PINDROP BLOG

Category: Privacy

March 10, 2017
Senator Asks DNI Nominee Coats for Answers on Section 702 Use
A Senate leader is asking Daniel Coats, the nominee for the vacant director of national intelligence position, to specify the number of Americans whose communications have been collected as part of the Section 702 surveillance program used by the NSA. In a letter sent this week to Coats, Sen. Ron Wyden (D-Ore.) repeated a request…
Read More →
March 8, 2017
Researchers Find Multiple Bugs in Confide Messaging App
Researchers at IOActive have uncovered a number of serious security flaws in the Confide secure messaging app, some of which could allow an attacker to hijack a user’s session or impersonate a target user. Confide is one of the group of encrypted chat apps that have emerged in the last few years and promises end-to-end…
Read More →
February 27, 2017
Google Pushes Encrypted Email System Out Into the World
People have been trying to find a replacement for PGP almost since the day it was released, and with limited success. Encrypted email is still difficult to use and painful to implement in most cases, but Google has just released a Chrome plugin designed to address those problems. The new E2EMail extension doesn’t turn a user’s…
Read More →
February 24, 2017
Cloudflare Memory Leak Bug Exposed Private Customer Data
Cloudflare, one of the larger content-delivery networks and DNS providers on the Internet, had a critical bug in one of its services that resulted in sensitive customer data such as cookies, authentication tokens, and encryption keys being leaked and cached by servers around the world. The vulnerability was in an HTML parser that Cloudflare engineers…
Read More →
February 23, 2017
SHA-1 Collision Spells the End for Old Algorithm
Engineers at Google have created the first SHA-1 collision, an achievement that should lay to rest any remaining doubts about the practical security of the hash function. Cryptographers and security researchers have been warning about weaknesses in SHA-1 for several years, saying that modern computing power would soon put a collision within reach. A hash…
Read More →
February 22, 2017
Google Releases Upspin Secure File-Sharing Tool
Google has published a new open-source tool called Upspin that enables users to share files and other content securely across networks without the need for uploading and downloading. Unlike existing systems such as Dropbox or Google Drive, Upspin isn’t really a separate file storage and retrieval service. Instead, Google describes it as a global namespace…
Read More →
February 21, 2017
Wyden to Introduce Bill to Prohibit Warrantless Phone Searches at Border
A senator from Oregon who has a long track record of involvement on security and privacy issues says he plans to introduce a bill soon that would prevent border agents from forcing Americans returning to the country to unlock their phones without a warrant. Sen. Ron Wyden said in a letter to the secretary of…
Read More →
February 17, 2017
On the Wire Podcast: RSA 2017
As the RSA Conference was winding down this week in San Francisco, we gathered a few reporters and other friends to talk about all the security news from the conference, what we liked, things we didn’t like so much, and a lot of other topics. Guests this year include Brian Donohue from Cyber4Sight, Chris Brook…
Read More →
February 16, 2017
Security Lessons From Snowden
SAN FRANCISCO–Working in the security field offers ample opportunity to learn from your mistakes, and perhaps no organization has had to go through that process more publicly and painfully than the National Security Agency. The failures that led to Edward Snowden walking out the door with a massive cache of NSA data four years ago…
Read More →
February 14, 2017
Cryptographers Question the Promise of AI, Machine Learning in Security
SAN FRANCISCO–Artificial intelligence and machine learning are the two dominant buzzphrases at the RSA Conference this year, but some of the founding fathers of the security community are questioning how much use those technologies will be for security. “I’m actually skeptical that there will be much impact on security from AI,” Ron Rivest, a professor…
Read More →