encryption

Pierluigi Paganini December 21, 2013
NSA paid 10M$ to RSA to insert an encryption backdoor in its solution

Last revelation based on the documents leaked by Edward Snowden is related to the allegedly encryption backdoor inserted by RSA in the BSafe software. Is it possible to insert an encryption backdoor in one of most popular cryptographic products? Probably it is just a question of money if the request came from the NSA, according […]

Pierluigi Paganini December 07, 2013
Android game allows WhatsApp conversations snooping

Google has recently removed from the official Play store the ” Balloon Pop 2″ Android game that allows WhatsApp conversations snooping. Every day numerous friends ask me if it is possible to steal WhatsApp chat messages and how, of course a malware represents an excellent solution to the request. In the past I already posted […]

Pierluigi Paganini October 11, 2013
Serious WhatsApp flaw allows decrypting user messages

A serious vulnerability in WhatsApp allows anyone who is able to eavesdrop on WhatsApp connection to decrypt users’ messages. A new security issue concerns users of the popular Whatsapp, the mobile application for instant messaging platform. The popularity of WhatsApp makes it attractive for security researchers and hackers, the platform in fact has become one of […]

Pierluigi Paganini September 07, 2013
NSA Bullrun program, encryption and false perception of security

Revelations on Bullrun program demonstrated that NSA has capabilities against widely-used online protocols such as HTTPS and encryption standards. The latest nightmare for US Administration is named Bullrun, another US program for massive surveillance. Snowden‘s revelations represented a heartquake for IT security, the image of NSA and US IT companies are seriously compromised such the trust of worldwide […]

Pierluigi Paganini September 02, 2013
Reversing Dropbox client code raises security issues

Researchers at last USENIX security symposium presented a new method and consolidated techniques for reversing Dropbox code to bypass Dropbox’s two factor authentication, hijack Dropbox accounts and intercept SSL data. Reversing Dropbox analysis allowed researchers to crack its open cloud storage service, reverse engineering the encryption protecting the client it is possible to open it up […]

Pierluigi Paganini May 12, 2013
Apple decrypts seized iPhones for law enforcement

Apple can “bypass the security software” if it chooses, accoring ATF no law enforcement agency could unlock a defendant’s iPhone except Apple that has created a police waiting list because of high demand. Apple is considered an impregnable fortress, the main functions provided by the iOS operating system and related data are inaccessible to ill-intentioned but […]