Privacy

Cryptography is a difficult subject, not least because of it’s mathematical properties. It is also difficult to implement correctly and sometimes we find out that the rules governing it’s usage are lacking behind or not even there to begin with.
Another issue that is of all times, but came to the surface again this year in the Apple vs. FBI court case, is the constant fight between encrypting stuff and law enforcement as well as intelligence agencies wanting backdoors in those systems to be able to access them when necessary.
Today’s instalment touches briefly on all these aspects.

In chronological order:

• How quantum computing could unpick encryption to reveal decades of online secrets
  
• Mozilla wants woeful WoSign certs off the list
  
• Getting To The ‘Just Right’ Level Of Encryption
  
• SSL handshake weakness leaves MacOS, iOS devices open to MitM attacks
  
• Rise of the photon clones: New method could lead to ‘impenetrable’ comms
  
• Privacy-protecting encryption here to stay: documents
  
• Finally! A minimum standard for certificate authorities
  
• DSLR Camera Encryption: Here Are The Pros And Cons For Photojournalists
  
• Strong non-backdoored encryption is vital – but the Feds should totally be able to crack it, say House committees
  

Click here to continue reading

These are the noteworthy stories, in no particular order, that peaked my interest last week.

• NIST requests ideas for crypto that can survive quantum computers
  
• US fails to renegotiate arms control rule for hacking tools
  
• Leaked documents show breadth of iPhone data accessible by Cellebrite forensic tool
  
• EU financial regulators say more rules may be needed for Big Data
  
• Mobile banking trojans adopt ransomware features
  
• Industrial automation makers and utilities facing spear phishing probes, says Kaspersky
  
• LinkedIn’s Lynda Latest to Suffer Data Breach
  
• Almost 800,000 to be notified because more than 100 Los Angeles County employees fell for a phishing attack
  
• INSIDE LEAKEDSOURCE AND ITS DATABASE OF 3 BILLION HACKED ACCOUNTS
  

Click here to find out why

At the end of each calendar year you are bombarded with recaps, the best of last year and predictions for the upcoming year. Here at Shamrock Information Security HQ I decided to join into the tradition with this 12 days of Christmas recaps and prediction series.
And yes this was partially made possible because I stopped the regular “Niner noteworthy” series for a couple of months and had about 100 articles left with interesting topics that will, certainly in some cases, have had their impact, some others have a more lasting impact or even will need to have it’s effect in the coming year.
Click here to continue reading