Posts Tagged ‘Google’

Google“Google Cloud Storage service is now automatically and free of charge encrypts all user data,” – said in the Internet company Google.

According to Dave Barth (the product manager for Google Cloud Storage), embedded encryption process is completely transparent to users and does not affect the performance of the service.

“If you enable encryption of your data, this feature saves you from using third-party solutions for data encryption, as well as the need for storage and management of cryptographic keys,” – he said.

According to him, when you turn on encryption for new downloadable service files will be encrypted at the back end, and users will not see any differences between the files with crypto support without it. In a blog post Google said that such an approach – is only part of the company’s efforts to strengthen the privacy of customer data after recent scandals with Internet wiretapping and NSA leaks from the U.S.. (more…)

GoogleGoogle has warned its customers about the need to use different passwords for different services, strive to make your passwords as complicated and in any case not to give access to information to outsiders. Do not forget about the possibility of a painless password recovery, just in case, in case you forget it.

Researchers believe that Google is not enough to inform people about the need of complication passwords. Internet companies need to improve the defenses of its services.

Despite the fact that Google has warned its clients to complicate too simple passwords, the experts on information security of such a step was not enough. (more…)

SSL certificatesGoogle has announced the strengthening of all SSL encryption certificates. Developers start using 2048-bit encryption.

The new standard will be put into operation gradually. Google starts using the new certificates in August. Fully transition promise to finish by the end of 2013.

In most cases and for most users, the transition to another technology will hardly be noticed. But hackers will have to work harder because the transmitted data will be much more difficult to decipher.

“We are starting to move to the new 2048-bit certificates from August 1, 2013 to provide sufficient time for translation reserve all of our products to the new standard by the end of the year. We also change the root certificate, because it used a 1024-bit encryption “ – explains Google. (more…)

Google ChromeThe developer has found vulnerabilities, wrote PoC-code of an exploit, as well as a detailed description of the error.

Google has paid a $ 31,336 reward to a developer Ralf-Philipp Weinmann, found four dangerous vulnerabilities in the operating system, Chrome OS.

Vulnerabilities have been found in the plugin O3D – a special plug-in that creates an interactive 3D-graphics applications that run in a browser window or in a custom XML-interface.

As noted in a company blog a Google spokesman Ben Henry, an update to Chrome 26, addresses a vulnerability, will be released in the next few days. (more…)

E-mail services vulnerable

E-mail Services

Companies Google, Microsoft, Yahoo!, PayPal and eBay recently eliminated a gap in a cryptographic system to e-mail services, which allowed hackers to forge a digital signature and send them messages purportedly from the employees of these companies.

The vulnerability exists in the system DomainKeys Identified Mail (DKIM), which is used by e-mail providers to make special reports cryptographic signature. This signature confirms the domain name of the sender, which simplifies the process of filtering malicious messages.

DKIM implementation issue was that if the amount of the signature key is less than 1024 bits, if sufficient computing power can be forged. US-CERT has confirmed in the notice that the keys are shorter than 1.024 bits do not provide a sufficient level of security, and that all the keys up to RSA-768 can be forged. (more…)