Displaying items by tag: RSA

Black Hat 2023, Las Vegas – At Black Hat one of my favorite things to do is see what the latest buzzword(s)/phrases are. One of my favorites from this year was “code to cloud” while others focused on the big shiny object that is AI. Fortunately for me, I usually am afforded a chance to talk with amazing technical resources to allow me to continue my mission to cut through the marketing and get to the meat of the technology or issue. This brings me to my conversation with Denis Mandich, co-founder, and CTO of Qrypt, a quantum security company that has an interesting improvement on current methods to generate and provide access to true quantum random numbers (QRN).

Nothing makes a Friday fun like hearing about a brand new form of Malware. Well that is what we have for you on today. It seems that an RSA researcher was picking around the darker places on the Internet and stumbled upon a new bit of malware that, if real, could be a serious problem in the near future. RSA researcher Eli Marcus is calling the new malware Pandemiya and claims that it is 25,000 lines of previously unused code.

The big news today is that Google is preparing to encrypt their search data. They are planning to automatically encrypt not only the connections, but the information sent back to the user. On the surface this would seem to be a big step towards preventing people like the NSA from finding out what we do on the internet and it would be in line with consumer demands for more protection from spying eyes. The question is, will this move actually do anything or is it all just a feel good PR event.

Corrected 9-26-2013 12:48PM EST to add information from RSA and correct the headline from "RSA Says Not To Use Their Toolkit For Fear it Might Have an NSA Backdoor" to what it currently is.

A couple of weeks ago we reported on a claim that the NSA worked with many security companies and standards groups to help develop encryption algorithms. On the surface this was to help develop stronger and more secure encryption methods to protect US interests and data. However, it turned out that the NSA was actually working to introduce flaws into the system so that they could get back in at a later date. Some of these flaws might have even been exploited by hackers attempting to penetrate systems. We know that in recent years more and more data breaches are happening and the data recovered is often decrypted and sold off. Still until very recently there has not been much to hold up the original claims.

Kim Dotcom is back in the news as he is now claiming ownership of Two Factor Authentication. Although the claim might seem ludicrous to many it seems there is a kernel of truth in them as well. What is interesting is the timing of the claim and how he wants to settle things. Unlike many others that hold patents, Dotcom is not looking to make a bunch of lawyers rich trying to assert his claim. Instead he would like Google, Twitter and others that are using his patented idea to help fund his legal defense in the US.

Google would like you to use two-factor authentication for their Gmail service to help prevent unauthorized access. Using this extra layer of security can protect you and your data, which makes it sound like a good idea. The advice comes after the recent publication of Mat Honan’s tragic and life changing, account hack thee have been many changes to the way that the companies involved do business. While we sympathize with Mat completely we are actually kind of glad that it was someone of note that had this happen. If this had been a regular consumer it is unlikely that Google, Apple, or Amazon would have done anything to fix these issues. In fact most of the issues that allowed this hack to happen have been in place for a very long time.