6. June 2011 16:13
Security concerns are one of the key obstacles to the adoption of new non-volatile main memory (NVMM) technology in next-generation computers, which would improve computer start times and boost memory capacity. But now researchers from North Carolina State University have developed new encryption hardware for use with NVMM to protect personal information and other data.
NVMM technologies, such as phase-change memory, hold great promise to replace conventional dynamic random access memory (DRAM) in the main memory of computers. NVMM would allow computers to start instantly, and can fit more memory into the same amount of space used by existing technologies. However, NVMM poses a se... [More]
6. June 2011 15:47
A new publication from the National Institute of Standards and Technology (NIST) provides guidelines to secure the earliest stages of the computer boot process. Commonly known as the Basic Input/Output System (BIOS), this fundamental system firmware -- computer code built into hardware -- initializes the hardware when you switch on the computer before starting the operating system. BIOS security is a new area of focus for NIST computer security scientists.
"By building security into the firmware, you establish the foundation for a secure system," said Andrew Regenscheid, one of the authors of BIOS Protection Guidelines (NIST Special Publication 800-147). Without appropriate protecti... [More]
6. June 2011 14:57
Magazine articles like to describe cryptography products in terms of algorithms and key length. Algorithms make good sound bites: they can be explained in a few words and they're easy to compare with one another. "128-bit keys mean good security." "Triple-DES means good security." "40-bit keys mean weak security." "2048-bit RSA is better than 1024-bit RSA."
But reality isn't that simple. Longer keys don't always mean more security. Compare the cryptographic algorithm to the lock on your front door. Most door locks have four metal pins, each of which can be in one of ten positions. A key sets the pins in a particular configuration. If the key aligns them all correctly, then the lo... [More]
6. June 2011 14:55
Cryptography proper is the study of methods of encryption and decryption. Cryptanalysis or "codebreaking" is the study of how to break into an encrypted message without possession of the key. Methods of defeating cryptosystems have a long history and an extensive literature. Anyone designing or deploying a cyptosystem must take cryptanalytic results into account.
Cryptology ("the study of secrets", from the Greek) is the more general term encompassing both cryptography and cryptanalysis.
"Crypto" is sometimes used as a short form for any of the above.
Codes versus ciphers
In common usage, the term "code" is often used to mean any method of encryption or meaning-concealment. In c... [More]
6. June 2011 14:52
We will not explain why you need to encrypt portable drive (flash drive, mobile hard drive). It is clear to everyone.
Most users will confuse the two pitfalls - slow down read / write the encrypted media, and the inconvenience of using, because they have to put the software that will encrypt data on each computer to which you connect your portable drive.
A second nuance with the advent of technology BitLocker To Go and the portable version of TrueCrypt was not so critical, but how much will decrease the read / write as a result of encryption is still oppresses many. Let's try to answer this question.
One innovation of Windows Vista was BitLocker Drive Encryption technology, which ... [More]
6. June 2011 14:50
Internet standards expert, CEO of web company iFusion Labs, and blogger John Pozadzides knows a thing or two about password security—and he knows exactly how he'd hack the weak passwords you use all over the internet.
Note: This isn't intended as a guide to hacking *other people's* weak passwords. Instead, the aim is to help you better understand the security of your own passwords and how to bolster that security. We originally published this piece back in March, but in light of our recent security breach, it seemed more applicable than ever.
If you invited me to try and crack your password, you know the one that you use over and over for like every web page you visit, how... [More]
27. May 2011 18:48
Google demonstrated its mobile payment solution for Android – Google Wallet, at press conference in New York yesterday. Using near-field communications to make contactless payments, the system has been tested, and will release “soon” in the U.S. – previous reports claimed September.
The Google Wallet service will launch for Sprint’s Nexus S 4G customers, and will support Citi MasterCard and Google Prepaid Card transactions at MasterCard PayPass outlets. More support across devices, operators, retailers, and payment solutions is being devised and negotiated, however, an inbuilt NFC chip is required – available on only a few phones so far.
With the G... [More]
26. May 2011 18:04
From e-mail to cellular communications, from secure Web access to digital cash, cryptography is an essential part of today's information systems. Cryptography helps provide accountability, fairness, accuracy, and confidentiality. It can prevent fraud in electronic commerce and assure the validity of financial transactions. It can prove your identity or protect your anonymity. It can keep vandals from altering your Web page and prevent industrial competitors from reading your confidential documents. And in the future, as commerce and communications continue to move to computer networks, cryptography will become more and more vital.
But the cryptography now on the market doesn'... [More]
26. May 2011 17:57
WordPress has discontinued support for Internet Explorer 6 in its latest update. The company has explained that it has had to use increasingly complex code trickery to make the Dashboard work in IE6, and has finally decided that enough is enough.
Logging into your Dashboard using IE6 will still be possible, but it will look pretty broken. Furthermore, a red alert box will provide you with a link to upgrade. Other outdated browser will result in an orange alert to let you know you need to upgrade, and will provide links for you to do so. There will also be a link to Browse Happy, a website which lists all the latest versions of each of the five main browsers.
Two months ago, Micros... [More]
24. May 2011 20:00
Encryption, when properly deployed and managed, can enable enterprises to safely cloud-enable applications and control sensitive corporate or personal information in the cloud. A good solution that provides robust separation of duties helps minimize the possibility of a breach. Data can be encrypted in a few different ways in private clouds and Infrastructure as a Service systems. Cloud computing is a priority for enterprises seeking greater agility, operational efficiency and overall cost reduction, but security concerns continue to inhibit its use. Half of all companies not adopting cloud computing cite security as the reason, according to a Forrester Research October 2010 study, ... [More]