Q&A: The troubling implications of normalizing encryption backdoors — for government use

The Last Watchdog

Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? The disturbing thing is that in North America and Europe more and more arguments are being raised in support of creating and maintaining encryption backdoors for government use. Here are excerpts edited for clarity and space: LW: What’s wrong with granting governments the ability to break encryption?

Attacking encrypted USB keys the hard(ware) way

Elie

Ever wondered if your new shiny AES hardware-encrypted USB device really encrypts your data - or is just a fluke? If you have, come to our talk to find out if those products live up to the hype and hear about the results of the audit we conducted on multiples USB keys and hard drives that claim to securely encrypt data. We will demonstrate how this methodology works in practice via a set of case-studies.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

SamSam Ransomware operators earned more than US$5.9 Million since late 2015

Security Affairs

The security experts from Sophos have published a report on the multimillion-dollar black market business for crooks, they analyzed the SamSam ransomware case as a case study.

What Should Be The Core Competencies For Cybersecurity For C-Suite

Cyber Info Veritas

A ransomware attack is a form of cyber attack that involves targeting a computer’s operating system by encrypting data into it and then demanding ransom payments in form of cryptocurrency. In my experience, it is also important to remember that C-suite executives respond well to case studies.

EUROPE: New privacy rules for connected vehicles in Europe?

DLA Piper Privacy Matters

These draft guidelines highlight the data protection risks related to such applications, with general recommendations regarding the processing of personal data in relation to the non-professional use of connected vehicles and present some use cases. While it may not always be possible to resort to local data processing for every use-case, “hybrid processing” can often be put in place. The draft guidelines conclude with some case studies.

THE MOTIVATION AND DESIGN BEHIND AUTOGENERATED CHALLENGES

ForAllSecure

CASE STUDY: VARIABLE LENGTH BUFFERS AND CANARIES. In this case, we are leveraging the implicit fields of our deployment to include the location of the local binary on our challenge server. The picoCTF framework goes above and beyond to provide some generic challenge templates , in our case CompiledBinary , to promote code reuse. In the case of Pwn1 , we include a random 4 digit canary string and a random buffer length between 32 and 64.