All Activity

This stream auto-updates

  1. Earlier
  2. James

    VeraCrypt

    VeraCrypt 1.24-Update8 (November 28th 2020)has been released for MacOSX 10.9 and later. It fixes compatibility issues with macOS Big Sur, especially on Apple Silicon M1 with macFUSE 4.0.x.
  3. DiskCryptor has been modified by the Mamba ransomware. The FBI have advised that if any of the DiskCryptor files are detected prior to the second reboot, attempts should be made to determine if the myConf.txt is still accessible. If so, then the password can be recovered without paying the ransom. https://www.aha.org/system/files/media/file/2021/03/fbi-tlp-white-report-mamba-ransomware-weaponizing-diskcryptor-3-23-21.pdf
  4. DiskCryptor is a free and open-source full disk encryption system for Microsoft Windows. It allows a PC’s entire hard drive or individual partitions to be encrypted, including where the OS is installed. DiskCryptor uses either AES-256, Twofish, Serpent or a combination of cascaded algorithms in XTS mode to carry out encryption. DiskCryptor has not been updated since 2014. VeraCrypt is now used as an alternative.
  5. Elon Musk has tweeted that US orders for new Tesla cars can now be secured with the equivalent of a $100 deposit in Bitcoin, with other countries following soon. Bitcoin paid to Tesla will be retained as Bitcoin, not converted to fiat currencies.
  6. Microsoft has announced that Microsoft teams will offer End-to-End Encryption. The initial preview will be limited to 1:1 unscheduled calls, but Microsoft plans to expand this to scheduled calls and online meetings over time. https://www.techradar.com/uk/news/microsoft-teams-is-finally-getting-end-to-end-encryption-and-bunch-of-other-security-upgrades https://www.theverge.com/2021/3/2/22308915/microsoft-teams-end-to-end-encryption-support-e2ee
  7. Libgcrypt is a general-purpose crypto module developed for GNU Privacy Guard (GnuPG or GPG), a free software implementation of the OpenPGP standard. The Libgcrypt update to v1.9.0 was released on 19th January 2021. It included faster implementations for Poly1305 and ChaCha, and improved use of AES-NI to speed up AES-XTS (6 times faster). https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000453.html Unfortunately Google Project Zero researcher Tavis Ormandy reported a severe flaw in this update. The identified bug is a heap buffer overflow and it's considered rather serious
  8. Federally Chartered Banks and Thrifts May Participate in Independent Node Verification Networks and Use Stablecoins for Payment Activities https://www2.occ.gov/news-issuances/news-releases/2021/nr-occ-2021-2.html WASHINGTON—The Office of the Comptroller of the Currency (OCC) today published a letter clarifying national banks’ and federal savings associations’ authority to participate in independent node verification networks (INVN) and use stablecoins to conduct payment activities and other bank-permissible functions. “While governments in other countries have built real-time pa
  9. The FBI has confirmed that the Zodiac Killer’s 340-character cipher sent to the San Francisco Chronicle 51 years ago has been cracked. David Oranchak, Sam Blake and Jarl Van Eycke used the AZdecrypt software to help them solve the puzzle. “I hope you are having lots of fun in trying to catch me. I am not afraid of the gas chamber because it will send me to paradice (sic) all the sooner because I now have enough slaves to work for me” A guide to the methods used is available on YouTube... https://www.youtube.com/watch?v=-1oQLPRE21o
  10. Flaws with the Dual Elliptic Curve Deterministic Random Bit Generator (Dual EC DRBG) were found in 2007. Dan Shumow and Niels Ferguson, pointed out that using it with elliptic curve points generated by the NSA could allow encryption to be broken. Juniper Networks discovered unauthorized VPN-decryption code inside its NetScreen firewall firmware in 2015. It was attributed to Juniper’s decision to use the NSA-designed Dual EC Pseudorandom Number Generator. The backdoor had likely been added to Juniper products as far back as 2008 at the request of a ‘customer’. In 2018, US Senator Ron
  11. Zoom announced today that it will offer End-to-End Encryption https://blog.zoom.us/zoom-rolling-out-end-to-end-encryption-offering/ Extract: Zoom meetings and webinars by default use AES 256-bit GCM encryption for audio, video, and application sharing (i.e., screen sharing, whiteboarding) in transit between Zoom applications, clients, and connectors. In a meeting without E2EE enabled, audio and video content flowing between users’ Zoom apps is not decrypted until it reaches the recipients’ devices. However, the encryption keys for each meeting are generated and managed by Zoom’s serv
  12. James

    VeraCrypt

    VeraCrypt uses the Kuznyechik algorithm with 10 rounds and a 256-bit key operating in XTS mode. The Latest Stable Release: 1.24-Update7 (Friday August 7, 2020) is available from https://www.veracrypt.fr/en/Downloads.html
  13. Ring has announced that it's doorbell cameras will soon offer End-to-End Encryption (E2E) https://en-uk.ring.com/blogs/alwayshome/ring-announces-end-to-end-encryption-privacy-security-and-user-control-updates Extract: Beginning today, you can visit the new Video Encryption page in Control Centre for more information about how your videos are currently being protected. Once End-to-End Encryption is available, you will be able to enable the feature for one or multiple compatible Ring devices from Control Centre - at no additional cost. It’s been our core belief that only you
  14. The new IBM Power10 chip will be manufactured by Samsung and based on its new seven-nanometer process. It features 18 billion transistors, 30 cores, a Matrix Math Accelerator to speed up artificial intelligence performance, and multiple AES engines for performing data encryption. The Power10 chip has four times as many AES engines as the Power9. https://newsroom.ibm.com/2020-08-17-IBM-Reveals-Next-Generation-IBM-POWER10-Processor
  15. Zoom has acquired Keybase, the people behind Saltpack https://saltpack.org/ The acquisition is expected to help deliver end-to-end encryption for Zoom. It also made a commitment not to build a backdoor into its security. https://blog.zoom.us/wordpress/2020/05/07/zoom-acquires-keybase-and-announces-goal-of-developing-the-most-broadly-used-enterprise-end-to-end-encryption-offering/ https://keybase.io/blog/keybase-joins-zoom
  16. If anyone is interested in an outside the box approach. I invented a cipher over 6 years ago. It is a positional cipher that among many things compresses the cipher text to as little as a single one byte digit. Decryption is a simple counting function. Let me know if you are interested. I am not a programmer but thought this had merit even though it is now a simple hand cipher.
  17. The Zoom version 5.0 update improves the encryption used to protect call data. Zoom is upgrading from 128-bit Advanced Encryption Standard (AES) keys to AES 256-bit GCM encryption. https://mashable.com/article/zoom-encryption-update/
  18. Below is a sample key using letters. It could just as easily use ascii or bits or bytes. You will notice that it has several words called " paces" the obvious question is how do you know which one to use. The truth is it does not matter and to avoid human random error sequences that might allow this to be frequency attacked you could make decicions by the flip of a coin. In a frequency attack such as you would use with a one time pad. Vigeners cipher you could include letter double, triples, and even whole words, nibbles, bits, bytes, etc. m 5 a v er o a b space tt c
  19. Decided to post this simply because it has relevance past what I am able to code... I know Schneier said "Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can't break." I have studied cryptography, encryption methods and cryptanalysis for over 20 years. This is past me and has many one time pad similarities, but very very different. Enjoy and let me know what you think. Here is the link to see how to code and decode a positional cipher. I thought of this many years ago and thought I would post it to see what you think. To me it is lit
  1. Load more activity