Interesting. Of course, with the possible exception of Skype, only
the over-the-network part of the communication is protected. The
IM providers can still give the contents of your communications to
third parties.
As far as I can tell after having reverse engineered its protocol,
Skype
Leichter, Jerry [EMAIL PROTECTED] writes:
Speculation about this kind of attack has made the rounds for years. It
appears the speculations have now become reality.
It's not speculation, encryption virii have been around for at least ten
years, although the encryption used was pretty crude and
In any event, because of Skype's peer-to-peer architecture and
encryption techniques, Skype would not be able to comply with such
a request.
Well... Total BS and we all know it.
1. Skype servers transparently report the last few known IP addresses
to any client requesting them. Just try
Leichter, Jerry [EMAIL PROTECTED] wrote:
Computerworld reports:
http://www.computerworld.com/action/article.do?command=viewArticleBasicarticleId=9094818
on a call from Kaspersky Labs for help breaking encryption used by some
ransomeware: Code that infects a system, uses a public key
On Mon, 9 Jun 2008, Leichter, Jerry wrote:
Even worse, targeted malwared could attack your backups. If it
encrypted the data on the way to the backup device, it could survive
silently for months, by which time encrypting the live data and
demanding the ransom would be a very credible threat.
From the No Comment Department:
Date: Tue, 10 Jun 2008 11:01:06 -0400
Message-Id: [EMAIL PROTECTED]
From: CERT Advisory [EMAIL PROTECTED]
Subject: US-CERT Technical Cyber Security Alert TA08-162A -- SNMPv3
Authentication Bypass Vulnerability
National Cyber Alert System
Technical
| SNMPv3 Authentication Bypass Vulnerability
|
|Original release date: June 10, 2008
|Last revised: --
|Source: US-CERT
|
| Systems Affected
|
| * Multiple Implementations of SNMPv3
|
| Overview
|
| A vulnerability in the way implementations of SNMPv3 handle specially
|
Jim Youll wrote:
If there's just one key, then Kaspersky could get maximum press by
paying the ransom and publishing it. If there are many keys, then Kaspersky
still has reached its press-coverage quota, just not as dramatically.
The key size would imply PKI; that being true, then the ransom