Encryption - Infoworld http://www.infoworld.com/t/2102 en Most but not all sites have fixed Heartbleed flaw http://www.infoworld.com/d/security/most-not-all-sites-have-fixed-heartbleed-flaw-240886?source=rss_encryption <p>The world's top 1,000 websites have been patched to protect their servers against the "Heartbleed" exploit, but up to 2% of the top million were still vulnerable as of last week, according to a California security firm.</p> <p>On Thursday, Menifee, Calif.-based Sucuri Security scanned the top 1 million websites as ranked by Alexa Internet, a subsidiary of Amazon that collects Web traffic data.</p> Security Internet Encryption Patch Management Mon, 21 Apr 2014 13:45:12 +0000 admin 240886 at http://www.infoworld.com The Heartbleed recovery starts with you and me http://www.infoworld.com/d/data-center/the-heartbleed-recovery-starts-you-and-me-240648?source=rss_encryption <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 192px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/web_browser.jpg" alt="The Heartbleed recovery starts with you and me" width="243" height="182" align="right" /><br /><em><p align="right">Credit: iStockphoto</p></em></div> Data Center Security Encryption Data Center Security Mon, 21 Apr 2014 10:00:00 +0000 Paul Venezia 240648 at http://www.infoworld.com The rise and fall of Heartbleed hysteria http://www.infoworld.com/d/data-explosion/the-rise-and-fall-of-heartbleed-hysteria-240773?source=rss_encryption <div id="tw-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/heartbleed.jpg" alt="The rise and fall of Heartbleed hysteria" width="243" height="182" align="right" /></div> <p>The crescendo of stories dissecting the Heartbleed bug is testimony to just how much <a href="http://www.npr.org/books/titles/146598867/everyone-loves-a-good-train-wreck-why-we-cant-look-away" target="_blank">everyone loves a good train wreck</a>.</p> Data Explosion Security Internet Encryption Open Source Software Patch Management Vulnerability Assessment Fri, 18 Apr 2014 10:00:00 +0000 InfoWorld Tech Watch 240773 at http://www.infoworld.com Lavaboom builds encrypted webmail service to combat snooping http://www.infoworld.com/d/security/lavaboom-builds-encrypted-webmail-service-combat-snooping-240636?source=rss_encryption <p>A new webmail service called <a href="http://lavaboom.com/" target="_blank">Lavaboom</a> promises to provide easy-to-use email encryption without ever learning its users' private encryption keys or message contents.</p> Security Data Loss Prevention Email Software Encryption Internet Privacy Web Applications Thu, 17 Apr 2014 11:46:33 +0000 admin 240636 at http://www.infoworld.com Think tank challenges Heartbleed handwringing http://www.infoworld.com/d/security/think-tank-challenges-heartbleed-handwringing-240607?source=rss_encryption <p>A think tank opinion piece that claims the threat from the <a href="http://www.infoworld.com/t/security/5-no-bull-facts-you-need-know-about-heartbleed-right-now-240269">Heartbleed bug</a> is overblown has sparked a debate among researchers over the seriousness of the OpenSSL flaw.</p> Security Cyber Crime Encryption Vulnerability Assessment Wed, 16 Apr 2014 13:58:50 +0000 admin 240607 at http://www.infoworld.com Rushed Heartbleed fixes may expose users to new attacks http://www.infoworld.com/d/security/rushed-heartbleed-fixes-may-expose-users-new-attacks-240597?source=rss_encryption <p>In the race to protect themselves from the <a href="http://www.infoworld.com/t/security/5-no-bull-facts-you-need-know-about-heartbleed-right-now-240269">Heartbleed</a> vulnerability, enterprises could be opening themselves up to new attacks if they aren't careful.</p> <p>Perpetrators of some of the most virulent cyberattacks on the Internet will try to take advantage of the chaos that's bound to occur in some IT shops as administrators and developers hurriedly respond to Heartbleed, the widespread OpenSSL flaw that was discovered last week, a top researcher at Kaspersky Lab said.</p> Security Encryption Open Source Software Patch Management Vulnerability Assessment Wed, 16 Apr 2014 11:16:08 +0000 admin 240597 at http://www.infoworld.com VMware promises Heartbleed patches for affected products by the weekend http://www.infoworld.com/d/security/vmware-promises-heartbleed-patches-affected-products-the-weekend-240538?source=rss_encryption <p>VMware started patching its products against <a href="http://www.infoworld.com/t/security/5-no-bull-facts-you-need-know-about-heartbleed-right-now-240269">the critical Heartbleed flaw</a> that puts encrypted communications at risk, and plans to have updates ready for all affected products by Saturday.</p> Security Encryption Patch Management Vulnerability Assessment Tue, 15 Apr 2014 16:13:16 +0000 admin 240538 at http://www.infoworld.com Sloppy but secure: Open source TrueCrypt passes audit http://www.infoworld.com/t/encryption/sloppy-secure-open-source-truecrypt-passes-audit-240478?source=rss_encryption <div id="tw-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/encryption_padlock_hp.gif" alt="Sloppy but secure: Open source TrueCrypt passes audit" width="243" height="182" align="right" /></div> <p>How secure is TrueCrypt, the open source disk encryption system used by many as a line of defense against snoops (and maybe spooks)?</p> Open Source Software Storage Encryption Open Source Software Tue, 15 Apr 2014 10:00:00 +0000 InfoWorld Tech Watch 240478 at http://www.infoworld.com Stop laying the blame for Heartbleed on open source http://www.infoworld.com/d/open-source-software/stop-laying-the-blame-heartbleed-open-source-240434?source=rss_encryption <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/Security_web_1_hp.jpg" alt="Stop blaming open source for Heartbleed" width="243" height="182" align="right" /></div><p>I've spent the last week considering the data and opinions concerning the <a href="http://www.infoworld.com/t/security/5-no-bull-facts-you-need-know-about-heartbleed-right-now-240269">Heartbleed bug</a> that was found in the widely used OpenSSL cryp</p> Open Source Software Encryption Open Source Software Security Mon, 14 Apr 2014 17:06:14 +0000 Simon Phipps 240434 at http://www.infoworld.com Tests confirm Heartbleed bug can expose server's private key http://www.infoworld.com/d/security/tests-confirm-heartbleed-bug-can-expose-servers-private-key-240403?source=rss_encryption <p>Four researchers working separately have demonstrated a server's private encryption key can be obtained using the Heartbleed bug, an attack thought possible but unconfirmed.</p> <p>The findings come shortly after a challenge created by CloudFlare, a San Francisco-based company that runs a security and redundancy service for website operators.</p> Security Data Loss Prevention Data Security Encryption Open Source Software Vulnerability Assessment Web Security Mon, 14 Apr 2014 12:00:32 +0000 admin 240403 at http://www.infoworld.com Akamai admits its OpenSSL patch was faulty, reissues keys http://www.infoworld.com/d/security/akamai-admits-its-openssl-patch-was-faulty-reissues-keys-240405?source=rss_encryption <p>Akamai Technologies, whose network handles up to 30 percent of all Internet traffic, said Sunday a researcher found a fault in custom code that the company thought shielded most of its customers from the <a href="http://www.infoworld.com/t/security/5-no-bull-facts-you-need-know-about-heartbleed-right-now-240269">Heartbleed bug</a>.</p> <p>As a result, Akamai is now reissuing all SSL (Secure Sockets Layer) certificates and security keys used to create encrypted connections between its customer's websites and visitors to those sites.</p> Security Data Security Encryption Open Source Software Vulnerability Assessment Web Security Mon, 14 Apr 2014 11:45:35 +0000 admin 240405 at http://www.infoworld.com 3 big lessons to learn from Heartbleed http://www.infoworld.com/d/data-center/3-big-lessons-learn-heartbleed-240270?source=rss_encryption <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 192px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/heart_circuitboard.jpg" alt="3 big lessons to learn from Heartbleed" width="243" height="182" align="right" /><br /><em><p align="right">Credit: Svitlana Pidburtna</p></em></div> Data Center Open Source Software Security Encryption Systems Management Open Source Software Data Center Security Mon, 14 Apr 2014 10:00:00 +0000 Paul Venezia 240270 at http://www.infoworld.com Bitcoin finally pays off -- in secure cloud storage http://www.infoworld.com/t/encryption/bitcoin-finally-pays-in-secure-cloud-storage-240386?source=rss_encryption <div id="tw-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/Cloud_Security_hp.jpg" alt="Bitcoin finally pays off -- in secure cloud storage" width="243" height="182" align="right" /></div> <p>Bitcoin may finally be coming into its own as a cryptocurrency, despite the <a href="http://www.infoworld.com/t/cringely/bitcoin-grows-mt-gox-melts-down-the-crypto-currency-crapshoot-237270">implosions</a> of several online exchanges and Cloud Computing Open Source Software Cloud Storage Encryption Open Source Software Cloud Computing Mon, 14 Apr 2014 10:00:00 +0000 InfoWorld Tech Watch 240386 at http://www.infoworld.com Don't overlook URL fetching agents when fixing Heartbleed flaw on servers, researchers say http://www.infoworld.com/d/security/dont-overlook-url-fetching-agents-when-fixing-heartbleed-flaw-servers-researchers-say-240335?source=rss_encryption <p>Website operators should assess their whole Web infrastructure when patching <a href="http://www.infoworld.com/d/security/the-heartbleed-openssl-flaw-worse-you-think-240231">the critical Heartbleed flaw in OpenSSL</a>, otherwise they risk leaving important components open to remote attacks, despite fixing the problem on their publicly facing servers.</p> Security Encryption Patch Management Security Tools Vulnerability Assessment Fri, 11 Apr 2014 15:44:51 +0000 admin 240335 at http://www.infoworld.com Website operators will have a hard time dealing with the Heartbleed vulnerability http://www.infoworld.com/d/security/website-operators-will-have-hard-time-dealing-the-heartbleed-vulnerability-240305?source=rss_encryption <p>Website and server administrators will have to spend considerable time, effort, and money to mitigate all the security risks associated with <a href="http://heartbleed.com/" target="_blank">Heartbleed</a>, one of the most severe vulnerabilities to endanger encrypted SSL communications in recent years.</p> Security Encryption Open Source Software Patch Management Vulnerability Assessment Fri, 11 Apr 2014 11:48:48 +0000 admin 240305 at http://www.infoworld.com In Heartbleed's wake, Comodo cranks out fresh SSL certificates http://www.infoworld.com/d/security/in-heartbleeds-wake-comodo-cranks-out-fresh-ssl-certificates-240329?source=rss_encryption <p>Tens of thousands of new digital certificates have been issued by Comodo in the wake of the "Heartbleed" security flaw, which has put Internet users' data at risk.</p> <p>One of New Jersey-based Comodo's main business lines is issuing the digital certificates that encrypt traffic between users and a Web service, a critical shield that protects users from spying by third parties.</p> Security Encryption Hacking Open Source Software Web Security Fri, 11 Apr 2014 11:20:15 +0000 admin 240329 at http://www.infoworld.com After Heartbleed: 4 OpenSSL alternatives that work http://www.infoworld.com/t/encryption/after-heartbleed-4-openssl-alternatives-work-240304?source=rss_encryption <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/Security_web_1_hp.jpg" alt="After Heartbleed: 4 OpenSSL alternatives that work" width="243" height="182" align="right" /></div><p>Nobody needs to be reminded of the <a href="http://www.infoworld.com/t/security/5-no-bull-facts-you-need-know-about-heartbleed-right-now-240269">severity of the Heartbleed OpenSSL bug</a>. Open Source Software Security Encryption Open Source Software Security Standards Fri, 11 Apr 2014 10:00:00 +0000 InfoWorld Tech Watch 240304 at http://www.infoworld.com 5 no-bull facts you need to know about Heartbleed right now http://www.infoworld.com/t/security/5-no-bull-facts-you-need-know-about-heartbleed-right-now-240269?source=rss_encryption <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 192px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/numbers_1_to_5.jpg" alt="5 no-bull facts you need to know about Heartbleed right now" width="243" height="182" align="right" /><br /><em><p align="right">Credit: iStockphoto</p></em></div> Open Source Software Security Encryption Hacking Internet Privacy Open Source Software Web Security Security Thu, 10 Apr 2014 18:20:10 +0000 InfoWorld Tech Watch 240269 at http://www.infoworld.com Stung by file-encrypting malware, researchers fight back http://www.infoworld.com/d/security/stung-file-encrypting-malware-researchers-fight-back-240226?source=rss_encryption <p>Jose Vildoza's 62-year-old father was using his old Windows computer when a warning in broken English flashed on the screen: your files have been encrypted.</p> <p>Vildoza's father, who speaks Spanish, didn't understand the warning, which demanded payment in order to decrypt the files. When Vildoza looked at it, he knew it was bad. And he became angry.</p> Security Cyber Crime Data Loss Prevention Encryption Endpoint Protection Malware Thu, 10 Apr 2014 11:54:58 +0000 admin 240226 at http://www.infoworld.com Twitter says it dodged the horrors of Heartbleed http://www.infoworld.com/d/security/twitter-says-it-dodged-the-horrors-of-heartbleed-240220?source=rss_encryption <p>Twitter was not affected by the <a href="http://www.infoworld.com/d/security/heartbleed-bug-in-openssl-puts-encrypted-communications-risk-240054" target="_blank">Heartbleed</a> Internet vulnerability that rocked the Web security world this week, making one less password consumers need to change to protect themselves, but users still need to be careful how they respond to the threat.</p> Security Data Security Encryption Hacking Thu, 10 Apr 2014 10:57:06 +0000 admin 240220 at http://www.infoworld.com