By: Jonathan Gross

Last week, Jacob Tullos released the first major collection of tunes since taking theMoniker project solo.

Returning to his home label of Saturate Records, which has treated the duo well since shortly after its inception, Tullos releasesThe Encryption EP, a collection of five originals with four remixes from HUMORME, JuJu Beats, DRANQ, and Message North.

Moniker returns to its west coast bass roots with some thumping beats on Permaban and Encryption. Fans get a different look on Flight, which demonstrates Tullos' ability to craft a truly beautiful and haunting piece of music. Forever and Never and Corruption return to the bouncy and glitchy sound we're used to from Moniker, and each subsequent remixer takes the tracks to new heights.

Tullos has been in the midwest of a widespread west coast tour over the past couple of weeks. Encryption Tour has been a jointly promoted effort between Saturate and Sleeveless Records, another supporter of Moniker and frequent collaborator.We love it when labels play nice with one another. You can catchMoniker on his final dates of the tour tonight in San Francisco at Soundpieces at The Monarch, or this Saturday in South Lake Tahoe at So Much Fam.

It's a new era for Jacob Tullos and the Moniker project, but the fan response has been enough to let us know that they're here for this new chapter, and you bet your ass we are, too.

Moniker - The Encryption EP [Saturate Records]

See the rest here:
Moniker makes a statement with The Encryption EP - The Untz

The report IoT Security Solution for Encryption recently added to researchunt.com provides a new perspective into the components and workings of the global IoT Security Solution for Encryption market on global as well as regional levels. The report serving as an invaluable source of guidance for readers covers an analysis overview of the industry chain of the global IoT Security Solution for Encryptionand discusses key elements associated with it, including consumers, leading raw material suppliers of the manufacturing department.

Order a copy of sample report @researchunt.com/report/global-iot-security-solution-for-encryption-market-size-status-and-forecast-2019-2025/#Free-Sample-Report

This research report categorized the global IoT Security Solution for Encryption market by players/brands/regions type application. This report also studies the global market status, completion landscape, market share, growth rate, future trends, and sales channels.

The various contributors involved in the value chain of IoT Security Solution for Encryption include manufacturers, suppliers and customers.

Read Detailed Index of full Research Study at @ https://researchunt.com/report/global-iot-security-solution-for-encryption-market-size-status-and-forecast-2019-2025/

The key manufacturing in the IoT Security Solution for Encryption:-

Market size split by type:-

Market size split by application:-

Market size split by regions:-

The studies objectives of the report are:

The studies analyze the global IoT Security Solution for Encryption size by company, key, regions, countries product, applications. History data from 2013 to 2017.

To understand the structure of IoT Security Solution for Encryption by identifying its various subsegments to share detailed information about the key factors and growth of the markets.

Focus on the key markets IoT Security Solution for Encryption to define, describe and analyze the sales market volume, value, market share, and developments plan in the next few years.

The reports include the estimation of the market size of value and volume. Both top-down and bottom-up approaches have been used to estimates and validate the market size of IoT Security Solution for Encryption key plan in the market have been identifying through 2nd research and their market shares have been determined through primary and secondary research. All the percentage share, splits, and breakdown have been determined using secondary source-verified primary sources.

Check here for the [emailprotected] https://researchunt.com/report/global-iot-security-solution-for-encryption-market-size-status-and-forecast-2019-2025/#Buying-Enquiry

Customization of the Report:This report can be customized to meet the clients requirements. Please connect with our sales team ([emailprotected]), who will ensure that you get a report that suits your needs.

See the article here:
IoT Security Solution for Encryption Market Size, Growth, Analysis Of Key- players Types And Application, Outlook 2025 - VaporBlash

SAN FRANCISCO, Nov. 19, 2019 /PRNewswire/ -- Corelight, provider of the most powerful network traffic analysis (NTA) solutions for cybersecurity, today launched the Corelight Encrypted Traffic Collection (ETC) empowering threat hunters and security analysts with rich and actionable insights for encrypted traffic.

"As the use of encryption continues to rise, defenders need some light in the darkness to separate legitimate behavior from malicious activity when decryption is not an option," said Brian Dye, chief product officer for Corelight. "This is not simply about detections, this is about a layering of data and insights that our customers need to access in order to make critical security decisions."

Corelight's ETC expands defenders' incident response, threat hunting and forensics capabilities in encrypted environments by generating insights around SSH and TLS traffic that indicate potential security risk. The collection contains numerous packages developed by Corelight's Research Team as well as curated packages from the open-source Zeek community.

This collection builds on Zeek's already extensive capabilities for analyzing encrypted traffic, such as certificate metadata, JA3/HASSH fingerprints, and dedicated SSL/x.509 logs. Features, and the relevant MITRE ATT&CK category each covers, include:

"The Corelight Encrypted Traffic Collection originated through deep customer partnerships that have allowed us access to real world network environments," said Dr. Vern Paxson, creator of Zeek and co-founder of Corelight. "With this data, we can now offer a collection of insights that will help to better inform our customers on the right steps to take in their threat hunting and in their security incident response."

The Encrypted Traffic Collection is available in the Corelight version 18 update, which begins rolling out to customers today. This new version also includes a new sensor management interface (UI) that incorporates new features that make internal compliance reviews easier and accelerate troubleshooting. The new UI mirrors the interface used in the Corelight Fleet Manager product for multi-sensor environments, making retraining unnecessary as a customer's sensor footprint grows.

The company also released a new version of Corelight App for Splunk to better facilitate network-based threat hunting in Splunk. The free app analyzes Corelight logs to surface leading indicators of security risk across dozens of protocols such as DNS and SSL and aggregate Zeek notices and intel hits in a central dashboard.

Today's launch also extends Corelight Cloud Sensor support to Microsoft Azure environments. Similar to the Corelight Cloud Sensor for AWS launched earlier this year, Corelight's new sensor transforms Microsoft Azure cloud traffic into high-fidelity data for incident response, intrusion detection, forensics and more. It parses dozens of network protocols and generates a much richer, more actionable picture of Azure traffic than low-fidelity flow logs, accelerating security analysts' ability to make sense of traffic and respond to attacks.

"Whether with Microsoft's upcoming Azure Virtual network TAP or agent-based packet brokers, the Corelight Cloud Sensor for Microsoft Azure brings a common data format across all customer environments, whether they are operating with on-prem, virtual or cloud networks," said Dye. "This enables security teams to use a consistent downstream analytics stack and find attackers regardless of environment."

Availability

Corelight software version 18 is now available to customers. More information on each of today's enhancements can be found in the product section of Corelight's website.

The Corelight Research Team has issued a blog post with more details on the technical benefits of the Corelight Encrypted Traffic Collection.

The new Corelight for Splunk app is now available to customers via Splunkbase. More information about the new Corelight for Splunk App is available on the Corelight blog.

About Corelight

Corelight makes powerful network traffic analysis (NTA) solutions that transform network traffic into rich logs, extracted files, and security insights for more effective incident response, threat hunting, and forensics. Corelight Sensors run on Zeek (formerly called "Bro"), the open-source network security monitoring tool used by thousands of organizations. Corelight Sensors simplify Zeek deployment and expand its performance and capabilities. Corelight's global customers include Fortune 500 companies, major government agencies, and large research universities. Corelight is based in San Francisco, Calif. For more information, visit https://www.corelight.com or follow @corelight_inc.

SOURCE Corelight

https://www.corelight.com/

Read more here:
Corelight Expands Threat Hunting Capabilities with New Encrypted Traffic Insights - PRNewswire

The National Security Agency (NSA) published an advisory that addresses the risks behind Transport Layer Security Inspection (TLSI) and provides mitigation measures for weakened security in organizations that use TLSI products.

TLSI(akaTLS break and inspect) is the process through which enterprises can inspect encrypted traffic with the help of a dedicated product such as a proxy device, a firewall, intrusion detection orprevention systems (IDS/IPS)that can decrypt and re-encrypt traffic encrypted with TLS.

While some enterprises use this technique for monitoring potential threats such as data exfiltration, active command and control (C2) communication channels, or malware delivery via encrypted traffic, this will also introduce risks.

Enterprise TLSI products that don't properly validatetransport layer security (TLS) certificates, for instance, will weaken the end-to-end protection provided by the TLS encryption to the end-users, drastically increasingthe likelihood that threat actors will target them in man-in-the-middle attack (MiTMP) attacks.

The use of a not properly functioning forwardproxy with TLSI capabilities can lead to unexpected consequences such as rerouting decrypted network traffic to an external network, traffic that can be intercepted by third party inspection devices that can get unauthorized access to sensitive data.

"Deploying firewalls and monitoring network traffic flow on all network interfaces to the forward proxy helps protect a TLSI implementation from potential exploits," the NSA says.

"Implementing analytics on the logs helps ensure the system is operating as expected. Both also help detect intentional and unintentional abuse by security administrators as well as misrouted traffic."

When it's essential to use a TLSI product, the NSA recommends independently validated products that can properly implement data flow, TLS, and CA functions.

Moreover,products validated by the National Information Assurance Partnership (NIAP) "and configured according to the vendors instructions used during validation" should meet the requirements.

Since TLSI will take place in real-time and, to work, TLSI products have to manage two separate TLS connections, this could and will, in most cases, lead to TLS chaining issues that cause TLS protection downgrade problems, eventually leading to potential exploitation of weaker cipher suites and TLS versions.

TLSI forward proxy devices also come with a built-incertification authority (CA) function used for creating and signing new certificates, an embedded and trusted CA that could be used by bad actors "to sign malicious code to bypass host IDS/IPSs or to deploy malicious services that impersonate legitimate enterprise services to the hosts" upon a successful attack.

Attackers could also directly exploit the TLSI devices where the traffic is decrypted thus gaining access to plaintext traffic, while an insider threat such as anauthorized security admin "could abuse their access to capture passwords or other sensitive data visible in the decrypted traffic."

"To minimize the risks described above, breaking and inspecting TLS traffic should only be conducted once within the enterprise network," the NSA advisory adds.

"Redundant TLSI, wherein a client-server traffic flow is decrypted, inspected, and re-encrypted by one forward proxy and is then forwarded to a second forward proxy for more of the same, should not be performed."

More measures to mitigate risks stemming from the use of TLSI devices in an enterprise network are provided by the NSA as part of its security advisory on Managing risk from Transport Layer Security Inspection[PDF].

"The mitigations described above can reduce the risks introduced by a TLSI capability, provide indicators that alert administrators if the TLSI implementation may have been exploited, and minimize unintended blocking of legitimate network activity," the NSA adds.

"In this way, security administrators can successfully add TLSI to their arsenal and continue to step up their methods to combat todays adversaries and TTPs."

The Cybersecurity and Infrastructure Security Agency (CISA) also issued an alert onrisks associated with HTTPS inspection in March 2017, stating that "in general, organizations considering the use of HTTPS inspection should carefully consider the pros and cons of such products before implementing."

"Organizations should also take other steps to secure end-to-end communications, as presented in US-CERT Alert TA15-120A" onsecuring end-to-end communicationsCISA says.

A list of potentially affected software used for TLSIcompiled by CERT/CC vulnerability analystWill Dormann is available herewhilea simple tool for checking if aTLSI productis correctly verifying certificate chains can be found atbadssl.com.

Originally posted here:
NSA Publishes Advisory Addressing Encrypted Traffic Inspection Risks - BleepingComputer

Microsoft Windows 10 will natively and intrinsically support DNS over HTTPS protocol. It is an important privacy protection methodology, which makes it near impossible for even Internet Service Providers (ISP) to monitor internet traffic. DNS over HTTPS is an intensely contested technology, but is being increasingly taken into consideration by Google, and is already existent in the Mozilla Firefox web browser.

Microsoft appears to have taken a rather big pro-privacy and consumer rights issue. The companys latest operating system, Windows 10, would soon have one of the biggest internet privacy technologies. The hotly debated DNS Over HTTPS encryption methodology successfully encrypts, hides or obfuscates internet traffic in such a way that even the last-mile internet connectivity provider cannot snoop on the internet traffic. Google is currently testing the same for its Chrome web browser, while Mozilla has already implemented the same within the Firefox web browser.

DNS Over HTTPS is a rather new technology that is quickly emerging as one of the most important last-mile defensive techniques to protect the privacy of internet users. Technical jargon aside, the privacy technology effectively encrypts DNS connections and hides them in the common HTTPS traffic. Simply put, the DNS request made by internet users too is relayed or transmitted through the secure HTTPS protocol. DNS requests are basically any attempt by internet users to reach a website.

Despite significant improvements in online security and privacy, DNS requests are still sent over plaintext UDP connections. This means the ISPs can easily monitor internet traffic and deploy multiple techniques to either block traffic or monitor the websites visited by users. The data relayed over the internet is significantly encrypted as the majority of websites are quickly opting for HTTPS over traditional and less secure HTTP protocol. Hence it makes perfect sense that even the initial DNS request be made over the same highly secure HTTPS standard.

DNS over HTTPS is different from a VPN. Firefox web browser users can set Cloudflare as their DNS over HTTPS provider. Currently, only companies that offer a legally binding DNS resolver policy which stipulates a limit on their data use and retention policies, are able to join the list. On the other hand, users can disable or not activate DoH in Firefox to handle situations such as enterprise split-horizon DNS where a domain resolves differently depending on where the query originates from.

The DNS over HTTPS protocol (IETF RFC8484) can be built directly into apps. In other words, each application can choose to deploy its own DNS resolvers rather than depend on the operating system. But with Microsoft embedding the encryption methodology directly into Windows 10, any and all applications and web browsers installed on the PC should gain the ability to mask or encrypt DNS requests.

Given the nature and abilities of DNS over HTTPS protocol to completely obfuscate online behavior and data, it has come under heavy scrutiny and resistance from ISPs and security services. Many from the legal community claim the protocol could be used to bypass filtering obligations and parental controls, thereby impeding safety standards and possibly, investigations. It is quite likely that DNS over HTTPS could be extensively used by criminals or even everyday users to visit banned or censored websites.

Despite the controversy, Microsoft has indicated that they will be doing the hard work themselves and building the technology directly into Windows 10.Speaking about the same, Windows Core Networking engineers Tommy Jensen, Ivan Pasho, and Gabriel Montenegro said DoH in Windows will close one of the last remaining plain-text domain name transmissions in common web traffic. Microsoft added that it was worth the price [of courting controversy], saying it has to treat privacy as a human right and has to have end to end cybersecurity built into products.

Owing to the very nature of the encryption technology, and its abilities, it will be interesting to see how Microsoft moves ahead to implement DNS over HTTPS within Windows 10. The company has been making some rather interesting choices lately, and this is certainly one of them.

Original post:
Microsoft Windows 10 To Natively Support DNS Over HTTPS Encryption And Obfuscation Technique Making Internet Traffic Monitoring Near Impossible -...

Add to favorites

Providing encrypted DNS support without breaking existing Windows device admin configuration wont be easy

Microsoft is set to start offering encrypted DNS resolution services (DNS-over-HTTPS, or DoH) joining Cloudflare and Google in introducing the service, which has drawn public policy maker ire for obfuscating/securing end-user traffic.

DoH encrypts DNS traffic and requires authentication of the server. As the Internet Engineering Task Force (IETF) notes, this mitigates both passive surveillance and active attacks that attempt to divert DNS traffic to rogue servers.

We are making plans to adopt DNS over HTTPS (or DoH) in the Windows DNS client, Microsoft said on Sunday. As a platform, Windows Core Networking seeks to enable users to use whatever protocols they need, so were open to having other options such as DNS over TLS (DoT) in the future. For now, were prioritizing DoH support as the most likely to provide immediate value to everyone.

The company did not specify when the service will be available.

We believe Windows adoption of encrypted DNS will help make the overall Internet ecosystem healthier, the company added in a networking blog.

The move comes six months after the Sunday Times reported that British government figures were in crisis talks over plans for the broad rollout of the technology by the leading DNS resolution service providers, which problematises the bulk surveillance allowed by the 2016 Snoopers Charter, or Investigatory Powers Act, which requires ISPs to store their customers internet activity for 12 months.

Mozilla said in September that its Firefox browser would start defaulting to Cloudflares DoH service, although initially just in a small-scale pilot.

Currently, even if users are visiting a site using HTTPS, their DNS query is sent over an unencrypted connection: anyone listening to packets on the network knows which website an internet user is attempting visit.

In the UK, this includes all internet service providers (ISPs).

Microsoft said: Well start with a simple change: use DoH for DNS servers Windows is already configured to use. There are now several public DNS servers that support DoH, and if a Windows user or device admin configures one of them today, Windows will just use classic DNS (without encryption) to that server.

However, since these servers and their DoH configurations are well known, Windows can automatically upgrade to DoH while using the same server the companys Tommy Jensen, Ivan Pashov, and Gabriel Montenegro said in a blog.

Microsoft will not be making any changes to which DNS server Windows was configured to use by the user or network they added.

Paul Gagliardi, Director of Threat Intelligence at SecurityScorecard told Computer Business Review in an earlier comment in response to Mozillas move: On one hand I dont want ISPs selling my internet behavior or censoring it, on the other it is currently hard to implement basic censoring. Ultimately, content (DNS in this case) cannot be secured/monitored without having the ability to observe it.

Just as companies/organizations inspect their HTTPS traffic, the same needs to happen with encrypted DNS/DoH. Decrypting DoH would be the exact same mechanism as observing HTTPS traffic, using a Man in the Middle proxy to decrypt traffic on the fly and implement security mechanisms. There are no shortage of commercial solutions for this, however, things get more complicated in BYOD environments.

He added: DoH forces the privacy vs security defense debate to be more localized. A company or organization can balance those decisions in their network differently than a private individual. Unfortunately for those organizations/companies, the ability to censor traffic is now more technical and requires more investment on their part. In short I think well see more HTTPS MiTM and prohibition of BYoD.

Microsofts networking team noted: Providing encrypted DNS support without breaking existing Windows device admin configuration wont be easy.

However, at Microsoft we believe that we have to treat privacy as a human right. We have to have end-to-end cybersecurity built into technology.

See the original post:
Microsoft Jumps on the DoH Train Company to Introduce Encrypted DNS - Computer Business Review

Sometimes friendly competition is the best route to realizing new innovations.

This is the primary goal of two recently annouced an open call for hackathons participants taking place between now and mid-December.

01 Communique LaboratoryQuantum encryption

01 Communique Laboratory Inc. launched its quantum hackathon tackling the threat of quantum computing. Cybersecurity companies, computer science students and hackers have begun challenging the Companys quantum-safe encryption in a $100,000 hackathon.

On November 6th, the Company hosted an innovation celebration event with technology presentations from industry experts in artificial intelligence and cyber security. Andrew Cheung, 01 Communiques CEO, was one of the presenters addressing business people, students, and hackers on the threat quantum computers present with respect to keeping your data safe. He revealed the purpose behind the hackathon and why he is confident enough to offer a $100,000 prize.

Andrew Cheung enthusiastically described the hackathon challenge, Our hackathon will show the world that our encryption is rock-solid. We are the only Canadian company and the first post-quantum encryption to offer a prize of $100,000. We have invested over three years in developing our IronCAP technology with a development team that has combined 50 years of experience in code-based encryption. We are very confident that our technology will withstand any attempt by any participant to crack the code in our hackathon.

01 expects contestants from around the world to challenge its quantum-safe encryption. The hackathon is available online globally. Anyone to who has a Google or Facebook account can sign up to participate. Contestants will be given 30 days to crack IronCAPs code. A cash prize of $100,000 will be awarded to the first person (if there is any) who is able to break the encryption. A paper describing the method used to crack the encryption is required to be submitted by the participant.

Innovative people working in tech along with researchers, computer scientists, students and hackers are encouraged to sign up for the hackathon. Signup will be accepted online atwww.ironcap.cabeginning November 11, 2019, and the contest closes on December 12, 2019. Result will be announced on or about December 16, 2019.

Taking flight

Global IT provider Stefanini is hosting an Innovation Hackathon on Dec. 6, 2019 at its Southfield Innovation Center. The focus for this hackathon is to fly a Tello drone using voice commands. The event is open and free and requires some technology knowledge: HTML, Javascript and CSS, HTTP REST API, C# (.NET). Familiarity with Microsoft PowerBI streaming datasets and dashboards is a plus.

This event will provide manyopportunities for participants, both personally and professionally, as they co-create solutions for their future, said Renata Galle, vice president of innovation and digital business at Stefanini.

The companys goal is to attract talent through a dynamic and interactive process, identify and foster new skills within its employees, and connect students and professionals in the local market with its Digital Talent Mall and job opportunities.

A voice recognition platform and a software development kit for the drone will be provided. The teams will have to code the app to interact with the drone, send commands, extract flight information from it, and display some of this flight information back into a visualization dashboard. Each participant will be evaluated and may bepart of Stefaninis Digital Projects and Talent Mall based on:

The teams will have at their disposal different paths to follow to achieve the goal.Those interested in participating are encouraged to registeronline. Details are available here.

The rest is here:
Innovation Focused Firms Issue Open Call for Hackers - IndustryWeek

Did you know that, on average, 6 billion SMS messages are sent every day in the U.S. alone? Thats 180 billion each month and 2.27 trillion each year. Globally, 4.2 billion people are texting worldwide. No doubt youre one of emwhich means you fire off approximately 67 texts a day. Thats a lot of LOLs.

When you send all those texts, you probably assume that you and your recipients are the only ones privy to the information contained within. Thats where youd be wrong.

The truth is that text messages arent secure, and that insecurity opens you, your friends, family, and business up to risk. And it isnt even your fault; the default text messaging services many of us use are old and vulnerable to a number of different attack scenarios. While carriers are on a path to update it, it might be too little, too late.

But before you can understand why you should spend more energy on practicing safe texting, it may be helpful to understand how the whole system works in the first place. Heres the breakdown.

If youre sending a text message, youre generally sending an SMS, which stands for Short Message Service. Its the oldest and one of the most widely used text messaging services today. It includes MMS (Multimedia Messaging Service) which enables SMS users to send multimedia content like images, audio, and visual files. Both SMS and MMS are sent using cellular networks and thus require a wireless plan and a wireless carrier.

If you send a traditional text message on your phone, its considered an SMS. When you send that gif, youve just sent a MMS.

When you send a text message, it first goes to a nearby cellular tower over a pathway called the control channel, and then into an SMS center (SMSC). The SMSC resends that message to the tower closest to the recipient, and then it goes to their phone. SMS also sends data associated with the message, including the length of the message, format, time stamp, and destination.

Of the 109 text messages I sent yesterday, for example, 15 of them were SMS messages sent to people who have phones on other carriers, 70 were sent through iMessage, and the rest were sent via OTT applications.

WhatsApp, iMessage, Facebook Messenger, WeChat, and other messaging apps are grouped together as OTT applications and are also considered texting services. OTT stands for Over the Top; as a group, these apps are different than SMS services because they use internet protocols (IP) rather than cellular networks to transmit messages. This means these messages are sent through an internet connection (aka WiFi) or via mobile internet connection.

OTT apps work in a way thats different than SMS because they send encrypted messages that only you and the person receiving your message can access. That means the messaging service doesnt know what youre sending, and neither does anyone else who might intercept that web traffic.

For example, WeChat uses extensible Messaging and Presence Protocol (XMPP) to exchange data between the users. This protocol is decentralized, and as a result, considered secure and flexible. The company also uses SSL/TSL encryption. All of this is intended to ensure that other people arent seeing your messages.

When considering messaging services, people often have to choose between sending via SMS or sending via an OTT service. If youve traveled extensively outside the U.S., youve probably noticed that people in many other countries prefer WhatsApp to text messaging.

SMS is the most ubiquitous, but least secure messaging medium. OTT apps require you to be using the same platform as the person youre messaging, which can be annoying. Maybe your friends dont want to download another app just for texting, but continuing to use SMS could put you at risk because it doesnt have end-to-end encryption.

As OTT apps cannibalize the SMS market, carriers have become incentivized to improve SMS services in the form of Rich Communication Services (RCS). RCS theoretically combines the best features of OTT apps into one protocol thats universal across carriers and devices. This new protocol will replace SMS and has been a work in progress for more than a decade.

Approved by the GSMA in 2008, RCS was fully adopted in 2016. Since then, the RCS Universal Profile has been pushed out with strong support and back-end services from Google (which acquired Jibe) with the goal of providing consistent interoperable messaging services across all devices and networks. This not only helps create a global standard, but also improves Android capacity, which is notoriously more vulnerable to attacks. As Dan Wood of Bishop Fox noted in an interview, A lot of SMS phishing is done against Android platforms.

RCS has the ability to:

However, while RCS doesnt have end-to-end encryption, it does have the standard security protocols of Transport Layer Security and IPsec.

RCS doesnt use cellular connection, but instead relies on a data connection and is both hardware- and platform-agnostic. Sprint, US Cellular, and Google Fi have implemented RCS fully across their networks and all devices. Other networks are implementing it against specific devices with broader plans to roll out further through 2020. And, moving forward, all devices should support this feature out of the box.

In short, RCS is an attempt by carriers to ensure the continued use of out-of- the-box messaging services and the connected data plans that accompany such usage. However, it doesnt enhance the overall security of information shared.

With the recent ghost texting controversy, people have started to question just how secure text messages are. The simple answer: not very.

Remember: Text messages are sent in a multi-step process. While your message might be encrypted from your phone to the first cell tower, its not encrypted after that. And your SMSC may keep the message even if both the sender and recipient delete it. Whenever a message is encrypted, it can be read by the mobile service, hackers, or governments.

Because of the lack of encryption, hackers can search for weak points anywhere along the virtual path between the sender and receiver, which includes a ton of different network devices and computing systems at many different providersonly one of which needs to be exploited via technical vulnerability, misconfiguration, social engineering or insider attack, says Christopher Howell, CTO of Wickr.

Because the messages are stored on these systems longer than necessary, Howell continues, it increases the window of vulnerability through which the hacker can attack. Rather than having to defend a system for a few seconds to prevent a hacker from stealing a message, it needs to be protected for days, weeks, months. These odds favor the hacker.

Its unlikely that youre using your cell phone to text about military launch codes, top secret government business, or anything else thats of much use to the average hacker. But what about a text exchange about a friends decision to leave their spouse, your bosss cancer scare, or your little sisters decision to switch jobs? Would you want that information to get disseminated somewhere else? What about information about your children, your pets, or a naked selfie that could help someone track where you are, guess your passwords, or find the tattoo on your left thigh thats also your bank account password?

Its not always about protecting big secretsits about ensuring personal privacy for everyone involved.

There are a number of ways that malicious actors (governments, terrorists, etc.) can hack into SMS systems and use them for their own benefit.

Governments are hacking using SMS. Chinese hackers recently did this when they developed malware to steal SMS messages. The malware used a keyword list of terms that were of geopolitical interest for Chinese intelligence collection and then connected those terms with phone numbers that they then tracked. The group responsible for this (APT41) also interacted with call detail records and tracked high-ranking individuals who were of interest to Chinese intelligence.

There are 0day bugs on the market that can remote access your phone without you having to click on any sort of link or do anything at all, says Ben Lamm, the CEO of Hypergiant. In fact, this market is growing as are all threats to vulnerable systems. The secret here is that we need to all be more focused on security, on protecting ourselves from vulnerability and on understanding that one insecure individual can compromise the whole group.

Take, for instance, two-factor authentication, which we generally think of as safe. If that second factor authentication is through an SMS service, it could be intercepted, meaning the system you thought was secure might now be compromised. This is important if, say, you use two-factor authentication to protect your bank account, corporate email, or dating profile.

Regular people are hacking and being hacked using SMS, too. Text message hacks are happening everywhere, from middle schoolers hacking their enemies to steal their pictures to nation state level attacks, says Georgia Weidman, the founder of Shevirah Inc. and a New America Cybersecurity Policy Fellow.

Given the propensity for and variety of attacks, it makes sense to consider alternative services that offer end-to-end encryption. Popular secure apps include:

An attacker might send a text message enticing a user to log into their bank or download a malicious application. Many users are getting security awareness training to be wary of phishing via email, but that education is often lacking around mobile based attack vectors such as text message or WhatsApp, Weidman says. Additionally, the text messaging programs on our phones are just software like any other and thus prone to security vulnerabilities. There have been instances in the past where an attacker could send a malformed text message to a device and gain control of the device.

The truth is we all need to use an extra dose of common sense.

Use the same caution when responding to SMS text messages as you would a suspicious email, says Kristin Kozinski of Dont Click on That. When evaluating a message consider the source of the message. If you dont recognize the number, confirm the context of the message elsewhere. For example, if your bank texts you, call the customer support number to verify the message you received. Be cautious of any link in the text message. This is a prime outlet for distributing malicious URLs. Finally, if the text sounds too good to be true, it probably is.

Read this article:
How SMS Worksand Why You Shouldnt Use It Anymore - Popular Mechanics

A team of cybersecurity researchers today disclosed details of two new potentially serious CPU vulnerabilities that could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based Intel TPMs.

Trusted Platform Module (TPM) is a specialized hardware or firmware-based security solution that has been designed to store and protect sensitive information from attackers even when your operating system gets compromised.

TMP technology is being used widely by billion of desktops, laptops, servers, smartphones, and even by Internet-of-Things (IoT) devices to protect encryption keys, passwords, and digital certificates.

"A privileged adversary can exploit the OS kernel to perform accurate timing measurement of the TPM, and thus discover and exploit timing vulnerabilities in cryptographic implementations running inside the TPM."

"They are practical [attacks]. A local adversary can recover the ECDSA key from Intel fTPM in 4-20 minutes, depending on the access level."

"Further, we managed to recover ECDSA keys from an fTPM-endowed server running StrongSwan VPN over a noisy network as measured by a client."

"The fact that a remote attack can extract keys from a TPM device certified as secure against side-channel leakage underscores the need to reassess remote attacks on cryptographic implementations."

"The vulnerable Intel fTPM is used by many PC and laptop manufacturers, including Lenovo, Dell, and HP."

Besides this, researchers also tested TMP solutions manufactured by Infineon and Nuvoton and found them vulnerable to non-constant execution timing leakage issues.

Researchers responsibly reported their findings to Intel and STMicroelectronics in February this year, and the companies just yesterday released a patch update for affected products.

See the original post here:
Researchers Discover TPM-Fail Vulnerabilities Affecting Billions of Devices - Internet

The problem with encrypted data is that you must decrypt it in order to work with it. By doing so, its vulnerable to the very things you were trying to protect it from by encrypting it. There is a powerful solution to this scenario: homomorphic encryption. Homomorphic encryption might eventually be the answer for organizations that need to process information while still protecting privacy and security.

What Is Homomorphic Encryption? And Why Is It So Transformative?

What is homomorphic encryption?

Homomorphic encryption makes it possible to analyze or manipulate encrypted data without revealing the data to anyone. Something as simple as looking for a coffee shop when youre out of town reveals huge volumes of data with third parties as they help you satiate your caffeine cravingthe fact that youre seeking a coffee shop, where you are when youre searching, what time it is and more. If homomorphic encryption were applied in this fictional coffee search, none of this information would be visible to any of third parties or service providers such as Google. In addition, they wouldnt be able to see what answer you were given regarding where the coffee shop is and how to get there.

While we might be willing to part with the data that is exposed when we search for our next caffeine fix, homomorphic encryption has huge potential in areas with sensitive personal data such as in financial services or healthcare when the privacy of a person is paramount. In these cases, homomorphic encryption can protect the sensitive details of the actual data, but still, be analyzed and processed.

Another bonus of homomorphic encryption is that unlike other encryption models in use today, it is safe from getting broken by quantum computers.

Just like other forms of encryption, homomorphic encryption uses a public key to encrypt the data. Unlike other forms of encryption, it uses an algebraic system to allow functions to be performed on the data while its still encrypted. Then, only the individual with the matching private key can access the unencrypted data after the functions and manipulation are complete. This allows the data to be and remain secure and private even when someone is using it.

There are three main types of homomorphic encryption: partially homomorphic encryption (keeps sensitive data secure by only allowing select mathematical functions to be performed on encrypted data); somewhat homomorphic encryption (supports limited operations that can be performed only a set number of times); fully homomorphic encryption (this is the gold standard of homomorphic encryption that keeps information secure and accessible).

Dr. Craig Gentry describes homomorphic encryption as a glovebox where anybody can get their hands into the glovebox and manipulate what's inside, but they are prevented from extracting anything from the glovebox. They can only take the raw materials and create something inside the box. When they finish, the person who has the key can remove the materials (processed data).

Practical Applications of Homomorphic Encryption

While cryptographers have known of the concept of homomorphic encryption since 1978, it wasnt until Dr. Gentry created an algebraically homomorphic encryption system for his graduate thesis that the idea progressed and when Gentry established the first homomorphic encryption scheme in 2009. As mentioned, homomorphic encryption could make our searches more private on search engines, but there are other practical applications for it when using data or data is in transit.

One very relevant way homomorphic encryption can be used is to ensure democratic elections are secure and transparent. Votes could be added up while keeping the identities of the voters private; third parties could verify the results, and voting data would be protected from manipulation.

Its been challenging for highly regulated industries to securely outsource data to cloud environments or data-sharing partners for research and analytics. Homomorphic encryption could change that since it makes it possible for data to be analyzed without jeopardizing privacy. This can impact many industries, including financial services, information technology, healthcare, and more.

What are the barriers to using homomorphic encryption?

The biggest barrier to widescale adoption of homomorphic encryption is that it is still very slowso slow its not yet practical to use for many applications. However, there are companies such as IBM and Microsoft, and researchers such as Dr. Gentry who are working diligently to speed up the process by decreasing the computational overhead thats required for homomorphic encryption.

View original post here:
What Is Homomorphic Encryption? And Why Is It So Transformative? - Forbes