Cryptography - Page 4.15
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Is a Linux SSH GUI in your future? Jack Wallen believes once you try Snowflake, there's no going back. If you are currently using Snowflake, we'd love to hear your thoughts!
The WireGuard VPN protocol, which is smaller, faster and easier to configure than IPsec, has been merged into Linus Torvalds' git repository for version 5.6 of the Linux kernel, the next release.
An election security group has said the Justice Department’s renewed calls for access to encrypted data could impact more than privacy, stating: “Any effort to diminish the effectiveness of encryption will inherently diminish the security and, potentially, the integrity, of our elections. Hostile actors will likely direct similar efforts at campaign officials, political organizations, and politically engaged individuals in future elections." What are your thoughts?
New research has heightened an already urgent call to abandon SHA-1, a cryptographic algorithm still used in many popular online services. A new, powerful GPG collision attack on the system which could enable attackers to fake digital certificates has been discovered.
Each year has its defining moments and trends. Learn why 2020 will be the "Year of Encryption":
A Google Chrome extension named Shitcoin Wallet is stealing passwords and wallet private keys, security researcher says. Learn more about this malicious extension:
Almost every week, we hear about another corporate data breach or government attack on privacy. For anyone who wants real privacy online, encryption is the essential component. Learn more about the importance of maintaining strong encryption:
The Senate Judiciary Committee recently held ahearingon encryption and “lawful access.” That’s the fanciful idea that encryption providers can somehow allow law enforcement access to users’ encrypted data while otherwise preventing the “bad guys” from accessing this very same data. Learn more:
This time last year, the Australian Labor Party waved through the government's encryption Bills, formally known as the Assistance and Access Bill, and threw out the line that it was to keep the nation safe. The Labor Party now says it will fix encryption laws it voted for last year, but legislation is unlikely to pass the House of Representatives. What are your thoughts on this proposed legislation and the implications it would have for citizens' privacy? Learn more:
We've been taught to look out for that little padlock to ensure a website is secure. But it's dangerous to rely on just one detail. Learn more:
The growing battle over end-to-end encryption took another turn last week, when EU officials warned that they may not take kindly to a US encryption ban or insertion of crypto backdoor technology. What is your opinion on this issue? We are in favor of strong encryption. Learn more:
Recent attacks on encryption have diverged. On the one hand, we’ve seen Attorney General William Barr call for “lawful access” to encrypted communications,using arguments that have barely changed since the 1990’s. But we’ve also seensuggestions from a different set of actors for more purportedly “reasonable” interventions, particularly the use of client-side scanning to stop the transmission of contraband files, most often child exploitation imagery (CEI). What are your thoughts on client-side scanning and its privacy implications? Learn more in a great EFF article:
Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS." Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates without sacrificing the reliability of secure connections. Learn more about Delegated Credentials for TLS in an informative The Hacker News article:
Is encryption code speech? Earlier court rulings suggest that it is, legally, and therefore subject to First Amendment protections. What are your thoughts? Learn more in a great CSO article:
In anextraordinary essay, the former FBI general counsel Jim Baker makes the case for strong encryption over government-mandated backdoors. What is your opinion on this? Learn more in a great Schneier on Security article:
"NIST hascompleted a study-- it was published last year, but I just saw it recently -- calculating the costs and benefits of the Advanced Encryption Standard." Learn Bruce Schneier's opinion on AES in an interesting article:
Have you heard that while Ubuntu developers are busyadding experimental ZFS support to their installer, the SUSE developers working on their YaST installer are working on offering better security options for their platform by beefing up the encryption capabilities at install-time? Learn more:
The road to routing all Domain Name System lookups through HTTPS is pocked with disagreements over just how much it will help. What is your opinion on this? Learn the details in an informative Wired article:
Have you heard that Russian hackers are infecting systems with RATs and using them to modify Chrome and Firefox browsers, adding a fingerprint to every TLS action and passively track encrypted traffic? Learn more in an interesting Engadget article:
You would be forgiven for thinking that encrypting PDFs, before they are stored or sent via email, keeps their contents away from prying eyes. But according to researchers in Germany, it might be time to revisit that assumption after they discovered weaknesses in PDF encryption which could be exploited to reveal the contents of a file to an attacker. Learn more: