encrypted

Verified Identify Pass Shuts Down "Clear" Operations

torrentami writes that Verified Identity Pass, operator of the “Clear” program, which allowed pre-screened passengers quicker access to US airport gates, “sent out emails to its subscribers today informing them that as of 11 p.m. PST they will cease operations. Clear was a pioneer in speeding customers through security at airports and had planned on expanding to large events. The service, where it was available, offered a first class security experience for travelers willing to fork over 0 a year and their biometrics. Customers are now left holding their Flyclear cards with encrypted biometrics. The question now becomes, what happens to all that information? This is not the first time Clear has been in the news. A laptop containing customer records was reportedly missing from the San Francisco International airport recently but then turned up shortly thereafter. Another casualty of the recession’s downturn in business travel.”

Read more of this story at Slashdot.


Share

Tags: , , , , , ,

Tuesday, June 23rd, 2009 Uncategorized Comments Off on Verified Identify Pass Shuts Down "Clear" Operations

Best Handset For Freedom?

Father Thomas Dowd writes “The pictures we are seeing of Iran are being captured on cell phones and the text is being twittered over SMS. Still, the government has some control over the networks, and we are all familiar with fears of wiretap technologies to spy on users. If the cell phone is the new tool of freedom, what would the best ‘freedom handset’ contain? I’m thinking of a device with an open OS, where each phone could be a router for encrypted messages passed through Bluetooth/WiFi/whatever, thereby totally bypassing physical infrastructures when necessary. Of course, some sort of plausible deniability encryption a la Truecrypt would also be good, in case the secret police catch you with your phone. What else might we need?”

Read more of this story at Slashdot.


Share

Tags: , , , , , , ,

Sunday, June 21st, 2009 Uncategorized Comments Off on Best Handset For Freedom?

DRM Group Set To Phase Out "Analog Hole"

eldavojohn writes “In yet another bid to make your life a little more annoying, our DRM overlords at the AACS Licensing Authority have released a new AACS Adopter Agreement. The riveting, 188-page PDF will inform you that — in the name of Digital Rights Management — there will be new limitations set on devices that decrypt Blu-Ray discs. HDMI already has the awesome encryption of HDCP between the device and the display unit. But Blu-Ray still has the Achilles heel of analog players that allow someone to merely re-encode the analog signal back to an unencrypted digital format. So if you have an analog HDTV, hang on to those analog decoders and hope they never break; by 2013 you won’t be able to buy a new one. Ars points out the inherent stupidity in this charade: ‘Particularly puzzling is the fact that plugging the so-called “analog hole” won’t stop direct digital ripping, enabled by software such as AnyDVD HD. And even the MPAA itself recommends using a camcorder pointed at a TV as a way to make fair use copies, creating another analog hole.’ And so the cat and mouse game continues. On that subject, DVD Jon’s legit company just brought out a billboard ad for his product doubleTwist next to Apple’s San Fransisco store. It reads, ‘The Cure for iPhone Envy. Your iTunes library on any device. In seconds.’ So while he’s busy taunting Apple, I’m certain there are others who might have some free time to look at Blu-Ray and the ‘uncrackable’ AACS.”

Read more of this story at Slashdot.


Share

Tags: , , , , , ,

Friday, June 12th, 2009 Uncategorized Comments Off on DRM Group Set To Phase Out "Analog Hole"

Chinese Govt Spyware Puts Computers At Risk

Ihmhi writes “China’s mandatory ‘Green Dam Youth Escort’ web filter software apparently has a series of severe flaws. In addition to not working on Linux or MacOS, traffic between the software and its servers is unencrypted.” I’m sure it only gets better after that.

Read more of this story at Slashdot.


Share

Tags: , , , , , , ,

Thursday, June 11th, 2009 Uncategorized Comments Off on Chinese Govt Spyware Puts Computers At Risk

Cybercriminals Refine ATM Data-sniffing Software

BobB-nw writes “Cybercriminals are improving a malicious software program that can be installed on ATMs running M|cr0s0ft’s Windows XP operating system that records sensitive card details, according to security vendor Trustwave. The malware has been found so far on ATMs in Eastern European countries, according to a Trustwave report. The malware records the magnetic stripe information on the back of a card as well as the PIN, which would potentially allow criminals to clone the card in order to withdraw cash. The collected card data, which is encrypted using the DES algorithm, can be printed out by the ATM’s receipt printer, Trustwave wrote.”

Read more of this story at Slashdot.


Share

Tags: , , , , ,

Thursday, June 4th, 2009 Uncategorized Comments Off on Cybercriminals Refine ATM Data-sniffing Software

Data Breach Exposes RAF Staff To Blackmail

Yehuda writes “Wired reports, ‘Yet another breach of sensitive, unencrypted data is making news in the United Kingdom. This time the breach puts Royal Air Force staff at serious risk of being targeted for blackmail by foreign intelligence services or others. The breach involves audio recordings with high-ranking air force officers who were being interviewed in-depth for a security clearance. In the interviews, the officers disclosed information about extra-marital affairs, drug abuse, visits to prostitutes, medical conditions, criminal convictions and debt histories — information the military needed to determine their security risk. The recordings were stored on three unencrypted hard drives that disappeared last year.'”

Read more of this story at Slashdot.


Share

Tags: , , ,

Thursday, May 28th, 2009 Uncategorized Comments Off on Data Breach Exposes RAF Staff To Blackmail

Flaw Made Public In OpenSSH Encryption

alimo20 writes “Researchers at the Royal Holloway, University of London have discovered a flaw in Version 4.7 of OpenSSH on Debian/GNU Linux. According to ISG lead professor Kenny Patterson, an attacker has a 2^{-18} (that is, one in 262,144) chance of success. Patterson tells that this is more significant than past discoveries because ‘This is a design flaw in OpenSSH. The other vulnerabilities have been more about coding errors.’ The vulnerability is possible by a man-in-the-middle intercepting blocks of encrypted material as it passes. The attacker then re-transmits the data back to the server and counts the number of bytes before the server to throws error messages and disconnects the attacker. Using this information, the attacker can work backwards to figure out the first 4 bytes of data before encryption. ‘The attack relies on flaws in the RFC (Request for Comments) internet standards that define SSH, said Patterson. … Patterson said that he did not believe this flaw had been exploited in the wild, and that to deduce a message of appreciable length could take days.'”

Read more of this story at Slashdot.


Share

Tags: , , ,

Thursday, May 21st, 2009 Uncategorized Comments Off on Flaw Made Public In OpenSSH Encryption

PIN Crackers Nab Holy Grail of Bank Card Security

Hackers have crossed into new frontiers by devising sophisticated ways to steal large amounts of personal identification numbers, or PINs, protecting credit and debit cards, says an investigator. The attacks involve both unencrypted PINs and encrypted PINs that attackers have found a way to crack,…

Share

Tags: , ,

Wednesday, April 15th, 2009 Uncategorized Comments Off on PIN Crackers Nab Holy Grail of Bank Card Security

Hulu Begins Encrypting Content to Thwart Non-Browser Apps

It looks like Hulu’s trying yet another ill-fated tactic to keep its content restricted to traditional browsers and off things like Boxxee — TunerFreeMCE’s Martin Millmore says Hulu’s HTML is now encrypted at the source and then decrypted using Javascript on the client…

Share

Tags: ,

Wednesday, April 1st, 2009 Uncategorized Comments Off on Hulu Begins Encrypting Content to Thwart Non-Browser Apps

Eliminating the Mobile Security Blind Spot


Office-bound workers at most companies today have a significant amount of IT security available to them when best practices are followed. Their computers are physically secure; their hard drives are hopefully encrypted; secure Web gateways, intrusion prevention systems and firewalls block dangers from the Internet. Audit trails are in place. Passwords and policies are enforced. Data protection is comprehensive. Take that computer outside of that office, and much of that protection is not available or much less effective — creating a “mobile blind spot.”

Share

Tags: , , , , , ,

Tuesday, March 24th, 2009 Uncategorized Comments Off on Eliminating the Mobile Security Blind Spot