A group of Italian researchers conducted an experiment to assess the potential propagation of malware through Bluetooth enable devices. The BlueBag project consists of $750 worth of hardware capable of sniffing Bluetooth pico-networks, tucked inside an unconspicuous piece of luggage that they took to several public places such as an airport, a shopping mall, the university and a technical conference among others.
Luca Carettoni, Claudio Merloni, and Stefano Zanero published their results in the March-April 2007 IEEE Security & Privacy Magazine. In their own words:
…we tried to envision possible future attack scenarios involving targeted malware propagated through Bluetooth-enabled covert attack devices. We demonstrated the existence of a very high risk potential, created by low awareness, ever-increasing functionalities and complexity, and by the feasibility of targeted, covert attacks through Bluetooth-enabled malware.
Bluetooth networks are the most vulnerable when the devices are visible (discoverable mode), therefore keeping your phone in non-discoverable mode would be wise. Putting distance between you and the attacker does not necessarily helps because with custom antennae, sniffing can be successfully implemented over distances of over a mile.
Filed under: Bluetooth, Security, Technology
The Washington Post reports the announcement of Seagate’s new encrypted hard drive.
This product addresses the security problems created by stolen/lost Laptops and the disposal of old computers with hard drives full of sensitive information.
SCOTTS VALLEY, Calif., March 12, 2007 /PRNewswire-FirstCall via COMTEX/ — Seagate Technology (STX) today announced that Momentus(R) 5400 FDE.2, the world’s strongest encrypting 2.5-inch notebook PC hard drive with a comprehensive suite of powerful security capabilities, is shipping to ASI Computer Technologies for secure notebook systems that will feature Wave Systems Corp. (WAVX) security management software to simplify enterprise deployments.
Seagate’s Momentus 5400 FDE.2 (Full Disc Encryption) hard drive features perpendicular recording technology to deliver up to 160GB of capacity, a fast Serial ATA interface, and hardware-based AES encryption, a government-grade security protocol used to encrypt all hard drive information transparently and automatically, preventing unauthorized access to data on lost or stolen laptops. The encrypting hard drive also gives organizations an easy way to repurpose or retire laptops without compromising sensitive information and to comply with the growing number of data privacy laws calling for the protection of consumer information using government-grade encryption.
Filed under: Encryption, Security, in the News
Since the introduction of the original ideas by Wiener and further development by Bennet, Brassard, Salvail, Smolin and others in the 1980’s, Quantum Cryptography has being making steady progress towards practical applications.
Currently some banks and government departments are using Quantum technology based on the transmission of single photons over fiber-optic links to transmit unconditionally secure cryptographic keys. However current technology allows for transmission only over relatively short distances at limited transmission rates.
One of the main drawbacks of quantum encryption is the difficulty of generating and transmitting individual photons without a loss of information because of interactions between photons and the medium.
An article describing Quantum Key Distribution can be found here.
I have compiled a list of companies (not exhaustive) that offer hardware based on different aspects of quantum cryptography. Without any claim of performance and in no particular order they are:
IBM, Hewlett-Packard and NEC also have extensive research projects on quantum cryptography. (NEC have announced delays in the marketing of its products).
There is a tremendous amount of research effort and money being spent on this technology as the prize for a practical technology that allows unconditional secure key generation will be huge.
Filed under: Key Generation, Quantum Cryptography, Technology, in the News
