security

NSA Efforts Damaged U.S. Cryptography Standard

"The fix may not be all that difficult—the tainted part of the standard is a highly inefficient algorithm that security experts identified as a problem long ago. In fact, the biggest mystery, those experts say, is why the NSA thought any company or government agency would willingly use that particular algorithm to protect their data. Despite Dual_EC_DRBG’s known flaws, prominent tech companies including Microsoft, Cisco, Symantec and RSA include the algorithm in their product’s cryptographic libraries primarily because they need it to be eligible for government contracts, cryptographer Bruce Schneier says." Continue reading

Continue ReadingNSA Efforts Damaged U.S. Cryptography Standard

China’s beverage billionaire Zong Qinghou victim of knife attack

"Multi-billionaire Zong Qinghou, China’s second richest man, was attacked and injured by a would-be job applicant wielding a knife, official media said Wednesday. Zong, China’s richest man until he was dethroned last week, is chairman of the country’s leading beverage producer Wahaha Group. Forbes magazine estimates his personal wealth at $11 billion, second only to Wang Jianlin, head of conglomerate Wanda Group, on $14 billion. Zong started his business in 1987 on a tricycle selling soft drinks and ice cream and built Wahaha into one of the top 500 private firms in China, according to the company’s website." Continue reading

Continue ReadingChina’s beverage billionaire Zong Qinghou victim of knife attack

Google argues for right to continue scanning Gmail

"Attorneys suing Google say the firm violates privacy and takes personal property by electronically scanning the contents of people's Gmail accounts and then targeting ads to them. 'This company reads, on a daily basis, every email that's submitted, and when I say read, I mean looking at every word to determine meaning,' said Texas attorney Sean Rommel, who is co-counsel suing Google. But in a federal court hearing Thursday in San Jose, Google argued that the case should be dismissed, and that 'all users of email must necessarily expect that their emails will be subject to automated processing.'" Continue reading

Continue ReadingGoogle argues for right to continue scanning Gmail

Court: WiFi Sniffing Can Be Wiretapping Because WiFi Isn’t Audio

"A couple years ago, we were disappointed to see a judge take the technologically wrong stance that data transmitted over WiFi is not a 'radio communication,' thereby making sniffing of unencrypted WiFi signals potentially a form of wiretapping. Indeed, based on that, the court eventually ruled that Google's infamous WiFi sniffing could be a violation of wiretap laws. This is wrong on so many levels... and tragically, an appeals court has now upheld the lower court's ruling. There are serious problems with this. Under no reasonable view is WiFi not a radio communication first of all. That's exactly what it is." Continue reading

Continue ReadingCourt: WiFi Sniffing Can Be Wiretapping Because WiFi Isn’t Audio

Apple’s Fingerprint ID May Mean You Can’t ‘Take the Fifth’

"For the privilege to apply, however, the government must try to compel a person to make a 'testimonial' statement that would tend to incriminate him or her. When a person has a valid privilege against self-incrimination, nobody — not even a judge — can force the witness to give that information to the government. But a communication is 'testimonial' only when it reveals the contents of your mind. We can’t invoke the privilege against self-incrimination to prevent the government from collecting biometrics like fingerprints, DNA samples, or voice exemplars. Why? Because the courts have decided that this evidence doesn’t reveal anything you know. It’s not testimonial." Continue reading

Continue ReadingApple’s Fingerprint ID May Mean You Can’t ‘Take the Fifth’

What Do the Latest NSA Leaks Mean for Bitcoin?

"Could the intelligence community have a secret exploit for Bitcoin? It's rather obvious that Bitcoin presents a very strong financial incentive to break its cryptography, since such a vulnerability could allow an attacker to claim large amounts of virtual currency for themselves. But given the decentralized nature of the currency, it may also be a target for intelligence officials looking for ways to track its use. Clearly, Bitcoin is on the government's radar. Knowing how much effort the NSA, amongst others, has placed on cracking encryption, has it tackled Bitcoin too? First, we need to look at how Bitcoin works." Continue reading

Continue ReadingWhat Do the Latest NSA Leaks Mean for Bitcoin?

Argentina arrests teen hacker who netted $50,000 a month

"Police in Argentina have arrested a 19-year-old man accused of heading a gang of hackers who targeted international money transfer and gambling websites. Dubbed 'the superhacker', the teenager was making $50,000 (£31,500) a month, working from his bedroom in Buenos Aires, police say. The arrest operation shut down the power to the entire neighbourhood to prevent the deletion of sensitive data. Police say it took them a year to close in on the teenager. The young man lived with his father, a computer expert, in Buenos Aires. In the teenager's room, officials found high-capacity computers." Continue reading

Continue ReadingArgentina arrests teen hacker who netted $50,000 a month

Most Secure Bitcoin Wallet Armory Raises $600k Led by Trace Mayer

"Insecure Bitcoin wallets and unscrupulous providers have previously resulted in the losses of significant funds for Bitcoin users. In the two full years Armory has been in use, Armory has had no reports of any lost or stolen Bitcoins among users who have used Armory’s printed paper backup feature. New features will include support for hardware wallets and multi-signature transactions. This will open the door for enterprise level Bitcoin security by requiring that at least two or more people or devices (depending on corporate policies) approve every transaction. The next version will include functionality to create fragmented backups that can be stored in multiple locations for increased physical security." Continue reading

Continue ReadingMost Secure Bitcoin Wallet Armory Raises $600k Led by Trace Mayer

Bruce Schneier: Surreptitiously Tampering with Computer Chips

"The paper talks about several uses for this type of sabotage, but the most interesting -- and devastating -- is to modify a chip's random number generator. This technique could, for example, reduce the amount of entropy in Intel's hardware random number generator from 128 bits to 32 bits. This could be done without triggering any of the built-in self-tests, without disabling any of the built-in self-tests, and without failing any randomness tests. I have no idea if the NSA convinced Intel to do this with the hardware random number generator it embedded into its CPU chips, but I do know that it could. Yes, this is a conspiracy theory. But I'm not willing to discount such things anymore." Continue reading

Continue ReadingBruce Schneier: Surreptitiously Tampering with Computer Chips

Minnesota Obamacare exchange disclosed personal info of at least 2,400

"While MNsure officials said the mistake was quickly resolved and was the first security breach, the incident highlights concerns of those who have hounded the state for years about privacy issues surrounding the online-based health insurance exchanges. The new marketplaces are a key vehicle for implementing the federal health law, often called Obamacare. Users of the exchange will need to provide sensitive information, including Social Security numbers, that will be sent to a federal hub to verify such things as citizenship and household income. This information will determine whether consumers using MNsure qualify for public health programs or tax credits that will lower premiums." Continue reading

Continue ReadingMinnesota Obamacare exchange disclosed personal info of at least 2,400