
LinkedIn hack and password encryption
You might remember the LinkedIn hack of 2012. Their password encryption was extremely poor, and it was easy for anyone who obtained the leaked password files to retrieve the original passwords.
You might remember the LinkedIn hack of 2012. Their password encryption was extremely poor, and it was easy for anyone who obtained the leaked password files to retrieve the original passwords.
An advance in random number generation? Who cares? What's so important about improving the way we generate random numbers, and how does this tie in with security?
We recently reported that the SWIFT financial network for international bank transfers was compromised. Now there has now been another SWIFT hack.
You might remember the infamous Jeep hack last year, in 2015. In a scary demonstration, Charlie Miller and Chris Valasek demonstrated their ability to remotely control almost everything, including steering and braking.
Banks have agreements with certain other banks in the network, and so when a payment instruction is received, payments are made. In theory, outsiders shouldn't have access and so SWIFT should be difficult to hack.
Many companies store confidential documents in the cloud, often unknown to companies themselves. Individuals simply use cloud-based services for collaboration because they are convenient.
Unfortunately, security and privacy are not necessarily high priorities for many technology companies. There are also the issues of licensing and supply of services, which come down to vendor trust.
The San Bernardino court case may be over, but the encryption debate is still very much alive.
A draft of the US senate encryption bill has been leaked, and it makes for unpleasant reading. It's called the Compliance with Court Orders Act of 2016.
WhatsApp was acquired by Facebook a couple of years ago, and they have just announced that their messenger application is now fully encrypted, end-to-end.