Benjamin Jun of Cryptography Research talks about anti-counterfeiting measures in embedded technology at RSA 2009. In this segment Jun talks about the dangers of criminal hackers abusing diabetes monitors.
Browsing Category: Cryptography
From Information Week (George Hulme)
The Cloud Security Alliance (CSA) made its inaugural splash at last week’s RSA Security Conference 2009 in San Francisco. The group kicked off an ambitious white paper [cloudsecurityalliance.org] that attempts to define everything from the architecture of cloud services to the impact of cloud services on litigation and encryption. It was a herculean effort to try to get this off the ground. And there is still much more work to do — especially in the one area the group left out. Read the full story [informationweek.com]
Mozilla’s “human shield” Johnathan Nightingale talks with Threatpost’s Robert Vamosi about secure software practices at RSA 2009.
Last week, after I dropped clues that the cover of this year’s Verizon Data Breach Investigations Report contained a cryptographic challenge, several readers immediately jumped on the challenge.
In this blog post, Veracode’s Chris Eng provides a fun walk-through of how he decoded the pattern of 1s and 0s on the report’s cover and used a combination of Google searches and hidden clues to solve the puzzle.
By George V. Hulme
Not so surprising, the state elders of cryptography had a few things to say about the security of cloud computing — but with little agreement.
Whitfield Diffie, chief security officer at Sun Microsystems, kicked off the cloud security discussion, stating that while securing the cloud computing model will have its challenges, they’ll be overcome in due time, and that ultimately cloud computing will become as pervasive as, well, clouds. “Cloud computing will come to where no real program and data will be ran on the computers of the company that is using the program,” he says.
Psst! Psst! Ryan here. Did you notice that all the text on the cover of Verizon’s 2009 data breach report [pdf] is selectable? A little birdie tells me that’s no coincidence. Encrypted message, etc.
Even better, the report contains some obvious clues to decrypt. And something about cash prizes for those who figure it out. If you hear/know more, hit me up on Twitter. From the birdie’s beak to your ear…
By Andrew Storms
According to a this news article [computerworld.com] and a statement by Heartland [2008breach.com], competitors of the now PCI-delisted payment processor are using the breach as means to lure their customers. Competitors are apparently suggesting that doing business with Heartland will result in fines from Visa. That part is not true. Visa has publicly stated that no fines will be levied against Heartland’s customers.
However, would you continue to trust Heartland, its auditor and the PCI compliance standard to do their jobs in protecting your information?
In response to published reports [outdustry.com] about a hacking attack [appletell.com] against the iTunes gift card system, security researcher Joe Stewart has gone digging for answers and comes up with an eyebrow-raising theory.
More than two years after Symantec pulled the plug on L0phtCrack, the venerable password cracking tool is being prepped for a return to the spotlight.
The original creators of L0phtCrack has reacquired the tool with plans to release a new version at next week’s SOURCE Boston conference.
The Register is reporting on a new study by Cambridge security researchers that show that card readers for online banking are inherently insecure.