Note to self: Encrypt data, memorize password

In a case that serves as a reminder to: a) use encryption, and b) memorize the encryption pass-phrase, an appeals court has ruled that people have a constitutional right not to be forced to decrypt data that potentially includes evidence that could be used to prosecute them in court.

The Fifth Amendment privilege against self-incrimination that prohibits authorities from forcing a suspect to reveal the combination to open a lock on a safe in an investigation also applies to the digital equivalent--data locked up with encryption, the U.S. District Court of Appeals for the Northern District of Florida ruled yesterday. … Read more

How to use VPN to defeat deep packet inspection

Imagine a technology that can stop spam and malware, identify and block illegal downloads, and allow ISPs to prioritize the data they transmit by content as well as by type. Sounds pretty good.

Now imagine a technology that gives network managers and governments the ability to monitor everything you do on the Internet, including reading and recording your e-mail and other digital communications, and tracking your every move on the Web.

Of course, it's the same technology--deep packet inspection by name. That's how governments around the world are able to spy on their citizens' online activities and control … Read more

Researchers find flaw in key generation with popular cryptography

A group of researchers has uncovered a flaw in the way public keys are generated using the RSA algorithm for encrypting sensitive online communications and transactions.

They found that a small fraction of public keys--27,000 out of a sample of about 7 million--had not been randomly generated as they should be. This means it would be possible for someone to figure out the secret prime numbers which were used to create the public key, according to The New York Times, which reported on the research today.

The research was led by James P. Hughes, an independent cryptology expert based … Read more

New tool cracks Apple iWork passwords

Apple offers a number of options for securing your data on a Mac, including enabling FileVault for whole disk encryption in Lion (or home folder encryption in prior versions of OS X), and encrypted disk images for securing collections of documents.

In addition, as with other software developers, Apple has included options to secure individual documents for some of its programs, such as those in its iWork productivity suite.

To do this in iWork, create or open a document in Pages, Numbers, or Keynote, and then open the inspector window by clicking its icon in the toolbar or by pressing … Read more

Security concerns on Apple's FileVault decryption via FireWire

Yesterday's news of Passware's ability to decrypt FileVault-encrypted Macs in under an hour may have some people concerned about what this means for Mac security. After all, the purpose of encryption is to keep people from easily accessing the data on your drive, and yet Passware shows that in the hands of a capable person, your drive's encrypted contents might quite easily be uncovered.

Security experts speculate that the 128-bit XTS-AESW encryption used in FileVault would take millions of years to crack with a brute-force approach, so while Passware's approach clearly does not employ a brute-force … Read more

FileVault 2 easily decrypted, warns Passware

One of the welcome features in OS X Lion was the replacement of Apple's first-generation FileVault file encryption technology, which only encrypted the home folder, with a new whole-disk encryption approach.

Unlike the first FileVault, which required a number of workarounds and still had compatibility problems with various programs and utilities, the new technology is transparent to the operating system and enhances security since it not only encrypts user data but also all other data on the drive, including system caches, application files, and system configuration files that might contain some personal information.

FileVault 2 requires the hard drive … Read more

Judge: Americans can be forced to decrypt their laptops

American citizens can be ordered to decrypt their PGP-scrambled hard drives for police to peruse for incriminating files, a federal judge in Colorado ruled today in what could become a precedent-setting case.

Judge Robert Blackburn ordered a Peyton, Colo., woman to decrypt the hard drive of a Toshiba laptop computer no later than February 21--or face the consequences including contempt of court.

Blackburn, a George W. Bush appointee, ruled that the Fifth Amendment posed no barrier to his decryption order. The Fifth Amendment says that nobody may be "compelled in any criminal case to be a witness against himself,&… Read more

Google future-proofs your e-mail, documents from spies

Google is strengthening the encryption on Gmail and other services so that messages stored today can't easily be decrypted later by faster computers using brute force methods.

The company is enabling what is called "forward secrecy" by default, Adam Langley from Google's security team, wrote in a blog post yesterday.

"Most major sites supporting HTTPS operate in a non-forward secret fashion, which runs the risk of retrospective decryption. In other words, an encrypted, unreadable email could be recorded while being delivered to your computer today," he wrote. "In ten years time, when computers … Read more

How to secure your PC in 10 easy steps

There's one thing you can do to avoid being the victim of identity theft: follow this 10-step PC security plan.

Encrypt your network connection Most popular sites offer HTTPS connections at least some of the time. In Gmail, click the gear icon in the top-right corner and select "Always use https" under the General tab.

To select Facebook's HTTPS setting, click the down arrow in the top-right corner and choose Account settings. Select Security in the left pane and Edit in the Secure Browsing section of the main window. Check "Browse Facebook on a secure … Read more

WinZip 16 goes social, postal

WinZip version 16 has hit the streets, bringing with it a few features aimed at keeping the venerable archiving tool in the cool crowd. Plus, with its all-new native 64-bit engine, this newest release runs just a bit smoother and faster than before.

But first things first--the guts of the program. WinZip 16 retains its large feature set, including drag-and-drop support and content-sensitive previews. It can compress images by up to 25 percent and has a "Zip from Camera" wizard, and deep context menu support enables you to perform most of WinZip's functions on the fly. However, … Read more