BeautyandBoost.com
4:59pm
Music
‘encryption’ Archives
Wikileaks posts “Insurance” file to website
I thought this stuff only happened in bad movies. The huge file, posted on the Afghan War page at the WikiLeaks site, is 1.4 GB and is encrypted with AES256. The file’s size dwarfs the size of all the other files on the page combined. The file has also been posted on a torrent download site as well. It’s not known what the file contains [...]
Russian spy ring needed some serious IT help
Couldn't the unnecessarily complicated means of communicating easily have been replaced with any number of prolific and untraceable communication methods that have been developed since the cold war? The Russian ring charged this week with spying on the United States faced some of the common security problems that plague many companies -- [...]
Real world results: FBI cannot crack Truecrypt
The FBI failed to break the encryption code of hard drives seized by federal police at the apartment of banker Daniel Dantas, in Rio de Janeiro, during Operation Satyagraha. The operation began in July 2008. According to a report published on Friday (6.25.2010) by the newspaper Folha de S. Paulo, after a year of unsuccessful attempts, the U.S. [...]
A botnet with 6 to 12 million computers, employing the world’s most sophisticated encryption and peer-to-peer communication lies waiting, but for what?
My guess? They're gearing up for the biggest anti-Caltech prank in MIT's history. When the Conficker computer "worm" was unleashed on the world in November 2008, cyber-security experts didn’t know what to make of it. It infiltrated millions of computers around the globe. It constantly checks in with its unknown creators. It uses an encryption [...]
RSA encryption has not been broken
An Engadget article recently got hundreds of upvotes on social sites by claiming that RSA has been broken. Engadget may be great for showing you pictures of electronics, but it is far from a scientific publication. To break an encryption algorithm, you must find a feasible way to produce plaintext given only ciphertext--with NO access to the [...]
Ubisoft’s DRM authentication servers go down… punishing customers but not pirates
You remember Ubisoft's announcement that they were crippling their new games with a DRM system that would kick players out of their games if they couldn't connect continuously to Ubisoft's DRM servers? Now Ubisoft's servers have started to go down. Of course, pirates who break Ubisoft's DRM can still play. Way to correctly align the incentives, [...]
Ubisoft’s notorious “uncrackable” unfair game DRM falls in less than 24 hours
Games maker Ubisoft drew global ire when it announced that all its new titles, starting with Silent Hunter 5 and Assassin's Creed 2, would henceforth be crippled with a DRM that would kick you off the game and wipe out your play if your Internet connection dropped for even a moment. From soldiers on forward-fire bases to people who just don't want [...]
Pirate Bay’s VPN goes public: Ipredator
As governments around the world consider proposals to hand surveillance powers to the entertainment industry and twitchy cops, the Pirate Bay is striking back. Its new €5/month IPRedator service is an encrypted VPN that you can use to hide your traffic (whatever it may contain) from prying eyes. The name comes from Sweden's adoption of IPRED [...]
Crime ring that hit 280 cities’ ATMs at once, gets busted
The global crime ring that hit ATMs in 280 cities worldwide last year simultaneously for $9 million have allegedly been busted. A federal grand jury in Atlanta has indicted eight men in connection with the scheme, including five Estonians, one Russian, one Moldovan and one unidentified man. Prosecutors allege that the men "used sophisticated [...]
SSL Still Mostly Misunderstood
Most users ensure their Web sessions are using Secure Sockets Layer (SSL) before entering their credit card information, but less than half do so when typing their passwords onto a Web page, according to a new survey. Just what SSL does and doesn't do isn't clear to many users, and the way Websites implement it doesn't help: "The biggest issue [...]
AES explained by stick figures
If you've always wondered how AES -- the Advanced Encryption Standard, the gold-standard for crypto -- works, and if you enjoy explanations in stick-figure cartoon form, you are in luck, for Moserware's "A Stick Figure Guide to the Advanced Encryption Standard (AES)" is funny, lucid and fascinating. (more...)
Two convicted for refusal to decrypt data
Two people have been successfully prosecuted for refusing to provide authorities with their encryption keys, resulting in landmark convictions that may have carried jail sentences of up to five years. The government said today it does not know their fate. The power to force people to unscramble their data was granted to authorities in [...]
Chinese hackers break iTunes gift card algorithm
$200 iTunes Gift Certificates are selling for less than $3 in China now that a group of local hackers has circumvented Apple's algorithm for creating the digital vouchers and built their own gift certificate generators. According to Outdustry, a website which describes itself as a music industry consultancy specializing in the Chinese music [...]
Secure file deletion: A single overwrite will do it
The myth that to delete data really securely from a hard disk you have to overwrite it many times, using different patterns, has persisted for decades, despite the fact that even firms specializing in data recovery, openly admit that if a hard disk is overwritten with zeros just once, all of its data is irretrievably lost. Craig Wright, a [...]
Why forced change password policies are ridiculous
Forced password-changing policies lead to two things: More frustrated users locked out of their accounts, leading to more painful support requirements A huge number of unenecrypted text files on local filesystems called "mystupidnewpassword.txt" I study IT Security in the graduate program of UNC Charlotte. For the most part, UNCC is a [...]
sslstrip: hijacking SSL in network
Last week at Black Hat DC, Moxie Marlinspike presented a novel way to hijack SSL. You can read about it in this Forbes article, but we highly recommend you watch the video. sslstrip can rewrite all https links as http, but it goes far beyond that. Using unicode characters that look similar to / and ? it can construct URLs with a valid certificate [...]
Misconceptions About Laptop Encryption May Put Data At Risk
Now that they have encryption capabilities on their laptops, many end users may be overconfident about the safety of the data that resides on them, according to a study published this week. The laptop encryption study, conducted by Ponemon Institute and sponsored by security vendor Absolute Software, found that many workers think the data on [...]
Steganography made simple
As programmers, our code should be readable, not cryptic; but sometimes it’s fun to surprise, obfuscate or conceal. Wikipedia says: Steganography is the art and science of writing hidden messages in such a way that no-one apart from the sender and intended recipient even realizes there is a hidden message. By contrast, cryptography obscures the [...]
New State Laws Could Make Encryption Widespread
New laws that took effect in Nevada on Oct. 1 and will kick in on Jan. 1 in Massachusetts may effectively mandate encryption for companies' hard drives, portable devices, and data transmissions. The laws will be binding on any organization that maintains personal information about residents of the two states. (Washington and Michigan are [...]
