An anonymous reader writes: According to new research published this week, modern RAM cards are still vulnerable to Rowhammer attacks despite extensive mitigations that have been deployed by manufacturers over the past six years. These mitigations, collectively referred to as Target Row Refresh (TRR), are a combination of software and hardware fixes that have been slowly added to the design of…
Tag: encryption
Chasing AMD, Intel Promises Full Memory Encryption in Upcoming CPUs
“Intel’s security plans sound a lot like ‘we’re going to catch up to AMD,'” argues FOSS advocate and “mercenary sysadmin” Jim Salter at Ars Technica, citing a “present-and-future” presentation by Anil Rao and Scott Woodgate at Intel’s Security Day that promised a future with Full Memory Encryption but began with Intel SGX (launched with the Skylake microarchitecture in 2015). Salter describes…
This Could Be Microsoft’s Most Important Product in 2020. If it Works
Alfred Ng, writing for CNET: Building 83 doesn’t stand out on Microsoft’s massive Redmond, Washington, headquarters. But last week, the nameless structure hosted what might be the software giant’s most important product of 2020. Tucked away in the corner of a meeting room, a sign reading “ElectionGuard” identifies a touchscreen that asks people to cast their votes. An Xbox adaptive controller…
India Likely To Force Facebook, WhatsApp To Comply With ‘Traceability’ Demand
New Delhi is inching closer to recommending regulations that would require social media companies and instant messaging app providers to help law enforcement agencies identify users who have posted content — or sent messages — it deems questionable, TechCrunch reported Wednesday, citing people familiar with the matter. From the report: India will submit the suggested change to the local intermediary liability…
Facebook Won’t Put Ads in WhatsApp — For Now
Facebook “will no longer push through with its plans to sell ads on WhatsApp,” writes Engadget, citing a report in the Wall Street Journal which says WhatsApp still “plans at some point to introduce ads to Status.” Newsweek reports:
WhatsApp is the only app in Facebook’s suite of products free from ads, which make up a vast amount of the parent company’s…
Exploit Fully Breaks SHA-1, Lowers the Attack Bar
ThreatPost reported on some big research last week: A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates that authenticate software downloads and prevent man-in-the-middle tampering. The exploit was developed by Gaëtan Leurent and Thomas Peyrin, academic researchers at Inria France and Nanyang Technological…
Verizon Media Launches OneSearch, a Privacy-Focused Search Engine
An anonymous reader quotes a report from VentureBeat: Verizon Media, the media and digital offshoot of telecommunications giant Verizon, has launched a “privacy-focused” search engine called OneSearch. With OneSearch, Verizon promises there will be no cookie tracking, no ad personalization, no profiling, no data-storing, and no data-sharing with advertisers. With its default dark mode, OneSearch lets you know that Advanced Privacy…
Microsoft Patches Major Windows 10 Vulnerability After NSA Warning
Microsoft on Tuesday patched an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. The vulnerability was spotted and reported by the NSA. CNBC reports: The flaw affected encryption of digital signatures used to authenticate content, including software or files. If exploited, the flaw could allow criminals to send malicious content with fake signatures that…
A Quick Look At the Fight Against Encryption
b-dayyy shared this overview from the Linux Security site: Strong encryption is imperative to securing sensitive data and protecting individuals’ privacy online, yet governments around the world refuse to recognize this, and are continually aiming to break encryption in an effort to increase the power of their law enforcement agencies… This fear of strong, unbroken encryption is not only unfounded –…
FBI Asks Apple To Help Unlock Two iPhones
An anonymous reader quotes a report from The New York Times: The encryption debate between Apple and the F.B.I. might have found its new test case. The F.B.I. said on Tuesday that it had asked Apple for the data on two iPhones that belonged to the gunman in the shooting last month at a naval base in Pensacola, Fla., possibly setting…