Discussion

The downside of anonymity and privacy

We’ve written numerous posts that emphasise the importance of being able to maintain our privacy on the Internet, particularly when it comes to government attempts to mandate “backdoors” into encryption products.

But in recent weeks we’ve seen one of the negative consequences of Internet anonymity. Hundreds of hoax bomb threats have made to schools around the world, including […]

By |February 4th, 2016|Blogs, Discussion|Comments Off on The downside of anonymity and privacy

France says no to encryption backdoors

France has joined the Netherlands in rejecting mandatory encryption backdoors in software products. We recently examined the UK’s draft “snoopers charter” that includes this as a requirement.

The French digital affairs minister, Axelle Lemaire, has sensibly pointed out the harm that result from such a policy, and has rejected an amendment to a new law that would require encryption backdoors.

We’ve […]

By |January 25th, 2016|Blogs, Discussion|Comments Off on France says no to encryption backdoors

edtFTPj/PRO adds TLS 1.2

We’ve just released edtFTPj/PRO 5.0, adding support for TLS 1.2.

At the start of the new year, it’s interesting to look back over the release history of edtFTPj/PRO. Amazingly, it’s been over 12 years since 1.0 was released with basic support for FTPS! And it was based on the open source Java FTP client, edtFTPj/Free, which was released […]

By |January 18th, 2016|Announcements, Blogs, Discussion|Comments Off on edtFTPj/PRO adds TLS 1.2

Windows 10 and disk encryption

Hard disk encryption prevents access to your confidential files if your PC or laptop is stolen.  Without disk encryption, retrieving your files from a stolen machine is trivial – your Windows password is of no value whatsoever in preventing data from being copied. Hard disk encryption renders this impossible – there is nothing that can be done […]

By |January 12th, 2016|Blogs, Discussion|Comments Off on Windows 10 and disk encryption

Former NSA officials back strong encryption

Some former NSA and CIA officials have recently made some good points about why use of strong encryption should not be curtailed or crippled.

They point out that companies desperately need strong encryption to secure themselves against espionage and hacking – and, as we’ve discussed previously, that government-mandated “back doors” will inevitably be discovered and used by […]

By |December 22nd, 2015|Blogs, Discussion|Comments Off on Former NSA officials back strong encryption

The UK’s draft Investigatory Powers Bill Part 2

We looked at the UK’s draft Investigatory Powers Bill recently, looking at the complex issue of secret government-mandated “back doors” into encryption software.

But this isn’t the only problem with the bill, as pointed out in technical evidence supplied by the head of the UK ISP Andrews & Arnold, Adrian Kennard.

Apart from the obvious privacy issues, one of […]

By |December 15th, 2015|Discussion|Comments Off on The UK’s draft Investigatory Powers Bill Part 2

VTech update

We recently posted about the VTech hack, in which millions of user account details were stolen from the Chinese toymaker. We noted that account passwords were hashed using MD5, making it easy to retrieve passwords.

The BBC has just posted an article giving further details, confirming that a weak hashing algorithm was used, and giving […]

By |December 8th, 2015|Blogs, Discussion|Comments Off on VTech update

Massive VTech hack

For anyone with young children, VTech is a familiar name, a logo enblazoned on numerous toys cluttering up the house.

VTech is a Chinese company, and in November, VTech’s servers were hacked and the personal data of almost 5 million customers was stolen.

Amongst the data were usernames and password hashes. Passwords were hashed with MD5, making it trivial […]

By |December 4th, 2015|Blogs, Discussion|Comments Off on Massive VTech hack

Does your browser support SHA-2 certificates?

We recently blogged about how the SHA-1 hash algorithm is now considered to be broken.

Traditionally SHA-1 has been used in SSL certificates, which are how websites identify themselves to web browsers such as Chrome, Firefox and Internet Explorer. Certificates are digitally signed by a well-known certificate authority (CA) using a hash algorithm such as SHA-1 or the […]

By |December 1st, 2015|Blogs, Discussion|Comments Off on Does your browser support SHA-2 certificates?

Global tech giants back encryption

FBI director James B. Comey has for some time been a critic of encryption technologies, arguing that challenges for his agency are growing as groups they are monitoring “go dark” – a euphemism meaning they have begun encrypting their communications.

After the terrorist attacks in Paris, these objections have multiplied, despite evidence emerging that unencrypted SMS text messages were used to […]

By |November 25th, 2015|Blogs, Discussion|Comments Off on Global tech giants back encryption