The LA Times writes that a data breach at Cedars-Sinai Medical Center is larger than previously reported. According to latimes.com, a stolen computer that was not protected with medical laptop encryption software contained information on more than 33,000 patients; in August, the number was “more than 500” which implied a figure closer to 500 than […] read more
Generally, when an entity experiences a data breach (say, a laptop theft), it concludes the thieves were not after the data on the device, proclaiming with alacrity that they suspect the hardware was the objective of the theft, that the laptop will be wiped and resold, that clients’ data are probably safe – an assumption […] read more
Canada PII Encryption: Southwest Community Business Development Has Laptop Data Breach, Plumbs The Depths Of Idiotic Remarks.
Oh, Canada. The past twelve months have been a debacle for the northernmost country on the American continent, on many fronts, putting at risk the image it has cultivated over the years – a country of polite, maple-syrup-consuming, thoughtful, intelligent, and funny citizens. Here’s an additional incident that makes one wonder what exactly is going […] read more
Not too long ago, AlertBoot was approached by a prospect who wanted “NSA-proof encryption.” Another prospect wanted to know what guarantees we could offer when it comes to preventing data leaks. We have found over the years that such questions are par for the course in the sector. Long story short: we let the prospects […] read more
According to arstechnica.com, the US government spends $11 billion and dedicates 35,000 people each year to a program “dedicated to encryption,” which includes cracking encryption. Most people would view this as a bad thing. There are issues like the right to privacy and whatnot. But the way I see it, this is actually good news […] read more
I ran across a story that, as far as I know, is the first of its kind: proof that laptop thieves don’t just blast away the current information on a stolen laptop and sell it as quickly as possible. Oh, no. They’re willing to see what they can find on the laptop, which is why […] read more
Education Encryption: Laptop Encryption Beats Locked Rooms, Shows University Of South Carolina Data Breach.
The use of laptop encryption in higher education, especially by faculty and staff, seems like a no-brainer to me. After all, such computers are full of personal information, not only of the devices’ owners themselves but also of the student body (they still use SSNs as student IDs, don’t they?). While the Department of Education […] read more
US Fifth Amendment Rights: Judge Tells Suspect To Surrender Encryption Password One Month After Saying Otherwise.
As I scanned through the headlines at slashdot.org this morning, I ran across news that: After having first decided against forcing a suspect to decrypt a number of hard drives that were believed to be his and to contain child pornography, a U.S. judge has changed his mind and has now ordered the suspect to […] read more
Not too long ago, a tool for cracking laptop disk encryption was released by Elcomsoft. In the latter’s case, it targeted machines that were using PGP, TrueCrypt, and Microsoft’s BitLocker. The cracking tool made use of a vulnerability found on FireWire / iLink / 1394 port, a weakness that has been around for a while. […] read more
Disk Encryption: PGP/Symantec, TrueCrypt, and BitLocker Disk Encrypted Data Can Be Accessed With Forensic Software.
The Russian firm Elcomsoft has announced that they’ve built a decryption tool that can retrieve the encryption keys to PGP (now owned by Symantec), TrueCrypt, and BitLocker encrypted computers. On some level, this means that the above three disk encryption solutions are less secure than AlertBoot. On the other hand, this is a vulnerability that […] read more