Category Archives: Encryption
MongoDB debuts new encryption tool and analytics features at MongoDB World – SiliconANGLE News
MongoDB Inc. today introduced new features that will enable enterprises to query their data without decrypting it and carry out large-scale analytics projects more easily.
The features were announced at the companys annual MongoDB World conference.
Publicly traded MongoDB provides an open-source NoSQL database that is widely used among developers. The database has been downloaded more than 265 million times, while developers at north of 35,000 organizations use it to power applications.
Some of the product updates that MongoDB announced today are rolling out for its namesake open-source database. Other features will become available as part of MongoDB Atlas, a managed cloud version of the database. Atlas removes the need for customers to manage infrastructure and automates a number of other administrative tasks.
Our vision is to offer a developer data platform that provides a modern and elegant developer experience, enables broad support for a wide variety of use cases, and delivers the performance and scale needed to address the most demanding requirements, said MongoDB Chief Executive Officer Dev Ittycheria.
Companies keep the business information in their databases encrypted most of the time to ensure that hackers cant read records in case they gain network access. However, records have to be decrypted when theyre queried by an application or a user. MongoDB is rolling out a new release of its open-source database, MongoDB 6.0, that it says makes it possible to query data without decrypting it.
MongoDB 6.0s Queryable Encryption feature, as its known, doesnt require specialized cryptography know-how to use. Queryable Encryption keeps records encrypted while theyre in a servers memory. Information also remains encrypted while it travels through the servers central processing unit, according to MongoDB.
Cybersecurity researchers have long sought to develop a way of processing data without having to decrypt it. Some of the technologies that have been created to facilitate encrypted processing, such as fully homomorphic encryption, are impractical to use because they significantly slow down queries. MongoDB says Queryable Encryption facilitates speedy queries and doesnt impact application performance.
Another set of features introduced by MongoDB today focuses on helping companies carry out large-scale data analytics initiatives more easily. Some of the capabilities are rolling out for the MongoDB database, while others are part of the Atlas managed database service.
MongoDB 6.0 introduces a feature called Column Store Indexes that will speed up common analytical queries. The feature speeds up queries by creating an index, a collection of data shortcuts that makes it possible to find specific records in a database faster. Reducing the amount of time that it takes to find records enables the database to return results quicker.
For administrators, MongoDB is adding a feature that makes it easier to manage the hardware resources assigned to a MongoDB deployment. According to the company, the feature will help administrators avoid provisioning too little or too much infrastructure for a MongoDB deployment that is used to support analytics workloads.
Atlas, the managed version of MongoDB, is also receiving improved support for analytics workloads. A tool called Atlas Data Lake will provide managed cloud object storage to facilitate analytical queries. For business analysts, MongoDB is rolling out Atlas SQL Interface, a capability that makes it possible to query data using SQL syntax.
MongoDBs revenuegrew 57% year-over-year, to $285.4 million, during the quarter ended April 30. As part of its revenue growth strategy, MongoDB has been adding support for more enterprise use cases, which helps expand its addressable market and unlock new sales opportunities.
MongoDB 6.0 adds improved support for use cases that involve time series data. Thats the term for data used to describe a trend, such as how a servers performance changes over the course of a week. Time series data is used for tracking the health of technology infrastructure, monitoring shifts in product demand and a range of other use cases that MongoDB can now support more effectively.
Website development is another use case on which MongoDB is increasing its focus. The company is upgrading its managed Atlas database service by adding an integration with Vercel, a popular website development tool. MongoDB says that the integration will save time for joint customers by automating certain manual configuration tasks.
For developers using Atlas to power mobile apps, MongoDB is adding the ability to sync data to and from the popular Realm mobile database. Meanwhile, companies that rely on Atlas to power the search features of their applications and websites are also receiving new features. The company is making it easier to let users filter search results by category, a feature that usually requires significant amounts of custom code to implement.
Some MongoDB customers run multiple deployments of its database to support their applications. As part of the product updates announced today, the company is adding a set of features to simplify such customers information technology operations.
Cluster-to-Cluster Synchronization is a new tool that can automatically sync records between MongoDB databases to ensure they all have the latest version of a dataset. The tool can sync records across Atlas deployments, as well as MongoDB databases running in the cloud and on-premises.
Another new addition to the companys feature set is Data Federation. Available as part of Atlas, the capability makes it possible to centrally run a query across multiple MongoDB deployments. Data Federation could simplify large-scale analytics projects that draw on information from multiple databases.
Read more:
MongoDB debuts new encryption tool and analytics features at MongoDB World - SiliconANGLE News
Lunarpunks, Privacy and the New Encryption Guerillas – Yahoo Finance
Don't miss CoinDesk's Consensus 2022, the must-attend crypto & blockchain festival experience of the year in Austin, TX this June 9-12.
In 1916, a few hundred revolutionaries declared Ireland to be an autonomous nation and occupied strategic locations around Dublin. In the days that followed, the British Army encircled the uprising and suffocated it.
One by one, the leaders of the uprising were lined up and shot. A young fighter named Michael Collins evaded death by chance. He vowed never to enter into direct clashes with the British Empire again, and began a war that would change the shape of resistance forever.
This article is part of Road to Consensus. Rachel-Rose O'Leary will speak at Layer 2's "Big Ideas" stage at Consensus.
Units were split into small groups that operated in secrecy. Fighters lacked weapons, but the people and rugged landscape protected them. The new warfare favored hit-and-run tactics and disrupting enemy intelligence. It was the dawn of modern guerrilla tactics and it won Ireland its independence.
These guerilla tactics are no longer feasible today. Modern surveillance technologies and automated weaponry have turned the world that we inhabit into a desert with no protective cover. Resistance fighters are easy targets.
Since the 1990s, a movement of privacy advocates and coders called cypherpunks have been fighting back the encroachment of surveillance. In some sense, they draw inspiration from the guerilla fighters before them.
Guerilla warfare is fundamentally asymmetric: It is the tactic of a smaller, disadvantaged people against a vastly superior enemy. They fight high-tech with low-tech, complexity with simplicity, fire with water.
See also: We Have Entered the Age of Anonymous Crypto | Opinion
Coders and guerillas alike define the front lines and change them constantly. For cyphers, it's with ever-advancing encryption and for fighters like the Irish, it's the ability to melt back into the community before the enemy can even give chase.
Story continues
As governments build all-encompassing surveillance machines, cypherpunks use simple encryption tools to render them futile. Cypherpunks argue that without privacy, personal liberty is impossible. Cryptography is a defensive tool to live free from coercion and force.
Lunarpunk is descended from cypherpunk but takes its logic a step further. Its a guerrilla movement committed to establishing a digital forest in cypherspace using tools like encryption that its fighters can recede into.
The current internet is a desert rather than a forest due to surveillance. Lunarpunks defend and define new territories dark, fertile zones that have been claimed back using private, anonymous decentralized autonomous organizations (DAOs) and peer-to-peer (P2P) organizational tooling. Another word for this would be an agora, or non-state system.
In an interesting twist of history, a science-fiction subculture called solarpunk was one of the principal inspirations for Ether Both lunarpunk and solarpunk are utopian. Unlike solarpunk, lunarpunk is armed. It runs on DarkFi.
Currently in the devnet phase, DarkFi (the word is a combination of "dark" and "DeFi") is a layer 1 blockchain that supports these private and anonymous applications. Lunarpunks, so far a small movement of hackers, are already creating tools using DarkFi that allow communities to coordinate in the dark.
The DarkFi community has been working on an initial design for a private and anonymous DAO. Right now, DarkFi coders are testing a P2P Internet Relay Chat (IRC) client and task manager to ensure DAOs on DarkFi do not become dependent on centralized and proprietary software. Although crypto aims for decentralization, so much of the industrys activity happens over for-profit tools like the messaging app Discord and digital notebook Notion.
Until now, blockchain applications have been built on a desert landscape. Killer apps like automated market makers (AMM) compute the price of assets in token pools and require the app to know everything that happens in real time. The dominant engineering paradigm requires total surveillance.
To engineer anonymous applications, we must generate new concepts. It is necessary to evolve what the DarkFi community calls "anonymous engineering" a new kind of engineering based on hidden information.
For example, zero-knowledge cryptography unlocks a new set of techniques you can make encrypted commitments to data and trustlessly prove whether or not something has happened. You can compose hidden data structures that can hold references to one another. You can combine these techniques with other primitives, such as homomorphic encryption and multiparty computation, to design fully anonymous and featureful applications.
Lunarpunks perceive lightness as terror, and are fighting against surveillance capitalism. In DarkFi, darkness is structured as an inversion of contemporary power dynamics and a way to empower communities. Darkness is the legacy of surveillance turned upside down.
The inversion of hierarchies has been central to many crypto-anarchist movements. Think of the parallel, inverted world that crypto-anarchists call the Parallel Polis, or the tactic of counter-economics, a black market economy that exists parallel to, but distinct from, the statist economy.
You can trace this political symbol to the philosopher Friedrich Nietzsche, who wrote about what he called active and reactive forces. Forces are energies that drive human behavior. For him, active forces were positive and are seen when people affirm and assert their power.
Further, active forces lead to differentiation a multiplicity of cults, factions and communities expressing power in different ways. Reactive forces suppress power and deny difference.
In the lunarpunk's language, forests are active and deserts are reactive. Resistance is active; oppression is reactive.
According to Nietzsche, active forces should dominate reactive forces. He called this hierarchy. But he argues that in reality, perhaps contrary to what you might expect, hierarchies are often inverted. Reactive forces, though lethargic and without any original ideas, are often the most powerful. State power persists by repressing resistance. The desert dominates.
See also: Lunarpunk, Black Markets, and Agorism in the 21st Century | Opinion
Lunarpunk does not negate the current order: It inverts the false hierarchy that places reactive forces on high and suppresses active forces. Lunarpunk proclaims the victory of affirmation against negation, the victory of the active against the reactive, and the victory of the forests against the desert.
Like flowers bursting from concrete, a new design space is emerging from dead-end surveillance optimization. It is effortless and spontaneous, like a miracle of healing breaking out across a scarred and broken landscape.
Encryption is asymmetric: It favors the smaller player over the monopoly. Cypherpunk hero Julian Assange said that "the universe smiles on encryption" because it is easier to encrypt information than to decrypt it. Lunarpunks are wielding this mystical quality of the universe in open conflict with surveillance.
Thanks to Armor and Paul-Dylan Ennis.
Read more from the original source:
Lunarpunks, Privacy and the New Encryption Guerillas - Yahoo Finance
5 best messaging apps with end-to-end encryption to try in 2022 – Phandroid – News for Android
We rely upon instant messaging apps heavily to stay in touch with family and friends. These apps allow us to communicate via texting, audio calls, and video calls. Since conversations often include sensitive and private details, it becomes important that no one else could see them. This is where end-to-end encryption aka E2EE comes into the picture.
It is a security protocol that encrypts data so that only the sender and recipient could read it. Even if a hacker gets hold of the data, it will be unreadable to them as they do not have the required security key to decrypt it. The data gets encrypted the moment it leaves the senders device and gets decrypted only on the recipients device. In the case of messaging apps with end-to-end encryption, all your text messages, video calls, and audio calls stay safe and secure. No third party as well as the messaging company itself can read those messages or calls.
These are the best messaging apps with end-to-end encryption that you should try in 2022.
Signal is an app that you will always hear about whenever there will be a conversation about secure and privacy-focused messaging apps. It offers end-to-end encryption for all messages and calls by default. Its encryption is powered by an open source Signal Protocol which keeps things transparent.
The app supports both audio and video calls along with group calls. For those who prefer texting, it lets you send photos, videos, GIFs, stickers, documents, and audio messages. Signal is an independent non-profit and relies on grants and donations. It is available for all leading platforms on mobile phones and desktops.
WhatsApp is the most prominent instant messenger application with billions of users worldwide. It also offers end-to-end encryption for all messages and calls by default. Its encryption is powered by the same protocol that Signal uses which it started using in 2016.
The app is packed with all those features that you would expect from an instant messenger. It recently increased limits on file sizes and the number of uses in group calls to make things better. You can even use disappearing chats if you wish to where messages disappear after a preset time. The only thing to know is that WhatsApp is owned by Meta (previously Facebook) which is something some people might not be comfortable with. While Meta cannot read your conversations due to encryption, it can certainly log other data about you which is a common practice among Big Tech.
Telegram is an open-source instant messaging application and has made a good name for itself. The end-to-end encryption on the app is not enabled by default. It can be used only during the Secret Chats mode. It means when you are conversing with someone in the standard mode, your chats are not covered by the encryption.
It further lets users send self-destructing messages. These texts get auto-deleted after the pre-selected time. There are many other features that make Telegram a very handy app. These include support for adding up to 200,000 people in groups, creating channels, creating bots, and the ability to share large size media files
Threema is another open-source secure messaging app for both individual and enterprise users. It features no ads and does not collect any user data either. This is because it is a paid application and charges a one-time fee of about $4. Once you pay the fee, the app is yours to use forever.
The app offers end-to-end encryption and claims to be fully GDPR-compliant. It has a dedicated version called Threema Work for companies. It claims to have over 7,000 companies and organizations as its clients. One of the good things about the app is that it can be used anonymously if you do not want to link your account with an email address or phone number.
Wickr Me is an end-to-end encrypted messaging app that is not so well known. It provides encryption for all messages and calls. One can also send self-destructing messages that can easily be configured. It even removes metadata from media files to improve your privacy.
The app is completely free to use for all users. It also has a $100,000 bug-bounty program where it encourages anyone to check out the app and discover any vulnerabilities that it may have. However, it supports adding only up to 10 group members and one-on-one audio and video calls which could be limiting for you.
Read the rest here:
5 best messaging apps with end-to-end encryption to try in 2022 - Phandroid - News for Android
Gigamon releases 2022 TLS Trends Research based on 1.3trn network flows – ITWeb
Gigamon, the leading deep observability company, today released its updated TLS Trends Research report, which highlights levels of encrypted traffic, versions in use and trends over time. While this data is readily available for general internet traffic, Gigamon is the only vendor to publish data on the usage of encryption in intra-organisation lateral communications (East-West traffic).
Cyber attacks are at an all-time high, triggering increasingly strict regulatory standards and data privacy compliance to combat the rapidly evolving threat landscape. As a result, the global encryption software market is expected to grow to $22.1 billion by 2026, a 15% compound annual growth rate (CAGR). However, this is leading cyber criminals to infiltrate Secure Sockets Layer/Transport Layer Security (SSL/TLS) sessions to hide and obfuscate their actions. This can lead to SSL/TLS sessions becoming a liability, inadvertently camouflaging malicious traffic.
To avoid being compromised, IT organisations should take the following actions:
"This report seeks to provide real-world data on SSL/TLS usage, said Bassam Khan, vice-president of product and technical marketing at Gigamon. The findings illustrate why organisations need to rethink their decryption policies and procedures, particularly as TLS 1.3 gains further traction.
The Gigamon research is based on live data from several dozen enterprises across a range of industries, with a statistical bias towards financial institutions, technology and healthcare. With an aggregate of 1.36 trillion network traffic flows over a 15-month period, the data for each organisation's data was statistically significant.
Download the full report to discover the latest encryption trends and why they have us concerned, what you need to do to gain visibility into all data and protect your network and vital rules for decrypting and inspecting traffic. Also register for our webinar to hear from Gigamon industry experts, who will share key insights on how to fortify your organisation from cyber crime.
Follow this link:
Gigamon releases 2022 TLS Trends Research based on 1.3trn network flows - ITWeb
Apple security expert says theres one app people should never install this app on their iPhones – Firstpost
Mehul DasJun 03, 2022 14:03:42 IST
Apple claims that they have one of the safest ecosystems, and with the iPhone, users are in complete control of their privacy and data. While many people actually buy into Apples claims, and there are cases where Apples words have proven to be true, security experts all around the world believe that users need to be proactive about their privacy, irrespective of what device or smartphone they use.
Apple security expert and the CEO of Spylix, Steven Walker has stated in an interview, irrespective of what Apple claims, people should be wary of one app in particular and not install it on their iPhones, ever. That app is Facebook Messenger.
Spylix is a phone tracking app that is used by government agencies all around the world. Walker believes that just because an app is extremely popular, that doesnt mean that it's safe to be used. He also says that because of Facebook Messengers popularity, people often do not think that it is a problematic application.
The main reason why Walker believes that Facebook Messenger compromises a user's privacy and data is twofold. Firstly, it is owned by Meta, formerly owned by Facebook, a company that does not have a clean track record as far as using data from users on their platform. Secondly, and this is the more pertinent reason for Walker, is the fact that Facebook Messenger, doesnt have end-to-end encryption.
Walker believes that there are several other instant messaging options that users can go for. WhatsApp, even though it is owned by Facebook, is still much more secure than Facebook Messenger. WhatsApp has about 2 billion active users worldwide, almost double of Facebook Messenger.
Then there are apps like Telegram and Signal. Although they arent nearly as popular as WhatsApp, both of them have been developed keeping security and privacy in mind. Apps such as WhatsApp, Signal and Telegram, offer end-to-end encryption, which is increasingly becoming a vital feature in instant messaging apps.
Meta has claimed that they are working on end-to-end encryption, but they have walked back on their deadlines quite a few times. Initially, Facebook Messenger was supposed to get end-to-end encryption by latest by 2022. Now, Facebook has pushed the deadline to 2023. People at Meta say that they are concerned about bad actors abusing end-to-end encryption, and so they want to take their time to get the system right. If that were indeed the case, one cannot help but wonder, how is it that such concerns arent an issue for WhatsApp.
Read the rest here:
Apple security expert says theres one app people should never install this app on their iPhones - Firstpost
Kingston IronKey Vault Privacy 50 USB drive with XTS-AES 256-bit Encryption – Geeky Gadgets
Kingston has launched its new IronKey Vault Privacy 50 USB drive featuring XTS-AES 256-bit Encryption and FIPS 197 Certification. The IronKey Vault Privacy 50 supports Admin, User, and One-Time Recovery passwords with Complex or Passphrase modes. The IronKey Vault Privacy 50 USB drive is available in capacities from 8 256 GB capacity and is backed by a limited five year warranty, with free technical support.
This multi-password option enhances the ability to recover access to data on the drive should one of the passwords be forgotten. While traditional Complex mode allows for passwords from 6-16 characters using 3 out of 4 character sets, the new passphrase mode gives users the ability to have a numeric PIN, sentence, list of words, or even lyrics from 10 to 64 characters long thats unique, yet memorable to them. To aid in password entry, the eye symbol can be enabled to reveal the typed-in password to reduce failed login attempts.
Source : Kingston
See the original post here:
Kingston IronKey Vault Privacy 50 USB drive with XTS-AES 256-bit Encryption - Geeky Gadgets
What is SSH access? Everything you need to know – TechRadar
SSH (Secure Shell) is a network protocol that enables secure communication between two devices, often used to access remote servers as well as to transfer files or execute commands.
SSH was originally developed by Tatu Ylonen in 1995 to replace Telnet, a network protocol that allowed users to connect to remote computers, most often to test connectivity or to remotely administer a server.
Today, SSH has become the standard for remote access for many organizations, and is used by system administrators to manage servers remotely or to securely connect to their personal computers. SSH is also commonly used to tunnel traffic through untrusted networks, such as public Wi-Fi hotspots.
SSH access is used for a variety of tasks, including remotely logging into servers, transferring files, and running commands. Some popular SSH clients include PuTTY (Windows), Terminal (Mac), and Linux Shell.
SSH is a powerful tool that can be used for a variety of tasks. However, its important to note that SSH is not intended to be used as a general-purpose file transfer protocol. If you are looking to transfer files between two computers, you should use a tool such as SFTP instead.
To get SSH access, you need to have a user account on your web hosting server. Once you have a user account, you can generate an SSH key pair. The public key will be added to the server's authorized_keys file, and the private key will be kept on your local machine. Once the key pair is generated, you can use an SSH client to connect to the server.
There are many different SSH clients available, but we recommend using PuTTY for Windows users and Terminal for Mac users. If you're using Linux, you should already have a Terminal application installed.
Once you've launched your chosen SSH client, enter the hostname or IP address of the server into the connection settings.
Make sure to select "SSH" as the connection type, and then enter your username. Once you've entered all of the necessary information, you can click "Connect" to connect to the server.
If everything was entered correctly, you should see a message asking for your password. Type in your password and hit "Enter". If you're connected successfully, you should see a command prompt for the server.
From here, you can run any commands that you would normally run on the server. To disconnect from the server, simply type "exit" at the command prompt and hit "Enter".
SSH encryption is a process that uses mathematical algorithms to encode data. The sender and receiver of the encoded data can then use a secret key to decode the data.
This process helps to ensure that the data remains confidential and is not tampered with during transit. SSH also provides authentication, which helps to prevent unauthorized access to systems and data.
There are two main types of SSH encryption: public-key encryption and symmetric key encryption. Public key encryption uses two different keys, one for encoding and one for decoding.
The keys are typically generated by a third-party provider and are shared between the sender and receiver. Symmetric key encryption uses the same key for both encoding and decoding. This means that the sender must first send the key to the receiver before any data can be encrypted or decrypted.
While both public key and symmetric key encryption are secure, symmetric key encryption is typically faster and is therefore often used for high-speed data transfers.
Secure Shell (SSH) is available on all major mobile platforms, including iOS, and Android. It provides a secure way to access your mobile device's command-line interface (CLI), allowing you to run commands and transfer files without having to worry about someone eavesdropping on your session.
To use SSH on your mobile device, you'll need to install a client app such as Termius or Connectbot. Once you've installed a client app, you can connect to your device by entering its IP address into the app's connection screen. You'll also need to enter your username and password (if using password authentication).
SSH is not completely free, but it is free for many purposes. For example, when using SSH to access a remote server, you will need to pay for the server.
However, if you just want to use SSH to connect to a friend's computer, there is no charge. In general, SSH is free for personal use, but some commercial applications require a fee.
The short answer is no. Not all browsers support Secure Shell or SSH. The most popular browser that does not support SSH is Google Chrome. There are, however, many ways to get around this.
One way is to use a different browser that does support SSH such as Mozilla Firefox or Microsoft Edge. Another way is to use an extension for Google Chrome that will add SSH support.
SSH encrypts all traffic between the client and server, making it much more difficult for attackers to eavesdrop on communications.
This is especially important when transmitting sensitive information, such as passwords or financial data. SSH also provides authentication capabilities, meaning that only authorized users can access the server.
This is accomplished through the use of public-private key pairs. The server has a copy of the public key, and the client has a copy of the private key. When the client attempts to connect to the server, the server uses the public key to verify that the client has the private key. If everything checks out, then the user is granted access.
There are a few different types of SSH clients available, but the most popular ones are open-source. While open-source software is generally considered to be more secure than closed-source software, there is a debate about whether or not this is true for SSH clients.
Some people argue that open-source SSH clients are less secure because its source code is available for anyone to examine. This means that potential attackers can find vulnerabilities more easily. While others argue that open-source SSH clients are more secure because its source code is available for anyone to examine.
Which side is right? It's hard to say for sure. There are pros and cons to both sides of the argument. Ultimately, it's up to each individual to decide whether they want to use an open-source or closed-source SSH client.
If security is your top priority, you may want to consider using a closed-source SSH client. However, if you're more concerned about features and flexibility, an open-source SSH client may be a better choice for you.
A secure Shell is a great tool for securing data in transit, as it can be used to encrypt traffic between two computers or secure data being sent over the internet.
Secure Shell can also be used to create secure tunnels between two computers, most often to securely connect to remote servers.
Additionally, it can be used to create secure backups of files, databases and to protect data in transit.
SSH access is a great way to manage your web server remotely. There are a few things to keep in mind when using SSH. First of all, make sure that you are connecting to the correct server.
Secondly, make sure that your connection is secure by verifying the fingerprint of the server's SSH key. Lastly, make sure to use a strong password for your SSH account.
Step 1. You will need to create the SSH KEY. To do this, use the SSH-KEYGEN command. After that, you need to copy the ssh-key.
Step 2. You will now install the SSH-KEY. To do this, you will use the SSH-COPY-ID command. This works on a Unix or Linux server.
Step 3. Next, you need to add yourself to the Wheel or Sudi group admin account.
Step 4. Next, you should DISABLE password Login. This is to allow a root account.
Step 5. Now, you need to test your passwordless SSH-KEY Login. To do this, use: the SSH_USER@server-name command.
Security is always a top priority when it comes to choosing a web hosting provider. When it comes to SSH access, you want to make sure that your provider uses strong encryption methods and that their servers are well protected.
Ease of use is also important. You want a hosting provider that makes it easy to set up and manage your SSH access. And finally, price is always a factor you should consider if youre on a budget. You want to find a provider that offers competitive pricing without sacrificing quality or security.
So without further ado, here are the best hosting providers that offer SSH access:
Bluehost
Bluehost is a great choice for SSH access. They offer strong encryption methods and their servers are well protected. Bluehost is also easy to set up and manage, making it a great choice for those who are new to using SSH. And finally, Bluehost offers competitive pricing without sacrificing quality or security.
HostGator
HostGator is a top provider of secure and reliable web hosting. They offer SSH access on all of their plans, including shared hosting, VPS, and dedicated servers. HostGator uses strong encryption methods to keep your data safe and their servers are well protected. They also offer an easy-to-use control panel that makes it easy to manage your SSH access.
InMotion Hosting
InMotion Hosting offers strong security and easy management of SSH access. Their prices are competitive, and they offer a wide range of plans to choose from.
Some third-party programs are more secure than others. If you're using a program that isn't as secure, you may not be getting the same level of protection as you would with SSH. That said, there are some things you can do to help keep your data safe even when using a less secure program.
Here are a few tips:
- Make sure the program you're using is up to date. Older versions may have security vulnerabilities that have since been fixed.- Be careful about what information you share through the program. Don't share sensitive information unless you're confident it will be kept safe.
There are a few different ways to connect to a remote server without using SSH. Here is the list of SSH alternatives:
Eternal Terminal
Eternal Terminal is one way to connect to a remote server without using SSH. Its an open-source, cross-platform terminal emulator and telnet client. It can be used as a drop-in replacement for the standard Terminal app on macOS and Linux.
Features include:
- Supports SSH, telnet, and raw socket connections- Automatic reconnection- Scriptable with Lua- Cross-platform support for macOS, Linux, Windows, and more.
Mosh
Mosh is a free and open-source replacement for the SSH terminal application. Mosh can be used to connect to any server that has an SSH daemon running.
Mosh has several features that make it more reliable than SSH, including:
- UDP support: This means that Mosh can reconnect if the connection is dropped, without losing any data.- Mobile device support: Mosh works well on mobile devices with high latency or unstable connections.- Keyboard handling: Mosh supports most of the same keyboard shortcuts as SSH, making it easy to use for anyone familiar with SSH.
SSH is a powerful tool that can be used for a variety of tasks such as remotely logging into servers, running commands, and transferring files. It's important to note that SSH is not intended to be used as a general-purpose file transfer protocol, and should only be used when security is a concern.
By using SSH, you can encrypt your traffic so that anyone who is sniffing the network will not be able to read your data.
Continue reading here:
What is SSH access? Everything you need to know - TechRadar
The role of encrypted traffic analysis for threat detection [Q&A] – BetaNews
Everyone is striving to make their systems more secure and in many cases that means adopting encryption in order to protect data.
But the use of encrypted traffic over networks presents a headache for security teams as malicious content can be harder to detect. We spoke to Thomas Pore, director of security products at Live Action, to find out more about the problem and how it can be addressed.
BN: How is encrypted traffic impacting network threat detection today?
TP: The increased adoption of encrypted network protocols is causing the deterioration of network visibility for security teams, and legacy tools are increasingly less effective. In Q4 of 2021 alone, 78 percent of malware delivered via encrypted connections were evasive, according to a recent report, highlighting the growing threat of advanced malware attacks. Additionally, the rising acceptance of HTTPS, rapid deployment of encrypted protocols such as DNS over HTTPS, and TLS 1.3 are greatly decreasing visibility into server identity and content inspection, making threat detection more difficult, and in many cases nearly impossible, for network defenders. Once inside an organization's network, threat actors are leveraging encrypted sessions to move laterally -- east to west. Traditional detection tools only inspect north-south traffic. This gives attackers the advantage they need to complete advanced actions, like a ransomware attack.
BN: What is encrypted traffic analysis and why is it important to threat detection and response?
TP: Encrypted traffic analysis is a type of side-channel analysis that allows network defenders to do their jobs while maintaining the privacy and network integrity provided by a fully encrypted system. Encrypted Traffic Analysis, coupled with machine learning capabilities, evaluates complex data patterns over time and differentiates normal and abnormal activities, all without requiring access to the content of the data. It allows security teams to leverage varying types of C2 activity (such as beaconing, TLS fingerprinting and sequence of packet lengths) to quickly uncover malicious behavior and network anomalies, which are vital for effective threat detection and response. Effectively, ETA enables network transaction visibility, which provides valuable insights about the encrypted traffic to aid network defenders.
BN: What is encryption blindness and how can it impact organizational security?
TP: Encryption blindness is caused by a lack of visibility into encrypted traffic leading to missed (hidden) threats in the network. Because most modern IT network traffic is now concealed in encryption, hackers can leverage this gap in security to hide their actions inside encrypted traffic. In other words, a large amount of traffic in organizations today goes uninspected simply because it's encrypted, opening the door to attacks. As threats get more sophisticated and the attack surface grows, the effectiveness of many traditional strategies is decreasing, such as IDS, IPS, and break-and-inspect decryption. This is challenging the effectiveness of organizational security more than ever.
BN: What is the difference between Deep Packet Inspection (DPI) and Deep Packet Dynamics (DPD) for ETA?
TP: Deep Packet Dynamics (DPD) is a new approach to evaluating network packets that eliminate the need for payload inspection. By analyzing more than 150 packet traits and behaviors across multi-vendor, multi-domain, and multi-cloud network environments, it can more reliably evaluate both encrypted and unencrypted traffic.
When DPD is coupled with machine learning and ETA, it enables unique capabilities for regaining visibility into encrypted traffic and delivers some of the most advanced network detection and response capabilities available today. This includes a variety of benefits such as detecting threats and anomalies others miss; detecting threats in real-time; eliminating encryption blindness; decreasing the time a SOC needs to investigate and respond to threats; validating end-to-end encryption compliance; offering visibility from core to edge to cloud; and enabling the security team to create a coordinated and cohesive response through other security tools like SIEM, SOAR, etc.
In contrast, Deep Packet Inspection (DPI) is an older legacy approach that primarily works on unencrypted or clear text protocols such as HTTP. But encryption undermines DPI and allows malicious payloads to hide in encrypted traffic. In short, DPD offers network defenders a much clearer vision of encrypted network traffic than DPI does.
BN: What role does ETA play in broader network detection and response solutions?
TP: Encrypted traffic analysis is a way to restore network visibility for defenders while maintaining privacy for users by combining DPD and advanced behavior analysis combined with machine learning. Malicious threat actors and malware system operators communicate with infected target systems using a set of techniques called Command and Control (C2). Threat actors employ C2 techniques to mimic expected, benign traffic using common ports and standard encryption protocols to avoid detection. Despite these precautions, ETA with machine learning effectively identifies malicious C2 activity on the network so you can stop an attack. Even with zero visibility into the content of the connection, ETA can tell a great deal about the behavior of encrypted traffic and helps network defenders prioritize their network detection and response activities.
BN: What's next or on the horizon -- when it comes to ETA?
TP: Encrypted traffic analysis will further fortify the long-term security strategies of organizations, through the continued characterization of encrypted flows and behavioral pattern recognition. This extends across endpoints, assets, and end-to-end encryption, mapping benign and expected traffic against malicious anomalies. Phishing and remote access protocols (RDP/VPN) continue to be the leading infection vectors of ransomware and state-sponsored APT actors. ETA's high-fidelity detection of anomalous characterization will be the difference in stopping the attack into the future.
Photo credit: Rawpixel.com / Shutterstock
Read more here:
The role of encrypted traffic analysis for threat detection [Q&A] - BetaNews
Explained: Social media and the Texas shooter’s messages – The Indian Express
Could technology companies have monitored ominous messages made by a gunman who Texas authorities say massacred 19 children and two teachers at an elementary school? Could they have warned the authorities? Answers to these questions remain unclear, in part because official descriptions of the shooting and the gunmans social media activity have continued to evolve. For instance, on Thursday Texas officials made significant revisions to their timeline of events for the shooting.
But if nothing else, the shooting in Uvalde, Texas, seems highly likely to focus additional attention on how social platforms monitor what users are saying to and showing each other.
A day after the Tuesday shooting, Texas Gov. Greg Abbott said this: There was no meaningful forewarning of this crime other than what Im about to tell you: As of this time the only information that was known in advance was posted by the gunman on Facebook approximately 30 minutes before reaching the school. Facebook posts are typically distributed to a wide audience. Shortly thereafter, Facebook stepped in to note that the gunman sent one-to-one direct messages, not public posts, and that they werent discovered until after the terrible tragedy.
HOW DID THE GUNMAN USE SOCIAL MEDIA?
By Thursday, new questions arose as to which and how many tech platforms the gunman used in the days before the shooting. The governors office referred questions about the gunmans online messages to the Texas Department of Public Safety, which didnt respond to emailed requests for comment.
Some reports appear to show that at least some of the gunmans communications used Apples encrypted iPhone messaging services, which makes messages almost impossible for anyone else to read when sent to another iPhone user.
Facebook parent company Meta, which also owns Instagram, says it is working with law enforcement but declined to provide details. Apple didnt respond to requests for comment.
The latest mass shootings in the US by active social-media users may bring more pressure on technology companies to heighten their scrutiny of online communications, even though conservative politicians Abbott among them are also pushing social platforms to relax their restrictions on some speech.
COULD TECH COMPANIES HAVE CAUGHT THE SHOOTERS MESSAGES?
It would depend on which services Salvador Ramos used. A series of posts appeared on his Instagram in the days leading up to the shooting, including photos of a gun magazine in hand and two AR-style semi-automatic rifles. An Instagram user who was tagged in one post shared parts of what appears to be a chilling exchange on Instagram with Ramos, asking her to share his gun pictures with her more than 10,000 followers.
Meta has said it monitors peoples private messages for some kinds of harmful content, such as links to malware or images of child sexual exploitation. But copied images can be detected using unique identifiers a kind of digital signature which makes them relatively easy for computer systems to flag. Trying to interpret a string of threatening words which can resemble a joke, satire or song lyrics is a far more difficult task for artificial intelligence systems.
Facebook could, for instance, flag certain phrases such as going to kill or going to shoot, but without context something AI in general has a lot of trouble with there would be too many false positives for the company to analyze. So Facebook and other platforms rely on user reports to catch threats, harassment and other violations of the law or their own policies.
SOCIAL PLATFORMS LOCK UP THEIR MESSAGES
Even this kind of monitoring could soon be obsolete, since Meta plans to roll out end-to-end-encryption on its Facebook and Instagram messaging systems next year. Such encryption means that no one other than the sender and the recipient not even Meta can decipher peoples messages. WhatsApp, also owned by Meta, already uses such encryption.
A recent Meta-commissioned report emphasized the benefits of such privacy but also noted some risks including users who could abuse the encryption to sexually exploit children, facilitate human trafficking and spread hate speech.
Apple has long had end-to-end encryption on its messaging system. That has brought the iPhone maker into conflict with the Justice Department over messaging privacy. After the deadly shooting of three US sailors at a Navy installation in December 2019, the Justice Department insisted that investigators needed access to data from two locked and encrypted iPhones that belonged to the alleged gunman, a Saudi aviation student.
Newsletter | Click to get the days best explainers in your inbox
Security experts say this could be done if Apple were to engineer a backdoor to allow access to messages sent by alleged criminals. Such a secret key would let them decipher encrypted information with a court order.
But the same experts warned that such backdoors into encryption systems make them inherently insecure. Just knowing that a backdoor exists is enough to focus the worlds spies and criminals on discovering the mathematical keys that could unlock it. And when they do, everyones information is essentially vulnerable to anyone with the secret key.
See the article here:
Explained: Social media and the Texas shooter's messages - The Indian Express
Encryption: What it is, how it can help, and what to watch out for – SecurityBrief Australia
Article by NortonLifeLock APAC senior director, Mark Gorrie.
Were you ever guilty of passing notes at school? If so, you'll remember all-too-well the dread of those notes being intercepted by someone not meant to read them like a bully or worse, your teacher.
Sending data over the internet is much the same. Your digital life, including bank and credit information, personally identifiable information, and even social site login details, is vulnerable when sent on unprotected networks. In fact, a recent cyber safety report showed that 33 per cent of New Zealanders experienced cybercrime in the past 12 months.
That's where VPN encryption may help.
What is encryption?
Encryption is a process that scrambles readable text so it canonly be read by the person who has the secret codeor decryption key. It helpsprovide data security for sensitive information.
Encryption takes plain text, like a text message or email, andscrambles it into an unreadable format called "ciphertext." This helpsprotect the confidentiality of digital data stored on computer systemsor transmittedthrough a network like the internet.Then, when the intended recipient accesses the message, the informationis translated back to its original form - decryption.To unlock the message, both the sender and the recipient mustuse a "secret" encryption key a collection of algorithms that scramble andunscramble data back to a readable format.
How does encryption keep the internet secure?
It's nearlyimpossible to do business of any kind without your personal data ending up inan organisation's networked computer system, which is why it's important to knowhow to help keep that dataprivate.Encryption plays an essential role in this task.
Most legitimate websites use the encryption protection called"secure sockets layer" (SSL), which is a form of encrypting data that is sentto and from a website. This keeps attackers from accessing that data while itis in transit.
Want to make sure a site is using this technology? Look for thepadlock icon in the URL bar and the "s" in the "https://". If you see thesesigns, you'll know that you are conducting secure, encrypted transactionsonline.
Whydoes encryption matter?
A 2022 cyber safety report, conducted online in partnership with The Harris Poll among 1,000 adults in New Zealand, revealed that cybercrime victims in New Zealand surveyed spent an average of 4.8 hours trying to resolve their issues, with an average loss of $135NZD from cybercrime.
Canscammers use encryption to commit cybercrimes?
Encryption is designed to protect your data but canalso be used against you. Targetedransomwareis a cybercrime that can impact organisations of all sizes,including government offices.Ransomware can also target individual computerusers.
How do ransomware attacks occur?
Attackers deploy ransomware toencrypt a victim's various devices, includingcomputers and servers. Theattackers often demand a ransom before they will provide the key to decrypt theencrypted data. The goal is to persuade victims to pay to recoveraccess to their important files,data, video and images.
Ransomware attacks against government agencies can shut downservices, making it hard to get a permit, obtaina marriage license, or pay atax bill, for instance.
Ransomware attacks aimed at large organisations and governmentagencies tend to generate the biggest headlines. But ransomware attacks canalso happen to you.
How can you protect yourself against ransomware?
Here are some tips to protect your devices against ransomware attacks and the risk of having your data encrypted and inaccessible.
What is encryption used for?
It's important to encrypt the messages,files, and data you send whenever they are personal, sensitive, orclassified. For example, you don't want hackers to intercept your doctor's emails about an illness. You don't want criminals toaccess your financial information after logging into your online bank account.And you don't want scammers to snag that confidential report you are reviewingfor your employer. So it's essential to encrypt all this data to keep it secret.
What is the strongest encryption method?
Several encryption methods are consideredeffective. Advanced Encryption Standard, better known as AES, is apopular choice among those who want to protect their data and messages. AES istrusted, effective, used worldwide, and might just be what stands between you and a cybercriminal attack.
See the article here:
Encryption: What it is, how it can help, and what to watch out for - SecurityBrief Australia