Skip to main content

Home/ Advanced Concepts Team/ Group items tagged encryption

Rss Feed Group items tagged

LeopoldS

Operation Socialist: How GCHQ Spies Hacked Belgium's Largest Telco - 4 views

  •  
    interesting story with many juicy details on how they proceed ... (similarly interesting nickname for the "operation" chosen by our british friends) "The spies used the IP addresses they had associated with the engineers as search terms to sift through their surveillance troves, and were quickly able to find what they needed to confirm the employees' identities and target them individually with malware. The confirmation came in the form of Google, Yahoo, and LinkedIn "cookies," tiny unique files that are automatically placed on computers to identify and sometimes track people browsing the Internet, often for advertising purposes. GCHQ maintains a huge repository named MUTANT BROTH that stores billions of these intercepted cookies, which it uses to correlate with IP addresses to determine the identity of a person. GCHQ refers to cookies internally as "target detection identifiers." Top-secret GCHQ documents name three male Belgacom engineers who were identified as targets to attack. The Intercept has confirmed the identities of the men, and contacted each of them prior to the publication of this story; all three declined comment and requested that their identities not be disclosed. GCHQ monitored the browsing habits of the engineers, and geared up to enter the most important and sensitive phase of the secret operation. The agency planned to perform a so-called "Quantum Insert" attack, which involves redirecting people targeted for surveillance to a malicious website that infects their computers with malware at a lightning pace. In this case, the documents indicate that GCHQ set up a malicious page that looked like LinkedIn to trick the Belgacom engineers. (The NSA also uses Quantum Inserts to target people, as The Intercept has previously reported.) A GCHQ document reviewing operations conducted between January and March 2011 noted that the hack on Belgacom was successful, and stated that the agency had obtained access to the company's
  •  
    I knew I wasn't using TOR often enough...
  •  
    Cool! It seems that after all it is best to restrict employees' internet access only to work-critical areas... @Paul TOR works on network level, so it would not help here much as cookies (application level) were exploited.
Thijs Versloot

The entropy of encryption and how secure is it? - 1 views

  •  
    I like the following text: "It's still exponentially hard, but it's exponentially easier than we thought," Duffy says. One implication is that an attacker who simply relied on the frequencies with which letters occur in English words could probably guess a user-selected password much more quickly than was previously thought. "Attackers often use graphics processors to distribute the problem," Duffy says. "You'd be surprised at how quickly you can guess stuff."
Luís F. Simões

Encryption's holy grail is getting closer, one way or another | ZDNet - 0 views

  • Working with encrypted data without decrypting it first sounds too good to be true, but it's becoming possible.
  •  
    an update on homomorphic encryption research and applications
anonymous

ProtonMail - Secure email based in Switzerland - 4 views

  •  
    Something for the e-mail privacy fighters (Leopold). Protagonist in "Mr. Robot" is using it so it must be good!
  • ...1 more comment...
  •  
    Seems to be very good, I am going to make one account for me.
  •  
    I have an account with them since 30 June 2014 - nice but since I don't like webmail I prefer using mail with PGP installed ... unfortunately very few others are using PGP encryption .... even smart ACT guys ... :-(
  •  
    We know not to use email at all for any kind of critical communication
Luís F. Simões

Alice and Bob in Cipherspace » American Scientist - 1 views

  • A new form of encryption allows you to compute with data you cannot read
  • The technique that makes this magic trick possible is called fully homomorphic encryption, or FHE. It’s not exactly a new idea, but for many years it was viewed as a fantasy that would never come true. That changed in 2009, with a breakthrough discovery by Craig Gentry, who was then a graduate student at Stanford University. (He is now at IBM Research.) Since then, further refinements and more new ideas have been coming at a rapid pace.
LeopoldS

Tox: A New Kind of Instant Messaging - 5 views

shared by LeopoldS on 02 Sep 14 - No Cached
  •  
    skype alternative - open source, no central server, encryption built in ....
  • ...4 more comments...
  •  
    It's free and w/o ads. What's the business model? Their page doesn't say anything about it.
  •  
    To help society...
  •  
    They plan to secretly capture all communications and then sell them to NSA...
  •  
    probably developed by the NSA directly
  •  
    its open source - go check it :-)
  •  
    my ID: 7C53B574D888EE0E2A97FCD62B144DD14730E45C1B7158D4ED3EBCCB920CB93A68C62E6C9385
LeopoldS

Open WhisperSystems >> Open WhisperSystems - 0 views

  •  
    encrypted phone calls on android and now also ios devices? here we go, from the programmer of PGP
Thijs Versloot

Search DuckDuckGo - 0 views

shared by Thijs Versloot on 23 Aug 13 - No Cached
johannessimon81 and H H liked it
  •  
    DuckDuckGo is a search engine that does not track you and, has more instant answers and less spam/clutter. You can still search google hits by added !g to your search query, which will then send an encrypted search request to google and return only the sensible part
  •  
    !w = Wikipedia !wa = Wolfram alpha !y = Yahoo
Alexander Wittig

PQCRYPTO ICT-645622 - 0 views

  •  
    Horizon2020 project on post quantum cryptography just released their first draft of recommendations for quantum computer safe encryption algorithms. No big surprise with the symmetric algorithms (what's used today is fundamentally sound), but the asymmetric public-key methods will be interesting.
Nicholas Lan

Collage: Defeating Censorship with User-Generated Content - 1 views

  •  
    software for encrypting/decrypting hidden messages in social media
Luís F. Simões

Polynomial Time Code For 3-SAT Released, P==NP - Slashdot - 0 views

  • "Vladimir Romanov has released what he claims is a polynomial-time algorithm for solving 3-SAT. Because 3-SAT is NP-complete, this would imply that P==NP. While there's still good reason to be skeptical that this is, in fact, true, he's made source code available and appears decidedly more serious than most of the people attempting to prove that P==NP or P!=NP. Even though this is probably wrong, just based on the sheer number of prior failures, it seems more likely to lead to new discoveries than most. Note that there are already algorithms to solve 3-SAT, including one that runs in time (4/3)^n and succeeds with high probability. Incidentally, this wouldn't necessarily imply that encryption is worthless: it may still be too slow to be practical."
  •  
    here we go again...
  •  
    slashdot: "Russian computer scientist Vladimir Romanov has conceded that his previously published solution to the '3 SAT' problem of boolean algebra does not work."
LeopoldS

The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle - 1 views

  •  
    revealing - though not surprising, but nicely detailed; opportunities for really secure comm via space?
LeopoldS

iSpy: The CIA Campaign to Steal Apple's Secrets - 3 views

  •  
    interesting read - also on the approach taken ... again thanks to Snowden
  •  
    and what an effort they make ..
jcunha

Electron spins controlled using sound waves - 0 views

  •  
    Cornell applied physicists have demonstrated an unprecedented method of control over electron spins using extremely high-frequency sound waves - new insights in the study of the spin of the electron. Crazy idea but, no further need for complicated quantum encryption techniques of sound signals?
jcunha

'Superman memory crystal' that could store 360TB of data forever | ExtremeTech - 0 views

  •  
    A new so called 5D data storage that could potentially survive for billions of years. The research consists of nanostructured glass that can record digital data in five dimensions using femtosecond laser writing.
  • ...2 more comments...
  •  
    Very scarce scientific info available.. I'm very curious to see a bit more in future. From https://spie.org/PWL/conferencedetails/laser-micro-nanoprocessing I made a back of envelop calc: for 20 nm spaced, each laser spot in 5D encryption encodes 3 bits (it seemed to me) written in 3 planes, to obtain the claimed 360TB disk one needs very roughly 6000mm2, which does not complain with the dimensions shown in video. Only with larger number of planes (order of magnitude higher) it could be.. Also, at current commercial trends NAND Flash and HDD allow for 1000 Gb/in2. This means a 360 TB could hypothetically fit in 1800mm2.
  •  
    I had the same issue with the numbers when I saw the announcement a few days back (https://www.southampton.ac.uk/news/2016/02/5d-data-storage-update.page). It doesn't seem to add up. Plus, the examples they show are super low amounts of data (the bible probably fits on a few 1.44 MB floppy disk). As for the comparison with NAND and HDD, I think the main argument for their crystal is that it is supposedly more durable. HDDs are chronically bad at long term storage, and also NAND as far as I know needs to be refreshed frequently.
  •  
    Yes Alex, indeed, the durability is the point I think they highlight and focus on (besides the fact the abstract says something as the extrapolated decay time being comparable to the age of the Universe..). Indeed memories face problems with retention time. Most of the disks retain the information up to 10 years. When enterprises want to store data for longer times than this they use... yeah, magnetic tapes :-). Check a interesting article about magnetic tape market revival here http://www.information-age.com/technology/data-centre-and-it-infrastructure/123458854/rise-fall-and-re-rise-magnetic-tape I compared for fun, to have one idea of what we were talking about. I am also very curious so see the writing and reading times in this new memory :)
  •  
    But how can glass store the information so long? Glass is not even solid?!
Ingmar Getzner

Controversial Quantum Machine Bought by NASA and Google Shows Promise - 4 views

  •  
    I am having less and less faith in the Dwave machine, but nonetheless, maybe we should have a look at our future encryption techniques...
  •  
    why less and less ... ?
marliesarnhof

Attention PGP Users: New Vulnerabilities Require You To Take Action Now - 2 views

  •  
    no cutting-edge space-related science, but important anyways
  •  
    The EFF communicate is actually quite inaccurate. This is disappointing from the EFF, though for some part, it is due to the communication from the researchers who "discovered" the attack. PGP itself is not broken, but rather some implementations on some email clients (notably Enigmail, though it was patched several months ago). See https://protonmail.com/blog/pgp-vulnerability-efail/ On the other hand, if you are very keen on security, there is an XSS attack reported on Signal, so… https://thehackernews.com/2018/05/signal-messenger-code-injection.html The *good* recommendation here is actually rather to keep your software stack up to date (surprising, no?) and keep encrypting your emails.
1 - 18 of 18
Showing 20 items per page