Is the Chip and PIN Broken? A Controversial Solution to Bank Card Security

January 25, 2011

What is the security gadget that UK bankers don’t want you to know about? A University of Cambridge student has published a paper on a new device that can protect card-holding consumers from the dangers of hackers, resulting in a financial trade group demanding that it be removed from the public.

According to Ars Technica, increasingly more people are learning about the vulnerability of their bank card system (Europay, MasterCard and Visa cards commonly used in the U.K.), and the protocol flaw that enables a hacker to use someone’s real card without knowing the PIN. Even worse, fraudsters can tinker with Chip-and-PIN card terminals in order to obtain sensitive data.

Read More

Programming Flaw Could Allow Total PS3 Hacking

December 30, 2010

A team of hackers presenting at the recent 27th Annual Chaos Communication Conference appear to have exploited a programming flaw in Sony's Playstation 3 that could allow them to sign their own code on the console--giving them total control over the device.

Read More

Good Technology Standardizes on Mocana to Secure Mobile Offerings

July 25, 2010

Mocana today announced that Good Technology has licensed its NanoCrypto cryptographic engine for use on supported mobile platforms, including iOS, Android, Symbian, Windows Mobile, and Palm webOS. Good for Enterprise enables IT administrators to easily define and distribute configuration profiles and enforce compliance policies for devices using the web-based Good Mobile Control console. With solutions that combine a great user experience with the tools that IT needs to manage and protect its mobile enterprise, Good Technology will implement Mocana's NanoCrypto as their universal security client, protecting against increasingly sophisticated attacks directed specifically at non-PC smart devices.

Read More

Understanding EAX' Smart Grid Security

July 6, 2010

Much of the latest smart grid and AMI technology relies on the open ANSI C12.22/IEEE1703 standard for the transport of meter data over networks. And this specification relies on a security mechanism called EAX', a modification of the EAX mode cryptography scheme.

Read More

UK Researches Develop "Holy Grail" of Cryptography

June 7, 2010

Researchers at the University of Bristol's Department of Computer Science have devised a new method of encryption that may qualify as the "Holy Grail" of cryptography. By performing the "add" and "multiply" operations on encrypted data, Professor Nigel Smart claims that his new model "will present a major improvement on the recent encryption scheme invented by IBM in 2009." The IBM scheme allowed theoretical simultaneous use of the operations but failed to prove practical.

Read More