Major US security company warns over NSA link to encryption formula

Status
Not open for further replies.

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Source - Major US security company warns over NSA link to encryption formula
RSA, the security arm of EMC, sends email to customers over default random number generator which uses weak formula


A major American computer security company has told thousands of customers to stop using an encryption system that relies on a mathematical formula developed by the National Security Agency (NSA).

RSA, the security arm of the storage company EMC, sent an email to customers telling them that the default random number generator in a toolkit for developers used a weak formula, and they should switch to one of the other formulas in the product.

The abrupt warning is the latest fallout from the huge intelligence disclosures by the whistleblower Edward Snowden about the extent of surveillance and the debasement of encryption by the NSA.
 

Moose

Level 22
Jun 14, 2011
2,271
Then what Encryption E-mail Service?Would you use? For privacy?And/or what is the best way to encrypt your E-mail from prying eyes? I am using Mullvad for VPN!
 

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Excerpt from http://readwrite.com/2013/09/19/keys-understanding-encryption

Start With The End Points

At the end of the day, however, what law enforcement and intelligence agencies want, they can get. All the encryption in the world does not make a lick of difference if your computer has been compromised and data and messages can be examined right off your hard drive or your cloud-storage account before they are encrypted. Weak passwords, social engineering, and downloadable malware are all easy ways for anyone to get to your system and its data—far simpler than tinkering with encryption.

This is what security experts warn about when they speak of "end-point security vulnerabilities". End points, in security jargon, mean the devices you actually use—computers, tablets, smartphones, and servers in data centers where your files are stored.

Oh, and you can encrypt your data to your heart's content, but if your password is something simple like (ahem!) ReadWriteHack, then if you're targeted, you're probably vulnerable.

The good news, if there is any, is that encryption itself, when strong enough, still works and can even keep the NSA at bay. Then you're left with an even more complex task: keeping all the machines you use to connect to the Internet secure.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top