Information Security News
Do you want a phone that secures all of your data and communications, and can't be hacked by even the savviest of criminals and governments? Of course you do. But if you're a realist, you'd probably say that while strong security can be achieved with discipline, perfect security doesn't exist.
Yet, perfect security was the promise of a company called QSAlpha when it recently sent me an e-mail titled "Un-hackable Superphone to be Unveiled via Kickstarter." QSAlpha is seeking $2.1 million to build a phone it dubs the Quasar IV. Pledges starting at $395 would reserve backers a phone estimated for an April 2014 delivery.
A draft of the Kickstarter page and an accompanying video shared with Ars calls it the "world's most secure smartphone," featuring "unprecedented security with a military-grade encryption." Those kinds of claims—coupled with a lack of technical detail—make security experts who reviewed the Kickstarter page suspicious.
Some users of Kim Dotcom's Mega storage system are in a lather about a new browser extension that extracts their master encryption key from computer memory and displays it in a window. While the recently unveiled MEGApwn bookmarklet works as advertised, the general weakness it highlights is common across a variety of similar services, including Apple's iCloud. As such, the uproar in response to the hyperbolically named MEGApwn is largely an overreaction.
"Any warrant or subpoena issued to Mega for your files simply has to ask for your master key, which Mega can retrieve, and prohibit Mega from telling you about it," Koziarski's webpage warned. He went on to cite a case from 2007 in which encrypted e-mail provider Hushmail turned over 12-CDs-worth of e-mails from three account users named in a Canadian court order that targeted illegal steroids distribution. According to Wired, the evidence was most likely decrypted by exploiting a vulnerability that allowed operators to log the users' plain-text password when they accessed the service.
InfoSec Skills Launches Strategic Partnership with Wisdom Education Group in ...
PR.com (press release)
InfoSec Skills has announced a new strategic partnership with the Wisdom Education Group, based in the United Arab Emirates (UAE), to deliver accredited Information Security training into the region. This is the first initiative of its kind and one ...
Posted by InfoSec News on Sep 04http://www.nytimes.com/2013/09/01/opinion/sunday/squirrel-power.html
Posted by InfoSec News on Sep 04http://www.defenseone.com/technology/2013/08/why-us-should-use-cyber-weapons-against-syria/69776/
Posted by InfoSec News on Sep 04http://arstechnica.com/gadgets/2013/09/balky-carriers-and-slow-oems-step-aside-google-is-defragging-android/
Posted by InfoSec News on Sep 04Forwarded from: Christoforos Ntantogian <dadoyan (at) unipi.gr>
Posted by InfoSec News on Sep 04http://en.apa.az/news/198820