Ontario privacy commissioner orders ’strong encryption’ of health records

My prediction is that we are going to see more and more of these privacy commissioner orders as the guys in charge get more serious about not being sued.

Filed under: Cryptography, Encryption, InSecurity, Security, in the News , Encryption, in the News, InSecurity

Dont tell me you didn’t knew

Most people in Canada don’t trust them.

Maybe something I said.

Update:

On the other hand, it is a good tool to reach out to people you otherwise can’t talk to directly

Filed under: Misc., in the News, networks , in the News, InSecurity, Social Networking

The Random Matchmaker : Phone Company’s new by product.

A network glitch(?) that logs AT&T users into other people facebook accounts at random was reported today.

Who knows, in the future many kids could attribute their existence to a programming error. If so should we call it the Destiny_2.0 bug?

del.icio.us Tags: Facebook,authentication,security,networks,wi-fi

Filed under: Authentication, InSecurity, Misc., in the News, networks, wi-fi , Authentication, FaceBook, in the News, networks, wi-fi

The ‘Enigma’ of the broken GSM phones Encryption

Although it has been known for a few years, the weakness of encryption schemes for GSM phones is in the spotlight again. This time thanks to a group of hackers that made the whole business of listening in, easy and cheap.

GSM has been known to be hackable for years, but the problem is not being fixed as proactively as it should.

Could be drawn with the situation of the Enigma machines being sold around the world after WWII?

 

 

del.icio.us Tags: enigma,encryption,security,GSM,hacking

Filed under: Cryptography, ENIGMA, Encryption, Hacking, InSecurity, in the News , Encryption, ENIGMA, GSM, Hacking, in the News, InSecurity

SSL 3.0 / TLS subjected to Man in the Middle Attack

An “Authentication Gap” was discovered in the latest version of SSL/TLS protocol.This could potentially be a huge problem. The gap is not due to some erroneous implementation, it is a property of the protocol.

Here is a list of links to websites where the issue is being followed:

http://www.phonefactor.com/sslgap/

IETF resources

Red Hat

SANS.org

del.icio.us Tags: ssl,authentication,insecurity,security,e-commerce,networks,hacking,tls

Filed under: Authentication, Encryption, Hacking, InSecurity, SSL, Security, Technology, e-commerce, networks , Authentication, e-commerce, Encryption, Hacking, InSecurity, networks, Security, SSL

More reviews for the AMS

I have a few new reviews of papers on cryptography in my updated page. For those interested in the security of NMAC and HMAC or affiliation hiding key exchanges, I recommend reading the reviews. They include links to relevant papers.

del.icio.us Tags: authentication,security,encryption

Filed under: AMS, Authentication, Cryptanalysis, Cryptography, Encryption, Information Theory, Security , Authentication, crypt, Cryptography, Mathematics, Security

Dark Fiber and White Space

Two underused resources, “Dark Fiber” and “White Space” are to be taken advantage of to increase the power of the network.

 

One application seeks to use optic fiber that has being laid but not being used to enable the establishment of secure keys using quantum technology http://www.technologyreview.com/computing/23317/page1/

The other is a wireless network in which the information is carried in the unused interstices of the TV spectrum. http://www.technologyreview.com/communications/23781/

del.icio.us Tags: quantum cryptography,wi-fi,networks,dark fiber,white space,QKD

Filed under: Key Generation, Quantum Cryptography, Technology, in the News, networks, wi-fi , communications, Information Theory, networks, Quantum Cryptography, Technology, wi-fi, wireless

Hackers expose slew of Hotmail acount passwords

Again,

Hackers expose slew of Hotmail acount passwords

Social Engineering and phishing really work.

See what I wrote on Passwords

Filed under: in the News , Cryptanalysis, Hacking, in the News, InSecurity, passwords, Social Networking

Alan Turing

---

He deserved much better

National Post
14 Sep 2009

In the very distant future, the name of Alan Turing (1912-1954) will be among the very few for which the 20th century is remembered, long after most of the politicians, artists and celebrities have receded into confusion and oblivion. His stature is…read more…

Tech Tags: National Post newspaper EDITORIALS

Filed under: Cryptanalysis, Cryptography, ENIGMA, Encryption, Infomation Theory, in the News , Cryptanalysis, Cryptography, ENIGMA, in the News, Information Theory

About the need to protect Biometric Data

An article stating the need to protect biometric data appeared in the IEEE spectrum magazine. Not a lot of new information, a good summary of the threats as biometrics are being used more and more as authenticators.

 

del.icio.us Tags: authentication,biometrics,security,encryption

Filed under: Authentication, Encryption, Security, biometrics, in the News , Authentication, biometrics, Encryption, Security