Tag

Encryption

All articles tagged with #encryption

technology22 hours ago•10 min saved

Security researchers find critical flaws in mainstream password managers

An ETH Zurich team tested Bitwarden, LastPass, and Dashlane under a malicious-server threat model and demonstrated 12, 7, and 6 attacks respectively, showing that passwords could be accessed or altered and that end-to-end, zero-knowledge encryption promises may not hold. They found the attacks often only required routine user actions like logging in or syncing. The researchers propose updating cryptographic standards for new customers, providing migration paths for existing users, and increasing transparency via external audits, noting that many providers still rely on outdated crypto. Consumers should favor password managers that disclose vulnerabilities, are audited, and enable end-to-end encryption by default.

via futurity.org|

#cybersecurity #encryption #eth-zurich

technology3 days ago•2 min saved

Massive 100TB Lifetime Cloud Storage Deal from Internxt at $849.97

Mashable Deals reports a limited-time sale offering 100TB of Internxt Cloud Storage for life for $849.97 (down from $9,900). The plan is available to new users only and codes aren’t stackable. It features end-to-end encryption, zero-knowledge storage, open-source software, GDPR compliance, and post-quantum security, usable across Windows/macOS/Linux, iOS/Android with unlimited devices and ongoing app updates. The sale runs through Feb. 22 at 11:59 p.m. PT and prices may change.

via Mashable|

#cloud-storage #deal #encryption

security8 days ago•17 min saved

Zero-knowledge claims tested: researchers reveal multiple flaws in top password managers

Researchers from ETH Zurich and USI Lugano analyzed Bitwarden, Dashlane, and LastPass and uncovered multiple attack vectors that can enable a compromised or malicious server to read or even modify vaults, especially when account-recovery, group enrollment, key escrow, or backward-compatibility features are enabled. Some attacks could allow theft of entire vaults or selective item data, and even breach older encryption configurations. While vendors defend their security audits and ongoing patching, the study argues that the term “zero-knowledge” can be misleading and urges stronger threat models and resilience measures across password managers.

via Ars Technica|

#account-recovery #encryption #password-managers

tech9 days ago•43 min saved

Apple tests end-to-end encrypted RCS on iPhone, signaling cross-platform messaging

Apple is testing end-to-end encrypted RCS messaging in the iOS 26.4 developer beta, but the encryption tests are currently limited to Apple devices and won’t be shipped in this beta; cross‑platform (iPhone‑to‑Android) encrypted RCS messaging is planned for a future update.

via The Verge|

#apple #cross-platform #encryption

technology17 days ago•15 min saved

Google Urges Swift Post-Quantum Security Upgrades Amid Quantum Threats

Alphabet's Google warns that future quantum computers could crack today's encryption, urging governments and major industries to accelerate post-quantum security work. The company emphasizes crypto agility and ongoing updates, cites NIST's post-quantum standards, and notes that attackers may harvest data now to decrypt later. Google has tested quantum-safe methods in Chrome and argues cloud-based updates can speed the transition, while markets reacted to the news and analysts see potential upside from stronger security infrastructure.

via TipRanks|

#cybersecurity #encryption #google

politics29 days ago•3 min saved

FBI opens probe into Minneapolis protest Signal chats after far-right claim

The FBI director Kash Patel announced a criminal investigation into Signal chat groups used by Minneapolis protesters after a far-right influencer claimed he infiltrated them, with officials saying the inquiry could target illegal activity (such as doxxing or obstructing agents) but not peaceful protest or First Amendment activity. Critics question the basis given encryption and protected organizing. The move comes as authorities say they are not investigating the killing of nurse Alex Pretti by border patrol agents, a case handled by Homeland Security Investigations, with body-camera footage under review.

via The Guardian|

#encryption #fbi #first-amendment

news29 days ago•45 min saved

WhatsApp adds a 'Strict Account Settings' shield for high-risk users

WhatsApp is rolling out Strict Account Settings aimed at high-risk users (e.g., journalists and public figures). It automatically blocks attachments and media from unknown senders, silences calls from unknown contacts, and can restrict link previews, group additions, and visibility of profile details on the primary device, as part of a broader security push following spyware incidents and ongoing privacy concerns.

via The Verge|

#cybersecurity #encryption #news

security29 days ago•7 min saved

Cloud-stored BitLocker keys can be handed to law enforcement

Microsoft has confirmed that BitLocker recovery keys backed up in the cloud can be provided to law enforcement under a valid legal order, a situation highlighted by a Guam FBI case. To reduce this risk, users should avoid cloud backups and instead store the recovery key locally—on a USB drive or as a printed copy—and remove any cloud-stored copies; the piece also explains how to check BitLocker settings and how to back up the key safely.

via ZDNET|

#bitlocker #cloud-backup #encryption

technology1 month ago•9 min saved

Keep BitLocker Keys Local: Encrypt Windows Disks Without Microsoft Cloud

This Ars Technica piece explains how Windows 11 users can enable BitLocker on Windows 11 Pro and store the recovery key locally instead of on Microsoft’s servers, including upgrading to Pro, decrypting and re-encrypting if needed, and saving the key to print or external storage, with notes on privacy and the responsibility of managing keys.

via Ars Technica|

#bitlocker #encryption #privacy

news1 month ago•45 min saved

Microsoft hands encryption keys to FBI, sparking privacy concerns

The FBI obtained BitLocker recovery keys from Microsoft under a valid warrant, including data on laptops tied to a Guam unemployment-benefits fraud probe, marking a rare instance of cloud-stored keys being handed over and raising warnings from privacy advocates about a dangerous precedent for government access to customer data.

via The Verge|

#bitlocker #encryption #fbi

technology1 month ago•2 min saved

Microsoft Transfers BitLocker Recovery Keys to FBI, Fueling Privacy Debate

Microsoft reportedly handed over BitLocker recovery keys to the FBI in a Guam fraud investigation, marking the first known case; Microsoft says cloud-backed recovery offers convenience but carries the risk of unwanted access, while experts warn such access could undermine trust in encryption and data privacy.

via Gizmodo|

#bitlocker #cloud-backup #encryption

technology1 month ago•42 min saved

Microsoft Gave FBI BitLocker Keys, Sparking Privacy Alarm

Microsoft reportedly provided BitLocker recovery keys to the FBI under a legal process, enabling access to encrypted drives and prompting concerns about who can access user data and under what safeguards. The disclosure underscores tensions between law-enforcement access and device security, renewing calls for greater transparency and tighter controls around enterprise encryption management.

via Forbes|

#bitlocker #encryption #fbi

ai-platforms-and-assistants1 month ago•51 min saved

Signal founder unveils Confer: a privacy-first AI that encrypts chats end-to-end

Signal founder Moxie Marlinspike launches Confer, a privacy-first AI that encrypts chats by default and runs in a trusted execution environment, so conversations can’t be read by server admins and data isn’t stored or used for training. Messages are encrypted before they ever reach the server, keys stay on the user’s device, and remote attestation is used to verify code integrity. Confer aims to offer a private alternative to ChatGPT, with device syncing and a design that emphasizes confidentiality—even by the creators. It’s pitched as particularly appealing to privacy-conscious users and institutions.

via TechRadar|

#ai-platforms-and-assistants #artificial-intelligence #confer

technology1 month ago•3 min saved

Signal's Marlinspike unveils Confer: a privacy-first, end-to-end encrypted AI chat assistant

Signal founder Moxie Marlinspike unveils Confer, an end-to-end encrypted, open-source AI chatbot that encrypts prompts on-device and runs inference in a confidential computing environment to keep conversations private and away from data brokers or training pipelines.

via Gizmodo|

#ai #confidential-computing #encryption

technology1 month ago•10 min saved

Marlinspike’s Confer brings Signal-style privacy to AI chat

Marlinspike’s Confer is an open-source AI assistant designed to match Signal’s privacy: all prompts and responses are encrypted and stored locally on the user’s devices, with a trusted execution environment and passkeys to prevent access by servers or operators; the piece also notes ongoing privacy concerns around AI data collection and highlights Proton’s Lumo and Venice as other privacy-first options.

via Ars Technica|

#ai #encryption #open-source