Encryption news, trends, analysis and practical advice

computer security stock image
smartphone encryption

hand on keyboard

In desperation, many ransomware victims plead with attackers

The shamelessness of ransomware pushers knows no bounds. After encrypting people's files and then holding them to ransom, they portray themselves as service providers offering technical support and discounts to their "customers."

Bleep secure messaging app

BitTorrent Bleep -- crypto messaging disgruntles data snoops

BitTorrent just released its anonymous messaging app: Bleep, designed to keep messages and voice data private from unknown third parties. Although we could share more...


Disrupt - Criptext

Interview with Mayer Mizrachi, CEO of Criptext, at Techcrunch Disrupt.

Security issues at the HP online store

The word that best describes my recent shopping experience at the HP online store is amateurish. Its security issues offer a lesson in things to be aware of at any secure website.

Vint Cerf

Cerf calls encryption back doors 'super risky'

Internet pioneer Vinton Cerf argued Monday that more users should encrypt their data, and that the encryption back doors law enforcement agencies want will weaken online security

smartphone encryption

Lawmakers criticize FBI's request for encryption back doors

U.S. lawmakers are skeptical of an FBI request for Congress to mandate encryption workarounds in smartphones, with critics saying Wednesday that back doors would create new vulnerabilities that bad guys can exploit.


Security extortion? When legit disclosure morphs into a shakedown

The essence of security is not trusting that people will do the right thing. Firewalls, deadbolts and armed guards exist to slow down or stop bad guys, not to encourage good acts from good guys. With that in mind, let's look at how...


With ransomware on the rise, cryptographers take it personally

Some of the world's leading cryptographers are concerned about the growing number of malicious programs that hold computers and mobile phones ransom.

Whistleblowers are at risk using U.S. gov't sites to report fraud

More than two dozen U.S. government websites should be urgently upgraded to use encryption to protect whistleblowers, the ACLU said.


SSL/TLS/HTTPS: Keeping the public uninformed

Perhaps the most important thing to understand about the SSL/TLS/HTTPS system that secures websites is that you are not supposed to understand it.

security hole in fence clouds gap opening

Wider use of HTTPS could have protected GitHub

The unique attack method used to disrupt code-sharing site GitHub over the last week could have been prevented if more websites enabled encryption.

point of sale credit card reader

New malware program PoSeidon targets point-of-sale systems

Retailers beware: A new Trojan program targets point-of-sale (PoS) terminals, stealing payment card data that can then be abused by cybercriminals.

apple touch id

Apple’s TouchID has promise for the enterprise

Expect much more from Apple’s TouchID somewhere down the line – the company is thinking about more ways to make its biometric identification solution useful.

white house

US gov't wants HTTPS on its publicly accessible sites within two years

Publicly accessible websites and services of U.S. government agencies will have to move to HTTPS encryption within two years to meet the government's objective of offering these sites and Web services over a secure connection.


Researchers find same RSA encryption key used 28,000 times

What if the key to your house was shared with 28,000 other homes? That's essentially what researchers with Royal Holloway of the University of London discovered while scanning the Internet to see how many servers and devices are still...


Yahoo puts email encryption plugin source code up for review

Yahoo released the source code for a plugin that will enable end-to-end encryption of email messages, a planned data-security improvement prompted by disclosures of U.S. National Security Agency snooping.

security risk thinkstock keyboard

Time for all Windows users to FREAK out over encryption bug

Microsoft on Thursday confirmed that Windows was vulnerable to FREAK attacks, and researchers changed their tune, saying Internet Explorer (IE) users were at risk.

freak openssl export

Freak out: Apple and Android gear vulnerable to yet another open-source bug

Another month, another ancient OpenSSL vuln. with a silly name. This time, it's FREAK -- Factoring RSA Export Keys. The bug stems from crypto Export controls negotiated in the G.H.W.Bush era.

Load More