Some of you may have noticed that I haven’t been here much… well, here or anywhere else for that matter. I have been playing over at Google + and tweeting a little bit… and checking in on Facebook… but that’s about it. Really. I haven’t had the time.
With the recent California Supreme Court ruling, its time you used a passcode lock no your cell phone. While this ruling is only in effect in California, I’m pretty sure it wont be long until other states appeal cases or enact laws to allow your local police to search your cell phone incident to your arrest. In this week’s court documents (PDF), the justiced pointed to a case in 2007. Police had caught Ventura County citizen Gregory Diaz trying to sell six pills of ecstasy, to which he denied. However a deputy sheriff, who had pocketed Diaz’ cell phone during the arrest, found a text message reading ‘6 4 80,’ which in his experience meant ‘six pills for $80.’ When confronted Diaz pled guilty but later appealed the unwarranted cell phone search. (( See PC Magazine report here. ))
Today I learned of an Android 2.1 + based Audio Steganography app. AppBrainhas a new tool listed called StegDroid. StegDroid allows you to create an audio file, embed text into the file, and share it. Other users of StegDroid can extract the text from the file. Not being an Android user, I cant say how well this works, but it does look promising. This app was introduced on Jan 10th and is an alpha.
[T]he FBI implemented a number of backdoors and side channel key leaking mechanisms into the OCF, for the express purpose of monitoring the site to site VPN encryption system implemented by EOUSA, the parent organization to the FBI.
Steganography is defined as -
Hiding a secret message within a larger one in such a way that others can not discern the presence or contents of the hidden message. For example, a message might be hidden within an image by changing the least significant bits to be the message bits. (( Definition Source - Dictionary.com ))
Gary Kessler defines Steganography as - the science of hiding information. Whereas the goal of cryptography is to make data unreadable by a third party, the goal of steganography is to hide the data from a third party. (( Gary Kessler definition source. ))
From a report over at CNet (( Read the CNet report here. )) , Canon’s OSK-E3‘Original Data Security Kit’ has been cracked. The system, used mainly by Law Enforcement, is used to ensure that the photographs on the storage card have not been tampered with. Using Dmitry Sklyarov’s method, his company - Elcomsoft - was able to spoof images that the Canon software believed to be genuine.
Passware, makers of Passware Kit, are set to demonstrate at Passwords^10 that the latest version of Passware Kit can decrypt BitLocker and TrueCrypt volumes from computers that have been properly shut down. If that doesnt make you shudder, check your pulse. BitLocker, a component of Windows Vista/7 Enterprise and Ultimate editions, and TrueCrypt, a free utility, both perform the similar task of encrypting hard-drives and portable devices, like USB sticks.
If you use public Windows based computers or Windows based computers at work or a friends house and you want the ability to decrypt and encrypt your emails have a look at the PortableApps version of Thunderbird. It fits on a small USB stick. Go to PortableApps.com and download Mozilla Thunderbird, Portable Edition, GPG for Thunderbird Portable 1.4.10 and the Enigmail extension.
For those of you wanting OpenPGP / GnuPG on your iPhone, you now have an option that does not involve jailbreaking and installing GnuPG or GnuPG 2. From developer Gregory Descamps comes oPenGP Lite, a FREE utility that will allow you to decode PGP/GPG encoded text. This information is taken from iTunes and other sites. My review follows.
If you are using an Android based smartphone, you have a pretty decent option for securing your emails in the form of Android Privacy Gard (APG) and PGP Manager for Android. APG is free, I believe, and PGP Manager is about $2.00
