Browsing Tag: Privacy

SAN FRANCISCO–A panel of cloud providers and enterprise security professionals said that in order to make enterprise security teams feel more comfortable giving up their data, cloud providers need to be more transparent and open about the security measures and processes they have in place to protect that data. Those assurances , they said, need to go beyond the current point-in-time assessments and move to more meaningful continuous monitoring processes.

Read more...

Two researchers have developed a new attack on TLS 1.0/SSL 3.0 that enables them to decrypt client requests on the fly and hijack supposedly confidential sessions with sensitive sites such as online banking, e-commerce and payment sites. The attack breaks the confidentiality model of the protocol and is the first known exploitation of a long-known flaw in TLS, potentially affecting the security of transactions on millions of sites.

Read more...

Spam has been a scourge on the Internet for more than 15 years now, and many plans and technologies have emerged to try and fight it. Some have worked well, others have failed miserably. In this video, MIchael Kaplan presents a proposal for authenticating every mail transfer agent on the Web as a way of identifying all spam messages.

Read more...

A Dutch agency that regulates the actions of telecommunications providers has revoked DigiNotar’s ability to issue certificates for digital signatures. The agency said that because of the way that DigiNotar behaved during the attack on its certificate authority infrastructure, the company no longer has the authority to issued so-called qualified certificates.

Read more...

Within days of the attacks on Sept. 11, 2001, politicians, social scientists and anyone else who could find a microphone was repeating a line that would soon become a mantra: Americans will have to make some sacrifices in the name of greater security and safety. Viewed now through the prism of privacy, that looks like the understatement of the century. Americans have surrendered virtually all of their privacy and have gotten nothing but wave after wave of new attacks and threats in return.

Read more...

Apple has finally released a fix for the certificate trust issue caused by the attack on DigiNotar, more than a week after the fraudulent certificates were identified and other browser vendors moved to revoke trust in them. However, the company did not update the mobile version of Safari to remove the certificates in iOS.

Read more...