Breaking Encryption Won't Make Us Safer

The British government wants to build backdoors into standard encryption libraries. This means the technology that protects your financial transactions could have a backdoor. These same backdoors were just exploited in the WannaCry outbreak that just took down the NHS. Who created that backdoor? The NSA, whose incompetence allowed this “tool” to fall into the hands of a Russian government-affiliated hacking group. You don’t do anything illegal? Great! You do have a bank account, right? [Read More]

FBI Issues Notice Regarding Pokemon GO

(adsbygoogle = window.adsbygoogle || []).push({}); On July 15, 2016 the US Federal Bureau of Investigations (FBI) issued an External Intelligence Note regarding the recent smash hit augmented reality mobile game Pokémon GO. The Note’s classification was unclassified/for official use only with the intended audience being the law enforcement and security communities. The completely unclassified summary of the FBI External Intelligence Note states: The FBI’s Washington Field Office (WFO) assesses it is very likely a increased participation in the Pokémon GO augmented-reality smartphone application will result in an increase in law enforcement encounters and suspicious activity reports (SARs) in the National Capital Region (NCR) due to a high concentration of museums, art installations, historical markers, and monuments identified as target locations, or “PokéStops,” and players attempting to access restricted areas. [Read More]

Yubikey 4 Nano Demands Use of yubiswitch

As more and more security policies demand the use of multi-factor authentication the number of times a day you use a multi-factor token will increase. Hopefully that number will not increase to a level that throws the balance of security and convenience towards the annoyingly secure side of the scale. But, if that ever does happen hopefully you can use an Yubikey as your token. (adsbygoogle = window. [Read More]

LastPass Sells Out to LogMeIn

If you have not heard, the phenomenal cloud base SaaS password manager, LastPass has agreed to be acquired be the not so customer friendly LogMeIn. The IT world immediately panned the anti-idea as anti-consumer and the security world agreed and raised all sorts of red flags as well. (adsbygoogle = window.adsbygoogle || []).push({}); People dislike LogMeIn for a variety of reasons but the main one is that they pulled the rugs out from under a lot of folks who were using LogMeIn to help administer remote computers (I was one of these people). [Read More]