Virtually every modern computer processor was thrown under the bus earlier this year when researchers found a fundamental design weakness in Intel, AMD and ARM chips, making it possible to steal sensitive data from the computer’s memory. The Meltdown and Spectre vulnerabilities — which date back to 1995 — punched holes in the walls that […]
View More MIT researchers say memory splitting breakthrough could prevent another Meltdown or SpectreCategory: encryption
Siilo injects $5.1M to try to transplant WhatsApp use in hospitals
Consumer messaging apps like WhatsApp are not only insanely popular for chatting with friends but have pushed deep into the workplace too, thanks to the speed and convenience they offer. They have even crept into hospitals, as time-strapped doctors reach for a quick and easy way to collaborate over patient cases on the ward. Yet […]
View More Siilo injects $5.1M to try to transplant WhatsApp use in hospitalsWebsite flaw exposed a Canadian ISP’s entire customer database
Canadian internet provider Altima Telecom has fixed a flaw in its website that could have given an attacker full access to its customer database. The customer database was connected to the company’s website, but could be remotely accessed with a blind SQL injection attack. Daley Borda, founder of Underdog Security, found the bug and reported […]
View More Website flaw exposed a Canadian ISP’s entire customer databaseFacebook is weaponizing security to erode privacy
At a Senate hearing this week in which US lawmakers quizzed tech giants on how they should go about drawing up comprehensive Federal consumer privacy protection legislation, Apple’s VP of software technology described privacy as a “core value” for the company. “We want your device to know everything about you but we don’t think we should,” Bud […]
View More Facebook is weaponizing security to erode privacyUS government loses bid to force Facebook to wiretap Messenger calls
US government investigators have lost a case to force Facebook to wiretap calls made over its Messenger app. A joint federal and state law enforcement effort investigating the MS-13 gang had pushed a district court to hold the social networking giant in contempt of court for refusing to permit real-time listening in on voice calls. […]
View More US government loses bid to force Facebook to wiretap Messenger callsFacebook’s ex-CSO, Alex Stamos, defends its decision to inject ads in WhatsApp
Alex Stamos, Facebook’s former chief security officer, who left the company this summer to take up a role in academia, has made a contribution to what’s sometimes couched as a debate about how to monetize (and thus sustain) commercial end-to-end encrypted messaging platforms in order that the privacy benefits they otherwise offer can be as widely […]
View More Facebook’s ex-CSO, Alex Stamos, defends its decision to inject ads in WhatsAppThree years later, Let’s Encrypt now secures 75% of the web
Bon anniversaire, Let’s Encrypt! The free-to-use nonprofit was founded in 2014 in part by the Electronic Frontier Foundation and is backed by Akamai, Google, Facebook, Mozilla and more. Three years ago Friday, it issued its first certificate. Since then, the numbers have exploded. To date, more than 380 million certificates have been issued on 129 million unique […]
View More Three years later, Let’s Encrypt now secures 75% of the webSecurity flaw in ‘nearly all’ modern PCs and Macs exposes encrypted data
Most modern computers, even devices with disk encryption, are vulnerable to a new attack that can steal sensitive data in a matter of minutes, new research says. In new findings published Wednesday, F-Secure said that none of the existing firmware security measures in every laptop it tested “does a good enough job” of preventing data […]
View More Security flaw in ‘nearly all’ modern PCs and Macs exposes encrypted dataProtonMail names one of the attackers behind a major DDoS this summer
End-to-end encrypted email service ProtonMail has named one of the attackers behind a sustained distributed denial of service attack (DDoS) it suffered earlier this summer. The attack took its email service offline for up to several minute long stretches at a time, even with mitigation measures in place. It says the UK’s National Crime Agency […]
View More ProtonMail names one of the attackers behind a major DDoS this summer‘Five Eyes’ governments call on tech giants to build encryption backdoors — or else
A pact of five nation states dedicated to a global “collect it all” surveillance mission has issued a memo calling on their governments to demand tech companies build backdoor access to their users’ encrypted data — or face measures to force companies to comply. The international pact — the US, UK, Canada, Australia and New […]
View More ‘Five Eyes’ governments call on tech giants to build encryption backdoors — or elseApple and Facebook could be asked by Australia to build tools to get around encryption
/https%3A%2F%2Fblueprint-api-production.s3.amazonaws.com%2Fuploads%2Fcard%2Fimage%2F827631%2F7c9e45b0-f849-4047-ba82-feda3e8e6182.jpg)
Like the FBI, Australia has been finding ways to get past encryption, with big tech companies famously not making it easy for authorities.
In response, Australia’s government unveiled draft plans on Tuesday to make companies help intelligence and law enforcement agencies with access to encrypted messages and devices — but without building a backdoor.
In a new bill, the government argued encrypted messaging services and devices are being increasingly used by criminals to carry out activities like terrorism and drug trafficking. Read more…
More about Tech, Australia, Cybersecurity, Encryption, and Tech
Firefox now supports the newest internet security protocol
Last Friday, the Internet Engineering Task Force released the final version of TLS 1.3. This is a major update to TLS 1.2, the security protocol that secures much of the web by, among other things, providing the layer that handles the encryption of every HTTPS connection. The updated spec promises improved security and a bit […]
View More Firefox now supports the newest internet security protocol