Filed under: Misc. Gadgets

Call us devilish, but we just can’t help but love these types of stories. Here we have yet another overly confident group of researchers grossly underestimating the collective power of the hacking underground, as gurus from all across Europe have joined together to announce “the first commercial communication network using unbreakable encryption based on quantum cryptography.” Interestingly enough, quantum cryptography has already been cracked in a kinda-sorta way, but that’s not stopping these folks from pushing this claim hard to government agencies, financial institutions and companies with distributed subsidiaries. We’ve no doubt this stuff is pretty secure, but the last time we heard someone utter a claim similar to this, we saw him uncomfortably chowing down on those very words merely months later.

[Via Physorg]

Read | Permalink | Email this | Comments

Filed under: Storage

Psst… hey you. Yeah, you. Tired of having to sleep with one eye on your HDD? Enter Raidon’s STARAY S3 Series Data Encryption Box, which enables the drive within to be partitioned into public and private parts. There’s also talk of S-Codes and X-Codes in order to ratchet up security, and the keypad-based password entry ensures that data snatchers will have to extract strings of thought from your brain before they can tap into your collection of 1980s-era R&B videos. Get yours sent to an undisclosed underground location for just $69, but don’t forget to order up a hard drive while you’re at it.

Read | Permalink | Email this | Comments

Filed under: Cellphones

Although several Indian news outlets reported last week that RIM was preparing to let the Indian government monitor the domestic Blackberry network, it appears that the outcry has prompted the company to change course and announce that it’s committed to “serving security-conscious businesses in the Indian market.” That’s a big reversal from the rumored plan, which would have allowed Indian security agencies access to the network in exchange for taking the blame for any leak of user data. Of course, not everything’s quite settled yet: the Indian government is still demanding that RIM furnish “satisfactory answers” to its security questions, and RIM told the AFP that there are some other ways for “government to take care of security concerns” without elaborating further. Based on RIM’s enterprise-heavy statements and refusal to comment on the consumer service, we’d guess that enterprise customers will probably get to keep their networks locked down, but that consumers shouldn’t expect their messages to be secure. Not the best compromise, but we’ll see how this all plays out.

Read | Permalink | Email this | Comments

Filed under: Desktops, Laptops

So news is making its way around the internets that at the Wedbush Morgan Securities Management Access Conference, Atari founder Nolan Bushnell proclaimed the end of PC gaming piracy as we know it, thanks to a “stealth encryption chip.” The magic chip he’s referring to that “will, in fact, absolutely stop piracy of gameplay”? The TPM chip — what’s been on motherboards for years, that apparently Bushnell just found out about. While the tinfoil hats in the house will likely attribute TPM (Trusted Platform Module) and other onboard crypto-chips to the eventual downfall of privacy and personal computing, to date we’ve yet to see piracy stunted or civil liberties breached because of the little bugger. FUD you later, Nolan.

[Thanks, Carl]

Read | Permalink | Email this | Comments

Filed under: Storage

Read | Permalink | Email this | Comments

Filed under: Storage

Coming in capacities ranging from 80 to 320GB, Fujitsu’s new MHZ2 CJ series drives don’t just spin at 7200rpm — these security-conscious drives also have full-disk hardware-based AES-256 encryption, which ought to forestall indefinitely any potential laptop-nappers. We don’t yet know how much the extra security will tack on to the bottom line, but they’ll be out by the end of next month (in Japan, anyway).

Read | Permalink | Email this | Comments

Filed under: Cellphones

The last we’d heard, the Indian government had ruled out the threat of a Blackberry ban if RIM didn’t allow it to snoop on messages, but it looks like some overzealous bureaucrat is getting his way after all: the Department of Telecom has issued a 15-day deadline for RIM to either open up for the G-men or get shut down. RIM says it won’t comment on regulatory issues as a matter of policy, but it looks like the Indian government is playing hardball, with Telecom Minister A Raja saying that national security will not be sacrificed at any cost. Hmm, hear that? That’s the sound of over 400,000 Indian Blackberry users desperately grabbing at their devices to get another quick fix — something tells us this isn’t going to end well.

[Via Cellpassion]

Read | Permalink | Email this | Comments

Filed under: Misc. Gadgets

Sure, it’s fun to say that one billion RFID cards are now at risk due to the Mifare Classic’s broken encryption, but it’s another thing to comprehend how widespread the fallout could potentially be — the London Underground’s Oyster Card is based on the chip, for example. And that’s just the tip of the iceberg: a new report says that the system can be broken in minutes using a typical PC — check the video after the break for a demonstration. We’ve also listed all the other now-potentially-vulnerable Mifare RFID implementations we could find, but there’s got to be more — put ‘em in comments!

Continue reading Oyster Cards vulnerable to RFID hack, lots of other systems too

Read | Permalink | Email this | Comments

Filed under: Cellphones

Remember the Indian government’s threat to shutdown RIM’s in-country network if they didn’t open it up for snooping? Ain’t gonna happen. Today the Indian government ruled out banning the BlackBerry service. Instead, the government will continue working with the Telecom Commission on security matters (whatever that means) with a promise to resolve the matter soon. Look India, if the notoriously controlling Chinese allow the data to run encrypted, what’s your beef chicken?

Read | Permalink | Email this | Comments

Filed under: Cellphones

Uh-oh, Indian Blackberry users — better get ready for some major disconnection anxiety. Apparently the Indian government is demanding that RIM either allow it to snoop on its encrypted email service (or worse, drop down to 40-bit encryption), or shut down the entire Indian Blackberry network at the end of the month. That’ll cut off an estimated 400,000 subscribers, so the carriers, RIM, and government officials are due to meet and try and hammer out a solution on the 14th, but the issue probably won’t be easy to solve — ISPs are now concerned that if RIM complies, all encrypted wireless data will be open to spying, which would make things like ecommerce virtually impossible. Furthermore, since Blackberry traffic gets routed to Canadian NOCs first, there are some thorny international issues at play as well — just to put things in perspective, RIM doesn’t even allow the Chinese government to snoop in this way, although we’re certain there’s another backdoor in place. Honestly, though, we’d suffer through a little CrackBerry withdrawal if it kept the G-men out of our hair — let’s hope RIM’s got some fight in ‘em.

[Via Boy Genius Report]

Read | Permalink | Email this | Comments

Filed under: Desktops, Laptops, Storage

Ruh roh, Shaggy — you remember that disk encryption attack that involved cooling off your target’s RAM and yanking it to get a bitdump before the contents faded? Well, it looks like things just got a lot simpler for would-be attackers — check out this USB flash key designed by security researcher Robert Wesley McGrew, which can boot your machine and dump the RAM to itself without altering its contents. That means you no longer need to actually pull the DIMMs or carry around an air duster; all an attacker needs is enough time to reboot your machine and copy the contents of your RAM. Of course, that takes time — McGrew says things are running quite slowly right now, but he suspects his test machine is dropping down to USB 1.0 speeds. That’s still not too reassuring — looks like we’ll be spending even more time with our machines from now on.

[Via Hack a Day]

Read | Permalink | Email this | Comments

Filed under: Desktops, Laptops, Storage

It’s an old adage that no security measure is worth anything if an attacker has physical access to the machine, but things like heavy-duty disk encryption are supposed to at least slow things down. Sadly, that may not actually be the case, as a group of Princeton researchers has just published a paper detailing an exploit that requires little more than a spray duster and a screwdriver. Since the encryption key for systems like BitLocker and FileVault lives in RAM, all an attacker has to do to get it is cool the RAM modules with the air duster held upside down, yank the DIMM, and insert it into another machine, where it can then be read to access the key. Of course, this assumes that you’ve already typed in your password, but check the video after the break to see how long bits in RAM stay written — even if you’ve turned off your computer, there’s a chance the key can still be read. Looks like there’s an actual benefit to MacBook Air’s soldered-in RAM after all, eh?

Continue reading Cold boot disk encryption attack is shockingly effective

Read | Permalink | Email this | Comments

Filed under: Cellphones

Sure, we’ve seen cellphone encryption contraptions before, but KoolSpan’s aiming to make things extra easy for green CIA agents. Set to be released next month, the microSD TrustChip slips right into a-many of smartphones and enables callers to hit up other undercover gurus and chat with 256-bit AES encryption, providing that the receiver of the call has a TrustChip jammed in his / her phone as well. Furthermore, the device itself touts enough features to make Maxwell Smart all sorts of envious: on-chip crypto processing, key management and a tamper-resistant environment for starters. Word on the street pegs this bad boy at $300, but we all know the cost of getting a call sniffed could be much more costly than that.

[Via GetFlashMemory]

Read | Permalink | Email this | Comments

Filed under: Misc. Gadgets

In what’s being hailed as “one of the first public uses of quantum cryptography,” Genevian voters who take part in the upcoming national elections can rest assured that their votes will remain a secret. Reportedly, the “city-state will use quantum technology to encrypt election results as they are sent to the capital on October 21st.” A computer, provided by id Quantique, will be set up in Geneva to “fire photons down a fiber-optic link to a receiver 62-miles away,” which should be sufficient to keep any potential eavesdroppers at bay. ‘Course, where there’s a will, there’s typically a way.

Read | Permalink | Email this | Comments

Office Depot Featured Gadget: Xbox 360 Platinum System Packs the power to bring games to life!