encryption posts on CNET - Page 12


FileVault 2 easily decrypted, warns Passware

One of the welcome features in OS X Lion was the replacement of Apple's first-generation FileVault file encryption technology, which only encrypted the home folder, with a new whole-disk encryption approach.

Unlike the first FileVault, which required a number of workarounds and still had compatibility problems with various programs and utilities, the new technology is transparent to the operating system and enhances security since it not only encrypts user data but also all other data on the drive, including system caches, application files, and system configuration files that might contain some personal information.

FileVault 2 requires the hard drive … Read more

Judge: Americans can be forced to decrypt their laptops

American citizens can be ordered to decrypt their PGP-scrambled hard drives for police to peruse for incriminating files, a federal judge in Colorado ruled today in what could become a precedent-setting case.

Judge Robert Blackburn ordered a Peyton, Colo., woman to decrypt the hard drive of a Toshiba laptop computer no later than February 21--or face the consequences including contempt of court.

Blackburn, a George W. Bush appointee, ruled that the Fifth Amendment posed no barrier to his decryption order. The Fifth Amendment says that nobody may be "compelled in any criminal case to be a witness against himself,&… Read more

Google future-proofs your e-mail, documents from spies

Google is strengthening the encryption on Gmail and other services so that messages stored today can't easily be decrypted later by faster computers using brute force methods.

The company is enabling what is called "forward secrecy" by default, Adam Langley from Google's security team, wrote in a blog post yesterday.

"Most major sites supporting HTTPS operate in a non-forward secret fashion, which runs the risk of retrospective decryption. In other words, an encrypted, unreadable email could be recorded while being delivered to your computer today," he wrote. "In ten years time, when computers … Read more

How to secure your PC in 10 easy steps

There's one thing you can do to avoid being the victim of identity theft: follow this 10-step PC security plan.

Encrypt your network connection Most popular sites offer HTTPS connections at least some of the time. In Gmail, click the gear icon in the top-right corner and select "Always use https" under the General tab.

To select Facebook's HTTPS setting, click the down arrow in the top-right corner and choose Account settings. Select Security in the left pane and Edit in the Secure Browsing section of the main window. Check "Browse Facebook on a secure … Read more

WinZip 16 goes social, postal

WinZip version 16 has hit the streets, bringing with it a few features aimed at keeping the venerable archiving tool in the cool crowd. Plus, with its all-new native 64-bit engine, this newest release runs just a bit smoother and faster than before.

But first things first--the guts of the program. WinZip 16 retains its large feature set, including drag-and-drop support and content-sensitive previews. It can compress images by up to 25 percent and has a "Zip from Camera" wizard, and deep context menu support enables you to perform most of WinZip's functions on the fly. However, … Read more

Google offers encrypted Web search by default

Google announced today that it will encrypt by default Web searches and results for users who are signed in.

People who don't have a Google account or are signed out can go directly to https://www.google.com, the company said in a blog post.

Encrypting the communications between an end user and the Google search engine servers will protect against snooping by anyone who might be sniffing on an unsecured Wi-Fi network, for instance. Secure Sockets Layer (SSL) is available now for Web search, image search and all the search modes except for Maps, Google said in this … Read more

Virtual memory encryption necessity in OS X

Part of virtual memory on a computer is where the contents of RAM are written to the hard drive (as a special file called a "swapfile") to free it up for other uses. As you use your computer, the system will load programs and data into RAM, which is like having your work on the top surface of a desk. As you place more items on the top of your desk (RAM) it may get cluttered, so to keep your work flow efficient you might free some space by putting a few items into the desk's drawers (… Read more

Security flaw found in feds' digital radios

Expensive high-tech digital radios used by the FBI, Secret Service, and Homeland Security are designed so poorly that they can be jammed by a $30 children's toy, CNET has learned.

A GirlTech IMME, Mattel's pink instant-messaging device with a miniature keyboard that's marketed to pre-teen girls, can be used to disrupt sensitive radio communications used by every major federal law enforcement agency, a team of security researchers from the University of Pennsylvania is planning to announce tomorrow.

Converting the GirlTech gadget into a jammer may be beyond the ability of a street criminal for now, but that … Read more

Study: iPhone, Android apps store sensitive user info

Mobile apps are still not secure when it comes to storing certain personal information, according to a new study from security firm ViaForensics.

Dissecting a variety of apps for Apple's iOS and Google's Android, ViaForensics found that 76 percent of them store user names in cleartext without encryption, while 10 percent store passwords in the same way, making such data more vulnerable. Running a series of tests from November 2010 through June 2011, the security firm checked out apps from several categories, including financial, social networking, productivity, and retail.

Each individual app received a pass, fail, or warn … Read more

Lose your laptop? Change all passwords, pronto

LAS VEGAS--If your Windows laptop is stolen, be warned: new research shows how a thief can gain access to the passwords used by your Amazon.com, Google, Yahoo, Facebook, and other Web accounts.

The passwords for accounts in the cloud are supposed to be protected by Windows' built-in encryption. But a team of security researchers demonstrated at the Black Hat security conference here how last week to bypass the operating system's security.

A thief--or someone unconcerned with the finer points of federal hacking laws--can take advantage of the vulnerability to discover the passwords stored by Web browsers and other … Read more