-
Russia’s used “active measures” in 2016 U.S. election, and will do more in future, experts tell lawmakers
The Senate Select Committee on Intelligence on Wednesday launched its investigation into Russian interference in the 2016 U.S. election. Expert witnesses told the senators that decades of Russian covert attempts to undermine confidence in Western institutions will only accelerate in the future unless the United States confronts Russia’s “active measures.” Since 2009, Russia has built a vast information warfare infrastructure, which now involves at least 15,000 operatives worldwide writing and spreading false news stories and conspiracy theories online. Russia created fake social media accounts by mimicking profiles of voters in key election states and precincts in the 2016 election, and used a mix of bots and real people to push propaganda from state-controlled media outlets like Russia Today (RT) and Sputnik. The FSB and the GRU, the two Russian intelligence agencies, created nearly 1,200 websites (“trolls”) which disseminated the fake news to help the Trump campaign. One experts told the senators that the material published by Wikileaks and Guccifer 2.0 “is probably under 1 percent of what we’d attribute to the Russian government stealing,” and that Russia will use the rest of the material to try and blackmail American politicians in the future.
-
-
Encryption requirements to change P25 CAP approved equipment list
On Monday announced a change in the Project 25 Compliance Assessment Program (P25 CAP) listing of grant-eligible radio equipment for first responders. In order to be fully compliant with all P25 CAP requirements, radio equipment that requires encryption must use Advanced Encryption Standard (AES) 256. Equipment that uses proprietary or other non-standard encryption capabilities without also providing the standard encryption (AES 256) capability does not meet the requirement specified in the Project 25 Compliance Assessment Program Encryption Requirements Compliance Assessment Bulletin (CAB).
-
-
How WhatsApp encryption works – and why there shouldn’t be a backdoor
A battle between national security and privacy is brewing. Governments and secret services are asking encrypted messaging services such as WhatsApp to allow them access to users’ data, arguing that access to messages will allow authorities to thwart future terror attacks. Ultimately, though, if someone thinks that removing WhatsApp encryption would be the solution to the problem of terrorism or crime, then they don’t understand the actual problem. Even if you were to remove the end-to-end encryption from WhatsApp, criminals could create their own, similar, software that would allow them to communicate securely, while ordinary users would lose the ability to send genuinely private messages.
-
-
Global entities come shopping for Israeli cybersecurity
As computer devices and Internet of Things (IoT) connectivity continue to break new boundaries and create changes to our lifestyle, new cybersecurity technologies to defend our tech-savvy lives are crucial. “We’re still at the beginning for the cyber arena. We still need the security solution for smart homes, we still don’t have security solutions for autonomous cars, or for connected medical devices or MRI machines, or for connected kitchen appliances. Every technology that will be introduced to our lives in the coming years will need a cyber solution,” says one expert.
-
-
“Anonymized” Web browsing history may not be anonymous after all
Raising further questions about privacy on the internet, researchers have released a study showing that a specific person’s online behavior can be identified by linking anonymous Web browsing histories with social media profiles. The new research shows that anyone with access to browsing histories — a great number of companies and organizations —can identify many users by analyzing public information from social media accounts.
-
-
Creating safer, less vulnerable software
We can create software with 100 times fewer vulnerabilities than we do today, according to computer scientists at the National Institute of Standards and Technology (NIST). To get there, they recommend that coders adopt the approaches they have compiled in a new publication.
-
-
Ben-Gurion University, PayPal join forces in cybersecurity research
Ben-Gurion University of the Negev (BGU) and PayPal announced a new partnership this morning in order to conduct joint research and development in the fields of big data, machine learning and cyber security. It is the first such collaboration between PayPal and an Israeli university. PayPal’s involvement in big-data and machine learning technology has been supported by its significant R&D activity in Israel, starting with the acquisition of Fraud Sciences in 2008 and the establishment of a global risk and data sciences R&D center in Tel-Aviv.
-
-
U.K. police charges man with terrorism over researching, using encryption
Samata Ullah, a 33-year old Briton, earlier this month was charged in a London court with six counts of terrorism, one of which related to researching and using encryption. Privacy advocates say that a controversial statute under British law criminalizes, in the name of combatting terrorism, actions which, on their own, are perfectly legal.
-
-
China’s quantum satellite could make data breaches a thing of the past
China recently launched a satellite into orbit with a unique feature: it has the ability to send information securely, not with mathematical encryption but by using the fundamental laws of physics. China will be the first country to achieve this feat, and it marks a milestone in the development of quantum technologies. The next revolution in technology promises to embrace fundamental laws of physics to enable devices to perform operations that are beyond the bounds of current electronics. For practical quantum communications we need devices integrated into our computers and smartphones that exchange data in a similar way to the quantum satellite. These devices are thankfully just around the corner. In a few years we may look back on digital eavesdropping and massive information breaches from databases as a problem buried in the past.
-
-
“Security fatigue” may cause computer users to feel hopeless and act recklessly
After updating your password for the umpteenth time, have you resorted to using one you know you’ll remember because you’ve used it before? Have you ever given up on an online purchase because you just didn’t feel like creating a new account? If you have done any of those things, it might be the result of “security fatigue.” It exposes online users to risk and costs businesses money in lost customers.
-
-
NIST patented single-photon detector for potential encryption, sensing apps
Individual photons of light now can be detected far more efficiently using a device patented by a team including NIST, whose scientists have overcome longstanding limitations with one of the most commonly used type of single-photon detectors. Their invention could allow higher rates of transmission of encrypted electronic information and improved detection of greenhouse gases in the atmosphere.
-
-
New encryption method improves privacy protection
VTT Technical Research Center of Finland has developed a new kind of encryption method for improving the privacy protection of consumers to enable safer, more reliable, and easier-to-use user authentication than current systems allow. The method combines safety, usability, and privacy protection — until now, implementing all three at the same time has been a challenge.
-
-
Secure passwords can be sent through the human body, instead of air
Sending a password or secret code over airborne radio waves like WiFi or Bluetooth means anyone can eavesdrop, making those transmissions vulnerable to hackers who can attempt to break the encrypted code. Now, computer scientists and electrical engineers have devised a way to send secure passwords through the human body — using benign, low-frequency transmissions generated by fingerprint sensors and touchpads on consumer devices.
-
-
New chip to bring highest level of encryption to mobile devices
Random number generators are crucial to the encryption that protects our privacy and security when engaging in digital transactions such as buying products online or withdrawing cash from an ATM. For the first time, engineers have developed a fast random number generator based on a quantum mechanical process that could deliver the world’s most secure encryption keys in a package tiny enough to use in a mobile device.
-
-
Unbreakable encrypted messages a step closer
Until now, unbreakable encrypted messages were transmitted via a system envisioned by American mathematician Claude Shannon, considered the “father of information theory.” Shannon combined his knowledge of algebra and electrical circuitry to come up with a binary system of transmitting messages that are secure, under three conditions: the key is random, used only once, and is at least as long as the message itself. Researchers have now moved beyond the theoretical in demonstrating that an unbreakable encrypted message can be sent with a key that is far shorter than the message — the first time that has ever been done.
-