Security Ledger Editor Paul Roberts speaks with Dave Aitel of Immunity Inc. about the controversy swirling around Russian antivirus firm Kaspersky Lab. Also: Bruce Schneier weighs in on the latest salvo in the war over strong encryption. Finally: Josh Corman of the firm PTC talks about recent hearings on Capitol Hill about guidelines for securing connected devices.
Search Results for "encryption"
In Boston, Deputy AG Rosenstein picks up call for Encryption Back Doors
US Deputy Attorney General Rod Rosenstein used a speech in Boston to criticize the technology industry’s use of strong encryption which he called “warrant proof,” even as he said law enforcement had no issue with its use.
Sabotaging Encryption Software – The Perfect Crime?
In-brief: A report from Bruce Schneier and researchers at the Universities of Wisconsin and Washington surveys the (many) ways that cryptographic protections can be weakened or subverted, and calls for research on fool-proof technologies.
Report: Android Shield Adds Invisible Encryption To Mobile Apps
Wired reports on a team from Georgia Tech that has designed software that acts as an overlay on Android smartphones’ communication applications, encrypting communications to and from those apps, while mimicking their user interface. The researchers describe the technology as a “transparent window” over apps that prevents unencrypted messages from leaving the user’s device. “The window acts as a proxy between the user and the app. But the beauty of it is that users feel like they’re interacting with the original app without much, if any, change,” says Wenke Lee, the Georgia Tech professor who led the developers. “Our goal is to make security that’s as easy as air. You just breathe and don’t even think about it.” The researchers call their prototype Mimesis Aegis, or M-Aegis, Latin for “mimicry shield.” They plan to present their research at the Usenix Security conference this week. Read more via Wired: This Android Shield Could […]
Verizon: New Cloud Encryption Service Will Secure IoT Devices
Identity is one of the biggest challenges facing companies that are deploying products for the “Internet of Things,” as well as traditional enterprises that find IoT technologies of all types knocking at the door. The question, in short, is “how do I know that this device is legitimate, and ties back to an identity that I trust with access to my network resources and data? Of course, identity management has always been an aching problem in the enterprise space. The problem with the IoT is scale – given the sheer size of the IoT (30 billion connected devices by 2020), you can add a few “zeros” onto the number of devices that could, potentially, be seeking access to your network at any time. [Related read: Identity Management’s Next Frontier: The Interstate] It makes sense that, in a distributed environment like that, the cloud may be the best place to address […]
