Privacy and security are major concerns when it comes to life online, but a survey by Mozilla reveals that a worrying number of people do not know how to stay in control of them. The company also found that a third of people feel they have no control over their information online, with a similar number confessing to knowing "very little" about encryption.

But these are not the only concerns of internet users. Mozilla also asked about people's greatest online fears. Topping the list is "being hacked by a stranger" (a fear held by 80 percent of people), and "being tracked by advertisers" (61 percent). As well as presenting the results of its survey, Mozilla also has some important advice.

After two years of research, Google has shown that it has successfully broken SHA-1 encryption. The company is yet to release details of how it achieved the first SHA-1 "collision", but has released a proof of concept.

In keeping with its own disclosure policy, details of how the encryption was effectively broken will be released after 90 days. In the meantime, you can take a look at two specially-crafted PDF files that have identical SHA-1 hashes but different content (the definition of a collision).

A new survey reveals a disconnect between the security solutions organizations spend money on and the ability of those solutions to protect sensitive data.

The study from security solutions company Thales e-Security and 451 Research finds that while 30 percent of respondents classify their organizations as 'very vulnerable' or 'extremely vulnerable' to data attacks the two top spending priorities are network (62 percent) and endpoint (56 percent) protection solutions.

Facebook has long-claimed that its WhatsApp messaging service is completely secure and messages cannot be intercepted thanks to its use of end-to-end encryption. But researchers have unearthed what they call a serious security flaw that makes it possible to read encrypted messages.

Based on Open Whisper Systems' Signal Protocol, the unique security keys used to implement end-to-end encryption should keep messages secure. But WhatsApp can force offline users to generate new keys and this could allow Facebook -- and third parties -- to read messages.

The election of Donald Trump has alarmed privacy advocates who worry that the self-described "law-and-order" president will take a more heavy-handed approach towards issues of security and privacy. Of particular concern are fears that there will be attempts to weaken or otherwise disable the encryption that is widely used to protect sensitive data and maintain user privacy.

Based on the proposed cabinet-level nominees put forth by Trump, these fears may be well-founded.

The Congressional Encryption Working Group (EWG) was set up in the wake of the Apple vs FBI case in which the FBI wanted to gain access to the encrypted contents of a shooter's iPhone. The group has just published its end-of-year report summarizing months of meetings, analysis and debate.

The report makes four key observations, starting off with: "Any measure that weakens encryption works against the national interest". This is certainly not a new argument against encryption backdoors for the likes of the FBI, but it is an important one. EWG goes on to urge congress not to do anything to weaken encryption.

A security vulnerability discovered in numerous Linux distros potentially puts millions of users at risk. CVE-2016-4484 (Cryptsetup Initrd root Shell) affects the Cryptsetup script that is used to unlock partitions encrypted with LUKS (Linux Unified Key Setup).

The flaw means that it is possible for a hacker to access, change or delete data on the hard drive, and it is not even necessary to have physical access to exploit the vulnerability in every circumstance. But the worrying thing is just how easy the problem is to exploit.

In an effort to demonstrate how AI could be used to boost encryption, researchers at Google taught two neural networks how to communicate with one another while keeping their conversation secret from a third.

Researchers at the company's deep learning initiative, Google Brain, have successfully taught two neural networks, given the nicknames "Alice" and "Bob", to secretly communicate with one another while keeping the details of their conversations hidden from one called "Eve". Last week, the team behind this endeavor published a paper detailing the process of the experiment and its results.

Despite a desire to be more connected than ever before, people are simultaneously more concerned than ever about their security and privacy. This is certainly true when it comes to messaging tools, and the privacy features offered by a particular app or service can be what sways your decision to use it one way or the other.

Justice group Amnesty International has spent some time analyzing the privacy and encryption found in a number of popular messaging tools and compiled results in a ranked list. The findings make for interesting reading, not least because Facebook is ranked the most highly.

Facebook's recently rolled-out Secret Conversations heralded the arrival of not only end-to-end encryption for users, but also disappearing messages. Not to be outdone, Edward Snowden's favorite messaging service, Signal, has followed suit.

The company behind the app, Open Whisper Systems, points out that the feature is not really designed to further improve security and privacy; rather it is a way "to keep your message history tidy".

Flash drives are less popular nowadays thanks to cloud storage. While the cloud offers convenience, there is extra control and security when local storage is used. Remember folks, when you leverage the cloud, you open yourself up to deficiencies of a third-party company -- a mass data breach could expose your secret files. For a business in particular, this could mean the loss of important information, or the leak of confidential information. Your company's reputation could be tarnished as a result.

If you are more comfortable using USB flash drives for storing and transmitting data, encryption is a must -- hardware being the best. Today, Kingston unveils the IronKey D300 USB Flash Drive. To secure your data, it uses FIPS 140-2 Level 3, 256-bit AES-XTS hardware encryption. There is also a "managed" version of the drive which allows companies to impose its requirements on employee-used drives.

If you think you and your data are safe on the internet, think again. As we increasingly entrust companies with our data and information, many of these entities end up letting us down. For instance, in a bombshell reveal, we recently learned that Yahoo was scanning user email for the US government. Yes, the company violated the trust that users gave it.

Earlier this year, Open Whisper Systems was served with a subpoena from the Eastern District of Virginia asking it to turn over Signal messaging user information for a federal grand jury investigation. While this sounds like the beginning of a sad story for users of the service, it is actually a beautiful tale with a very happy ending. You see, thanks to the company's focus on encryption and smart design, it was unable to turn over any meaningful data. In other words, the service was created in such a way that the desired information couldn't be presented even if the company wanted to. Too bad that Yahoo didn't design its services in the same way, eh?

Companies are turning to encryption in order to protect their sensitive data, but many of the systems used can be cumbersome and don't necessarily offer total protection.

CipherLoc Corporation is launching a suite of data security solutions that eliminate the flaws and inadequacies in today’s encryption algorithms, adding an extra layer of protection to existing products, services, and applications.

Yahoo users who have not changed their passwords for a while are being advised to do so. The company has confirmed that it suffered a major security breach back in 2014 and information relating to 500 million accounts was stolen.

Yahoo says that the attack was carried out by a "state-sponsored actor" but does not elaborate on who it might be. The data accessed includes "names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers".

If your laptop or smartphone gets lost or stolen, there’s the danger of its contents being accessed, which could prove a nightmare. If the device is encrypted, however, you can rest easy… Or can you?

Ebba Blitz, CEO of laptop encryption company Alertsec (and former host of Sweden's Shark Tank), chatted with me about the benefits and potential pitfalls of encryption, and revealed her top tips for keeping your data secure.