Articles about Pgp

Facebook flings PGP-encrypted email at world+dog. Don't lose your private key

Hands-on Facebook can now powerfully encrypt notification emails sent to its users with PGP – keeping potentially sensitive messages out of the hands of hackers and other snoopers. The social network has also added a spot for people to share their public PGP keys via the HTTPS-protected website. "We are gradually rolling out an …
Iain Thomson, 01 Jun 2015

It's time for PGP to die, says ... no, not the NSA – a US crypto prof

A senior cryptographer has sparked debate after calling time on PGP – the gold standard for email and document encryption. Matthew Green is an assistant research professor who lectures in computer science and cryptography at Johns Hopkins University in Maryland, US. This week, on his personal blog, he argued that it's "time for …
John Leyden, 14 Aug 2014
snowden SXSW

Snowden lawyer PGP email 'crack' flap: What REALLY happened?

The leak of a PGP-encrypted email between Ed Snowden's pet journalist Glenn Greenwald and a lawyer has created a bit of a fuss in crypto circles. Jesselyn Radack, a national security and human rights brief, ‪said an encrypted email sent by her to Greenwald was this week leaked by persons unknown to Cryptome, the long-running …
John Leyden, 10 Apr 2014

Enigmail PGP plugin forgets to encrypt mail sent as blind copies

Enigmail has patched a hole in the world's most popular PGP email platform that caused mail to be sent unencrypted when all security check boxes were ticked. The dangerous hole in the Mozilla Thunderbird extension affected email that was sent only to blind carbon copy recipients on all versions below 1.7.2 released last month. …
Darren Pauli, 09 Sep 2014
Angry woman on mobile

PGP wiz Phil Zimmermann and pals tout anti-snoop mobe – the Blackphone

Video A smartphone that tries to thwart eavesdroppers will be launched this summer by Spanish smartphone maker Geeksphone and Silent Circle – the secure chat firm started by the inventors of PGP encryption. Dubbed Blackphone, and featured in the video above, the handset runs a hardened version of Android called PrivatOS that has …
Iain Thomson, 15 Jan 2014
padlock

Yahoo! spaffs! out! plugin! to! bring! crypto! to! everyone's! email!

Yahoo! has shown off an OpenPGP-based end-to-end e-mail encryption it says will be offered as a plug-in by the end of the year. Its aim is to make PGP-based encryption more accessible to the everyday layperson. Described in this blog post by Purple Palace chief information security officer Alex Stamos, the mail encryption code …
The Register breaking news

PGP, TrueCrypt-encrypted files CRACKED by £300 tool

ElcomSoft has built a utility that forages for encryption keys in snapshots of a PC's memory to decrypt PGP and TrueCrypt-protected data. Forensic Disk Decryptor attempts to unlock information stored in disks and volumes encrypted by BitLocker, PGP or TrueCrypt. The tool is designed for criminal investigators, IT security bods …
John Leyden, 20 Dec 2012
Fluffy grey ragdoll cat relaxes next to laptop.

PANIC! RSA keys are compromised!

Just as quickly as a panic emerged about vulnerable 4096-bit RSA keys, it's been defused. The discussion started with this brief post at Loper-OS, with the headline claim that: “I am pleased to announce that we have now broken a 4096-bit RSA key, as well as its factor-sharing counterpart (yet to be determined, but won’t wait for …
The Register breaking news

PGP founder's mobile privacy app goes live

Updated Silent Circle, the secure mobile communications app backed by Phil Zimmermann, has gone live - offering protection from all but the most determined of government departments. Silent Circle comprises a handful of iOS/Android/PC apps facilitating secure phone calls, text messaging and video calling, with secure email promised soon …
Bill Ray, 10 Oct 2012
The Register breaking news

PGP founder, Navy SEALs uncloak encrypted comms biz

Phil Zimmermann and some of the original PGP team have joined up with former US Navy SEALs to build an encrypted communications platform that should be proof against any surveillance. The company, called Silent Circle, will launch later this year, when $20 a month will buy you encrypted email, text messages, phone calls, and …
Iain Thomson, 14 Jun 2012
The Register breaking news

PGP Zimmermann teams with Navy SEALs, SAS techies in London

Encryption guru Phil Zimmermann is going after security conscious users with his new venture Silent Circle, a security start-up offering ultra-secure VoIP and texting services. Silent Circle, which opened a UK office this week, charges a monthly subscription of $20 (£13) per month for a bundle of secure voice, text and video …
John Leyden, 21 Nov 2012

ID yourself or get NOTHING (except Framework), snarls Metasploit

Metasploit Pro and Community users outside North America now need to prove who they are, thanks to changes introduced this week and a tightening of encryption export rules. The open source Metasploit Framework (a computer security project) is not affected by the new rules. "[This] is yet another reminder that governments have …
John Leyden, 21 Apr 2015
The Register breaking news

PGP buys tech to offer trusted ID from the cloud

PGP Corporation has acquired privately-held TC TrustCenter and its US parent company, ChosenSecurity, as part of plans to offer trusted identity management services from the cloud. Terms of the transaction, announced Tuesday, were not disclosed. TC TrustCenter provides managed trust services for customers in the financial, car …
John Leyden, 02 Feb 2010
The Register breaking news

Symantec buys PGP and GuardianEdge too

Symantec has announced a surprise deal to buy both email and data encryption firms PGP Corporation and GuardianEdge Technologies for a combined total of $370m in cash. The security giant is paying $300m for PGP and $70m for GuardianEdge as part of deals announced on Thursday and expected to close in June. Both agreements are …
John Leyden, 29 Apr 2010

Death-to-passwords FIDO Alliance finds a friend at DOCOMO

Japanese users will be able to log in and make online purchases using iris recognition biometrics after telco giant DOCOMO begins shipping Fujitsu ARROWS phones. The telco's 65 million users will be able to use the biometric verification on the ARROWS F-04G said to be the world's first iris snapper. Fingerprint biometric login …
Darren Pauli, 27 May 2015
Stacks of bitcoin CC2.0 attribution by FD Comite https://www.flickr.com/photos/fdecomite/

Slippery Silk Road spook will plead guilty to duping dealers

A US Secret Service information security bod is going to enter a guilty plea to pilfering US$820,000 in Bitcoins from scuttled drug souk the Silk Road. Shaun W. Bridges admitted to harvesting the anonymous currency before cashing out at the then Mx Gox Bitcoin exchange and going into hiding. “Mr. Bridges has regretted his …
Darren Pauli, 23 Jun 2015

ISPs are stripping encryption from netizens' email – EFF

Some ISPs are removing encryption from customers' connections to email servers – threatening the privacy of their communications – claims civil-liberties group the Electronic Frontier Foundation. Incidents in the US and Thailand over recent months have seen service providers intercepting their customers' data to strip a security …
John Leyden, 12 Nov 2014
ISIS fighters

Turkey cites crypto software find in terror charges against TV crew

Possession of an encryption program used by jihadists is being cited of evidence against two Vice News journalists and a local fixer / translator arrested in Turkey, who now face terror-related charges. British journalist Jake Hanrahan, cameraman Philip Pendlebury and their local assistant were picked up last week in …
John Leyden, 02 Sep 2015
padlock

CERN and MIT chaps' secure webmail stalled by stampede of users

A bunch of CERN alumni has taken time out of the weighty world of particle physics to take another shot at cracking the e-mail encryption nut. Their offering, Proton Mail, has gone into public beta, and proved so popular the group has had to suspend new registrations while it upgrades its servers. As a concept, encrypting e- …

Hacker data dumps scrape to make huge grey marketing database

Former password collector Steve Thomas plans to tear up the contact broker market by offering a database of 30 million names for free, all built on data sourced by scraping the web. The former PwnedList founder, and now SalesMaple CEO, says the database will soon to balloon to almost 100 million records. Thomas said it will …
Darren Pauli, 20 May 2015
eyeofSauron

Want to hide your metadata? You probably can't

With every development in Australia's data retention debate, the question arises: “how can I stop the government getting its hands on my metadata?” Routinely, often non-technical journalists give the glib answer to “use encryption”, rattle off their favourite list of technologies, and over-simplify things to the point of danger …

Reckon YOU can write better headlines than us? Great – apply within

Job The Register is expanding in the States: we're seeking a full-time US Production Editor to work in our San Francisco bureau in California. The successful applicant will work alongside our US editor and four reporters to prepare news, opinion and feature articles on the world of science and technology for our vast and …
Chris Williams, 27 Feb 2015
NSA parody T-shirt

Crypto Daddy Phil Zimmerman says surveillance society is DOOMED

Defcon 22 A killer combination of rapidly advancing technology and a desire for greater privacy among the public should condemn current surveillance state to an historical anachronism, according to PGP creator Phil Zimmermann. In an extended talk at Defcon 22 in Las Vegas, Zimmermann said it might seem as though the intelligence agencies …
Iain Thomson, 09 Aug 2014
The Register breaking news

PGP email marketing gaffe creates message storm

PGP irritated its security conscious customers on Tuesday by making the schoolboy error of sending out an email marketing message to a list of around 300 recipients without using the bcc field. As a result of the slip-up, all the recipients of the marketing email (extract below) learned the email addresses of other potential …
John Leyden, 24 Mar 2009

CloudFlare launches nameserver DDoS shield

CloudFlare has launched a DNS proxy service it says will help organisations improve DNS resilience by pushing distributed denial of service attacks to the outer edge of its network. The Virtual DNS service is billed as a means for DNS providers to mitigate a potential "massive single point of failure" in their nameservers caused …
Darren Pauli, 11 Mar 2015
The Register breaking news

ElcomSoft poster provokes PGP apoplexy

Infosec A row broke out at the Infosec conference on Tuesday after PGP objected to the content of a poster on password recovery firm ElcomSoft's stand, and lodged an objection with conference organisers Reed Exhibitions. The offending poster, which said "the only way to break into PGP" (a reference to ElcomSoft's graphic card assisted …
John Leyden, 29 Apr 2009
The Register breaking news

PGP disk encrypt approved by MoD for military use

The UK MoD has certified PGP Corporation's whole disk encryption technology as suitable for use on British military computers. However, like most software-only solutions, it has been approved only for machines holding fairly low-level information. PGP Whole Disk Encryption had previously passed the UK government's baseline …
Lewis Page, 08 Dec 2009
Logging onto Windows 10 with a mobile for 2-factor authentication

Yahoo! wheels! out! password! on-demand! service! for! simpletons!

Yahoo! is trialling a service that removes the need to remember your passwords, providing users aren't so absent-minded they don't also lose or mislay their mobile phones. The on-demand password service allows registered users to get a short password sent to their phone. On-demand passwords is an opt-in service, initially only …
John Leyden, 16 Mar 2015
The Register breaking news

PGP co-founder takes OS security job with Apple

Jon Callas, who as co-founder and chief technologist of PGP helped bring strong encryption to the masses, has taken a job with Apple working on operating-system security. His move around the beginning of the year was confirmed by two of his long-time friends and this brief bio, which says Callas remains on PGP's technical …
Dan Goodin, 22 Apr 2010
The US White House. Pic: Roman Boed

Please no non-consensual BACKDOOR SNIFFING, Mr Obama

Google, Apple and 140 other technology companies will write to US President Obama today (19 May) to argue against plans which could see the security of electronic communications deliberately and compulsorily compromised for the sake of government surveillance access. The letter is intended to display the depth of support for …
container_ship_hamburg_shutterstock_648

US plans to apply export controls to 0-days put out for comment

US proposals for export controls for zero-day vulnerabilities and malware have finally been pushed forward, re-opening the fault lines of a long-running argument among security experts in the process. The proposals (pdf) from the US Department of Commerce would introduce the Wassenaar Arrangement (WA) – an international …
John Leyden, 20 May 2015
Suitcase bulging with cash

Open-Xchange builds anti Oracle stack after server M&A splurge

Open-Xchange, a maker of web apps that some of the biggest telcos and hosts rebrand as their own, has bought up open-source mailserver firm Dovecot and DNS server outfit PowerDNS. There are lots of possible reasons for this burst of activity, the most obvious being Open-Xchange's desire to offer its service provider customers a …
David Meyer, 24 Mar 2015
The Register breaking news

IBM, PGP fill Bletchley Park's rattling tin

The campaign to save Bletchley Park from decay and disrepair is moving stateside. On Tuesday, a fundraising group organized by IBM and the cryptography firm PGP plan to launch a US campaign to raise awareness of the historical landmark and raise donations for its preservation. Bletchley Park was home to UK code-breaking …
Austin Modine, 08 Sep 2008
Man in suit of Viking armour

Armouring up online: Duncan Campbell's chief techie talks crypto with El Reg

Crypto toolbox, Part I I think I was about 15 or 16 when PGP was making headlines for being classified as munitions by the US government and was (supposedly) banned from export. While I wasn’t a subversive type at the time, I got a very strong sense that any software that scared the mighty USA so badly was something I ought to play with and try to …
Matt Fowler, 19 Dec 2014
The "Buffalo" Mine Resistant Ambush Protected (MRAP) vehicle. Credit: US Army

Online armour: Duncan Campbell's tech chief on anonymity 101

Crypto toolbox, Part II In the first article in this two-parter on building your own crypto toolbox I covered older tools that have been around for a relatively long time now: Truecrypt and OpenPGP. Here, I will go in a different direction and look at ways of protecting instant messaging, general web-browsing, and how to trust the operating system …
Matt Fowler, 26 Dec 2014
hacker

Hacking Team: We’ll be back in the spyware biz before you know it

Hacked snoopware maker Hacking Team says it will continue its operations as soon as possible – and claims the huge source-code leak it suffered didn’t get all of the company's crown jewels. "What happened earlier this summer in the attack on our company was a reckless and vicious crime," said CEO David Vincenzetti in the …
Iain Thomson, 13 Jul 2015

Brother, can you spare a DIME for holy grail of secure webmail?

Feature Lavabit founder Ladar Levison promised attendees at security conference DefCon that he'd carve out a secure messaging service from the wreckage of the email service favoured by rogue NSA sysadmin Edward Snowden within six months. The Dark Internet Mail Environment (DIME) project is promising, but recent problems experienced by …
John Leyden, 20 Aug 2014
homeless man with sign

PGP takes disk encryption management into the cloud

PGP is aiming to exploit concern about the security implications of lost laptops with the launch via its resellers of a managed service for the administration of whole disk encryption. Partners ANI Direct, Aurora Enterprises in the US and Gradian Systems in the UK will be the first to offer a pay-as-you-go laptop security …
John Leyden, 21 Oct 2008

Zimmermann slams Cameron’s ‘absurd’ plans for crypto ban

Crypto pioneer Phil Zimmermann has labelled UK Prime Minister David Cameron’s anti-encryption plans as "absurd". Zimmermann, creator of the PGP email privacy package, countered Cameron's argument that encryption is creating a means for terrorists and child abusers to communicate in private, arguing instead that intelligence …
John Leyden, 03 Feb 2015
Angry woman on mobile

Anti-snoop Android 'Blackphone' sees the light of day

The “Blackphone”, a super-secure Android handset promised to arrive in late June has just made its deadline, with the announcement that the first batch started to ship on the last day of the month. The handset is the brainchild of Spanish smartphone maker Geeksphone and Silent Circle, a secure communications firm founded by …
Simon Sharwood, 01 Jul 2014
snowden SXSW

Snowden tells tech bigwigs: It's up to you to thwart mass surveillance

SXSW 2015 In a quietly arranged Q&A session at South by Southwest (SXSW) on Sunday morning, Edward Snowden told about thirty influential people from the tech world that the onus for thwarting mass surveillance was falling to them. Snowden had previously spoken at SXSW with the American Civil Liberties Union, explaining to attendees the “ …
fingers pointing at man

MPs told PGP 'incompatible' with Parliament network

MPs have been told that although they are free to install PGP on their parliamentary machines the technology is not compatible with Parliament’s remote access software, making its use impractical. The curious response came from the House of Commons Commission via Lib Dem MP Nick Harvey in response to questions raised by Francis …
John Leyden, 04 Mar 2009
Onions

STAY AWAY: Popular Tor exit relays look raided

As foreshadowed last week, Tor network exit nodes have gone down after what appear to be raids by law enforcement authorities. Thomas White (@CthulhuSec) warned users to steer clear of his Tor servers after he lost control following what he's called "unusual activity" that meant "I have now lost control of all servers under the …
Darren Pauli, 22 Dec 2014

PGP inventor to debut VoIP crypto

Phil Zimmerman, inventor of Pretty Good Privacy cryptography, will unveil a prototype of his new privacy software for net phone calls this week. Unlike PGP however, it doesn't use a PKI (public key infrastructure). It's based on the open source Shtoom VoIP client software, Zimmerman told CNET, and he hopes to have working …
Andrew Orlowski, 27 Jul 2005

Yahoo! will! deploy! end-to-end! email! crypto! by! 2015!

Yahoo will fire up end-to-end (E2E) encryption for its email users by 2015, chief security officer Alex Stamos announced at Black Hat overnight. The Purple Palace has also created a PGP plugin forked from Google's new offering that will be native in mobile apps allowing Gmail and Yahoo mail to easily exchange encrypted email. …
Darren Pauli, 08 Aug 2014
Blackphone

Coming to Blackphone: An app store loaded with privacy tools

Blackphone handsets can download and install a major software update today – ahead of the opening of an online store for privacy-focused apps for the mobes. Blackphone It's cute, it's black, it saves you from attack, it's the Blackphone The Blackphone runs its own hardened version of Android, dubbed PrivatOS, on custom …
Iain Thomson, 09 Dec 2014
homeless man with sign

PGP puts finger in network storage dyke

Encryption specialist PGP will plug a sizable hole in its line-up this week with the release of its networked storage product NetShare. PGP hopes the boom in companies sharing data centre resources will provide a fillip for NetShare. It'll work both ways, they reckon; commercial interests like intellectual property will be …
channel

PGP launches network storage crypto

PGP has added another layer to its encryption platform by launching NetShare, which scrambles data headed to and from networked storage. PGP says authorised users will be able to access their data from the desktop as normal, and IT administrators will no longer require the right to view files to maintain the network. The …
The Register breaking news

PGP to integrate anti-virus defences

PGP Corporation and Symantec are to integrate encryption and anti-virus technology. PGP Universal will incorporate Symantec's AntiVirus Scan Engine to thwart attempts to smuggle viruses into corporates via encrypted email. Traditionally, AV and encryption have not been particularly complementary. AV scanners should check …
John Leyden, 16 Apr 2004

Mozilla certification revocation: 107,000 websites sunk by untrusted torpedo

Over 107,000 websites have been consigned to the depths of the untrusted internet after Mozilla's move last week to allow its 1024-bit certificates to expire. The latest shipment of Firefox 32 improved security by killing support for the 1024-bit certificate authority (CA) certificates within the browser's trusted store. Google' …
Darren Pauli, 08 Sep 2014