Cryptography


android malware

Google Changes Ciphers in OpenSSL for Chrome on Android

The emergence of mobile platforms such as iOS and Android have presented a number of challenges in terms of security. Not much can be done about some of these, like users leaving their phones in bars. But engineers at Google have been working on one of the thornier ones of late–how to provide solid encryption […]


There is no shortage of bad advice online about crypto–or anything else, for that matter. And the recent mess involving the OpenSSL heartbleed vulnerability has brought out plenty of advice on building, implementing and repairing cryptosystems, but experts say that the fundamental truths about how to do these tasks hasn’t changed much. Cryptosystems are the […]

One of the consequences of the drama around the OpenSSL heartbleed vulnerability is that security experts have begun taking a hard look again at the certificate revocation process and whether it actually protects users or gives them any visibility into the validity of a given certificate. In a lot of cases, the answer is probably no.

A number of ICS products from Siemens and Innominate are vulnerable to the OpenSSL heartbleed flaw, some of which do not have updates available yet. The list of products affected by the heartbleed vulnerability continues to grow by the day, with OpenVPN being one of the latest. A researcher on Friday said that he was […]