February 2015 – Page 2 – SSL and internet security news

NSA/GCHQ Hacks SIM Card Database and Steals Billions of Keys

February 20, 2015 infossl

cellphones, databases, eavesdropping, edwardsnowden, gchq, hacking, nsa, phones, privacy, Security technology, simcards, surveillance

The Intercept has an extraordinary story: the NSA and/or GCHQ hacked into the Dutch SIM card manufacturer Gemalto, stealing the encryption keys for billions of cell phones. People are still trying to figure out exactly what this means, but it seems to mean that the intelligence agencies have access to both voice and data from … Read More “NSA/GCHQ Hacks SIM Card Database and Steals Billions of Keys” »

Database of Ten Million Passwords

February 19, 2015 infossl

databases, hacking, passwords, Security technology

Earlier this month, Mark Burnett released a database of ten million usernames and passwords. He collected this data from already-public dumps from hackers who had stolen the information; hopefully everyone affected has changed their passwords by now. News articles. Powered by WPeMatico

The Obsolescence of Submarines

February 19, 2015 infossl

concealment, costbenefitanalysis, defense, nationalsecuritypolicy, Security technology

Interesting article on the submarine arms race between remaining hidden and detection. It seems that it is much more expensive for a submarine to hide than it is to detect it. And this changing balance will affect the long-term viability of submarines. Powered by WPeMatico

IRS Encourages Poor Cryptography

February 18, 2015 infossl

aes, cryptography, encryption, irs, Security technology

I’m not sure what to make of this, or even what it means. The IRS has a standard called IDES: International Data Exchange Service: “The International Data Exchange Service (IDES) is an electronic delivery point where Financial Institutions (FI) and Host Country Tax Authorities (HCTA) can transmit and exchange FATCA data with the United States.” … Read More “IRS Encourages Poor Cryptography” »

The Equation Group's Sophisticated Hacking and Exploitation Tools

February 17, 2015 infossl

edwardsnowden, exploits, hacking, implants, kaspersky, nsa, Security technology, vulnerabilities

This week, Kaspersky Labs published detailed information on what it calls the Equation Group — almost certainly the NSA — and its abilities to embed spyware deep inside computers, gaining pretty much total control of those computers while maintaining persistence in the face of reboots, operating system reinstalls, and commercial anti-virus products. The details are … Read More “The Equation Group's Sophisticated Hacking and Exploitation Tools” »

Co3 Systems Changes Its Name to Resilient Systems

February 17, 2015 infossl

co3systems, resilientsystems, Security technology

Today my company, Co3 Systems, is changing its name to Resilient Systems. The new name better reflects who we are and what we do. Plus, the old name was kind of dumb. I have long liked the term “resilience.” If you look around, you’ll see it a lot. It’s used in human psychology, in organizational … Read More “Co3 Systems Changes Its Name to Resilient Systems” »

Ford Proud that "Mustang" Is a Common Password

February 16, 2015 infossl

cars, computersecurity, passwords, Security technology

This is what happens when a PR person gets hold of information he really doesn’t understand. “Mustang” is the 16th most common password on the Internet according to a recent study by SplashData, besting both “superman” in 21st place and “batman” in 24th Mustang is the only car to appear in the top 25 most … Read More “Ford Proud that "Mustang" Is a Common Password” »

New Book: Data and Goliath

February 15, 2015 infossl

books, dataandgoliath, schneiernews, Security technology

After a year of talking about it, my new book is finally published. This is the copy from the inside front flap: You are under surveillance right now. Your cell phone provider tracks your location and knows who’s with you. Your online and in-store purchasing patterns are recorded, and reveal if you’re unemployed, sick, or … Read More “New Book: Data and Goliath” »

Friday Squid Blogging: Tentacle Utensils

February 13, 2015 infossl

Security technology, squid

Neat. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico

Cryptography for Kids

February 13, 2015 infossl

children, cryptography, encryption, Security technology

Interesting National Science Foundation award: In the proposed “CryptoClub” afterschool program, middle-grade students will explore cryptography while applying mathematics to make and break secret codes. The playfulness and mystery of the subject will be engaging to students, and the afterschool environment will allow them to learn at their own pace. Some activities will involve moving … Read More “Cryptography for Kids” »