Articles about Pgp

Nick Weaver

Cops hate encryption but the NSA loves it when you use PGP

Usenix Enigma Although the cops and Feds wont stop banging on and on about encryption – the spies have a different take on the use of crypto. To be brutally blunt, they love it. Why? Because using detectable encryption technology like PGP, Tor, VPNs and so on, lights you up on the intelligence agencies' dashboards. Agents and analysts don't …
Iain Thomson, 27 Jan 2016

Cryptome founder revokes PGP keys after weird 'compromise'

Updated The creator of digital library and whistle-blowing site Cryptome.org, John Young, has revoked a host of his PGP key pairs after learning they were compromised. In a site statement on Tuesday, Young claimed to have learned "that all PGP public keys of John Young and Cryptome have been compromised." He added "the keys have been …
NSA parody T-shirt

PGP Zimmermann: 'You want privacy? Well privacy costs MONEY'

IP EXPO 2015 Delivering a keynote in London today, the famous inventor of PGP complained that consumers want privacy for free, forcing his company Silent Circle to focus on selling secure telephony to enterprises - while he would like to see it more widely employed. Silent Circle, the cryptographic communications firm at which Zimmermann …

Facebook flings PGP-encrypted email at world+dog. Don't lose your private key

Hands-on Facebook can now powerfully encrypt notification emails sent to its users with PGP – keeping potentially sensitive messages out of the hands of hackers and other snoopers. The social network has also added a spot for people to share their public PGP keys via the HTTPS-protected website. "We are gradually rolling out an …
Iain Thomson, 01 Jun 2015

It's time for PGP to die, says ... no, not the NSA – a US crypto prof

A senior cryptographer has sparked debate after calling time on PGP – the gold standard for email and document encryption. Matthew Green is an assistant research professor who lectures in computer science and cryptography at Johns Hopkins University in Maryland, US. This week, on his personal blog, he argued that it's "time for …
John Leyden, 14 Aug 2014
snowden SXSW

Snowden lawyer PGP email 'crack' flap: What REALLY happened?

The leak of a PGP-encrypted email between Ed Snowden's pet journalist Glenn Greenwald and a lawyer has created a bit of a fuss in crypto circles. Jesselyn Radack, a national security and human rights brief, ‪said an encrypted email sent by her to Greenwald was this week leaked by persons unknown to Cryptome, the long-running …
John Leyden, 10 Apr 2014

Enigmail PGP plugin forgets to encrypt mail sent as blind copies

Enigmail has patched a hole in the world's most popular PGP email platform that caused mail to be sent unencrypted when all security check boxes were ticked. The dangerous hole in the Mozilla Thunderbird extension affected email that was sent only to blind carbon copy recipients on all versions below 1.7.2 released last month. …
Darren Pauli, 09 Sep 2014
Angry woman on mobile

PGP wiz Phil Zimmermann and pals tout anti-snoop mobe – the Blackphone

Video A smartphone that tries to thwart eavesdroppers will be launched this summer by Spanish smartphone maker Geeksphone and Silent Circle – the secure chat firm started by the inventors of PGP encryption. Dubbed Blackphone, and featured in the video above, the handset runs a hardened version of Android called PrivatOS that has …
Iain Thomson, 15 Jan 2014
Dutch police

BlackBerry baffled by Dutch cops' phone encryption cracked brag

Claims by the Netherlands Forensic Institute (NFI) that it has successfully decrypted emails stored on BlackBerry smartphones have caused bafflement at the Canadian firm. Documents seen by Dutch blog Crime News show the NFI claiming to have decrypted 275 out of 325 emails encrypted with PGP from a handset in their possession. …
Iain Thomson, 13 Jan 2016
Broken CD with wrench

E-mail crypto is as usable as it ever was, say boffins

The main reason the world is able to read and enjoy the contents of Hillary Clinton's emails is that crypto tools aren't any better than back when Phil Zimmerman created PGP, the crypto system even he can't use. That's the conclusion of this study into e-mail crypto usability, a follow-up to a study which reached the same …
hot_librarian_648

Facebook's security now sexier, with killer curves

Facebook has boosted its security chops with support for better bang-for-buck email encryption. Menlo Park now supports OpenPGP's standard elliptic curve cryptography public keys meaning security and privacy pundits can post their public keys which will then be used to encrypt email notifications. It supports NIST curves P- …
Darren Pauli, 24 Sep 2015
The Register breaking news

PGP, TrueCrypt-encrypted files CRACKED by £300 tool

ElcomSoft has built a utility that forages for encryption keys in snapshots of a PC's memory to decrypt PGP and TrueCrypt-protected data. Forensic Disk Decryptor attempts to unlock information stored in disks and volumes encrypted by BitLocker, PGP or TrueCrypt. The tool is designed for criminal investigators, IT security bods …
John Leyden, 20 Dec 2012

Wanted! A browser to replace Xombrero

Readers' corner Not a mainstream request this one perhaps, but over at El Reg Forums, 1980s coder is seeking some advice. Guys, what do you reckon? I'm looking for an alternative to the Xombrero web browser, now that it seems to be virtually unmaintained, and becoming increasingly out of date. I liked it because it worked well without a …
Drew Cullen, 02 Feb 2016
padlock

Yahoo! spaffs! out! plugin! to! bring! crypto! to! everyone's! email!

Yahoo! has shown off an OpenPGP-based end-to-end e-mail encryption it says will be offered as a plug-in by the end of the year. Its aim is to make PGP-based encryption more accessible to the everyday layperson. Described in this blog post by Purple Palace chief information security officer Alex Stamos, the mail encryption code …
The Register breaking news

PGP founder's mobile privacy app goes live

Updated Silent Circle, the secure mobile communications app backed by Phil Zimmermann, has gone live - offering protection from all but the most determined of government departments. Silent Circle comprises a handful of iOS/Android/PC apps facilitating secure phone calls, text messaging and video calling, with secure email promised soon …
Bill Ray, 10 Oct 2012
The Register breaking news

PGP founder, Navy SEALs uncloak encrypted comms biz

Phil Zimmermann and some of the original PGP team have joined up with former US Navy SEALs to build an encrypted communications platform that should be proof against any surveillance. The company, called Silent Circle, will launch later this year, when $20 a month will buy you encrypted email, text messages, phone calls, and …
Iain Thomson, 14 Jun 2012
Fluffy grey ragdoll cat relaxes next to laptop.

PANIC! RSA keys are compromised!

Just as quickly as a panic emerged about vulnerable 4096-bit RSA keys, it's been defused. The discussion started with this brief post at Loper-OS, with the headline claim that: “I am pleased to announce that we have now broken a 4096-bit RSA key, as well as its factor-sharing counterpart (yet to be determined, but won’t wait for …
The Register breaking news

PGP Zimmermann teams with Navy SEALs, SAS techies in London

Encryption guru Phil Zimmermann is going after security conscious users with his new venture Silent Circle, a security start-up offering ultra-secure VoIP and texting services. Silent Circle, which opened a UK office this week, charges a monthly subscription of $20 (£13) per month for a bundle of secure voice, text and video …
John Leyden, 21 Nov 2012

ProtonMail still under attack by DDoS bombardment

Secure webmail outfit ProtonMail is still fighting against a sustained DDoS attack that has left its service largely unavailable since Tuesday. In a statement posted to a hastily erected blog site, ProtonMail said the powerful attack by unknown parties has also inflicted collateral damage on third-party organisations. The …
John Leyden, 05 Nov 2015
The Register breaking news

PGP buys tech to offer trusted ID from the cloud

PGP Corporation has acquired privately-held TC TrustCenter and its US parent company, ChosenSecurity, as part of plans to offer trusted identity management services from the cloud. Terms of the transaction, announced Tuesday, were not disclosed. TC TrustCenter provides managed trust services for customers in the financial, car …
John Leyden, 02 Feb 2010

ID yourself or get NOTHING (except Framework), snarls Metasploit

Metasploit Pro and Community users outside North America now need to prove who they are, thanks to changes introduced this week and a tightening of encryption export rules. The open source Metasploit Framework (a computer security project) is not affected by the new rules. "[This] is yet another reminder that governments have …
John Leyden, 21 Apr 2015

Cryptome grudgingly admits to leak of users' ancient IP addresses

Venerable leak site Cryptome.org has 'fessed up to a data leak that saw some users' IP addresses reach the Internet. After initially dismissing data posted by security researcher Michael Best as a mockup, Cryptome founder John Young conceded that a USB key sent to some of the site's supporters included site statistics data …
Rafe Laguna, CEO of open source enterprise software company Open Xchange, addresses the audience. Pic by Andrew Orlowski

Google uses humans as Matrix-style ‘data batteries’ – Open Xchange CEO

OX Summit 2015 If any Americans are in doubt about what European technology business thinks of Silicon Valley’s data-slurping giants, it wouldn’t take them long to find out from a gathering in Berlin of European companies who look after personal data. The audience applauded wildly (and it was the only applause of a sober keynote) when Rafael …
Andrew Orlowski, 09 Oct 2015
The Register breaking news

Symantec buys PGP and GuardianEdge too

Symantec has announced a surprise deal to buy both email and data encryption firms PGP Corporation and GuardianEdge Technologies for a combined total of $370m in cash. The security giant is paying $300m for PGP and $70m for GuardianEdge as part of deals announced on Thursday and expected to close in June. Both agreements are …
John Leyden, 29 Apr 2010
facebook_shock_648

Rights groups: Darn you Facebook with your 'government names'

The ZuckerBorg's continued refusal to assimilate anyone who won't provide their "real" name to the site has provoked an angry letter from 75 human rights, digital rights, LGBTQ and women's rights advocates. Facebook has always claimed its "real name" policy protects users from harassment, as without the right to anonymity …
Bitcoin

Bitcoin inventor Satoshi 'outed' as Aussie, then raided by cops – but NOT over BTC

The home of a bloke fingered by WiReD and tech blog Gizmodo as a possible inventor of Bitcoin has been raided by the Australian Federal Police – just hours after their articles were published. The Register was happy to watch the house publication of deluded entrepreneurs and Giz slug it out over whose evidence is best and who …
The Register breaking news

PGP email marketing gaffe creates message storm

PGP irritated its security conscious customers on Tuesday by making the schoolboy error of sending out an email marketing message to a list of around 300 recipients without using the bcc field. As a result of the slip-up, all the recipients of the marketing email (extract below) learned the email addresses of other potential …
John Leyden, 24 Mar 2009
The Register breaking news

ElcomSoft poster provokes PGP apoplexy

Infosec A row broke out at the Infosec conference on Tuesday after PGP objected to the content of a poster on password recovery firm ElcomSoft's stand, and lodged an objection with conference organisers Reed Exhibitions. The offending poster, which said "the only way to break into PGP" (a reference to ElcomSoft's graphic card assisted …
John Leyden, 29 Apr 2009

Death-to-passwords FIDO Alliance finds a friend at DOCOMO

Japanese users will be able to log in and make online purchases using iris recognition biometrics after telco giant DOCOMO begins shipping Fujitsu ARROWS phones. The telco's 65 million users will be able to use the biometric verification on the ARROWS F-04G said to be the world's first iris snapper. Fingerprint biometric login …
Darren Pauli, 27 May 2015

ISPs are stripping encryption from netizens' email – EFF

Some ISPs are removing encryption from customers' connections to email servers – threatening the privacy of their communications – claims civil-liberties group the Electronic Frontier Foundation. Incidents in the US and Thailand over recent months have seen service providers intercepting their customers' data to strip a security …
John Leyden, 12 Nov 2014
Stacks of bitcoin CC2.0 attribution by FD Comite https://www.flickr.com/photos/fdecomite/

Slippery Silk Road spook will plead guilty to duping dealers

A US Secret Service information security bod is going to enter a guilty plea to pilfering US$820,000 in Bitcoins from scuttled drug souk the Silk Road. Shaun W. Bridges admitted to harvesting the anonymous currency before cashing out at the then Mx Gox Bitcoin exchange and going into hiding. “Mr. Bridges has regretted his …
Darren Pauli, 23 Jun 2015
padlock

CERN and MIT chaps' secure webmail stalled by stampede of users

A bunch of CERN alumni has taken time out of the weighty world of particle physics to take another shot at cracking the e-mail encryption nut. Their offering, Proton Mail, has gone into public beta, and proved so popular the group has had to suspend new registrations while it upgrades its servers. As a concept, encrypting e- …
The Register breaking news

PGP disk encrypt approved by MoD for military use

The UK MoD has certified PGP Corporation's whole disk encryption technology as suitable for use on British military computers. However, like most software-only solutions, it has been approved only for machines holding fairly low-level information. PGP Whole Disk Encryption had previously passed the UK government's baseline …
Lewis Page, 08 Dec 2009
ISIS fighters

Turkey cites crypto software find in terror charges against TV crew

Possession of an encryption program used by jihadists is being cited of evidence against two Vice News journalists and a local fixer / translator arrested in Turkey, who now face terror-related charges. British journalist Jake Hanrahan, cameraman Philip Pendlebury and their local assistant were picked up last week in …
John Leyden, 02 Sep 2015
The Register breaking news

PGP co-founder takes OS security job with Apple

Jon Callas, who as co-founder and chief technologist of PGP helped bring strong encryption to the masses, has taken a job with Apple working on operating-system security. His move around the beginning of the year was confirmed by two of his long-time friends and this brief bio, which says Callas remains on PGP's technical …
Dan Goodin, 22 Apr 2010

Hacker data dumps scrape to make huge grey marketing database

Former password collector Steve Thomas plans to tear up the contact broker market by offering a database of 30 million names for free, all built on data sourced by scraping the web. The former PwnedList founder, and now SalesMaple CEO, says the database will soon to balloon to almost 100 million records. Thomas said it will …
Darren Pauli, 20 May 2015
eyeofSauron

Want to hide your metadata? You probably can't

With every development in Australia's data retention debate, the question arises: “how can I stop the government getting its hands on my metadata?” Routinely, often non-technical journalists give the glib answer to “use encryption”, rattle off their favourite list of technologies, and over-simplify things to the point of danger …

Reckon YOU can write better headlines than us? Great – apply within

Job The Register is expanding in the States: we're seeking a full-time US Production Editor to work in our San Francisco bureau in California. The successful applicant will work alongside our US editor and four reporters to prepare news, opinion and feature articles on the world of science and technology for our vast and …
Chris Williams, 27 Feb 2015
NSA parody T-shirt

Crypto Daddy Phil Zimmerman says surveillance society is DOOMED

Defcon 22 A killer combination of rapidly advancing technology and a desire for greater privacy among the public should condemn current surveillance state to an historical anachronism, according to PGP creator Phil Zimmermann. In an extended talk at Defcon 22 in Las Vegas, Zimmermann said it might seem as though the intelligence agencies …
Iain Thomson, 09 Aug 2014
The Register breaking news

IBM, PGP fill Bletchley Park's rattling tin

The campaign to save Bletchley Park from decay and disrepair is moving stateside. On Tuesday, a fundraising group organized by IBM and the cryptography firm PGP plan to launch a US campaign to raise awareness of the historical landmark and raise donations for its preservation. Bletchley Park was home to UK code-breaking …
Austin Modine, 08 Sep 2008

CloudFlare launches nameserver DDoS shield

CloudFlare has launched a DNS proxy service it says will help organisations improve DNS resilience by pushing distributed denial of service attacks to the outer edge of its network. The Virtual DNS service is billed as a means for DNS providers to mitigate a potential "massive single point of failure" in their nameservers caused …
Darren Pauli, 11 Mar 2015

IoT baby monitors STILL revealing live streams of sleeping kids

Internet-connected baby monitors are riddled with security flaws that could broadcast live footage of your sleeping children to the world and his dog, according to new research. Mark Stanislav, a security researcher at Rapid7, discovered numerous security weaknesses and design flaws after evaluating nine different devices from …
John Leyden, 03 Sep 2015
homeless man with sign

PGP takes disk encryption management into the cloud

PGP is aiming to exploit concern about the security implications of lost laptops with the launch via its resellers of a managed service for the administration of whole disk encryption. Partners ANI Direct, Aurora Enterprises in the US and Gradian Systems in the UK will be the first to offer a pay-as-you-go laptop security …
John Leyden, 21 Oct 2008
Logging onto Windows 10 with a mobile for 2-factor authentication

Yahoo! wheels! out! password! on-demand! service! for! simpletons!

Yahoo! is trialling a service that removes the need to remember your passwords, providing users aren't so absent-minded they don't also lose or mislay their mobile phones. The on-demand password service allows registered users to get a short password sent to their phone. On-demand passwords is an opt-in service, initially only …
John Leyden, 16 Mar 2015

PGP inventor to debut VoIP crypto

Phil Zimmerman, inventor of Pretty Good Privacy cryptography, will unveil a prototype of his new privacy software for net phone calls this week. Unlike PGP however, it doesn't use a PKI (public key infrastructure). It's based on the open source Shtoom VoIP client software, Zimmerman told CNET, and he hopes to have working …
Andrew Orlowski, 27 Jul 2005
fingers pointing at man

MPs told PGP 'incompatible' with Parliament network

MPs have been told that although they are free to install PGP on their parliamentary machines the technology is not compatible with Parliament’s remote access software, making its use impractical. The curious response came from the House of Commons Commission via Lib Dem MP Nick Harvey in response to questions raised by Francis …
John Leyden, 04 Mar 2009
The US White House. Pic: Roman Boed

Please no non-consensual BACKDOOR SNIFFING, Mr Obama

Google, Apple and 140 other technology companies will write to US President Obama today (19 May) to argue against plans which could see the security of electronic communications deliberately and compulsorily compromised for the sake of government surveillance access. The letter is intended to display the depth of support for …
container_ship_hamburg_shutterstock_648

US plans to apply export controls to 0-days put out for comment

US proposals for export controls for zero-day vulnerabilities and malware have finally been pushed forward, re-opening the fault lines of a long-running argument among security experts in the process. The proposals (pdf) from the US Department of Commerce would introduce the Wassenaar Arrangement (WA) – an international …
John Leyden, 20 May 2015
The Register breaking news

PGP to integrate anti-virus defences

PGP Corporation and Symantec are to integrate encryption and anti-virus technology. PGP Universal will incorporate Symantec's AntiVirus Scan Engine to thwart attempts to smuggle viruses into corporates via encrypted email. Traditionally, AV and encryption have not been particularly complementary. AV scanners should check …
John Leyden, 16 Apr 2004
Suitcase bulging with cash

Open-Xchange builds anti Oracle stack after server M&A splurge

Open-Xchange, a maker of web apps that some of the biggest telcos and hosts rebrand as their own, has bought up open-source mailserver firm Dovecot and DNS server outfit PowerDNS. There are lots of possible reasons for this burst of activity, the most obvious being Open-Xchange's desire to offer its service provider customers a …
David Meyer, 24 Mar 2015