How Heartbleed Works: The Code Behind The Internet's Security Nightmare

By now you’ve surely heard of Heartbleed, the hole in the internet’s security that exposed countless encrypted transactions to any attacker who knew how to abuse it. But how did it actually work? Once you break it down, it’s actually incredibly simple. And a little hilarious. But mostly terrifying.

Heartbleed: Why The Internet's Gaping Security Hole Is So Scary

In the past 15 or so years, we’ve all learned to feel pretty safe on the internet. BigSite.com is surely handling your credit card information safely, at least as safely as any brick and mortar store (looking at you, US Target). Maybe don’t be so sure; there’s been a bug lurking in one of the internet’s most important security measures for years, and it’s given attackers the keys to the kingdom. Enter Heartbleed.

HSTS: The Security That All Websites Should Be Using

You would think that by now the internet would have grown up enough that things like online banking, email or government websites would rely on thoroughly engineered security to make sure your data isn’t intercepted by attackers. Unfortunately, when it comes to the vast majority of websites on the internet, that assumption would be dead wrong.

New 'Unbreakable' Encryption Is Inspired By Your Insides

A new form of encryption promising to be “highly resistant to conventional methods of attack” could make our digital lives more secure — and it’s all inspired by the way our heart and lungs coordinate their rhythms by passing information between each other.

Yahoo Finally Encrypting Bulk Of Its Data

We were thrilled to hear today that Yahoo is carrying through a concerted effort to protect users across its sites and services by rolling out routine encryption in several parts of its infrastructure. The company’s statement announced that, among other things, it now encrypts traffic between its data centres, makes secure HTTPS connections the default for some websites, and has turned on encryption for mail delivery between Yahoo Mail and other email services that support it (like Gmail).

Every Single Gmail Message You Send Will Now Be Encrypted

Good news, security lovers! Google just announced that Gmail will be all encrypted all the time. More specifically, every single email you send or receive will use an encrypted HTTPS connection, regardless of which device you’re using and which network. Even public Wi-Fi is ok.

Sneaky 'Honey Encryption' Stops Hackers By Drowning Them In Phony Data

It seems like no matter how much companies may try to up their defences, there will always be some industrious young hacker who manages to evade every roadblock in his way. One team of researchers, though, think they may have finally found a way to turn their defence into an attack on the hackers themselves — by spewing fake data at them and sending them drowning.

NSA Trying To Build Quantum Computer That Cracks All Encryption

You will not be surprised to learn that the NSA is spending nearly $US80 million trying to build “a cryptologically useful quantum computer.” The Washington Post just published details of the program, codenamed “Penetrating Hard Targets”, based on documents supplied by Edward Snowden.

The Sounds Your Computer Makes Can Give Away Your Encryption Keys

You might think your computer runs quietly — or, if you’re unlucky, noisily — but either way you probably wouldn’t expect that its hum could give away your secrets. Turns out, that the noise your computer makes can reveal the RSA keys it’s using.

NSA Can Decode Private, Encrypted Mobile Phone Conversations

The Washington Post is reporting that, according to a newly released internal document, the National Security Agency isn’t just swiping location data from American mobile phones; they actually have the ability to decode private, encrypted data, putting texts and calls right at their disposal.