October 2011 - Entrust, Inc. 1-10 of 12

PGP to Android, NFC and beyond

October 31, 2011 by Jon Callas
Blogmaster Note: This was originally posted on October 31, 2011 to the ZDNet Australia Patch Monday series. Callas is now the chief technical officer at Entrust, a privately held company that does identity-based security work for clients ranging from the FBI and the US Department of Homeland Security to the UK and Saudi governments. He’s [Read More...]

Near-Field Communication (NFC): Introduction

October 31, 2011 by David Mahdi
This entry is part 1 of 5 in the series Consumerization & NFC By now, most consumers are enjoying the benefits of mobile devices. Or, for a select few, they’re pulling their hair out trying to manage an untold number of mobile devices in an enterprise network. Either way, I think we all agree that [Read More...]

Amazon Silk

October 27, 2011 by Bruce Morton
Amazon announced last month that it is entering the tablet market with the Kindle Fire. The Fire will be based on the Android operating system and will use the new Amazon Silk browser. Silk will use an innovative architecture called dynamic split browsing. In order to improve performance, content will be made available through the [Read More...]

FFIEC 2011 Quick Take- breaking down layered security

October 25, 2011 by Mike Byrnes
A short while ago, I had the chance to speak with Ziff Davis on the FFIEC’s 2011 Guidance update for Internet banking. It was a great opportunity to not only get the word out, but I really enjoyed the challenge of trying to distill the guidance into 10 minutes or less — not an easy task for [Read More...]

Don’t fear the BEAST

October 25, 2011 by Jon Callas
A few weeks ago, Juliano Rizzo and Thai Duong published a paper on an SSL attack that they call BEAST, which decrypts parts of an SSL connection. Before I discuss it at length, let me cut to the chase on it. Q: Is this something that you need to worry about? A: No. Here’s a [Read More...]

Happy Birthday, Firesheep!

October 24, 2011 by Bruce Morton
It’s been a whole year since Firesheep was released. One year old and more than 1.9 million downloads of the Firefox plugin that allows an attacker to take over improperly secured accounts when accessed from a Wi-Fi hotspot. The solution to the problem is website operators need to secure everything in the session starting from [Read More...]

Smelling a RAT on Duqu

October 21, 2011 by Jon Callas
I have been doing research on Duqu and talking to security researchers I know who have also been working on it themselves. The bottom line is that Duqu is little more than hype. It’s also malware, but it’s easily fought malware. Mostly, though, it’s hype and hype that the perpetrators of which should be ashamed. [Read More...]

Taming the BEAST

October 18, 2011 by Bruce Morton
The BEAST’s reign of terror may soon be over. The more this topic is discussed, the less vulnerable we appear to be. Adrian Dimcev states in his blog, “Although the attack itself is pretty neat and the demo looks scary, its practicality is very low; the average user would probably not need to worry about.” [Read More...]

New Attack on Low-Cost Contactless Smartcard

October 14, 2011 by Jon Callas
Cryptographers David Oswald and Christof Parr published a great paper at this week’s CHES 2011 conference, “Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World.” In this paper, they used differential power analysis to break the DESFire contactless smartcard. It builds upon previous work published in CHES 2002 on Template Analysis, a [Read More...]

Why Your Browser Matters

October 13, 2011 by Bruce Morton
Over the past couple of weeks, the Online Trust Alliance (OTA) and Microsoft have launched campaigns promoting the use of modern browsers. OTA’s campaign, “Why Your Browser Matters,” provides tools and resources to help website operators provide user education on the value of keeping browsers current. What appears to be complementary to the OTA campaign [Read More...]
Page 1 of 212