[CRYNIME] Encryption: OP [HD]
Official [Project Crynime: Encryption] Opening. (HD) Follow CRYNIME on tumblr for WIPs and updates: http://crynime.tumblr.com --- Behind the screen: Animatio...

By: Project Crynime

Read more:
[CRYNIME] Encryption: OP [HD] - Video

6-4 Freight vs Encryption

By: Vicious Mentality

See the rest here:
6-4 Freight vs Encryption - Video

Yahoo said Wednesday it was encrypting traffic flowing between its data centers, several months after leaked documents revealed the government had been sniffing those links.

Traffic moving between Yahoo data centers is fully encrypted as of March 31, the company announced on its Tumblr blog. Last October, documents provided by former U.S. National Security Agency contractor Edward Snowden said the NSA had penetrated the main communications links that connect Yahoo and Googles data centers.

Though it comes after those revelations, the encrypted data links is in keeping with a previous promise by CEO Marissa Mayer to encrypt all information between its data centers by the end of March.

Yahoo said Wednesday that it had also turned on encryption for a range of other services. For one, encryption of mail between its servers and other mail providers that support the SMTPLS standard was enabled in the last month, the company said. Yahoo only just turned on encryption by default between users and its email service in January.

Yahoo said its homepage and all search queries that run on it and most other Yahoo properties now also have HTTPS encryption enabled by default.

But if users want an encrypted session for Yahoo News, Yahoo Sports, Yahoo Finance or Good Morning America on Yahoo, they must manually type https into the sites URL on their browsers, Yahoo said.

Yahoo has faced pressure to encrypt more of its services for years. In 2012, the Electronic Frontier Foundation and other privacy activists called on CEO Marissa Mayer to enable HTTPS encryption for the companys communications services. Yahoo began offering HTTPS encryption for mail in 2012, but on an opt-in basis.

Since then other companies like Google and Facebook have introduced more forms of encryption.

Last month, another leak of documents said that GCHQ, Britains surveillance agency, had captured webcam images from more than 1.8 million users of Yahoos Messenger product.

Yahoo said Wednesday that a new, encrypted version of Messenger would be rolled out in the coming months.

Read more:
Yahoo turns on encryption between data centers

Yahoo is facing a challenge as it seeks to encrypt its vast network of websites and services to block hackers and government spooks: data security can clash with its business model.

The same is true for all Internet companies, but particularly so for Yahoo, the original search giant that has disappointed investors with weak revenue in recent quarters.

Yahoo on Wednesday announced new progress in previously announced efforts to beef up encryption, partly as a response to last years Edward Snowden leaks. The company now encrypts all traffic between its data centers and turned on encryption by default for the Yahoo homepage, said Alex Stamos, Yahoos new chief information security officer and a former security researcher who used to point out holes in commercial software.

Google made a similar announcement about mail traffic between its data centers last month.

But for now, there are limits as to how far Yahoo can take that encryption, Stamos said. Websites for Good Morning America on Yahoo, Yahoo News, Yahoo Sports and Yahoo Finance wont feature the encryption by default, for now, because the company still needs to bring advertisers on board, he said.

At issue is the fact that technology being used, called HTTPS, is an all-or-nothing proposition.

When a website uses HTTPS, it prevents outsiders from watching data people submit to the site or watch what articles they are reading. But if the site is going to use such encryption, it has to persuade every advertising network running ads on that page to do the same.

For large media companies that rely on lots of ad networks, that can take a lot of coordination.

Its a little harder than to just flip a switch, Stamos said. Its just a bigger project than I expected.

(Full disclosure: The Wall Street Journal doesnt use HTTPS encryption either.)

See the original post here:
Yahoo Faces Balancing Act Between Ads, Encryption

A strong cloud security strategy is important for midsize firms to truly innovate with the cloud. One way of approaching that strategy is by using encryption keys. Midsize firms that have a better understanding of encryption can better protect their cloud data.

The Key

According to a recent article on Cloud Tech, there is an ever-changing world of regulatory and compliance requirements to achieve data privacy. Companies will always need improved ways of protecting cloud data, and encryption key technology is one possible solution. Cloud data encryption makes corporate data unreadable. Only a key can switch it back to readable form. Many cloud providers use this mathematical method to protect a firm's data from the growing threat of cybercrime.

The article points to a Gartner report that emphasizes a trend, familiar to midsize firms, that shows companies as having a limited amount of time and staff to dedicate to becoming experts in a given solution such as encryption. Too many cryptographic solutions offered by security vendors can lead to an increasing amount of complexity and misunderstandings and may even put more constraints on staff resources when deployed at midsize firms. As a result, companies are putting cloud data encryption completely in the hands of cloud services providers, and that leads to less control of their corporate data. Maintaining a level of control over encryption keys, however, can help IT professionals verify how information is shared.

Clouds and Control

Any firm can strike a good balance between encryption and the cloud. Midsize firms can retain control of their encryption keys while freely sending data to trusted cloud providers. The consumerization of IT and the rise of mobility and third-platform technologies are forcing IT professionals at midsize firms to think seriously about their cloud security strategy, and encryption keys are part of that process. IT professionals that work with their security teams and experienced cloud security vendors can ensure that the type and strength of encryption being used is well understood by all.

IT professionals at midsize firms must grapple with using limited time, resources and knowledge to truly understand the latest encryption offerings available. Cloud services partners can help apply various algorithms that are used for encryption, including hashing, private-key and public-key. Understanding algorithms and cryptography-based security is important for IT professionals to be comfortable with their cloud security solutions.

As security and compliance needs continue to change and evolve, firms are ultimately responsible for keeping their most sensitive data safe. Firms that utilize encryption keys can also maintain control of those keys to help hold on to cloud data. By working with trusted cloud computing vendors that understand their security concerns, IT professionals at midsize firms will be on their way to implementing the best solutions that work for them.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.

Excerpt from:
Cloud Security Strategy: Encryption Keys