Skip the navigation

Encryption Topic Center

Encryption news, in-depth articles and more

Encryption News

Attackers can easily create dangerous file-encrypting malware, new threat suggests

A new program that encrypts files to extort money from users highlights that attackers don't need advanced programming skills to create dangerous and effective ransomware threats, especially when strong encryption technology is freely available.
Read more...

iPhone gets first free app for encrypting voice calls

An open-source project has released the first free application for the iPhone that scrambles voice calls, which would thwart government surveillance or eavesdropping by hackers.

Tor Project working to fix weakness that can unmask users

Developers of Tor software believe they've identified a weakness that was scheduled to be revealed at the Black Hat security conference next month that could be used to de-anonymize Tor users.

Virtru launches business email encryption service for Google Apps

Email encryption startup Virtru has launched a version of its service for businesses using Google Apps, a market segment that the company thinks is showing increased interest in secure communications.

Stealthy ransomware 'Critroni' uses Tor, could replace Cryptolocker

Cybercriminals are spreading a new file-encrypting ransomware program that's more powerful and resilient than Cryptolocker, a threat recently shut down by the U.S. Department of Justice.

Net neutrality becomes a key battleground in encryption fight

Plans to favor some Internet packets over others threaten consumers' hard-won right to use encryption, a digital privacy advocate says.

Overreliance on the NSA led to weak crypto standard, NIST advisers find

The National Institute of Standards and Technology needs to hire more cryptographers and improve its collaboration with the industry and academia, reducing its reliance on the U.S. National Security Agency for decisions around cryptographic standards.

Encrypted instant messaging project seeks to obscure metadata

Security researchers have a working prototype of an instant messaging application that aims to thoroughly obscure and scrub evidence that two parties have been chatting.

Encrypted Web traffic can reveal highly sensitive information

Analyzing encrypted Web traffic can potentially reveal highly sensitive information such as medical conditions and sexual orientation, according to a research paper that forecasts how privacy on the Internet may erode.

Google develops a 'boring' version of OpenSSL

Google is developing its own version of OpenSSL that will be more appropriate for its own software products, which have been using the critical encryption component for years with customized patches.

Encryption In Depth

11 reasons encryption is (almost) dead

Massive leaps in computing power, hidden layers, hardware backdoors -- encrypting sensitive data from prying eyes is more precarious than ever

Kenneth van Wyk: Looking beyond Heartbleed

We can do things now to make things a little easier should we face another widespread security defect in code like OpenSSL.

How to defend against the OpenSSL Heartbleed flaw

CSOs need to take a number of steps as soon as possible to protect their organizations against the OpenSSL vulnerability that has shaken the tech industry, experts say.

What you need to know about Heartbleed and OpenSSL

You know that little padlock icon you look for to ensure your Web traffic is encrypted and secure? It turns out that you might not be as secure as you think thanks to a vulnerability that was accidentally introduced into the code of OpenSSL.

A clear-eyed guide to Mac OS X's actual security risks

Apple has improved its security in recent years, but is it enough?

Security Manager's Journal: Security flaw shakes faith in Apple mobile devices

And without remote management, getting patches onto devices scattered throughout the organization is hit or miss.

Kenneth van Wyk: Apple's big fail

It's disturbing that Apple would release an essential fix for iOS while ignoring the exact same problem in OS X.

Ira Winkler: The RSA Conference boycott is nonsense

The outrage is more about media hype, hypocrisy and grandstanding than firm principles.

The security industry finds a dream enemy -- government spy agencies

2013 was the year we learned we must encrypt our data if we don't want the likes of the U.S. National Security Agency or the U.K. Government Communications Headquarters reading it as it crosses the Internet.

Electronic privacy? There's no such thing

You will never be secure if you labor under the delusion of privacy.