Search the Community

Showing results for tags 'encryption'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Found 10 results

  1. A European Parliament committee is proposing that end-to-end encryption can be used by the public. They submitted a proposal for a regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications.
  2. The Internet Society has lobbied the G20 to adopt a fully encrypted Internet, and advocates the use of strong encryption despite issues faced by law enforcement. CEO Kathryn Brown doesn’t hold back, and asks G20 nations to embrace encryption because the digital economy “will only continue to thrive and generate opportunities for citizens if the Internet is strong, secure, and trusted.” “Strong encryption is an essential piece to the future of the world’s economy” is marked out in bold letters before going on to say “the Internet Society believes it should be the norm for all online transactions. It allows us to do our banking, conduct local and global business, run our power grids, operate, communications networks, and do almost everything else. Encryption is a technical building block for securing infrastructure, communications and information. It should be made stronger and universal, not weaker. However, rather than being recognized as the way to secure our online transactions or our conversations, all too often the debate focuses on the use of encryption as a way to thwart law enforcement. To undermine the positive role of encryption in the name of security could have devastating consequences.” And to ensure the Internet Society’s viewpoint is clearly understood the article is rounded off with a 3-point manifesto… If the G20 countries are serious about strengthening their economies and continuing to deliver economic and social prosperity to their citizens in future, there are three key principles they should endorse and implement immediately: 1. Encryption is an important technical foundation for trust in the digital economy and should be the norm. All users (whether government, business or individual) should use encryption to protect infrastructure, communications and the privacy and integrity of their data. Encryption technologies should be strengthened, not weakened. 2. The security of the digital economy is a shared responsibility that needs the expertise and experience of all stakeholders, across border and across disciplines. It is an urgent need that will require open, inclusive collaboration. 3. Users’ rights should be at the heart of any decisions related to the digital economy. They are both the customers and the contributors to the success of the digital economy.
  3. Sir Tim Berners-Lee spoke to the BBC following the news that he has been given the Turing Award. Sir Tim said giving the authorities a back door to encryption would have serious consequences. Moves to undermine encryption would be a “bad idea” and represent a massive security breach. If you break encryption other people (e.g. terrorists) may end up getting better at it than you are. Sir Tim also criticised the UK and USA on privacy matters, such as the UK's recent Investigatory Powers Act… “The idea that all ISPs should be required to spy on citizens and hold the data for six months is appalling.” He was shocked by the USA scraping laws preventing internet service providers from selling user data.
  4. Minister for Digital and Culture Matt Hancock has given a speech at the Institute of Directors Conference in London. He said that encryption and cyber security are a crucial part of our modern economy. He said both are at the heart of the Government’s National Cyber Security Strategy (NCSC). They are aware that one in three small firms, and two in three large businesses experienced a cyber breach or attack in the past year. He said the the costs of a successful attack can be huge because over 95% of businesses have internet access, over 60% of employees use computers at work, and the internet is used daily by over 80% of adults - and four out of five people in the UK bought something online in the past year.
  5. Fhoosh, founded in 2012 by Eric Tobias and Linda Eigner, has raised $2 million in venture funding from Volta Global to get its software to market. Fhoosh’s new method of encryption doesn’t degrade network performance. Jeff Evans, managing director of Volta Global, said “Fhoosh has developed a novel, proprietary solution to enable enhanced safety, security and speed all at once.” Eric Tobias claims that if network defenses are breached, the attackers will uncover unusable data, finding “data dust instead of data diamonds.”
  6. The Register reports on a weakness with the Device Encryption Key (DEK) used on Android. The DEK is encrypted using the owner’s PIN or password and an encrypted block of data called the KeyMaster Key Blob. The blob is located in the protected TrustZone. However Gal Beniamini has discovered bugs in the management app running the TrustZone that create a privilege-escalation vulnerability. Once the blob has been acquired it only requires brute force on the PIN or password to obtain decrypted access. Unfortunately the patching process depends on the hardware vendor, so it may be some time before the known bugs are patched. Even though Google has already patched the Nexus it will only remain secure until further privilege-escalation bugs are identified, and more are only to be expected. Ultimately it is the methodology that allows this weakness to prevail.
  7. “Teaching Mathematics Is Apparently Terrorism” reports Rick Falvinge, Head of Privacy at Private Internet Access, to describe Scotland Yard’s set of charges against Samata Ullah. Although the intended purpose of Samata Ullah’s actions are understood to be terrorist related it has raised a few eyebrows across the IT sector (see here, and here) to see the underlying technology maligned in such broad terms. What do you think?
  8. Sophos SafeGuard

    Sophos SafeGuard encrypts content as soon as it’s created. Files will remain encrypted when transferred to a shared folder, removable USB stick, or the cloud. It can also provide centrally managed, full disk encryption using Windows BitLocker and Mac FileVault 2. Sophos SafeGuard enables organisations to meet compliance requirements for HIPAA, PCI and GDPR. A free trial is available from Sophos.
  9. An Apple Support document (HT202303) provides a complete guide to how encryption is used by Apple products and services. iCloud encrypts your data when it is sent over the Internet, storing it in an encrypted format when kept on server, and using secure tokens for authentication. iCloud uses a minimum of 128-bit AES encryption. With a caveat for system version for Notes, it appears that everything Apple does - Calendars, Contacts, Bookmarks, Reminders, Photos, Documents in the Cloud, iCloud Drive, Backup, Find My iPhone, Find My Friends, iCloud Keychain - is encrypted both in transit and at rest. However iCloud does not encrypt data stored on IMAP mail servers. iCloud Keychain uses 256-bit AES encryption to store and transmit passwords and credit card information. Also uses elliptic curve asymmetric cryptography and key wrapping. Bruce Sewell, Apple’s Senior Vice President and General Counsel, has hinted that the next iteration of iCloud will include end-to-end encryption when he testified before a House committee.
  10. Encryption: A Matter of Human Rights is Amnesty International’s first official stance on encryption and human rights. It says that people everywhere should be able to encrypt their communications and personal data as an essential protection of their rights to privacy and free speech.