Steve is ex-SAS, has been on many operations overseas, spent time training guerrillas in Libya, and could without a doubt kill us with any object in the room should our conversation turn ugly.Covert secure communications are important because every time you press the mic on your personal radio you've transmitted a signal that can be picked up by an enemy."You can never have as many close air support above you when you're on the ground, you're risking your life."Now obviously there is a huge compromise when drones do fail or get shot down, because the software within the drone is compromised, so software has to get rerouted, crypto has to get rewritten, which is an issue but in the grand scheme of things it's a small price to pay.If a chap is sat in the Nevada desert in a comfortable surrounding flying a drone, because he's under less pressure, his life isn't at risk, he can make more calculated decisions, he can think before he acts.You can check out the aforementioned video, featuring Steve, below.
Ransomware gang closes down and gives crypto key to ESET, but reasons are unknownThe gang behind the TeslaCrypt ransomware have shut down their criminal operation and have apologised.SurprisingThe surprising development was revealed by ESET in a blog posting, after it said that one of its analysts had contacted the group anonymously, using the official support channel offered to the ransomware victims by the criminals.And shockingly the criminals replied, and announced they were shutting down their operation.Therefore, they should keep operating systems and software updated, use reliable security solutions with multiple layers of protection, and regularly back up all important and valuable data at an offline location such as external storage .Security experts at Sophos speculated on the reasons why the gang would decide to shut up shop, but admitted it was puzzling.In the United States there has been a spate of ransomware attacks on healthcare organisations, which prompted the FBI to appeal to businesses and IT experts for emergency help.
Yuri SamoilovA co-leader on Google's product security team has waved a piece of red meat in front of already frothing privacy advocates by deleting part of a blog post saying he wished the Allo messenger app the company announced Wednesday would provide end-to-end encryption by default.In a blog post published shortly after Wednesday's announcement, Duong said the move would benefit people who want their messages to be processed by an artificial intelligence agent that would offer auto-replies based on the content of the messages.Basically with one touch you can tell Allo that you want to "Always chat in incognito mode going forward," and from that moment on all your messages will be end-to-end encrypted and auto-deleted.In this mode, all messages are further encrypted using the Signal protocol, a state of the art end-to-end chat encryption protocol which ensures that only you and your recipients can read your messages.Here are screenshots showing the precise changes through Microsoft Word's comparison feature.These posts almost always use a disclaimer that the views are personal opinions that don't automatically reflect the official company line.
Locky is a ransomware that has been widely spread lately. Hijacked files and demands for ransom to regain control of your computer. By looking at several different variations of hostages programs Cryptolocker and Crypto Wall says the security expert Weston Hecker have found a way to turn the properties of viruses against themselves. Make sure that the virus adds lot of time to encrypt totally useless files. Self, he bought a cheap SSD with USB connection that said to contain 256 GB, but really only had room for 8th The point is that the hackers will get it a little harder to access corporate files.
I got to go on a one-day workshop with renowned lecturers who work with some of today's most exciting areas of technology: artificial intelligence, quantum computers, blockkedjeteknik, 3d printers, synthetic biology and virtual reality. Here are some examples, which I had with me: Quantum computers, which have been hot for a wider public since Time Magazine put it on the cover of two years ago, is expected to have a breakthrough in the financial sector. There are huge amounts of data and adequate risk-prone capital to invest in an unlimited global computing power, predicted Andrew Fursman, president and founder of 1Qbit, also referring to Google's breakthrough just before Christmas, when sökjätten told of their quantum computer working 100 million times faster than a standard pC. The high-profile block chain technology behind crypto currencies like Bitcoin, is expected to have a major impact far beyond the financial sector. We all need to be inspired and broaden our horizons sometimes. The boss may even choose to hang on.
Malware and keyloggers are better, we think they're sayingWhile the FBI, in the person of James Comey, continues its campaign to persuade the tech sector that mathematics isn't that big a thing and therefore backdoors are feasible, The European Union Agency for Network and Information Security ENISA and Europol have tip-toed around the issue, issuing a joint statement that both opposes and supports breaking encryption.Back in February and speaking for itself alone, ENISA was clear about the dangers of undermining encryption.Stating what's obvious to everybody except the FBI's lobbyist-in-chief, the statement emphasises that criminals can easily circumvent such weakened mechanisms and make use of the existing knowledge on cryptography to develop or buy their own solutions without backdoors or key escrow .Noting that investigations do, after all, go better with access to suspects' communications, ENISA and Europol agree that For the investigation and disruption of crimes, it is important to use all possible and lawfully permitted means to get access to any relevant information, even if the suspect encrypted it .Regulation and bug-sharing seem to be on their mind, although the statement tiptoes around the latter: it would be worthwhile to collect and share best practices to circumvent encryption already in use in some jurisdictions.All of this would seem to be evidence that Europe is moving further away from America in the encryption debate, except that the ENISA/Europol statement indulges in law enforcement bet-hedging right at the end, by which time only the bloody-minded are still reading.
Login credentials - especially to social media sites - are a valuable commodity for black hat hackers.123456linkedinpassword12345678912345678 123456 appears more than a million times 1,135,936 to be precise in the dump, a long way clear of second-placed LinkedIn 207k .By Friday, Kore Logic had recovered 48,520,000 unique passwords from the LinkedIn hash dump.Kore Logic has already recovered the passwords for six in seven 86 per cent of all users in the dump.Twitter co-founder Biz Stone here , Minecraft creator Markus Notch Persson and others have had their profile hijacked by a group called OurMine Team, Vice reports.In related news, black hats have reduced the price of the LinkedIn credential dump which started off retailing at 5 BTC or $2,200 and used media coverage of credentials being exploited in order to push sales.
Unified Threat Management UTM was coined by IDC to describe a product integrating several security features into a single appliance.The company is headquartered in Seattle, with officers across North America, Europe, Asia Pacific and Latin America.There is a basic colour code to simplify the alerts system; green indicates everything is fine, orange a warning and red that something needs immediate attention.There is also a security heartbeat widget which indicates the health status of all endpoints managed within the Sophos Cloud.Systems that may be infected will show up as yellow or red.Cyberoam claims to offer some of the fastest UTM appliances, with up to 5 times the industry average throughputs.
He worked at Apple in the 1990s and rejoined for a couple of years from 2009 to 2011 to help beef up OS X's security chops.He left PGP after it was taken over, but rejoined as a founder of the rebooted company in 2002, where he developed the OpenPGP standard.Sources within Cook & Co tell The Reg that Callas will not be the only security expert being hired by Apple, with several more people currently being courted.The most recent of these concerned the FBI's attempts to force the firm to unlock a phone belonging to one of the San Bernardino domestic terrorists.The FBI backed down, saying it had found a way to get into the phone – although there's still no word on whether or not there was any useful info on it.That's good news for consumers, since both of the leading presidential candidates have said Apple was in the wrong in the San Bernardino case.
DNS requests and responses – part of what many countries regard as metadata that they want collected for law enforcement – should be encrypted to protect users from surveillance.DNSSec – less-loved than IPv6 but probably inevitable – only offers verification that the response you receive is accurate, by cryptographically signing DNS zones.It's now two years since the IETF community decided that pervasive monitoring is an attack, and RFC 7858 is part of that stream of work.By establishing a connection over a well-known port, clients and servers expect and agree to negotiate a TLS session to secure the channel.For now, the main catch is that some firewalls might block the port port 853 in the RFC ; there's a load on clients to work out which servers support TLS and which don't; and both clients and servers need a secure TLS implementation.If it looks like taking off, El Reg reckons it won't be long before law enforcement decides the techs have opened another front in the crypto wars.
Broadly speaking cross-border payments fall into four segments: consumer to consumer payments, which can vary widely from migrants to high net worth individuals; supplier payments, sometimes referred to as wholesale or B2B; business to contractors called payouts; and e-commerce.HybridForzely likened the efficiency switch between crypto or traditional payment rails to a hybrid car, "it's not electric, it's not gas, it's in the middle.Common criticisms of Bitcoin remittances are a lack of liquidity, as well as practical problems in cashing out and exchanging cryptocurrency for fiat.In very liquid markets like pound/dollar or euro/dollar, very tight spreads can be offered, thanks to all those people prepared to make those markets.An expert in this area is Ismail Ahmed CEO and founder of WorldRemit, which offers remittance services from 50 countries.Blockchain Technology Limited BTL , one of the few such companies to be publicly listed, has just tied up a deal to offer XapCash remittance services in stores as well as online.
Spanish police said on Wednesday they had arrested 30 people suspected of illegally distributing pay-TV content and of laundering the proceeds by investing in bitcoin "mining" centers for processing transactions in the digital currency, which use intensive computing power to generate more bitcoins.The arrests took place across Spain, including in the cities of Madrid, Barcelona, Valencia, and Cordoba, the police said, according to Reuters.Six bitcoin "mining" centers were seized in the raid, they added, after an investigation alongside Spain's tax office that started as a crackdown on a scheme to illegally decode and distribute pay-TV content.The proceeds were allegedly laundered through investments in banking products, luxury cars, as well as property and Bitcoin centers.Police said the bitcoin-mining operations had also been fraudulently using vast amounts of electricity to keep their computing systems running.They did not say how much money had been laundered through the bitcoin-mining operation but added they had for now seized 31,320 euros, or $34,903, worth of the currency as well as cash, motorbikes, and luxury cars and a small aircraft.Bitcoin and virtual currencies like it have been put into use to launder money by a number of criminal organizations."Virtual currencies, such as the popular crypto-currency Bitcoin, are quickly evolving economic tools that attract transnational criminal organizations eager to exploit the often unregulated and decentralized virtual currency markets," the US Drug Enforcement Administration reported in its 2015 National Drug Threat Assessment.While the suspects in the Spanish case were laundering money through bitcoin "mining" centers, laundering efforts that use bitcoin to make purchases through legitimate sellers — online retailers, clothing chains, restaurants, and others — have grown more popular as the virtual currency has gained widespread use, the DEA said in its report.Virtual currencies have not replaced cold, hard cash in criminals' wallets, however.Earlier this year, the European Central Bank announced that it would stop making the 500-euro note, in part because of concerns about how the note was being used in illicit transactions.Follow Reuters on Twitter.fines Wells Fargo $70 million over mortgage practicesGoogle self-driving car unit will open engineering center in MichiganFormer Canadian PM Harper to leave politics, reports sayNOW WATCH: Drug cartels are using social media to extort moneyLoading video...
The venerable ICSA Laboratories – these days a subsidiary of Verizon – has added Internet of Things certification to its cyber security certification.Some kind of improvement is therefore welcome.ICSA Labs' announcement is here, and a white paper describing the program is here.The organisation says its IoT security testing targets organisations that will brand and resell devices and sensors; those implementing devices and sensors in their businesses; and manufacturers interested in delivering secure products to their customers .ICSA Labs' testing covers alert/logging, authentication, communications, crypto, physical security, and platform security.ICSA's certification will be competing with the April launch of a similar program by Underwriters' Laboratories, its Cybersecurity Assurance Program.
Bitcoin EUYesterday it was reported that members of the European Parliament voted in favour of creating a cryptocurrency "watchdog" to combat money laundering and terrorist financing.The report which accompanied the task force proposal supports the European Commission's move to include crypto exchanges within AML rules, but importantly, it also clearly states that this technology should not be stifled by regulation at this early stage."You might think here is Europe stepping in to regulate stuff, but actually if you read the report then you will realise that it's highly supportive."The report is saying the EU is not trying to regulate virtual currencies in a day to day sense, but rather to allow the technology to continue to innovate."Because of the perceived anonymity of cryptocurrencies, the much anticipated inclusion of virtual currency exchanges as so-called "obligated entities" under the anti-money laundering directive is expected to happen next month.So does meeting AML obligated entity status mean lots of onerous and expensive compliance systems and controls?
US senators' bill won't make it to the floor of CongressA once thriving bill now out of oxygen ... Photo source: ShutterstockA proposed piece of US legislation that would have required American tech companies to cripple the encryption in their products is dead in the water.The daft bill was championed by Senators Richard Burr R‑NC and Dianne Feinstein D‑CA in February following an increasingly rancorous debate over encryption, and at one point it looked likely to make it into law.Just last month, Senator Ron Wyden said he was planning to filibuster it.But this week, it became clear that the proposed law – which would, essentially, require engineers to make their encryption reversible for investigators – will not make it to the Senate floor.But then came a decision against its use of the 1789 All Writs Act by a New York magistrate, a tech sector that largely rallied behind Apple, and suddenly the FBI was faced with the prospect of losing its universal legal precedent in the form of the All Writs Act – something that it wants intact to be able to use in all sorts of other cases in future.Both the FBI and Apple have agreed that with such a significant issue as access to billions of people's data on the table, a few extreme lawsuits is not the best way to find a workable compromise.
Photo source: ShutterstockBlue Coat has denied it's up to any shenanigans – after the security biz was seemingly given the power to issue crypto certificates that could be used to spy on people.A kerfuffle kicked off this week when it looked as though Blue Coat had been made an intermediate certificate authority, backed by root certificate authority Symantec, in September.BlueCoat now has a CA signed by Symantec's how to untrust it— Filippo Valsorda @FiloSottile May 26, 2016BlueCoat literally uses NSA's mass surveillance quips in their marketing for SSL decrypt.— Kenn White @kennwhite May 27, 2016At times, criticism leveled against the security outfit has proved unfounded.The gong was given after the biz pressured a security researcher into dropping a presentation at the SyScan Conference in Singapore earlier in the year.The coercive tactics sparked calls for a Blue Coat boycott, particularly from Facebook's head of security Alex Stamos.All of this may well be background fuss for the business: Blue Coat is reportedly considering an IPO shortly, during which it will be focused on its reputation among investors rather than its standing among security professionals.
As Apple s battle with the FBI over the San Bernardino shooter s iPhone played out earlier this year, the tech giant vowed to find more ways to secure its devices so that eventually even Apple itself would not be able to access customer data, or help anyone else do it.This month, Apple hired, or rather rehired, Jon Callas, who has a long and storied career in crypto and security.Just as importantly, he worked for Apple in the past to secure its operating system and develop whole disk encryption for Apple computers.After Edward Snowden leaked thousands of NSA documents to reporters in 2013, critics condemned him for going to the media instead of following established protocols for reporting wrongdoing internally at the NSA.In the first incident, the technician operating Clinton s controversial server thought the server was under attack and shut it down for a few minutes, apparently believing this was an adequate response to an intrusion attempt.Instead, they could obtain the data by simply sending a National Security Letter—essentially a self-issued subpoena—to ISPs seeking the data.
Right now, we know nothing, says site manager Mikael Zackrisson. Di Digital / Constance Bitcoinbrytaren KNC Miners four data centers in Boden hums constantly. Here, around 15 employees at the company's computers extracts crypto currency 24 hours a day. He is referring to the date of bitcoinvalutans next half, when the number of devices that can be extracted per day reduces 3600-1800. Comment: "Nonsense Explanations of KNC-bankruptcy" Bitcoinjätten KNC Miner goes bankrupt. Neither the founders or owners provide some sensible answers about the sudden announcement, writes Daniel Goldberg.
Right now, we know nothing, says site manager Mikael Zackrisson. Di Digital / Constance Bitcoinbrytaren KNC Miners four data centers in Boden hums constantly. Here, around 15 employees at the company's computers extracts crypto currency 24 hours a day. He is referring to the date of bitcoinvalutans next half, when the number of devices that can be extracted per day reduces 3600-1800. Comment: "Nonsense Explanations of KNC-bankruptcy" Bitcoinjätten KNC Miner goes bankrupt. Neither the founders or owners provide some sensible answers about the sudden announcement, writes Daniel Goldberg.
For 10 pounds is an extremely rare encryption machine bought at auction site eBay. It was the staff at The National Museum of Computing at Bletchley Park, where the famous crypto lodges cracked German codes during World War II, which saw the ad on Ebay. Now the museum is chasing an engine missing. Lorenz machine is substantially greater than the portable Enigma machine. - Everyone knows the Enigma, but Lorenz machine was used for strategic communications and was much more complicated than the Enigma, says Andy Clark at The National Museum of Computing at the BBC. Get the news you're going to talk about in your Facebook feed - like Metro Sweden