Cracking Ransomware (Reddit) SANS ISC SecNewsFeed(cached at January 19, 2016, 11:57 pm)

Details of 325K Earbits.com users available on public database (SC Magazine) SANS ISC SecNewsFeed(cached at January 19, 2016, 11:57 pm)

Afraid of getting your iThing pwned? You'll want to download iOS 9.2.1 (The Register SANS ISC SecNewsFeed(cached at January 19, 2016, 11:57 pm)

UK Voice Crypto Standard Built For Key Escrow, Mass Surveillance Slashdotby Soulskill on encryption at January 1, 1970, 1:00 am (cached at January 19, 2016, 11:33 pm)

Trailrunner7 writes: The U.K. government's standard for encrypted voice communications, which already is in use in intelligence and other sectors and could be mandated for use in critical infrastructure applications, is set up to enable easy key escrow, according to new research. The standard is known as Secure Chorus, which implements an encryption protocol called MIKEY-SAKKE. The protocol was designed by GCHQ, the U.K.'s signals intelligence agency, the equivalent in many ways to the National Security Agency in the United States. MIKEY-SAKKE is designed for voice and video encryption specifically, and is an extension of the MIKEY (Multimedia Internet Keying) protocol, which supports the use of EDH (Ephemeral Diffie Hellman) for key exchange. "MIKEY supports EDH but MIKEY-SAKKE works in a way much closer to email encryption. The initiator of a call generates key material, uses SAKKE to encrypt it to the other communication partner (responder), and sends this message to the responder during the set-up of the call. However, SAKKE does not require that the initiator discover the responder's public key because it uses identity-based encryption (IBE)," Dr. Steven Murdoch of University College London's Department of Computer Science, wrote in a new analysis of the security of the Secure Chorus standard. "By design there is always a third party who generates and distributes the private keys for all users. This third party therefore always has the ability to decrypt conversations which are encrypted using these private keys," Murdoch said by email. He added that the design of Secure Chorus "is not an accident."

Read more of this story at Slashdot.

Car hub Stuttgart asks for auto ban BBC News | Science/Nature | UK Edition(cached at January 19, 2016, 11:28 pm)

Residents of one of Germany's foremost car manufacturing bases are urged to leave their vehicles at home after smog breaches maximum safe levels.
For fsck's SAKKE: GCHQ-built phone voice encryption has massive backdoor researcher SANS ISC SecNewsFeed(cached at January 19, 2016, 11:27 pm)

A website that works (IT Toolbox Blogs) SANS ISC SecNewsFeed(cached at January 19, 2016, 11:27 pm)

External Link: iOS 9.3 and Education TidBITS(cached at January 19, 2016, 11:03 pm)

Frasier Speirs takes a look at the new education-oriented features slated to appear in iOS 9.3. These features include a Shared iPad capability, a Classroom app for teachers, and Managed Apple IDs (managed via an Apple School Manager portal). Apple is both renewing its education focus in a very big way with this upcoming iOS release as well as attempting to revive iPad sales, which have slowly but steadily declined in recent quarters.

 

Read the full article at TidBITS, the oldest continuously published technology publication on the Internet. To get a full-text RSS feed, help support our work and become a TidBITS member! Members also enjoy an ad-free version of our Web site, email delivery of individual articles, the ability to make long comments with live links, and discounts on Take Control orders and other Apple-related products.

How cold is it? Scripting News(cached at January 19, 2016, 11:01 pm)

It's so cold that my iPhone battery, which was close to full, reported to the software that it was empty and caused the device to shut down. 

EU 'has two months' to solve refugee crisis AL JAZEERA ENGLISH (AJE)(cached at January 19, 2016, 10:57 pm)

European Council President Donald Tusk says EU must deal with crisis immediately or face collapse of passport-free zone.
ISIL media outlet confirms death of 'Jihadi John' AL JAZEERA ENGLISH (AJE)(cached at January 19, 2016, 10:57 pm)

Dabiq magazine releases eulogy for Mohammed Emwazi, who won global notoriety for his filmed executions of hostages.
Video: Insurance industry 'will drag cyber-security into the light' (SC Magazine) SANS ISC SecNewsFeed(cached at January 19, 2016, 10:57 pm)

Zero-Day Flaw Found in 'Linux Kernel' leaves Millions Vulnerable (Reddit) SANS ISC SecNewsFeed(cached at January 19, 2016, 10:57 pm)

How to get root on a Linux box, step 1: Make four billion system calls (The Register SANS ISC SecNewsFeed(cached at January 19, 2016, 10:57 pm)

Pro tip: Remotely manage date and time settings in OS X (TechRepublic) SANS ISC SecNewsFeed(cached at January 19, 2016, 10:57 pm)