Entries Tagged "encryption"

Page 41 of 53

Choosing a Bad Password Has Real-World Consequences

Oops:

Wikileaks has cracked the encryption to a key document relating to the war in Afghanistan. The document, titled “NATO in Afghanistan: Master Narrative”, details the “story” NATO representatives are to give to, and to avoid giving to, journalists.

An unrelated leaked photo from the war: a US soldier poses with a dead Afghani man in the hills of Afghanistan

The encrypted document, which is dated October 6, and believed to be current, can be found on the Pentagon Central Command (CENTCOM) website.

Posted on March 9, 2009 at 1:19 PMView Comments

Judge Orders Defendant to Decrypt Laptop

This is an interesting case:

At issue in this case is whether forcing Boucher to type in that PGP passphrase—which would be shielded from and remain unknown to the government—is “testimonial,” meaning that it triggers Fifth Amendment protections. The counterargument is that since defendants can be compelled to turn over a key to a safe filled with incriminating documents, or provide fingerprints, blood samples, or voice recordings, unlocking a partially-encrypted hard drive is no different.

Posted on March 2, 2009 at 12:30 PMView Comments

NSA Wants Help Eavesdropping on Skype

At least, according to an anonymous “industry source”:

The spybiz exec, who preferred to remain anonymous, confirmed that Skype continues to be a major problem for government listening agencies, spooks and police. This was already thought to be the case, following requests from German authorities for special intercept/bugging powers to help them deal with Skype-loving malefactors. Britain’s GCHQ has also stated that it has severe problems intercepting VoIP and internet communication in general.

Skype in particular is a serious problem for spooks and cops. Being P2P, the network can’t be accessed by the company providing it and the authorities can’t gain access by that route. The company won’t disclose details of its encryption, either, and isn’t required to as it is Europe based. This lack of openness prompts many security pros to rubbish Skype on “security through obscurity” grounds: but nonetheless it remains a popular choice with those who think they might find themselves under surveillance. Rumour suggests that America’s NSA may be able to break Skype encryption—assuming they have access to a given call or message—but nobody else.

The NSA may be able to do that: but it seems that if so, this uses up too much of the agency’s resources at present.

I’m sure this is a real problem. Here’s an article claiming that Italian criminals are using Skype more than the telephone because of eavesdropping concerns.

Posted on February 23, 2009 at 6:51 AMView Comments

Hard Drive Encryption Specification

There’s a new hard drive encryption standard, which will make it easier for manufacturers to build encryption into drives.

Honestly, I don’t think this is really needed. I use PGP Disk, and I haven’t noticed any slowdown due to having encryption done in software. And I worry about yet another standard with its inevitable flaws and security vulnerabilities.

EDITED TO ADD (2/13): Perceptive comment about how the real benefit is regulatory compliance.

Posted on February 5, 2009 at 7:13 AMView Comments

Remote-Controlled Thermostats

People just don’t understand security:

Mr. Somsel, in an interview Thursday, said he had done further research and was concerned that the radio signal—or the Internet instructions that would be sent, in an emergency, from utilities’ central control stations to the broadcasters sending the FM signal—could be hacked into.

That is not possible, said Nicole Tam, a spokeswoman for P.G.& E. who works with the pilot program in Stockton. Radio pages “are encrypted and encoded,” Ms. Tam said.

I wonder what she’ll think when someone hacks the system?

Posted on December 11, 2008 at 6:55 AMView Comments

1 39 40 41 42 43 53

Sidebar photo of Bruce Schneier by Joe MacInnis.