Articles about Encryption

There’s a lot of talk about encryption these days. Often the issue arises when moving data to the cloud, using solutions like Dropbox or Box. We start to wonder if our information will be safe if it’s no longer stored locally on computers in our offices. We are confident that Dropbox and Box store everything in a secure way -- we have little reason to believe that they don’t, right?

Next, we think, "OK, what happens when information leaves or enters the cloud? Is our communication safe? Maybe that information should be encrypted, too". Actually, there’s no question about it. Data should be encrypted when it moves in and out of a network and when it’s stored in the cloud.

Continue reading →

Encryption is not all it’s cracked up to be according to a recent security report, with coding flaws introducing a number of vulnerabilities into smartphones and their software.

Seven in eight Android apps and 80 percent of all iOS apps have encryption flaws, claims Veracode’s State of Software Security report.

Continue reading →

Crypto-ransomware is one of the latest trends in the world of malware. Encrypting and holding files to ransom provides a way to extort money from victims, but a new example takes things one step further.

Chimera not only locks users out of their files until a ransom is paid, but also threatens to release unencrypted copies of the files online if payment is not made. Security company Trend Micro says this is the first instance of this type of threat. Interestingly, Chimera also seems to be part of an affiliate program.

Continue reading →

In the panic that followed the attacks on Paris by ISIS there have been calls for various measures to be put in place to stop similar atrocities happening in the future. As well as calls for an increase in online surveillance, politicians have also suggested that encryption should be weakened or banned entirely.

Secure email service ProtonMail found itself the subject of unwanted attention when it transpired that ISIS recommended using it to evade detection. The company has remained silent about the post-Paris backlash; until now.

Continue reading →

In a recent interview with the Irish Independent, CEO Tim Cook has once again said Apple will not weaken the encryption it uses in its mobile communication devices.

He did, however, say that the company he runs will work closely with the UK government to help create a quality legislation.

Continue reading →

BlackBerry and its subsidiary Secusmart have announced the release of SecuSUITE for Enterprise, a new voice encryption solution that protects mobile calls on the Android, iOS and BlackBerry operating systems.

By using the VoIP, software-based, cloud-hosted solution, employees will be able to conduct secure conversations worldwide and be able to send encrypted text messages of any length.

Continue reading →

In a lengthy, rambling blog post, Microsoft President Brad Smith explains how what has happened in relation to security over the past year is shaping the company's attitude to the cloud.  He says that "it's time to rebuild the world's faith in the technology that empowers us all".

He takes a while to get to the point, meandering slowly around anecdotes about Windows 10, Edward Snowden, terrorist attacks in Paris, hacking, and governmental desires to weaken encryption. He says that these and other events "show it's crucial to have a conversation about worldwide information security".

Continue reading →

It would appear that mass surveillance of the Internet is here to stay. We can rage against the machine, but ultimately we're powerless to stop the likes of the NSA and GCHQ prying into whatever they want to pry into. More and more people are turning to the dark web to help cover their tracks, but even the supposedly anonymous haven of Tor can be cracked for a price.

Last week in the UK, the draft Investigatory Powers Bill was published outlining proposals for ISPs to retain user's browsing histories for a full year. Governments want to weaken encryption. The FCC ruled that Do Not Track requests are essentially meaningless. The NSA finds and takes advantage of vulnerabilities. It's little wonder that privacy groups are up in arms -- the erosion of online rights continues with terrifying speed. But all is not lost. There are still things you can do to help maintain your privacy. If you're concerned, here's what you can do.

Continue reading →

Google, like many other companies, is pushing people towards using secure internet connections. HTTPS is becoming the norm, but not everyone has caught on. To keep the security-conscious informed, Gmail is set to issue warnings about emails that are received through unsecure connections that do not use encryption.

A joint study involving Google, University of Michigan and the University of Illinois found that email is "more secure today than it was two years ago", with an increase in the number of encrypted emails sent. That said, there are still plenty of people who are not using secure connections and Google is keen to keep its users informed when they receive communication through unencrypted channels.

Continue reading →

It's increasingly common for hardware manufacturers and software developers to build in various security measures to protect users.

However, a new survey by cloud encryption company Alertsec reveals that these standard security precautions may be creating a false sense of security for PC and mobile users.

Continue reading →

Tim Cook is concerned about privacy. The Apple CEO has spoken out against requests from governments for backdoors into encrypted products. Following the UK government's decision not to ban strong encryption but to force companies to provide authorities with access to encrypted data upon production of a warrant.

This is effectively a backdoor into products and Tim Cook gives a stark warning: "Any backdoor is a backdoor for everyone". He also suggests that security is something that needs to be tackled on a global scale rather than by individual countries.

Continue reading →

Extortion is just the latest in a series of weapons being used to terrorize computer users and technology companies. One of the most recent victims was ProtonMail which found itself the subject of a DDoS attack and a ransom demand -- and despite paying up, the attacks continued. But individual users also have their feet held in the fire by ransomware.

It's something that mobile users have become familiar with. Android users have been hit by malware that encrypts the contents of their phones and renders it inaccessible until a ransom is paid. It's a problem that has also affected Windows users, and the latest target is Linux. Web servers powered by Linux are being targeted by the Linux.Encoder.1 crypto-ransomware.

Continue reading →

Late last week, the UK government introduced a new Investigatory Powers bill, which requires Internet service providers to keep a record of the Internet activity of everyone in Britain, as well as cracking down on encryption and increasing government surveillance.

The initial reaction from industry professionals was mixed, but a new survey from Swiss data bank Artmotion has found that a massive 87 percent of IT leaders disagree with the government’s plan to reduce the strength of data encryption.

Continue reading →

Given all the spying that goes on these days it's no wonder that people are looking for more private ways to get online and stay in touch with one another. Secure email -- which is what Edward Snowden chose to use for his communications with journalist Glenn Greenwald of The Guardian -- is proving more and more popular.

Unfortunately, not everyone is keen on such services. One such secure email provider, ProtonMail, has been taken down today, by a DDoS attack. Who would want to attack the service? That's the million dollar question and the list of potential attackers could be quite long. A bevvy of agencies have spoken out against encryption, going so far as asking for backdoors into data, blithely oblivious to the consequences of such action. ProtonMail was designed securely and doesn't possess records of correspondence, so law enforcement can't demand data.

Continue reading →

The UK government today published a draft version of the Investigatory Powers Bill setting out a framework for new surveillance powers. Among the proposed measures is a requirement for ISPs to keep a record of every website their customers visit for 12 months.

Fears that encryption would be banned were not realized, but privacy campaigners will be disappointed that internet connection records will be accessible by police and security services without the need for a warrant. The NSA-style data collection is indiscriminate. Data will be stored about everyone's internet usage, not just those suspected of crime, terrorism and the like.

Continue reading →