(testing signal)

Tag: encryption

FBI seized $2.3 million in cryptocurrency tied to ransomware group REvil

US law enforcement seized approximately $2.3 million (roughly Rs 17 crores) in cryptocurrency connected to infamous hacker group, ReVil. The accused has been identified as a Russian citizen suspected of being associated with REvil, known for their ransomware attacks.
REvil ransomware is a file blocking virus that encrypts files after infection and discards a ransom request message. The message demands the victim to pay a ransom in Bitcoin and when the ransom is not paid in time the demand doubles. Ransomware gang affiliates are responsible for frontline hacking work and stealing the data…

Top 10 Cryptocurrency Exchanges to Trade at Lower Fees in 2022

by Shivani Muthyala
December 5, 2021
These cryptocurrency exchanges are the best for tradingCryptocurrency is the trading topic all across the globe these days. Cryptocurrency exchanges are also increasing day by day, but users trust the top cryptocurrency exchanges. Crypto traders also make a choice between trading raw crypto or trading crypto derivatives or products. Most of the cryptocurrency exchanges are now using blockchain technology that allows for decentralized order books and decentralized storage and is secure because of cryptography encryption techniques. Here are the top…

Proof Of Work Useful Beyond Bitcoin

Anyone who has studied bitcoin for a while knows that proof-of-work in bitcoin mining is the key to the security and to the unforgeable nature of the protocol. Bitcoin mining in 2021 requires that miners use purpose-built computers [called ASIC’s] to convert real-world energy [more than 50% of which is renewable and stranded energy] into encrypted digital monetary energy. By using this proof-of-work and following consensus rules, bitcoin miners (and node operators) secure this decentralized network one block at a time approximately every ten minutes. Some have even called it triple-entry…

Germany’s new government announces plans to protect rights to encryption

Germany’s new coalition government is seemingly pro-encryption and supports other policies digital rights advocates have asked for years, including the right to anonymity. The previous government, led by Angela Merkel, supported more surveillance.
Privacy is a protected right under the German constitution. However, in an effort to fight crime, law enforcement agencies have undermined that right by fighting to access otherwise private data.
The previous German government, which was led by conservatives, joined other European nations in calling for a “legal access to encrypted…

Quantum Computers Will End Cryptocurrencies And The Blockchain, Experts Say

With a computing power that no one could dream of a few years ago, quantum computers put traditional cryptography in check.
The cryptocurrencies and the blockchain are safe because they use complex algorithms to generate them, and encryption based on computer networks.
But cryptography is a slave to technological evolution. An encryption algorithm can be broken by brute force, although it would take thousands of years of calculations with conventional computers. Experts have long wondered: What if quantum computers were tried?
In 2019 Google introduced Sycamore, a 54 qubit…

Ontology and bloXmove to bring decentralized identity to urban transport apps

Ontology, a developer of self-sovereign identification systems on the blockchain, announced a partnership with decentralized mobility platform bloXmove Tuesday morning in a bid to accelerate the development of its decentralized credentials. The decentralized digital identity protocol, or DID, will enable blockchain participants to share their personal information, such as a driver’s license, in a private, secured and encrypted manner.DIDs may one day be required for complex decentralized finance applications, such as urban transport apps and decentralized health or car insurance. Simple…

La Singularidad y la guerra contra las personas

En “Singularity is near” Kurweil sostiene que hacia 2046 la tecnología permitirá codificar las mentes (como si fueran programas de ordenador), y cargarlas encriptadas en ‘la nube’ para formar una conciencia única e inmortal, que controlará todo el poder de computación del planeta.  Sostiene que los baby boomer son la primera generación que se hará inmortal y que se podrá hablar con los muertos como quien habla con un software de AI.

Una derivada indeseada de algo parecido sería la guerra que plantea Hugo de Garis entre las máquinas inteligentes y la Humanidad, la “Artilect War”.

Todas estas teorías evidencian un profundo desconocimiento tanto del ser humano como de lo que realmente es la inteligencia artificial.… Read more...

Flaw In AMD Platform Security Processor Affects Millions Of Computers

Another day, another vulnerability. This time, it’s AMD’s turn, with a broad swathe of its modern CPU lines falling victim to a dangerous driver vulnerability that could leave PCs open to all manner of attacks.

As reported by TechSpot, the flaw is in the driver for AMD Platform Security Processor (PSP), and could leave systems vulnerable by allowing attackers to steal encryption keys, passwords, or other data from memory. Today, we’ll take a look at what the role of the PSP is, and how this vulnerability can be used against affected machines.

What is a PSP, Anyway?

The AMD Platform Security Processor is functionally the company’s equivalent to the Intel Management Engine (ME), which we’ve discussed before. AMD refers to it as a subsystem “responsible for creating, monitoring, and maintaining the security environment.”… Read more...

Hackaday Links: September 19, 2021

Things might be getting a bit dicey out in Jezero crater for Ingenuity. The little helicopter that could is starting to have trouble dealing with the thinning Martian atmosphere, and may start pressing against its margin of safety for continued operation. Ingenuity was designed for five flights that would all take place around the time its mothership Perseverance touched down on Mars back in February, at which time the mean atmospheric pressure was at a seasonal high. Over the last few months, the density of the Martian atmosphere has decreased a wee bit, but when you’re starting with a plan for a pressure that’s only 1.4% of Earth’s soupy atmosphere, every little bit counts. The solution to keeping Ingenuity flying is simple: run the rotors faster.

Read more...

How WhatsApp is enabling end-to-end encrypted backups

For years, in order to safeguard the privacy of people’s messages, WhatsApp has provided end-to-end encryption by default ​​so messages can be seen only by the sender and recipient, and no one in between. Now, we’re planning to give people the option to protect their WhatsApp backups using end-to-end encryption as well.

People can already back up their WhatsApp message history via cloud-based services like Google Drive and iCloud. WhatsApp does not have access to these backups, and they are secured by the individual cloud-based storage services.

But now, if people choose to enable end-to-end encrypted (E2EE) backups once available, neither WhatsApp nor the backup service provider will be able to access their backup or their backup encryption key. … Read more...

This Week in Security: Ransomware Decryption, OpenSSL, and USBGadget Spoofing

We’ve covered a lot of ransomware here, but we haven’t spent a lot of time looking at the decryptor tools available to victims. When ransomware gangs give up, or change names, some of them release a decryption tool for victims who haven’t paid. It’s not really a good idea to run one of those decryptors, though. The publishers don’t have a great track record for taking care of your data, after all. When a decryptor does get released, and is verified to work, security researchers will reverse engineer the tool, and release a known-good decryption program.

The good folks at No More Ransom are leading the charge, building such tools, and hosting a collection of them. They also offer Crypto Sheriff, a tool to identify which ransomware strain got your files.

Read more...

12. Crypto-craze,, A Flavor of PrimeNet

In case you’ve missed it, there has been a tremendous number of news stories, social media posts and the like on Bitcoin, Hashing Algorithms, Blockchain, video graphics cards and Crypto-mining.  If you are anything like the most of us, the information barely provides you a platform to have a discussion about the topic.  But what does it all mean?  What is a Blockchain?  What are hashing algorithms?  How does one mine for bitcoins or any other crypto-currencies?  Is it as profitable as most say?  These and many other questions will be addressed in this blog.

PrimeNet – For the past few years, I’ve really been intrigued with the application of prime numbers in public key encryption algorithms.  As a result, I decided to join a community of mathematicians in search of the largest prime number.

Read more...

A Beginners Guide to Federated Learning


Recently, Google has built one of the most secure and robust cloud infrastructures for processing data and making our services better, known as Federated Learning.

In Federated Learning, a model is trained from user interaction with mobile devices. Federated Learning enables mobile phones to collaboratively learn over a shared prediction model while keeping all the training data on the device, changing the ability to perform machine learning techniques by the need to store the data on the cloud. This method goes beyond the use of local models that make predictions based on mobile device APIs like the Mobile Vision API or the On-Device Smart Reply, bringing model training to the device as well. A device downloads the current model improves it by learning from data from the phone it is present in and then summarizes the changes as a small focused update.

Read more...

Reading Python Encrypted Data in Node.js

Within NodeJS we use the ‘crypto’ library. This can be installed globally with npm i g crypto. With this, there is a range of encryption algorithms available. In this example, we have chosen the AES-256-CBC (Cipher Blocker Chaining) block cypher encryption — a symmetric encryption algorithm which means that the same key can be used for both encryption and decryption of our data.

As part of ‘crypto’, we have the createCipheriv encryption function and the createDecipheriv decryption function. As much of the information required for the setting up of these is the same, we can create a function which either returns an encryptor or decrypter object:

function get_crypto(key,encode){    // Create hashed key from password/key
var m = crypto.createHash('md5').update(key)
Read more...

The Growing Importance of Data and AI Literacy – Part 1

This is the first part of a 2-part series on the growing importance of teaching Data and AI literacy to our students.  This will be included in a module I am teaching at Menlo College but wanted to share the blog to help validate the content before presenting to my students.

Wow, what an interesting dilemma. Apple plans to introduce new iPhone software that uses artificial intelligence (AI) to churn through the vast collection of photos that people have taken with their iPhones to detect and report child sexual abuse.  See the Wall Street article “Apple Plans to Have iPhones Detect Child Pornography, Fueling Priva…” for more details on Apple’s plan.

Apple has a strong history of working to protect its customers’ privacy.

Read more...

A Stress Monitor Designed Specifically to Help You Work From Home

There are quite a bit of mixed emotions regarding working from home. Some people love it and are thriving like they haven’t before, but others are having a bit of a hard time with it all. [Brandon] has been working from home for the last 12 years, but even after so many years of managing this type of work culture, he admits that it can still be a little stressful. He says he doesn’t take enough time in between tasks to simply relax and to breathe a little and the day-to-day minutia of his work can drive his stress level up if he doesn’t take some time to calm himself. He figured he could make something to monitor his stress level and remind himself to take a break and the results are pretty impressive.

He develops a system to monitor his heart rate and the ambient noise level in his room and uses these metrics as a measure of stress.

Read more...

This Week In Security: Insecure Chargers, Request Forgeries, And Kernel Security

The folks at Pen Test Partners decided to take a look at electric vehicle chargers. Many of these chargers are WiFi-connected, and let you check your vehicle’s charge state via the cloud. How well are they secured? Predictably, not as well as they could be.

The worst of the devices tested, Project EV, didn’t actually have any user authentication on the server side API. Knowing the serial number was enough to access the account and control the device. The serial numbers are predictable, so taking over every Project EV charger connected to the internet would have been trivial. On top of that, arbitrary firmware could be loaded remotely onto the hardware was possible, representing a real potential problem.

The EVBox platform had a different problem, where an authenticated user could simply specify a security role.

Read more...

Blockchain emerging as Next-Generation Data and Model Governance Framework

Introduction and Motivation

The blockchain technology has led to a strong foundation for different applications related to asset management, medical/health, finance, and insurance. Data analytics provided by the blockchain network helps efficient data management, analysis, privacy, quality assurance, access, and integration in heterogeneous environments.

The role of blockchain in data privacy is evidently becoming more strong when the current breakthroughs in quantum computing render present encryption technologies ineffective and make them susceptible to brute-force attacks. As the volume of data that blockchain networks store is also rapidly increasing over time, let’s explore how blockchain technology can play a dominant role in Data Governance.

Read more...

Who Is A “Terrorist” In Biden’s America?

Originally published at The Last American Vagabond.

In the latest sign that the US government’s War on Domestic Terror is growing in scope and scale, the White House on Tuesday revealed the nation’s first ever government-wide strategy for confronting domestic terrorism. While cloaked in language about stemming racially motivated violence, the strategy places those deemed “anti-government” or “anti-authority” on a par with racist extremists and charts out policies that could easily be abused to silence or even criminalize online criticism of the government.

Even more disturbing is the call to essentially fuse intelligence agencies, law enforcement, Silicon Valley, and “community” and “faith-based” organizations such as the Anti-Defamation League, as well as unspecified foreign governments, as partners in this “war,” which the strategy makes clear will rely heavily on a pre-crime orientation focused largely on what is said on social media and encrypted platforms.… Read more...

Economía Descentralizada

Economía descentralizada. Hoy en día los medios consideran Uber y Airbnb como economía colaborativa, pero no son modelos p2p. Son economías extractivas creadas por grandes empresas que actúan como intermediarios centrales que tienen control total sobre nuestros activos. Por ello, estas empresas toman unas comisiones importantes de lo que se mueve dentro.

En el paradigma bc 3.0 puedes desarrollar proyctos del tipo servicios descentralizados para compartir apartamentos o coches directamente entre 2 pesonas, sin intermediarios ni autoridades centales. Alquilas un piso a alguien de una ciudad que vas a visitar y nada ni nadie puede hacer ni decir nada al respecto (¿parece lógico por otra parte ¿no?). Las comunicaciones están encriptadas, la

Notes on Privacy

In 2019 the Internet is more centralized than ever before and eventually it will become just another media system, like cable TV. You will have issued your “internet access device” and it will only run on approved services and software that is fully monitored.

This is closer than it looks with mobile apps and its only left to close non regulated services using some terriorist, anti-russian or whatever any other bullshit they come up with for the ISPs / networks to disallow via traffic blocking. Ironically all of this systems were built using open source technologies but everyone ignored GPLv3, and here we are.

When it comes down to it, they want to be able to break our encryption (the common citizens), but they (the Rich, the powerful, the state nations and the people who serve them, etc) want their own unbreakable encryption.… Read more...

Tokenization vs Encryption

Both are mentioned together and are effective data obfuscation technologies. But they are not the same and are not interchangeable. In some cases such as electronic payments, they are used together to secure end-to-end process.

ENCRYPTION
Mathematically transforms plain text into cipher text using an encryption algorithm and a key.
Scales to larger data volumes with just the use of a small encryption key to decrypt data.
Used for structured fields as well as unstructured data such as entire files.
Ideal for exchanging sensitive data with third parties who share the key.
Format preserving encryption schemes come with a trade off of lower strength.
Original data leaves the organization but in encrypted form.

TOKENIZATION
Original data leaves the organization but in encrypted form.… Read more...

The Quantum Computing Hoax

Quantum computing has failed to deliver something for about 40 years now. Any other technology with such a results would have been already scrapped. Due to fundamental physical limitations, QCs will never scale the way digital computers did for a long time.

But for some reason there are lots of clueless people that think this is magic and will suddenly scale. There are lots of indications this is not going to happen in the near-medium term at all.

To break modern encryption you need to test algorithms which have a surface are of 2exp1000 which makes a million monkeys on typewriters for a million years look like basic arithmetic.

Obfuscation vs Encryption

Obfuscation is similar to encryption but doesn´t require a ‘secret’ to understand. Encryption is reversible but a ‘secret’ is required to do so.

Obfuscation generally involves removing clues from information (whitespace, etc.) to make something difficult to read. It provides no real or true level of security like that of encryption.

Encryption can follow several models, one of which is the ‘secret’ method, called Private Key Encryption, where both parties have a secret. Public key encryption uses a shared one-way key to encrypt and a private recipient key to decrypt. With public key only the recipient needs to have the secret.