Sign up to Newsletter

Search

Content type: Examples

Design flaw leaves Bluetooth devices vulnerable

1st April 2020
An engineering and computer science professor and his team from The Ohio State University discovered a design flaw in low-powered Bluetooth devices that leaves them susceptible to hacking. Zhiqiang Lin, associate professor of computer science and engineering at the university, found the commonly used Bluetooth Low Energy devices, such as fitness trackers and smart speakers, are vulnerable when they communicate with their associated apps on the owner’s mobile phone. "There is a fundamental…
apple mac classic
Content type: News & Analysis

Defeating encryption: the battle of governments against their people

1st February 2017
Technologists hoped the “Crypto Wars” of the 1990s – which ended with cryptographers gaining the right to legally develop strong encryption that governments could not break – was behind them once and for all. Encryption is a fundamental part of our modern life, heavily relied on by everything from online banking and online shopping services to the security our energy infrastructure. However, from comments by the French and German governments about creating a European initiative to circumvent…
Bug Off! A Primer for Human Rights Groups on Wiretapping
Content type: Report

Bug Off! A Primer for Human Rights Groups on Wiretapping

5th October 1995
The explosion of telecommunications services has improved the ability for human rights groups to disseminate information worldwide. New telephone, facsimile and computer communications have created opportunities for human rights groups to improve organizing and to promote human rights faster and at a lower cost than ever before. However, these new technologies can be monitored by governments and other groups seeking to monitor the activities of human rights advocates. For this reason, human…
Content type: Examples

Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange

1st April 2020
Bluetooth utilizes a device pairing mechanism based on elliptic-curve Diffie-Hellman (ECDH) key exchange to allow encrypted communication between devices. The ECDH key pair consists of a private and a public key, and the public keys are exchanged to produce a shared pairing key. The devices must also agree on the elliptic curve parameters being used. Previous work on the "Invalid Curve Attack" showed that the ECDH parameters are not always validated before being used in computing the resulted…
https://pxhere.com/en/photo/924478
Content type: News & Analysis

#efail and PGP - What should I do?

15th May 2018
We found the above image here. Background Email is hard to secure. For years we've been trying to build security on top of email, such as through technologies like Pretty Good Privacy (PGP) and the open source implementation: GnuPG (GPG). What happened In the past 48 hours, there have been very scary looking reports recommending people switch off PGP in their email clients. The TL;DR version of this post is: PGP is not broken by this attack You absolutely should not stop using PGP with …