Stories by Jeremy Kirk

Google+

OpenSSL mystery patches due for release Thursday

New versions of OpenSSL will be released on Thursday to patch several security vulnerabilities, one of which is considered highly serious, according to the OpenSSL Project Team.

Researchers find same RSA encryption key used 28,000 times

What if the key to your house was shared with 28,000 other homes?

Yahoo puts email encryption plugin source code up for review

Yahoo released the source code for a plugin that will enable end-to-end encryption of email messages, a planned data-security improvement prompted by disclosures of U.S. National Security Agency snooping.

Google error leaks website owners' personal information

A Google software problem inadvertently exposed the names, addresses, email addresses and phone numbers used to register websites after people had chosen to keep the information private.

Google services disrupted by routing error

Google's services were disrupted briefly on Thursday after a broadband provider in India made a network routing error.

Google researchers hack computers using DRAM electrical leaks

Google researchers have written the first-ever attack code that takes advantage of electrical interference between densely packed memory cells, a unique style of attack that could require changes in chip design.

Android app developers should update to Dropbox's latest SDK

Android apps that use Dropbox for storage and are built using an older version of its SDK are vulnerable to an attack that can steal data, although Dropbox has released a fix, according to IBM security researchers.

The website that was built for Google to destroy

When Matthew Rothenberg created a new website in early February, he let about two dozen people know about it through an unlikely medium: postcards.

VMware sued for alleged GPL licence infractions

A Linux kernel developer is suing VMware in Germany, alleging the company has not complied with copyright terms for using open-source software.

Mandarin Oriental removes malware after payment card breach

Luxury hotelier Mandarin Oriental has removed malicious software that was used to steal credit card data from some of its hotels in the U.S. and Europe, the company said Thursday.

OpenDNS trials system that quickly detects computer crime

A security system undergoing testing by a San-Francisco-based company aims to speed up the detection of websites and domains used for cybercrime.

Drive-by attack relies on hacked GoDaddy accounts

Hundreds of hacked domain name accounts registered through GoDaddy are being used as part of a highly effective campaign using the Angler exploit kit to infect computers with malware.

FREAK is another serious flaw in the Web's encryption

Experts are warning of a serious security flaw that has apparently gone undetected for years and can weaken encrypted connections between computers and websites, potentially undermining security across the Internet.

iPhone theft victims tricked into unlocking devices

It seems there can be further indignity foisted onto people who've had their iPad or iPhone stolen.

Is data on your new Lollipop Android device encrypted? Maybe not

Some smartphone manufacturers are not configuring devices running the latest version of Android to automatically encrypt personal data, which Google had said would scramble data by default.