Nippon Telegraph and Telephone Corporation, Mitsubishi Electric Corporation and the University of Fukui have jointly developed an authenticated encryption algorithm offering robust resistance to multiple misuse.
The term “dox” also spelt “doxx”, and short for “[dropping] documents” first came into vogue as a verb around a decade ago, referring to malicious hackers’ habit of collecting personal and private information, including home addresses and national identity numbers. The data are often released publicly against a person’s wishes. It is a practice frowned upon by users of Reddit, a popular online forum, and many others.
As a pioneering Internet security researcher and a well-known skeptic about achieving truly secure systems, are you optimistic about efforts to build a more secure network? No, I’m not. I see two problems associated with this approach. First, any significant network that is developed will need to accommodate existing (legacy) systems in some manner, and be operated by some of the same people we have now — there is simply too much invested in legacy systems. This will lead to participating organizations continuing to make poor choices about their priorities for security (and privacy). Many security problems come about because of user error, misconfiguration, poor patching, indirect attacks, and a failure to properly prioritize and fund appropriate safeguards — it isn’t only the design of the networks. A new set of network protocols and connections will not address the full range of issues.
A world-spanning network of hijacked home routers has been uncovered by security researchers. The network involves more than 300,000 routers in homes and small businesses that have been taken over through loopholes in their core software. Discovered by researchers at Team Cymru, the network is thought to be one of the biggest involving such devices.
Attackers commonly exploit buggy programs to break into computers. Security-critical bugs pave the way for attackers to install trojans, propagate worms, and use victim computers to send spam and launch denial-of-service attacks. A direct way, therefore, to make computers more secure is to find security-critical bugs before they are exploited by attackers.
A computer virus that can spread via wi-fi like a “common cold” has been created by researchers in Liverpool. In densely populated areas with lots of wi-fi networks, the virus can go from network to network finding weaknesses. Once in control of a wi-fi access point, it leaves computers on the network extremely vulnerable.
A team of French mathematicians and computer scientists has made an important advancement in the field of algorithms for breaking cryptographic codes. In a certain class of problem, the new algorithm is able to efficiently solve the discrete logarithm problem that underlies several important types of modern cryptosystems.”Problem sizes, which did not seem even remotely accessible before, are now computable with reasonable resources,” says Emmanuel Thomé, a researcher at the French Institute for Research in Computer Science and Control INRIA and one of four researchers reporting the advance. However, he notes, the new algorithm poses no immediate threat to most existing cryptosystems, including the RSA-based cryptography used in credit cards and much of e-commerce.
In one of the more bizarre twists in recent Internet memory, much of the Internet traffic in China was redirected to a mysterious company in Cheyenne, Wyo., on Tuesday.A large portion of China’s 500 million Internet users were unable to load websites ending in .com, .net or .org for nearly eight hours in most regions of China, according to Compuware, a Detroit-based technology company.The China Internet Network Information Center, a state-run agency that deals with Internet affairs, said it had traced the problem to the country’s domain name system. And one of China’s biggest antivirus software vendors, Qihoo 360 Technology, said the problems affected roughly three-quarters of the country’s domain name system servers.
The development of a quantum computer has long been a goal of many in the scientific community, with revolutionary implications for fields such as medicine as well as for the NSA’s code-breaking mission. With such technology, all current forms of public key encryption would be broken, including those used on many secure Web sites as well as the type used to protect state secrets.
An interesting article pointed out to me by Zhizhao Qian:
Security researchers have successfully broken one of the most secure encryption algorithms, 4096-bit RSA, by listening – yes, with a microphone — to a computer as it decrypts some encrypted data. The attack is fairly simple and can be carried out with rudimentary hardware. The repercussions for the average computer user are minimal, but if you’re a secret agent, power user, or some other kind of encryption-using miscreant, you may want to reach for the Rammstein when decrypting your data.