Researchers at UC Berkeley have developed new attacks that analyze HTTPS traffic and can accurately determine what pages you’ve visited during an encrypted session.
Browsing Tag: Encryption
A panel of some of the biggest names in cryptography said more conservatism and caution in the development and deployment of encryption is warranted.
PUNTA CANA–The golden era of bulk surveillance through the acquisition of phone records and other data from telecommunications companies may already be fading, but the larger threat to privacy and security is just beginning to emerge: the use of legal tools and coercion to get around encryption and other safeguards. One of the main results[...]
Honey Encryption is an encryption tool in the works that fools an attacker with bogus decrypted data that looks like it could be a plausible guess at an encryption key or password.
Twitter has begun enforcing HTTPS connections between applications and its API.
Yahoo has turned on HTTPS by default for its web-based email service, but the deployment is inconsistent across the board and experts are critical of its use of weak standards and the lack of Perfect Forward Secrecy and HSTS.
OpenSSL says hackers took advantage of a weak password used at its hosting provider to gain access to a hypervisor and deface the organization’s website.
Target’s admission that encrypted PIN data was stolen and secured with 3DES encryption has experts concerned because of the age of the algorithm and the availability of stronger options.
Windows Error Reporting crash reports are sent unencrypted to Microsoft and contain a wealth of system and application information that can be exploited not only by hackers but government agencies to fingerprint machines for compromise.
A Turkish hacking group compromised and defaced the website of OpenSSL, an open-source SSL and TLS encryption implementation resource.