• New iOS Forensic Toolkit circumvents iOS 5 security measures

    While Apple gave a minor facelift to the whole security system in iOS5, it made significant changes regarding keychain protection, replacing the encryption algorithm entirely; but criminals thinking they can thus use the latest iPhone and iPad devices to store information may want to think again, as a new information acquisition solution cracks the latest iOS5 security measures

  • Google making search more secure

    Google is enhancing its default search service for signed-in users; over the next few weeks, many users will find themselves redirected to https://www.google.com (note the extra “s”) when they are signed in to their Google account; this change encrypts their search queries and Google’s results page

  • L-3, Virginia Tech in cybersecurity partnership

    L-3 Communicationshas formed a cooperative partnership in cybersecurity research and development with Virginia Tech’s Ted and Karyn Hume Center for National Security and Technology; the company says that this new partnership will enhance L-3’s ability to deliver innovative national security solutions

  • Software restricts access to sensitive to specific locations

    Researchers have created software to remotely put smart phones under lockdown — an innovation that could aid labs doing sensitive research, secure government and military facilities, and keepers of medical records

  • Living bacteria for perfect encryption system

    Researchers have developed fluorescent bacteria that encode secret messages, creating, in effect, a living invisible ink; this method could be harnessed for secret communications as well as for anti-counterfeiting; messages may be encoded by genetically engineering bacteria to produce fluorescent colored proteins, then printing them in a grid

  • AntiSec hacks IRC Federal, posts passwords online

    Last Friday, AntiSec, a prominent hacking group, announced that it had successfully infiltrated the servers of IRC Federal; the company has contracts with several major government agencies including the Department of Justice, the Army, Navy, and NASA; in an announcement on their website, AntiSec wrote, “We laid nuclear waste to their systems, owning their pathetic Windows box, dropping their databases and private emails, and defaced their professional looking website”

  • Are cryptographic systems secure?

    Cryptography is widely used to hide information and applications include cash machines, computer passwords, and Internet communications; a new research project, using a 2 million Euro grant, will examine the various methods to show cryptographic protocols

  • DHS to double cybersecurity staff

    DHS recently announced that it plans to increase its cybersecurity workforce by more than 50 percent so that it can lead government-wide efforts to secure federal networks against cyber attacks as outlined in President Obama’s recently proposed cybersecurity plan; DHS plans to hire 140 additional cybersecurity experts by October 2012 bringing the agency’s total to 400; under the president’s proposed legislation, DHS would act as the lead agency in coordinating cybersecurity measures across the government and would also be responsible for ensuring that private operators of critical infrastructure have adequate security measures in place

  • Hackers crack Nikon's image verification system

    A cyber security firm recently announced that it had successfully hacked Nikon’s image verification system that protects digital photos; ElcomSoft, a cyber security firm, says that its hackers have successfully replicated the electronic signature code from Nikon images allowing it to manipulate photos that still pass authentication tests; Nikon’s Image Authentication System is aimed at verifying digital images to ensure that they have not been tampered with especially when used in forensics, accident reports, or construction documentation; ElcomSoft says that its goal was to raise awareness about the security vulnerability and the company has alerted Nikon to the weaknesses of its system

  • Google joins Apple in privacy furor

    iPhones transmit locations back to Apple, and Apple is not alone in this activity; Google has disclosed that its Android cell phones have been transmitting location data for some time; members of the Congress and Senate have begun to demand answers and explanations

  • Weak passwords get robust protection

    The combination of simple codes and Captchas, which are even more encrypted using a chaotic process, produces effective password protection; the passwords of the future could become more secure and, at the same time, simpler to use; researchers have been inspired by the physics of critical phenomena in their effort significantly to improve password protection; the researchers split a password into two sections; with the first, easy to memorize section they encrypt a Captcha — an image that computer programs per se have difficulty in deciphering; the researchers also make it more difficult for computers, the task of which it is automatically to crack passwords, to read the passwords without authorization; they use images of a simulated physical system, which they additionally make unrecognizable with a chaotic process; these p-Captchas allowed the researchers to achieve a high level of password protection, even though the user need only remember a weak password

  • Firm pushes for open wireless sensor data

    As wireless sensors are becoming increasingly ubiquitous in electrical grids, homes, and businesses, electronic enthusiasts and programmers believe that this data could be used to create a host of new devices with practical uses; making sensor data freely available allows engineers to build software and apps that monitor data in real time for things like local radiation levels, water quality, or even your home’s energy consumption; leading the push for open sensor data is U.K. based Pachube (pronounced “patchbay”) which has developed a network of sensors that collect six million points of data per day; the majority of sensor information is currently encrypted and therefore inaccessible

  • Feds forced to get creative to bypass encryption

    As increasingly sophisticated encryption technology becomes widely available, federal authorities have been forced to find new ways to conduct surveillance against suspected criminals or terrorists; when federal authorities try to gather evidence on suspects, they frequently encounter PGP encrypted documents that they cannot hack into; authorities are experimenting with several methods to bypass encryption including keystroke logging spyware, seizing the computer while it is still on, and forcing an individual to turn over their passwords to federal authorities; the FBI recently floated a proposal that would force Web-based e-mail servers and social networks to build backdoors so that federal authorities could conduct surveillance, but quickly backed down

  • U.K. rethinking cyber security

    U.K. cyber crime could cost more than 27 billion Pounds a year; the estimate of 21 billion Pounds to businesses, 2.2 billion Pounds to government, and 3.1 billion Pounds to citizens may be an under-estimation due to a possible lack of reporting for fear of reputational damage; the hardest-hit sectors being pharmaceuticals, biotech, electronics, IT, and chemicals

  • FBI says it does not demand encryption back doors

    The FBI says that it is not calling for restrictions on encryption without back doors for law enforcement; only last fall the agency said discussions should focus on requiring that communication providers and Web sites have legally mandated procedures to divulge unencrypted data in their possession; the FBI says that because of the rise of Web-based e-mail and social networks, it’s “increasingly unable” to conduct certain types of surveillance that would be possible on cellular and traditional telephones