The title comes from a folk song written by Pete Seeger in the 1950s, but apparently, software developers are not into folk music. In this case, security researchers are warning that developers are leaving security credentials in public repositories. They found these creds in repositories run by IBM, Digital Ocean, AWS, Gitlab, and others. The […]
Continue reading → [DISPLAY_ACURAX_ICONS]About a year ago Suffolk County on Long Island in New York was taken out by a ransomware attack. It took months to get back online. So what did they do wrong? Pretty much everything. First, they had to find a scapegoat, so they fired their IT director. Did he do anything wrong? No. In […]
Continue reading → [DISPLAY_ACURAX_ICONS]Post Quantum Crypto Isn’t The Only Problem – Pre Stone Age Crypto is Also a Problem While some folks are worried about what is going to happen to encryption when quantum computing becomes real, other companies are still using antique crypto. Unfortunately, many of the companies who are using antiques are medical devices and higher […]
Continue reading → [DISPLAY_ACURAX_ICONS]The domestic intelligence chiefs of the “Fives Eyes” – Australia, Canada, US, New Zealand and UK – say that they are seeing a sharp rise in attempts by hostile states to steal intellectual property. The intelligence chiefs spoke at an event hosted by Stanford University’s Hoover Institution. This is a little different that what the […]
Continue reading → [DISPLAY_ACURAX_ICONS]I have written several times about the need to start thinking about post-quantum crypto. At this point, “Q-Day” is somewhere between this year and ten years from now. If you believe my blog last week, Q-Day could be today. NIST has published draft post quantum standards, but there is a lot more to do besides […]
Continue reading → [DISPLAY_ACURAX_ICONS]Researchers are highly skeptical about the claim of another scientist who says that he has developed an inexpensive system to crack RSA encryption, the most commonly used public key encryption. The researcher who claims to have cracked RSA is Ed Gerck. According to his LinkedIn profile, he is a quantum computing developer at a company […]
Continue reading → [DISPLAY_ACURAX_ICONS]