Skip to main content
banner image
venafi logo

Encryption Stories that Caught Our Eye This Week | May 3

Encryption Stories that Caught Our Eye This Week | May 3

encryption key management
May 3, 2019 | Katrina Dobieski

Here are the encryption stories that we’re looking at this week. In this edition, read about encryption challenges for IoT, European Union backlash against backdoors and the ripple effect of the ShadowHammer attack.

Trouble is Spelled with a Capital “P2P”

Imagine buying a home-security camera with the capability to punch through firewalls and share your data with millions of other connected devices, peer-to-peer. Imagine your baby monitor connected to a worldwide network of other shared devices all homing in to the same Chinese based manufacturing mothership. Imagine the outdated code is replete with stale vulnerabilities that expose it to remote compromise from any P2-peerthat can connect.

For a nominal fee, you can buy an unencrypted IoT device requiring zero authentication and fully functional with the scan of a barcode. The only thing more ear-catching than that is finding out how many have already been sold. Read the full article.

Read related articles

The Right to Remain Private: Europe Resists Encryption Backdoors

Taking a page from Australia’s book, the FBI is pushing to have near-unlimited access to consumer and corporate encrypted communications, chasing cybercrime down its own dark alleys. “It can’t be a sustainable end state for there to be an entirely unfettered space that’s utterly beyond law enforcement for criminals to hide,” argues FBI director Christopher Wray at RSA last month. While intended to shine a light, privacy advocates fear government mandated encryption backdoors will backfire, becoming state-sanctioned snooping on one of the last free frontiers of privately-encoded messaging.

Europe backs the pedestrian’s right of way, acknowledging “if we respect privacy, then encryption is the main key to security in the IT world,” according to Yves Vandermeer, chair of the European Cybercrime Training and Education Group (ECTEG). However, he does concede the “need to address the [encryption] challenge in other ways.” Read the full article.

Read related articles

Victims Rise in ShadowHammer Attack

Kaspersky confirmed that at least six other firms fell victim to what is now seen as a trojan attack. ShadowHammer struck a blow to ASUS earlier this year as the malware took down its systems from the inside, hidden in its machines in a wide-sweeping supply-chain attack. While unfortunate, the fact that several Asian gaming corporations got similarly “pwned” adds some consolation to the Taiwanese electronics giant.

Some digging reveals the malware was signed with valid certificates, not surprising given that this is an increasing trend in dark cyber. So what’s the answer for laptop makers, gamers and all of us who rely on the validity of their supply chains? Read the full article

Read related articles

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

Huawei mobile devices

Encryption Digest 7 | Lethal Apps, Contraband Huawei and A Door that Unlocks Itself

Encryption, Sectigo, EV certificate, extended validation certificate

Encryption Digest 6 | Bank Threats, Leaked Secret Keys and HTTPS Phishing

Encryption, encryption backdoor, HIPAA

Encryption Stories That Caught Our Eye | June 14

About the author

Katrina Dobieski
Katrina Dobieski

Katrina writes for Venafi's blog and helps optimize Venafi's online presence to advance awareness of Machine Identity Protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat