A new deal between Poland's ministry of defence and three universities is aimed at swelling the ranks of its cyberwar forces.
Showing results 1 to 20 of 186
Facebook is open sourcing a new security tool intended to help developers write apps that are more secure and efficient on Android.
Problems with the update affected only Windows Server 2008 R2 and Windows Server 2012. The new update does not apply the new TLS ciphers by default.
Modern cryptography protocols require real randomness. Sadly, most Random Number Generators (RNG) are pseudo-random and, therefore, hackable. Here's a cheap RNG for the rest of us.
Guardtime's tech uses hash function cryptography to protect data integrity, and its products are finding a foothold in the US and China.
There was a time, not long ago, when the biggest companies were cowed by the national security state. Now they aren't afraid to stand up for the rights and interests of their users.
Can quantum computing result in an ultra-secure setup for your mobile device?
The solution to a mathematical problem generally considered insolvable would doom almost all trust on the Internet. Could it actually happen? We'd better hope not.
The German government employee recently arrested for spying for the US hid his encryption software using a kind of steganography.
[UPDATED] The company is improving encryption for Outlook.com and OneDrive users and aiming to boost confidence of foreign governments in their integrity.
Sponsored by Red Hat and Intel
Adoption of open source software in the enterprise continues to grow, with research suggesting the two largest factors fueling this growth are security and quality. Surprising, perhaps, given revelations of the much-publicised Heartbleed vulnerability discovered in a widely used open source cryptography library earlier this year.
Those who want maximum privacy for their email have a tough time using difficult software. Google is attempting to do better with Gmail, but there's already a decent webmail solution.
Industry and standards bodies had announced the transition from SHA-1 hashes to SHA-2 in certificates some time ago, but adoption was weak. Now Heartbleed has created an opportunity to jumpstart the transition.
Many years since a backdoor was discovered, probably planted by the NSA, public pressure finally forces NIST to formally remove Dual_EC_DRBG from their recommendations.
[UPDATE] Many networking products, including hardware, also run OpenSSL, the critical software component with a severe information disclosure vulnerability.
Bugs don't often get more severe than Heartbleed and OpenSSL, the affected code, is about as critical a library as there is on the Internet. Does it need special treatment?
On Patch Tuesday, Microsoft will issue an update that removes support for TLS/SSL and other digital certificates that use MD5 hashes.
The National Institute of Standards and Technology has declared that "SHA-1 shall not be used for digital signature generation after December 31, 2013." So why are they still using it?
[UPDATE] In light of government attempts to subvert products and standards, both Linux and FreeBSD add extra entropy/randomness to the output of Intel's and Via's opaque hardware-based random number generators. Smart move.
An international arms control regime is planning to create export controls for some software security tools on the grounds that they might be used for nefarious purposes.
The best of ZDNet, delivered
- 1 ZDNet Cloud TV: Hurdles to overcome (highlights)
- 2 Perfectly legal ways you can still get Windows 7 cheap (or even free)
- 3 34 ways to improve your iPhone's battery life
- 4 How much does an iPhone 6 really cost? (Hint: It's way more than $199)
- 5 So you have an app idea and want to make a bajillion bucks