A researcher at IBM has developed a way to analyze encrypted data without decoding it, according to a statement from IBM.
The breakthrough method leverages a concept called “fully homomorphic encryption,” and stems from achievements an IBM researcher, Craig Gentry, developed on a problem that has stymied researchers for nearly 30 years.
This is a good article on the risks of not encrypting information on laptops, backup tapes, and other media, and the implications of having that data stolen. It would have been nice to have some solutions to these issues too, but perhaps that's for another article. Anyone have a favorite encryption strategy? GnuPG just released a new version. Does everyone have their key?For many companies, the data is the crown jewels. Millions of bytes are circulated every day on networks that, but for a little bit of probing, are as frail as a strand of hair and less well protected. We spend millions of dollars securing and reducing the risk of penetration from the outside, yet very few companies take the basic steps to secure their data internally. There are simple things that we can all do - such as IPSec on the wire, encryption in the backend and proper security on the desktops. We must think about more than a simple username and password scheme when it comes to securing our data from the bad guys, because, quite often, the bad guys are none other than that cute redhead who just asked you to reset her password. And it wasn’t for her account.
Source: GnuPG / Werner Koch - Posted by Dave Wreski
The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication
and data storage. It can be used to encrypt data, create digital
signatures, help authenticating using Secure Shell and to provide a
framework for public key cryptography. It includes an advanced key
management facility and is compliant with the OpenPGP and S/MIME
standards.
Bruce Schneier has details on the puzzle he created for Wired. Read on to see the puzzle and try and solve it!
For the April 09 issue Wired Magazine, I was asked to create a cryptographic puzzle based on the television show Lost. Specifically, I was given a "clue" to encrypt.
Here are details of the puzzle and solving attempts. Near as I can tell, no one has published a solution.
A free monthly newsletter providing summaries, analyses, insights, and commentaries on security: computer and otherwise.
Fourth Annual Movie-Plot Threat Contest Winner
Book Review: The Science of Fear
An Expectation of Online Privacy
News
Malicious Contamination of the Food Supply
Unfair and Deceptive Data Trade Practices
Schneier News
Mathematical Illiteracy
Conficker
Comments from Readers
Great discussion of the Google, Facebook, and other online sites, and their terms of service.Take Google, for example. Last month, the Electronic Privacy Information Center (I'm on its board of directors) filed a complaint with the Federal Trade Commission concerning Google's cloud computing services. On its website, Google repeatedly assures customers that their data is secure and private, while published vulnerabilities demonstrate that it is not. Google's not foolish, though; its Terms of Service explicitly disavow any warranty or any liability for harm that might result from Google's negligence, recklessness, malevolent intent, or even purposeful disregard of existing legal obligations to protect the privacy and security of user data. EPIC claims that's deceptive.
RSA, the Security Division of EMC, here today launched a program that for the first time gives developers its encryption technology tools for free.
RSA traditionally had licensed only its BSAFE encryption technology, which can cost customers tens of thousands of dollars, but company officials say the timing is right to give developers easier access to tools for building more security features into applications from the ground up, rather than tacking them on later.
Vivek Gite submitted a nice article on implementing TSIG in BIND:
Transaction signatures (TSIG) is a mechanism used to secure DNS messages and to provide secure server-to-server communication. This includes zone transfer, notify, and recursive query messages. TSIG uses shared secrets and a one-way hash function to authenticate DNS messages, particularly responses and updates.This tutorial discusses the security mechanisms implemented in BIND v8.2+ / v9.x to secure DNS messages and name servers
Click-through to read more!
For this Howto I use Debian Lenny (still testing and not "stable" for the simple reason as - contrary to Debian Etch and/or Ubuntu 8.04/8.10 - the install routine does setup the initrd correctly so that you can set up encrypted swap and also an encrypted raid1 lvm during install). This Howto will be heavy on screen shots again - a lot of them are repetitive as I setup multiple partitions at once.
If you are interested in setting up an encrypted RAID1 LVM system take a look at this article. It will show you step by step how to do this on your Linux machine.
In a continuing series of articles highlighting that GNU/Linux is a viable replacement operating system, today we're exploring how to encrypt emails using the popular Ubuntu distribution.
In the previous article we looked at the basics of using PGP, creating and backing up PGP keys and using them to encrypt files locally. Now we'll look at how to send someone an encrypted email.
This article will show you ways to encrypt your email communication. Do you use any software to keep your email private?
The pam_mount project lets you unlock an encrypted filesystem automatically when you log in. The same password used to log in is used as the key to unlock the encrypted filesystem, so you only need to type it once. Using this method, you can easily share a laptop and have only a single user's home directory unlocked and mounted when he logs in. And pam_mount can mount any filesystem, not just encrypted filesystems, so you can use it, for example, with an NFS share that you are interested in but which you might not like to leave mounted when you are not logged in.
Did you ever wanted to know how to mount an encrypted filesystem automatically? This article will show you how.
