encryption
Latest
Apple's HomeKit adds security to routers and streaming cameras
Apple is continuing its privacy-based assault on Google and Facebook. At its WWDC event, the company unveiled HomeKit Secure Video and HomeKit for Routers. Both services are meant to protect the privacy of Apple customers.
Apple, Google and others condemn UK plan to view encrypted chats
Major players within the tech industry have long-opposed the idea of government access to users' messages and chat conversations -- now they're continuing the fight with an open letter to GCHQ (the UK's government communication headquarters) lambasting proposals that could allow officials to eavesdrop on encrypted chats.
Samsung chips promise secure 100W USB-C fast charging
Samsung released two new USB Type-C power delivery (PD) controller chips for power adapters, SE8A and MM101. The chips included built-in security safeguards and are able to communicate with devices that meet USB-PD 3.0 specifications to deliver the optimum power for each device. With up to 100W-charging, they support fast charging on power-hungry products like laptops and tablets, too.
Google stored some business passwords as plain text
Facebook isn't the only big tech company found to be storing passwords in plain text. Google has warned G Suite users that an "error" in a password recovery implementation left some of their passwords unhashed on its internal systems since 2005 until that method was discontinued. Other plain passwords had been temporarily stored since January 2019, Google said. All those systems were encrypted, and there was "no evidence" that someone had misused the info, but it still raised the possibility that an intruder could have direct access to logins if they cracked the encryption.
Ticketmaster fights ticket fraud with 'refreshing' barcodes
Ticketmaster is trying a new way to combat ticket fraud: make the ticket change on its own. It's introducing a SafeTix system that gives ticket buyers a unique, encrypted barcode that refreshes every few seconds. You can't copy the ticket by taking a screenshot or otherwise copying the barcode data. The barcode will continue refreshing if you sell or transfer your ticket -- the recipient just gets a new ticket linked to their account and cellphone.
A ransomware attack is holding Baltimore's networks hostage
A ransomware attack brought Baltimore city government's computers to a halt yesterday. The hackers are reportedly holding the city's files hostage, demanding up to 13 Bitcoins (about $76,280) to free the city's systems. As of this afternoon, the city has quarantined the ransomware, the Baltimore Sun reports. But, in a press conference, the city said it is not sure when all of the systems will be functioning again.
Holographic tech could be key to future quantum computers
A breakthrough in studying light might just be the ticket to the future of quantum computing. Researchers at EPFL have found a way to determine how light behaves beyond the limitations of wavelengths, opening the door to encoding quantum data in a sci-fi style holographic light pattern. The team took advantage of the quantum nature of the interaction between electrons and light to separate beams in terms energy, not space -- that let them use light pulses to encrypt info on the electron wave and map it with a speedy electron microscope.
Facebook only cares about privacy because it has to
When your reputation is as shattered as Facebook's, all you can do is try to change course. And amid an ongoing crisis caused by its continuous disregard for protecting users' data, co-founder and CEO Mark Zuckerberg wrote a 3,000-word manifesto on his "privacy-focused vision" for the company. In it, the embattled Facebook chief detailed how he plans to take the social network into a new era by focusing on "simple, intimate places" where people can have private interactions and enjoy features such as end-to-end encryption. Additionally, Zuckerberg said Facebook will start reducing permanent content and offering better safety and secure data storage, though it's unclear when these changes are going to take place.
Mark Zuckerberg outlines a 'privacy-focused' revamp of Facebook
Facebook doesn't have a sterling reputation for privacy given its numerous data scandals, and Mark Zuckerberg wants to address it. In a reflection of what he said during a recent fiscal results call, the CEO outlined plans to rework more of Facebook's services around a "privacy-focused" approach over the next few years. This includes "simple, intimate" places where no one else can see your data, the use of end-to-end encryption, a reduced amount of permanent content, greater safety and secure data storage. Zuckerberg also vowed more interoperability between apps and networks.
Signal says it can't allow government access to users' chats
Last week, the Australian government passed the country's controversial Access and Assistance Bill 2018 into law, legislation that allows government agencies to demand access to encrypted communications. Companies that don't comply with the new law could face fines of up to AU$10 million ($7.3 million). A number of companies that stand to be affected have spoken out about the legislation, and Signal has now joined in, explaining that it won't be able to fulfill such requests if asked.
Australia's controversial anti-encryption bill passes into law
The Australian government has passed the controversial Access and Assistance Bill 2018 into law. Since it gives authorities the right to demand access to encrypted forms of communication and to slap companies that refuse to cooperate with fines up to $7.3 million, it prompted tech giants like Apple to voice their opposition. Cupertino criticized the vague wording of its current version, pointing out that it gives the government "overly broad powers that could weaken cybersecurity and encryption."
Microsoft's Bitlocker compromised by bad SSD encryption
Bad computer security can sometimes have a cascading effect, as researchers from the Netherlands discovered. They first spotted vulnerabilities in the embedded encryption of several SSD models from Samsung and Crucial that allowed them to access data without a password. Then, to make matters worse, they noticed that Windows 10 Bitlocker defaults to SSD encryption, when available. That means if you happened to have one of those SSDs and used Bitlocker, attackers with access to your PC could easily gain access to your files.
Signal's new 'Sealed Sender' feature makes conversations anonymous
Messaging service Signal is popular with privacy-minded users. It doesn't store any record of your contacts, social graph, conversation list, location, avatar, profile name or group details. Until recently, though, one important piece of data was still visible: who is messaging whom -- kind of like having the sender's address on a physical piece of mail. The latest beta release, however, includes a feature that blocks that, too: "sealed sender."
iFixit confirms you can still repair your own iMac Pro or MacBook Pro
Yesterday MacRumors and Motherboard reported on Apple service documents that indicated anyone replacing key parts on computers equipped with its custom T2 chip would require special diagnostic software to finish the job. While Apple has not commented on the leaks itself, the DIY repair folks at iFixit tested out the possibility by buying a brand-new 2018 MacBook Pro, pulling it apart and replacing the display. Shocker: it still worked, even without the software.
Apple ‘software lock’ prevents repairs on iMac Pro, 2018 MacBook Pros (updated)
In new Apple computers with its custom T2 chip (currently the iMac Pro and MacBook Pro 2018 models) it serves the purpose of "the System Management Controller, image signal processor, audio controller, and SSD controller." That means it can handle the system's secure boot system and on the fly encryption, as well as image processing for the FaceTime camera. While the enhanced security is nice, it has additional implications. According to MacRumors and shown on documents posted by Motherboard, anyone doing significant repair work on these systems will be left with a nonfunctioning system until they run the "Apple Service Toolkit 2" diagnostic software. For the MacBook Pro that includes "display assembly, logic board, top case (the keyboard, touchpad, and internal housing), and Touch ID board," and on the iMac Pro, it's the logic board or SSD.
Facebook reportedly avoided DOJ wiretap of Messenger calls
As part of a case involving members of the MS-13 gang, the US Department of Justice has been pushing to get access to Facebook Messenger voice calls. It even attempted to hold Facebook in contempt of court last month when the company pushed back on a wiretap order. Now, Reuters reports that a US District Court judge ruled in favor of the social media giant, according to sources familiar with the matter, but because the proceedings are sealed, the reason why isn't yet clear.
A popular fetish app stored passwords in plain text
"Pursuant to our records, we have not identified an account associated with [your email address]. In order to enable us to exercise your request to receive access to your personal data, we kindly request the below information (please respond with the below to this email): · The email address you registered with on Whiplr; · Your username on Whiplr; · Your password on Whiplr."
US, UK and others push for mandatory access to encrypted data
Western intelligence allies are presenting a united front in their fight against encryption. The "Five Eyes" countries (US, UK, Australia, Canada and New Zealand) have issued a Statement of Principles indicating that they will push for "lawful access" to private data as often as possible. While the governments acknowledged that encryption was valuable, they argued that encrypted data use "should be rare." They hoped companies would voluntarily offer legal solutions, but vowed "technological, enforcement, legislative or other measures" to force access if the tech industry didn't cooperate.
Skype launches end-to-end encryption for calls and texts
After months of work, Skype's Private Conversations are now a practical reality. Users on Android, iOS and desktop platforms can now switch on end-to-end encryption for both calls and text chats. If your intended recipient accepts your invitation, the technology will better shield your conversations from eavesdroppers hoping to intercept chat traffic or snoop on your device. It'll even hide content in notifications and the chat list to prevent someone from casually glancing at your sensitive discussions.
MIT can secure cloud-based AI without slowing it down
It's rather important to secure cloud-based AI systems, especially when they they use sensitive data like photos or medical records. To date, though, that hasn't been very practical -- encrypting the data can render machine learning systems so slow as to be virtually unusable. MIT thankfully has a solution in the form of GAZELLE, a technology that promises to encrypt convolutional neural networks without a dramatic slowdown. The key was to meld two existing techniques in a way that avoids the usual bottlenecks those methods create.