An anonymous reader writes "Many years ago when I first heard of PGP, I found an add-on that made it fairly simple to use PGP to encrypt my email. Despite the fact that these days most people know that email is a highly insecure means of communication, very few people that I know ever use any form of email encryption despite the fact that it is pretty easy to use. This isn't quite what I would have expected when I first set it up. So, my question to fellow Slashdotters is 'Do you encrypt your email? If not, 'Why not?' and 'Why has email encryption using PGP or something similar not become more commonplace?' The use of cryptography used to be a hot topic once upon a time."

Read more of this story at Slashdot.

Sparrowvsrevolution writes "CryptDB, a piece of database software that MIT researchers presented at the Symposium on Operating System Principles in October, allows users to send queries to an encrypted SQL database and get results without decrypting the stored information. CryptDB works by nesting data in several layers of cryptography (PDF), each of which has a different key and allows a different kind of simple operation on encrypted data. It doesn't work with every kind of calculation, and it's not the first system to offer this sort of computation on encrypted data. But it may be the only practical one. A previous crypto scheme that allowed operations on encrypted data multiplied computing time by a factor of a trillion. This one adds only 15-26%."

Read more of this story at Slashdot.

jaromil writes "TorTV is an early effort to embed Tor in household computing: run it on your TV at home. So far only WDTV installed with the homebrew WDLXTV firmware is supported. What other platforms do you think are viable for it?"

Read more of this story at Slashdot.

wiredmikey writes "It's not news that some of the underlying foundations of the DNS protocol are inherently weak, especially what they call the "last mile" — or the part of the internet connection between the client and the ISP. To address this, OpenDNS has released a preview of DNSCrypt, a tool that enables encrypted DNS traffic, much in the same way SSL enables encrypted HTTP traffic. DNSCrypt will stop DNS replay, observation, and timing attacks, as well as Man-in-the-Middle attacks and resolver impersonation attacks. The tool, available already compiled for OS X, will also run on OpenBSD, NetBSD, Dragonfly BSD, FreeBSD, and Linux. There is no Windows client, which is odd considering a majority of the 30 million OpenDNS users run Microsoft's operating system."

Read more of this story at Slashdot.

First time accepted submitter DrDevil writes "The British spy agency GCHQ recently published a puzzle at canyoucrackit.co.uk (as featured on Slashdot), now just a few days later an academic at the University of Greenwich in England has posted a full video explanation of the puzzle. The puzzle has three stages and is not at all simple — likely to challenge even the best computer science graduates."

Read more of this story at Slashdot.

New submitter karlnyberg writes with an update to the recently announced de-shredding challenge posted by DARPA: "The team 'All Your Shreds Are Belong To U.S.' has correctly solved all five puzzles, and the Challenge has now ended. You may view the winning team's submissions as well as the complete puzzle solutions by following the links on our homepage. We recognize that many of our participants have devoted countless hours to painstakingly piecing our puzzles back together, and we truly appreciate everyone's efforts. Hopefully you enjoyed the Challenge and learned something new along the way. We certainly did!"

Read more of this story at Slashdot.

MrKevvy writes "An Ottawa physicist is using laser light to create truly random numbers much faster than other methods do, with obvious potential benefits to cryptography: 'Sussman's Ottawa lab uses a pulse of laser light that lasts a few trillionths of a second. His team shines it at a diamond. The light goes in and comes out again, but along the way, it changes. ... It is changed because it has interacted with quantum vacuum fluctuations, the microscopic flickering of the amount of energy in a point in space. ... What happens to the light is unknown — and unknowable. Sussman's lab can measure the pulses of laser light that emerge from this mysterious transformation, and the measurements are random in a way that nothing in our ordinary surroundings is. Those measurements are his random numbers.'"

Read more of this story at Slashdot.

Sparrowvsrevolution writes "Twitter has confirmed that it's acquiring Whisper Systems, the mobile encryption startup founded by hacker and security researcher Moxie Marlinspike. Marlinspike has built some of the most noteworthy tools in applied cryptography over the last few years, including the encrypted calling app Redphone, the hardened Android OS WhisperCore, and Convergence, a system for fixing the broken SSL certificate authority system. Twitter won't yet say how it plans to integrate Marlinspike or his products."

Read more of this story at Slashdot.

New submitter LBeee writes "German Researchers at the Ruhr University Bochum built an FPGA board-based man-in-the-middle attack against the HDCP copy protection used in HDMI connections. After the leak of an HDCP master key in 2010, Intel proclaimed that the copy protection was still secure, as it would be too expensive to build a system that could conduct a real-time decryption of the data stream. It has now been proven that a system can be built for around $350 (€200) to do the task. However, the solution is of no great practical use for pirates. It can easily be used to burn films from Blu-ray discs, but receivers which can deliver HDTV recordings are already available — and they provide the data in compressed form. In contrast, recording directly from an HDMI port results in a large amount of data."

Read more of this story at Slashdot.

Hugh Pickens writes writes "Police departments around the country are moving to shield their radio communications from the public as cheap, user-friendly technology has made it easy for anyone to use handheld devices to keep tabs on officers responding to crimes and although law enforcement officials say they want to keep criminals from using officers' internal chatter to evade them, journalists and neighborhood watchdogs say open communications ensures that the public receives information as quickly as possible that can be vital to their safety. 'Whereas listeners used to be tied to stationary scanners, new technology has allowed people — and especially criminals — to listen to police communications on a smartphone from anywhere,' says DC Police Chief Cathy Lanier who says that a group of burglars who police believe were following radio communications on their smartphones pulled off more than a dozen crimes before ultimately being arrested. But encryption also makes it harder for neighboring jurisdictions to communicate in times of emergency. 'The 9/11 commission concluded America's number one vulnerability during the attacks was the lack of interoperability communications,' writes Vernon Herron, 'I spoke to several first responders who were concerned that their efforts to respond and assist at the Pentagon after the attacks were hampered by the lack of interoperability with neighboring jurisdictions.'"

Read more of this story at Slashdot.