Articles about public key cryptography

The Register breaking news

Renta-spook: GCHQ commercialisation 'is a live issue'

GCHQ could be turned into a technology incubator under plans being discussed by the government, it's been revealed. The security minister Baroness Neville-Jones told MPs that commercialisation of the Cheltenham spy agency's technology and services is a "live issue". She appeared yesterday before the Science and Technology …
The Register breaking news

Researcher busts into Twitter via SSL reneg hole

A Turkish grad student has devised a serious, real-world attack on Twitter that targeted a recently discovered vulnerability in the secure sockets layer protocol. The exploit by Anil Kurmus is significant because it successfully targeted the so-called SSL renegotiation bug to steal Twitter login credentials that passed through …
Dan Goodin, 14 Nov 2009
The Register breaking news

Amazon's EC2 brings new might to password cracking

Forget what you've learned about password security. A simple pass code with nothing more than lower-case letters may be all you need - provided you use 12 characters. That's the conclusion of security consultant David Campbell, who calculated the cost of waging a brute-force attack on various types of passwords using cloud …
Dan Goodin, 2 Nov 2009
The Register breaking news

Hotspot sniffer eavesdrops on iPhone in real-time

People who use public WiFi to make iPhone calls or conduct video conferences take heed: It just got a lot easier to monitor your conversations in real time. At a talk scheduled for Saturday at the Toorcon hacker conference in San Diego, two security researchers plan to show the latest advances in the open-source UCSniff tool …
Dan Goodin, 23 Oct 2009
The Register breaking news

Free download turns BlackBerry into remote bugging device

A free software program released Thursday turns everyday BlackBerry smartphones into remote bugging devices. Dubbed PhoneSnoop by creator Sheran Gunasekera, the software sits quietly on a targeted BlackBerry and monitors the phone number of each incoming call. When it detects a number set up in the program's preferences …
Dan Goodin, 22 Oct 2009
The Register breaking news

Crypto spares man who secretly video taped flatmates

An Australian man who set up an elaborate network of hidden cameras to spy on his flatmates has escaped jail time after police were unable to crack the encryption scheme protecting his computer. When police raided the residence of Rohan James Wyllie, they found found a series of peepholes drilled into the walls and doors of …
Dan Goodin, 21 Oct 2009
The Register breaking news

Security boss calls for end to net anonymity

The CEO of Russia's No. 1 anti-virus package has said that the internet's biggest security vulnerability is anonymity, calling for mandatory internet passports that would work much like driver licenses do in the offline world. The comments by Eugene Kaspersky, who is also the founder of Kaspersky Lab, came during an interview …
Dan Goodin, 16 Oct 2009
The Register breaking news

Bloggers howl after conference snoops on 'secure' network

Organizers of last week's SecTor security conference collected names, passwords, and all other traffic passing over two Wi-Fi networks provided to attendees, including one that was encrypted, the event's director has confirmed. Borrowing a page from the Wall of Sheep at the Defcon hacker conference each year in Las Vegas, the …
Dan Goodin, 15 Oct 2009
The Register breaking news

Man banished from PayPal for showing how to hack PayPal

PayPal suspended the account of a white-hat hacker on Tuesday, a day after someone used his research into website authentication to publish a counterfeit certificate for the online payment processor. "Under the Acceptable Use Policy, PayPal may not be used to send or receive payments for items that show the personal …
Dan Goodin, 6 Oct 2009
The Register breaking news

IE, Chrome, Safari duped by bogus PayPal SSL cert

If you use the Internet Explorer, Google Chrome or Apple Safari browsers to conduct PayPal transactions, now would be a good time to switch over to the decidedly more secure Firefox alternative. That's because a hacker on Monday published a counterfeit secure sockets layer certificate that exploits a gaping hole in a Microsoft …
Dan Goodin, 5 Oct 2009
The Register breaking news

10,000 Hotmail passwords mysteriously leaked to web

Updated Login credentials for more than 10,000 Microsoft Live accounts have been posted to the internet, most likely by miscreants who found them or harvested them in a phishing attack. In all, there were 10,028 pairs of user names and passwords posted to multiple pages of public upload website, some of which remained …
Dan Goodin, 5 Oct 2009
The Register breaking news

SSL spoof bug still haunts IE, Safari, Chrome

Nine weeks after a hacker demonstrated how to spoof authentication certificates for virtually any website on the internet, users of Internet Explorer and many other applications remain susceptible because Microsoft hasn't patched the underlying vulnerability. The bug, which resides in an application programming interface known …
Dan Goodin, 1 Oct 2009
The Register breaking news

International hacker buried $1m in backyard

The international hacker who confessed to stealing tens of millions of payment card numbers amassed a fortune worth more than $2.7m, including more than $1m in cash buried in his backyard in Miami. Albert "Segvec" Gonzalez agreed to forfeit the ill-gotten booty in a guilty plea that was formally entered in federal court in …
Dan Goodin, 11 Sep 2009
The Register breaking news

Apple security lags (again) with critical Java patches

Comment Apple is once again playing security catch-up to the rest of the computing world, this time with an update for the Leopard version of its Mac operating system that patches critical holes in Java that were fixed on competing systems 29 days ago. The patch updates Leopard to Java versions 1.6.0_15, 1.5.0_20, and 1.4.2_22, which …
Dan Goodin, 4 Sep 2009
The Register breaking news

Breaching Fort - What went wrong?

Administrators at the Apache Software Foundation have pledged to restrict the use of Secure Shell keys for accessing servers over their network following a security breach on Monday that briefly forced the closure the popular open-source website. In an detailed postmortem describing how hackers penetrated several heavily …
Dan Goodin, 3 Sep 2009
The Register breaking news

Microsoft rejects call to fix SQL password-exposure risk

Microsoft is butting heads with a company that provides software for database security over a weakness in SQL Server that can expose user passwords to anyone with administrative access to the program. Researchers at San Mateo, California-based Sentrigo warned Wednesday that the "significant vulnerability" is present in the …
Dan Goodin, 2 Sep 2009
The Register breaking news

Mobile operators pooh-pooh universal phone-snooping plan

Mobile operators have struck back at organizers of an open-source project that plans to crack the encryption used to protect cell phone calls, saying they are a long way from devising a practical attack. "The theoretical compromise presented at the Black Hat conference requires the construction of a large look-up table of …
Dan Goodin, 28 Aug 2009
The Register breaking news

Eight accused in AT&T, T-Mobile $22m ID theft scam

Federal prosecutors have accused eight individuals of fraudulently obtaining $22m worth of wireless devices and services from AT&T and T-Mobile in an elaborate four-year scheme that exploited weaknesses in the cellular providers' network. Between 2005 and July this year, two of the defendants used their status as current or …
Dan Goodin, 21 Aug 2009

Create a news alert about public key cryptography, or find more stories about public key cryptography.

Biting the hand that feeds IT © 1998–2018