Cryptography

Like the old adage that ‘he who rides a tiger is afraid to dismount,’ enterprises today are bounding along on the back of a particularly large and fearsome tiger. It’s called “consumer technology” and its shape is outlined by the myriad of devices and services that modern information workers are bringing to work and using – or want to use – to get their jobs done.

There’s a new version of the venerable GpCode ransomware attack making the rounds right now, demanding payments of $120 in order to decrypt files on infected PCs. This version, which has been active for several days now, is different from previous variants in that it overwrites the original files, preventing recovery of the data.

China has long used the Internet’s Domain Name Service (DNS) to censor Web sites and information that the ruling Communist Party deems threatening. But now security experts warn that the government’s censorship is in danger of spilling over China’s borders: suppressing the ability of those living outside of China to find information online.

A German security researcher who used a new kind of hosted offering on Amazon’s EC2 to decipher password data encrypted using the SHA1 algorithm said that cloud computing is likely to upset long held assumptions about security: putting the tools required to crack encrypted passwords and data into the hands of the masses.

Some Apple Mac users who rushed to upgrade their systems with the company’s latest security patch were left to scramble for help after a conflict with disk encryption software from PGP rendered the upgraded Macs un-bootable. Reports of users who were unable to boot their Macs after upgrading their Mac OS X systems to the 10.6.5 version began appearing in PGP support forums on Wednesday.

Three weeks after researchers unveiled a plugin that allows Firefox Web browser users to snoop on the Webmail and social networking sessions of those around them, Microsoft has announced an option that will allow users of its Hotmail Web e-mail program to browse securely. 

With more than 600,000 copies of the FireSheep browser plug-in downloaded in a matter of weeks, Web security firm zScaler have released a new Firefox plug-in, BlackSheep, in hopes of combating attempts by those using FireSheep to try to hijack their Web session.