Articles about Encryption

Flash drives are less popular nowadays thanks to cloud storage. While the cloud offers convenience, there is extra control and security when local storage is used. Remember folks, when you leverage the cloud, you open yourself up to deficiencies of a third-party company -- a mass data breach could expose your secret files. For a business in particular, this could mean the loss of important information, or the leak of confidential information. Your company's reputation could be tarnished as a result.

If you are more comfortable using USB flash drives for storing and transmitting data, encryption is a must -- hardware being the best. Today, Kingston unveils the IronKey D300 USB Flash Drive. To secure your data, it uses FIPS 140-2 Level 3, 256-bit AES-XTS hardware encryption. There is also a "managed" version of the drive which allows companies to impose its requirements on employee-used drives.

Continue reading →

If you think you and your data are safe on the internet, think again. As we increasingly entrust companies with our data and information, many of these entities end up letting us down. For instance, in a bombshell reveal, we recently learned that Yahoo was scanning user email for the US government. Yes, the company violated the trust that users gave it.

Earlier this year, Open Whisper Systems was served with a subpoena from the Eastern District of Virginia asking it to turn over Signal messaging user information for a federal grand jury investigation. While this sounds like the beginning of a sad story for users of the service, it is actually a beautiful tale with a very happy ending. You see, thanks to the company's focus on encryption and smart design, it was unable to turn over any meaningful data. In other words, the service was created in such a way that the desired information couldn't be presented even if the company wanted to. Too bad that Yahoo didn't design its services in the same way, eh?

Continue reading →

Companies are turning to encryption in order to protect their sensitive data, but many of the systems used can be cumbersome and don't necessarily offer total protection.

CipherLoc Corporation is launching a suite of data security solutions that eliminate the flaws and inadequacies in today’s encryption algorithms, adding an extra layer of protection to existing products, services, and applications.

Continue reading →

Yahoo users who have not changed their passwords for a while are being advised to do so. The company has confirmed that it suffered a major security breach back in 2014 and information relating to 500 million accounts was stolen.

Yahoo says that the attack was carried out by a "state-sponsored actor" but does not elaborate on who it might be. The data accessed includes "names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers".

Continue reading →

If your laptop or smartphone gets lost or stolen, there’s the danger of its contents being accessed, which could prove a nightmare. If the device is encrypted, however, you can rest easy… Or can you?

Ebba Blitz, CEO of laptop encryption company Alertsec (and former host of Sweden's Shark Tank), chatted with me about the benefits and potential pitfalls of encryption, and revealed her top tips for keeping your data secure.

Continue reading →

The ever-popular messaging tool WhatsApp is to start sharing more user data with its parent company Facebook. The updated privacy policy means that WhatsApp will now share users' phone numbers with Facebook to "offer better friend suggestions and show you more relevant ads".

The updated policy also communicates the fact that end-to-end encryption has rolled out, but it is the privacy side of things that will be of greater interest to many people.

Continue reading →

Virtual Machines have been mainstream for some time, and many IT managers think they have good management processes in place; they know where their machines are, their status, and the function they are performing. But is that enough? Whilst virtual machines (VMs) allow an IT infrastructure to be extremely agile in Private, Public and/or Hybrid Cloud environments, they also create opportunities for weak points, where data can be compromised.

Encryption is one of those major weak points, where VMs can be deployed without an encryption policy being followed, subverting compliance, and leading to machines in a live environment that lack the required protection. More often than not, those VMs will contain sensitive data.

Continue reading →

Until now, anyone using the Google cloud platform, Google Compute Engine, was forced to use encryption keys generated by Google. Clearly this spooked a lot of people, and there have long been calls for users to be granted greater control of security.

Now this is happening -- users are able to provide their own encryption keys. Customer-Supplied Encryption Key (CSEK) are used to provide a second layer of security, on top of the Google-generated keys that are used by default.

Continue reading →

In the world of web browsers, there are four or five big names to choose from but no end of smaller alternatives. One such browser is Maxthon, and security researchers have just discovered that this Chinese-produced browser is transmitting a wealth of data about users back to China.

Researchers at Fidelis Cybersecurity and Exatel found that Maxthon frequently sends zip files to Beijing over HTTP and this contains a terrifying amount of data about users' browsing habits. The ueipdata.zip file incudes, among other things, details of the sites visited by users, the applications they have installed, and what searches have been performed.

Continue reading →

New software, designed by scientists at the University of Florida (UF), just might be the answer to thwarting the ever-growing problem of ransomware.

Ransomware is a form of malware used by cybercriminals to exploit users into paying significant sums of money to retrieve their own files. When an infection happens, the files on a user’s system are encrypted by the virus and the only way to regain access to those files is by paying a ransom to the hackers behind the attack.

Continue reading →

It just became significantly harder to mine Bitcoins. The halving event rolled around yesterday, July 9, and means that the reward for mining just dropped by 50 percent. The cryptocurrency is generated by machines around the world 'mining' for new bitcoins.

Rewards of bitcoins are handed out for giving over computing power to process bitcoin transactions. It's a very, very slow way to make money -- and it just got a whole lot slower. While there were previously 25 bitcoins (around $16,000) available globally to miners every 10 minutes, the figure is now just 12.5 bitcoins. But what does this mean for the digital currency?

Continue reading →

Continuing in its relentless drive to take over the world of messaging, Facebook Messenger is gaining end-to-end encryption. To start with, the security feature is only rolling out on a 'limited test basis' but if feedback is positive, it will get a wider airing.

Facebook says that the move comes in response to requests for additional security options to protect discussions about sensitive matters, saying that security and privacy experts have been involved in the implementation of the feature.

Continue reading →

With so much focus now placed on privacy and security, you would have thought that the Blackphone from Silent Circle would have been a roaring success. But documents from a court case with former partner Geeksphone reveal that there have been just a handful of sales, and revenue is hundreds of millions of dollars lower than expected.

Silent Circle found itself in court after Geeksphone complained that it had not received a $5 million payment agreed as part of a buyout. Geeksphone had helped to build the original Blackphone, and Silent Circle went on to buy the Spanish company's share before launching the Blackphone 2. But sales were much, much lower than expected, leading the company to describe its hardware business to "be a significant financial drain".

Continue reading →

A newly revealed vulnerability on Android phones is able to bypass the full disk encryption on over half of devices.

The attack, demonstrated by Israeli security researcher Gal Beniamini, can allow an attacker to break through the levels of trust and privileges that are intended to ensure only legitimate code can access secret material, such as DRM keys or disk encryption keys.

Continue reading →

The use of encryption in global organizations is now at an all-time high, with 41 percent using it extensively today -- a seven percent rise over last year.

This is among the findings of a Global Encryption report from Thales e-Security and the Ponemon Institute which shows that businesses are taking action to guard their sensitive data.

Continue reading →