Encryption ▪ July 22

homekit-security

If you were wondering why manufacturers seemed to be rather slow in launching HomeKit-compatible devices, it may all be down to Apple’s stringent security requirements. Forbes reports that manufacturers are finding it hard to incorporate the extremely secure encryption standards demanded by Apple in order to achieve MFi certification for their products.

Apple is requiring device makers using both WiFi and Bluetooth LE to use complicated encryption with 3072-bit keys, as well as the super secure Curve25519, which is an elliptic curve used for digital signatures and exchanging encrypted keys.

While mains-powered WiFi kit is coping, the processing workload in battery-powered Bluetooth LE devices is leading to extremely slow response times, say manufacturers …  expand full story

Encryption ▪ June 2

timcook

While speaking at the Electronic Privacy Information Center’s (EPIC) Champions of Freedom Awards Dinner yesterday night, Apple CEO Tim Cook gave a speech during which he addressed the ongoing issues that surround privacy in the technology space. Cook, who was not physically in Washington D.C. for the event but rather spoke remotely, commented on both the steps Apple takes at ensuring customer privacy and how other companies are failing at the same task (via TechCrunch).

expand full story

Encryption ▪ May 19

Encryption ▪ May 13

bleep

If you want the security of knowing your voice, text and picture messages can’t be intercepted, direct peer-to-peer communication with end-to-end encryption is the gold standard: and that’s what BitTorrent offers with its Bleep app.

Every conversation is between you and your friends. There is no cloud to hack because messages are never stored in the cloud.

For text messages and photos, Bleep offers the choice of Whispers – where both text and images disappear when they’ve been read – and Messages, which stores them locally on the device. You can also make voice calls with the same peer-to-peer encrypted technology …  expand full story

Encryption ▪ April 21

The buggy code highlighted by arsTechnica

The buggy code highlighted by arsTechnica

A bug in the way that 1,500 iOS apps establish secure connections to servers leaves them vulnerable to man-in-the-middle attacks, according to analytics company SourceDNA (via arsTechnica). The bug means anyone intercepting data from an iPhone or iPad could access logins and other sensitive information sent using the HTTPS protocol.

A man-in-the-middle attack allows a fake WiFi hotspot to intercept data from devices connecting to it. Usually, this wouldn’t work with secure connections, as the fake hotspot wouldn’t have the correct security certificate. However, the bug discovered by SourceDNA means that the vulnerable apps fail to check the certificate …  expand full story

Encryption ▪ April 20

Manhattan District Attorney Cyrus R. Van

We’ve heard some pretty outrageous ramblings from the government regarding Apple’s use of encryption in its mobile devices in the past—including a claim from the Department of Justice that some day it will result in the death of a child—but Manhattan district attorney Cyrus Vance, Jr. might have just dethroned the DOJ as king of hyperbole.

Yesterday morning during a radio interview, Vance claimed that Apple’s encrypted software will make the iPhone the communication tool of choice for terrorists:

expand full story

Submit a Tip

cancel

Submitting a tip constitutes permission to publish and syndicate. Please view our tips policy or see all contact options.

Powered by WordPress.com VIP