Security & Privacy

HANOVER, Germany--You're traveling and your coworker needs your key to get into your office. Why not just e-mail it?

That's the idea behind Fraunhofer Institute's Key2Share technology, which the German research lab is developing in partnership with Bosch and showing off here at the CeBIT show.

Key2Share uses smartphones equipped with near-field communications (NFC) short-range wireless networking abilities to unlock phones. But because approval to use the key becomes digital data, a person can e-mail that approval.

It could be useful for other situations, too, said Ahmad-Reza Sadeghi, a researcher involved with the project. For example, a … Read more

HANNOVER, Germany--In today's James Bond world, smartphones get you instant access to top-secret information. In the real world, security constraints mean mobile phones generally aren't nearly so clever or convenient.

BlackBerry and Secusmart hope to change that through a partnership that at least has won over the German federal government. It has authorized purchases of phones with the BlackBerry 10 operating system augmented with Secusmart's SD card-mounted security chips for classified communications, said Hans-Christoph Quelle, Secusmart managing director, speaking here at the CeBit technology show.

The approach uses a feature in BlackBerry 10 called Balance, which partitions … Read more

They're arguing now about who let it happen, but happen it did, with entertaining consequences.

Somehow Nicholas Webber found himself in an IT class while in jail. He's serving five years for creating a site called GhostMarket, which allowed those interested in creating computer viruses, partaking of stolen IDs and enjoying private credit card data to congregate.

He was caught using hacked personal information to buy everything from iPods to luxury hotel stays.

One might have thought that an IT class would have been quite dull for him. One might also have thought that inviting him to an … Read more

Web security service CloudFlare was offline for about an hour this morning due to a systemwide failure of its edge routers.

The outage, which began around 1:47 a.m. PT, removed the security layer for 785,000 Web sites, including 4chan and Wikileaks, according to TechCrunch. CloudFlare said the outage occurred while it was trying to defend one of its customers from a distributed denial-of-service attack.

The outage affected Juniper routers running the Flowspec protocol, which allows customers to broadcast router rules to a large number of routers efficiently. CloudFlare uses the protocol to update the rules on routers … Read more

Yet another company has fallen victim to a hack, with attackers breaking into systems at Evernote, maker of a Web-based note-taking application used by about 50 million people.

The company said in a security notice that some user data had been accessed and that Evernote was requiring all users to reset their passwords. Apparently, though, no sensitive financial information was stolen, and no user content was affected:

"In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost," the company said in the statement, which was … Read more

Java cannot seem to get a break. Only a few days after patching the last zero-day vulnerability, two more exploits are being found that make use of the runtime. One, as noted by Kaspersky, is a recent exploit of the latest runtime's attempts to install a McRAT executable by overwriting memory in the JVM that will trigger the executable to run.

Once installed, the McRAT malware will attempt to contact command and control servers and copy itself into dll files in Windows systems.

This malware is specifically Windows-based; however, a second one outlined by Intego, is a Minecraft password-stealing … Read more

SAN FRANCISCO--Of all the multitudes of phones launching amid the grandeur of Barcelona this week, Motorola Solutions quietly broke champagne over one device from the back corner of a convention center here.

The Motorola AME 2000, originally announced a few weeks back, is not a phone for the average consumer. That makes sense, given that its public bow was at the RSA Conference 2013 this week, an annual confab of security nerds, experts, researchers, enterprise security vendors, and government representatives.

Motorola Solutions focuses on government and enterprise devices, and remains independent from the Google-owned Motorola Mobility. Its booth at RSA … Read more

For years, the U.S. intelligence community has warned that cyber attacks from China and other countries are the biggest threat to our national security. Now, some are wondering whether the death of an engineer from California could be linked to cyber espionage.

In 2010, 29-year-old Shane Todd moved to Singapore for an engineering job with a government research firm called the Institute of Micro Electronics or IME.

"He was a young man that wanted an adventure and thought it would be super-cool to live in a foreign country and he really liked it when he first got there,&… Read more

How Google and other American Internet companies operate in Europe could come down to a link that, depending on what side of the Atlantic Ocean you're on, should or should not be deleted.

A case heard Tuesday before the European Court of Justice (ECJ) hinges on a complaint submitted by a Spanish citizen who searched Google for his name and found a news article from several years earlier, saying his property would be auctioned because of failed payments to his social security contributions.

Spanish authorities argued that Google, other search engines, and other Web companies operating in Spain should … Read more