19478658
submission
rifles only writes:
Firmware built into many solid state drives (SSDs) to improve their storage efficiency could be making forensic analysis at a later date by police forces and intelligence agencies almost impossible to carry out to legally safe standards, Australian researchers have discovered.
They found that SSDs start wiping themselves within minutes after a quick format (or a file delete or full format) and can even do so when disconnected from a PC and rigged up to a hardware blocker.
1233571
submission
rifles only writes:
A German techie has found a remarkably simple way to discern some of the content of encrypted volumes containing images. The encrypted images don't reveal themselves totally, but in many cases do let an attacker see the outline of a high-contrast image. The attack works regardless of the encryption algorithm used (the widely-used AES for instance), and affects all utilities that use single symmetric keys. More significant to police around the world struggling with criminal and terrorist use of encryption, the attack also breaks the ability of users to 'hide' separate encrypted volumes inside already encrypted volumes, whose existence can now for the first time now be revealed. Encryption won't save us after all.
http://www.techworld.com/security/news/index.cfm?newsid=105263
1219281
submission
rifles only writes:
Russian police almost certainly know the identity of the programmer responsible for the frightening 'ransomware' crypto virus, Gpcode, which has hit the Internet several times since 2006, says a story at Techworld, which has tapped a Kaspersky Lab researcher. Gpcode used 1024-bit RSA/128-bit RC4 to lock up victim's data, an uncrackable combination that left the world with only one solution: find the virus author to get the master key. So why don't the cops do anything? Good question, but this is Russia we're talking about.
http://www.techworld.com/security/news/index.cfm?newsid=105043
17913
submission
1960's architecture writes:
At last some evidence that exploit code is hiding on servers used to cache website content. According to Techworld, Israeli outfit Finjan has come up with evidence that real exploits have hidden on cache servers used by large search engines, effectively extending their life for periods of weeks after the original website had been taken down. The exploits detailed are from 2003-2004, but the principle would still apply to any exploit website around today, and any cache servers used by any one of the three unnamed search engines. It's almost literally malware "life after death".
http://www.techworld.com/security/news/index.cfm?n ewsID=7083&pagtype=all