JANUARY 18TH, 2010
By MIKE
The A5/1 encryption used to protect GSM phone conversations has long since been broken, actually just last year it was made possible to eavesdrop encrypted GSM in realtime – hence GSM telephony is today to be considered utterly insecure. Scientists have thus begun working on the 3G variant A5/3, and it would appear that a “breakthrough” has been made, not quite allowing for realtime decryption but weakening the cipher quite considerably.
Read the scientific repport here;
http://eprint.iacr.org/2010/013
DECEMBER 7TH, 2009
By MIKE
According to the Danish online newsletter/magazine www.newz.dk (via link) Bitlocker encryption has been broken/cracked, or at least it has become possible to discover the passwords rather quickly using a third party tool Passware Password Recovery – http://www.lostpassword.com/kit-forensic.htm
And sure enough if you visit their website you will find this statement;
“Recovers encryption keys for hard drives protected with BitLocker in minutes New”
Although this indeed sounds very interesting there seem to ba a catch, you need a memory image on which to apply the Passware Password Recovery utility. Read more here
AUGUST 27TH, 2009
By MIKE
So I just received my YubiKey II in the mail yesterday, it’s quite nice not as pretty as the original YubiKey but way more robust.
What is a Yubikey you ask, well that is complicated to explain, but basically it’s a token that will generate one time passwords – you can hence use it to login to websites and services (that of cause need to support the Yubikey), the cool thing here is that with “One time passwords” you do not need to fear that someone steals your password (malware, virus or keylogger) as you get a new password every time you use the key to login..
It’s way cool, and quite easy to implement on your own website or in your own software as there are numerous public API’s available..
The company behind and their description of the key
http://www.yubico.com
http://www.yubico.com/products/description/
Various videos on the Yubikey
http://www.youtube.com/results?search_query=yubikey&search_type=&aq=f
A technical walk through of the Yubikey
Security Now – Episode #143 – 08 May 2008 – 84 min.
http://media.grc.com/sn/sn-143-lq.mp3
Developers look here
http://www.yubico.com/developers/clients/
Update; 2010 January
Coupon/discount code available here;
http://www.ghacks.net/2010/01/12/yubico-usb-key-provides-extra-login-protection-security/
AUGUST 17TH, 2009
By MIKE
Would you like a FREE certificate so you can send signed and encrypted emails?
Well seek no further, here you can get a 100% free certificate so you can start encrypting and signing your mails (note for encrypting your recipients will also need to have a certificate, this is how it is supposed to work)… But you can sign mails right out of the box.
http://www.comodo.com/home/internet-security/free-email-certificate.php
