscribe to the mailing list. For years, the US Government has been terrified of losing surveillance powers over digital communications generally, and one of their biggest fears has been broad public adoption of encryption. If the average user were to routinely encrypt their email, files, and instant messages, whole swaths of public communication currently available to law enforcement with a simple subpoena (at most) would become either unreadable, or readable only at huge expense. The first broad attempt by the...
-
Encryption Promises Unbreakable Codes BRIAN BERGSTEIN Associated Press NEW YORK - Code-makers could be on the verge of winning their ancient arms race with code-breakers. After 20 years of research, an encryption process is emerging that is considered unbreakable because it employs the mind-blowing laws of quantum physics. This month, a small startup called MagiQ Technologies Inc. began selling what appears to be the first commercially available system that uses individual photons to transfer the numeric keys that are widely used to encode and read secret documents. Photons, discrete particles of energy, are so sensitive that if anyone tries to...
-
<p>Microsoft Corp.'s trusted computing vision inched closer to reality on Wednesday, as an industry group released an updated specification for storing encrypted information.</p>
<p>Version 1.2 of the Trusted Computing Group's hardware specification was released at the RSA Conference 2003 Europe in Amsterdam. The group is responsible for overseeing the development of Trusted Platform Modules, small microcontrollers that reside on a PC's hard drive and encrypt data, thus protecting it.</p>
-
"In 1995 Sanford Robertson also had a big financial interest in the U.S. computer security industry. Robertson's investment firm had hundreds of millions of dollars tied up in a Massachusetts based computer company named Security Dynamics Inc. (SDI). Thus, in 1995 Gore had direct control of policy that also affected Robertson financially. Security Dynamics was able to import computer security hardware manufactured in China. SDI secured Hong Kong electronics maker RJP Industries to produce electronic computer security cards for sale in America. The Chinese manufactured cards are sold to major defense contractors, medical institutions and the U.S. government. Hong Kong...
-
The new IC7-MAX3 ABIT motherboard comes with ide hard disk encryption built onto the board... this is cool The following is from the website...pretty amazing really "MAXimum Security For MAX3, the ABIT Engineers listened to users who were asking for information security. SecureIDE connects to your IDE hard disk and has a special decoder; without a special key, your hard disk cannot be opened by anyone. Thus hackers and would be information thieves cannot access your hard disk, even if they remove it from your PC. Protect your privacy and keep anyone from snooping into your information. Lock down your...
-
http://www.newsmax.com/archives/articles/2003/4/9/163800.shtml The Death of Saddam Hussein Charles R. Smith Thursday, April 10, 2003 Freedom Comes to Baghdad In the late afternoon of April 17, 1943, a top-secret message arrived at Army Air Force headquarters on Guadalcanal. Code breakers working for the U.S. Navy had deciphered a critical message sent by the Imperial Japanese Navy. Adm. Isoroku Yamamoto, commander in chief of the Imperial Navy and the architect of the attack on Pearl Harbor, was scheduled to arrive in Bougainville the next morning. The admiral's arrival placed him in range of American P-38 Lighting fighters based on Guadalcanal. Unknown to Yamamoto,...
-
Is life too short to learn PGP? Want just enough encryption to pass unbreakable mash notes in class that look like gibberish to anyone except you and your significant other? Is that what you're after, bunky? Then click on http://www.cipher-encryption.com/text-encryption.html To encrypt a message, type in any passcode you want. Then type in your message and click on Encrypt. Then send the passcode and copy/paste the encrypted garbage you see in an email to somebody else. To decrypt the message, copy/paste the encrypted text into the Message: block (make sure there are NO extra spaces), enter the passcode, then click...
-
<p>Will Manindra Agrawal bring about the end of the Internet as we know it? The question is not as ridiculous as it was just two months ago.</p>
<p>Prof. Agrawal is a 36-year old theoretical computer scientist at the Indian Institute of Technology in Kanpur, India. In August, he solved a problem that had eluded millennia of mathematicians: developing a method to determine with complete certainty if a number is prime.</p>
-
I have been reading about ssh and using tunnelling to bypass proxy servers and go thru firewalls. I have DSL at home and I have loaded the freeware AnalogX web proxy server broadcasting on port 6588. I have also loaded up the Putty ssh client at home and at work. I have the ssh clients on both ends listening at port 5000 and redirecting to port 8080 at work and to port 6588 at home. i.e. localhost:5000 port forwarding to localhost:8080. I then directed internet explorer at work to use the proxy 127.0.0.1(or localhost):8080 for web access This configuration should...
-
Digital signatures can easily be forged and therefore can't be trusted in Outlook because of the same certificate chaining issue plaguing Internet Explorer, researcher Mike Benham says. Benham is responsible for discovering and publicizing the IE debacle, where SSL certs can be signed by an untrusted intermediary without warning to the end user, as we reported earlier. Now after a bit of further tinkering it appears that the same design flaw can be used against Outlook users. Briefly, an attacker would sign an untrusted cert with a trusted, intermediate one. Of course, just because the cert doing the signing is...
-
<p>If a Chinese official had to come up with a list of his government's enemies overseas, a 51-year-old former journalist and ex-U.N. official in Toronto proudly admits he would be ranked near the top.</p>
<p>An active member of two computer hacking groups, the man, who goes by the alias Oxblood Ruffin, is leading an effort to help Chinese dissidents by providing them software that allows Internetusers to avoid Beijing's censors. Oxblood is a member of Cult of the Dead Cow, a hacker group that started in the mid-1980s. He is also active in a newer, related group, Hacktivismo, which last month released Camera/Shy, a free program that helps encrypt content on the Internet.</p>
-
Why doesn't the Pentagon, and particularly General Franks, encrypt the "war plans" and other secret information? It could then be stored, not on a computer's hard drive, but on something like a Zip Drive and locked up in a safe place.Is this too difficult for the Feds to figure out?
-
Hunt for hidden web messages goes on 18:13 12 July 02 NewScientist.com news service Computer enthusiasts have been searching for messages hidden in web site images following new claims that the al-Qaeda terrorist network is using this technique - steganography - to communicate. However, one expert in the field warns the images that have been flagged up as suspicious after initial examination are almost certain to be cleared after full analysis. Peter Honeyman, at the University of Michigan, told New Scientist: "You get a lot of these. We call them false positives." On 10 July, USA Today reported that US...
-
April 24, 2002 By Liza Porteus , National Journal's Technology Daily White House Homeland Security Director Tom Ridge on Tuesday said the high-tech sector is making instrumental contributions to the Bush administration as it cultivates a national homeland security strategy. Homeland security efforts will depend on technologies such as biometrics, next-generation detection devices designed to find traces of chemical or biological agents, dashboard electronics to ensure efficient border crossing for trucks and other vehicles, simulation software, and advanced encryption-standard codes, Ridge said during a dinner speech at the Electronic Industries Alliance's annual conference. Such advances are "more proof that the...
-
When I first heard about the encryption technique developed by Dr. Richard Hughes, it sounded like science fiction. After he explained it to me in detail, it still sounded like science fiction. Imagine, if you will, a means of delivering encryption keys that is so secure that it's impossible to break because doing so would violate the laws of physics. In other words, the delivery method is so secure, it's protected by the very fabric of the universe. IF THAT DOESN'T get your attention, think about this: What Dr. Hughes is working with is a way to encode information on...
|
|
|