In-brief: Carnegie Mellon’s CERT issued a warning that many certificate authorities continue to issue domain certificates with no more proof than the right e-mail address. Updated to include comment from GlobalSign. Paul 3/27/2015
Tag: encryption
Symantec: Common Security Ailments In Smart Home Technology
In-brief: A Symantec survey of smart home products found a raft of common security mistakes, from weak (or missing) authentication to exploitable software vulnerabilities.
Android SDK Flaw Could Enable Dropbox Data Theft
In-brief: IBM researchers say they discovered a flaw in an SDK from the cloud storage firm Dropbox that could result in Android users accidentally sending their data to a Dropbox account controlled by a malicious actor.
Bitcoin Blockchain: A New Foundation for Online Trust?| NYTimes
The New York Times has a really interesting story on the rise of Bitcoin’s “blockchain” technology as the foundation of a whole new wave of start-ups and applications – some of which could have big implications for Internet of Things. From the article: “As Bitcoin’s price has declined over the last year, critics have been quick to declare the virtual currency dead. Bitcoin’s true value, though, might be not in the currency itself but in the engine that makes it possible. Underlying Bitcoin — created as a way to make payments directly, anonymously and outside government control — is the block chain, a decentralized database that is driven by cryptography.” While the future of Bitcoin as a form of digital “cash” is uncertain, block chain is turning out to be a very useful technology for a variety of purposes – from streamlining financial transactions online to vouching for the authenticity of […]
Sabotaging Encryption Software – The Perfect Crime?
In-brief: A report from Bruce Schneier and researchers at the Universities of Wisconsin and Washington surveys the (many) ways that cryptographic protections can be weakened or subverted, and calls for research on fool-proof technologies.
