Encryption

Holding down the Enter key can smash through Linux’s defenses

An attacker can abuse a vulnerability to launch a shell with root privileges on most Linux machines… just by holding down the ‘Enter’ key for 70 seconds.

David Bisson reports.


1 min read

Encrypted email service ProtonMail says new users up 100% since Trump victory

Whether you’re pleased or not that Donald Trump has won the keys to the White House, you might still have problems with government mass surveillance.


1 min read

tripwire.com

iOS 10.2 will make your local iPhone backup much much harder to crack

In late September, when Apple released iOS 10, it also took a dramatic step back in at least one aspect of iPhone and iPad security.

Now it’s trying to make things 1000 times better.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Researchers exploit unencrypted radio to hack wireless mice, keyboards

Researchers have demonstrated that an attacker can hack unencrypted radio communication to seize control of many leading wireless keyboards and mice.

David Bisson reports.


1 min read

Conspiracy or cockup? Google hid ProtonMail’s encrypted email service from search results

Did Google deliberately downrank encrypted email service ProtonMail in its search results?

The jury is out…


1 min read

‘Cyber terrorist’ trades cufflinks for handcuffs

Would the fact that you have an operating system installed on your USB cufflink prove that you’re up to no good, or just a bit of a geek?


2 min read

How to find your lost or stolen laptop

What you should do *before* your computer or laptop is lost or stolen, and what you should do after!

David Bisson reports.


2 min read

This is how little Signal knows about its privacy-loving users

Signal got hit by a US government subpoena, demanding the encrypted messaging app cough up any information they had on accounts associated with two phone numbers…

And it turned into a victory for those who believe in online privacy.


1 min read

Finally everyone can encrypt their Facebook conversations. Here’s how

Facebook has finally finished rolling out “Secret Conversations” to its billion-or-so users, making it the biggest end-to-end encrypted messaging network on the internet. But it hasn’t turned it on by default.

Read more in my article on the Bitdefender blog.


0 sec read

Upgrading to iOS 10 may have made your backups a lot faster to crack

Password cracking a local iTunes backup is now 2,500 faster than with iOS 9, claims Russian firm.


1 min read

Who on earth would want to use Google’s Allo chat app?

Google makes a u-turn on privacy with its new chat app, Allo.


1 min read

Unencrypted website? Expect to start being shamed by Google Chrome from January

Too many websites are being lax with the security of your passwords and credit card information, and Google says enough is enough.

Read more in my article on the Hot for Security blog.


0 sec read

Someone seems to be trying to spy on VeraCrypt’s security audit

At the start of this month OSTIF (the Open Source Technology Improvement Fund) announced that it had agreed a plan to get the open source disk encryption tool VeraCrypt independently audited. The audit, which would look for security holes and weaknesses in VeraCrypt’s code, would be done in co-ordination with vulnerability researchers from QuarksLab. So


46 sec read

Almost all cars sold by VW Group since 1995 at risk from unlock hack

Wired writes: Later this week at the Usenix security conference in Austin, a team of researchers from the University of Birmingham and the German engineering firm Kasper & Oswald plan to reveal two distinct vulnerabilities they say affect the keyless entry systems of an estimated nearly 100 million cars. One of the attacks would allow


1 min read

Microsoft rushes to fix issue that unlocks devices protected by Secure Boot

Microsoft is scrambling to fix an issue that unlocks Windows tablets, phones, and other devices protected by Secure Boot.

David Bisson reports.


1 min read

Cat-themed mobile ransomware steals SMS messages, encrypts files

What’s up pussycat? Well, Android ransomware actually…

David Bisson reports.


1 min read