Why the Dual-EC DRBG Mechanism is Suspect
As we covered in December, special publication 800-90, released by the National Institute of Standards and Technology (NIST) in 2006, claimed that security vendor RSA and the NSA created a deal to make the dual-EC (elliptic curve) variant the default deterministic random-bit generator algorithm, or DRBG, in its commercial toolkit product. These claims introduce serious [Read More...]
Mobile and Security – No Longer Mutually Exclusive
In December, Entrust and Forrester began work on a Technology Adoption Profile (TAP) whitepaper centering on mobile. As organizations have begun to accept the inevitable — the eventuality of mobile devices permeating networks and infrastructures — they are looking to address mobile security as a whole and not as siloed device types (e.g., corporate- and employee-owned). With this in mind, the report discusses bring-your-own-device (BYOD) and corporate-owned devices together.