Cyber Essentials is a UK government scheme that outlines the basic steps that organisations can take to secure their systems. Implementing its five controls effectively will help you prevent about 80% of cyber attacks. In…
Brexit Deal Mandates Old Insecure Crypto Algorithms
In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal mandates the use of SHA-1 and 1024-bit RSA: The open standard s/MIME as extension to de facto e-mail standard SMTP will…
Cellebrite Can Break Signal
Cellebrite announced that it can break Signal. (Note that the company has heavily edited its blog post, but the original — with lots of technical details — was saved by the Wayback Machine.) News article.…
Zodiac Killer Cipher Solved
The SF Chronicle is reporting (more details here), and the FBI is confirming, that a Melbourne mathematician and team has decrypted the 1969 message sent by the Zodiac Killer to the newspaper. There’s no paper…
Indistinguishability Obfuscation
Quanta magazine recently published a breathless article on indistinguishability obfuscation — calling it the “‘crown jewel’ of cryptography” — and saying that it had finally been achieved, based on a recently published paper. I want…
New Report on Police Decryption Capabilities
There is a new report on police decryption capabilities: specifically, mobile device forensic tools (MDFTs). Short summary: it’s not just the FBI that can do it. This report documents the widespread adoption of MDFTs by…
BlackBerry Phone Cracked
Australia is reporting that a BlackBerry device has been cracked after five years: An encrypted BlackBerry device that was cracked five years after it was first seized by police is poised to be the key…
Facebook Announces Messenger Security Features that Don’t Compromise…
Note that this is "announced," so we don't know when it's actually going to be implemented. Facebook today announced new features for Messenger that will alert you when messages appear to come from financial scammers…
Zoom’s Commitment to User Security Depends on Whether…
Zoom was doing so well.... And now we have this: Corporate clients will get access to Zoom's end-to-end encryption service now being developed, but Yuan said free users won't enjoy that level of privacy, which…