Adobe Product Security Team Accidentally Leaks PGP Private Key

Adobe’s Product Security Incident Response Team (PSIRT) accidentally posted their private key to the internet allowing anyone with access to either side of a conversation with the PSIRT to be able to decrypt the messages.  The Adobe security team was quick to revoke the PGP key, but it has left people with encrypted messages to Adobe in the clear.  How did it happen?

Read more

The Impact of GDPR and What Encryption Can Do About It

In April 2016, the General Data Protection Regulation was signed into law by the European Parliament and was enforceable as of May 25th 2018. This EU regulation lays out a wide number of policies that require businesses to protect personal data. Companies must have policies and technology controls to securely store or transfer personal data of any person residing in the EU. The way the various articles of the regulation read, this means at a minimum that data needs to be encrypted or made anonymous.

Read more

Equifax Breach: Making Sense of ‘Identity’ Theft

Equifax made news recently for being the victim of a hack; their systems were compromised and data was accessed by person(s) that weren’t authorized to have it. Unfortunately, this is not an uncommon occurrence these days. Hacks happen all the time, to companies both large and small. Individual hacks aren’t really noteworthy any more. But what is particularly noteworthy about this incident is the data that was accessed: the personal (and supposed-to-be private) information of roughly half of the US population. Read more

Forced Features: Why Unwanted Upgrades Are Bad Security

The Telephonic Treatment

Like most people who own one, we love our smartphones.  We love that we can use Activator to keep my phone from automatically playing music, even over Bluetooth.  We love that we can select text and move the cursor without leaving the keyboard.  We love having five icons on the dock, speeding up the OS’s animations, and running a terminal session on my phone.

What we don’t love is running an old version of the OS so we don’t lose our jailbreak, and thus, all the above features.

Read more