The post Telegram is NOT an Encrypted Messaging App, Must-See Documentaries appeared first on Shared Security Podcast.

The post Telegram is NOT an Encrypted Messaging App, Must-See Documentaries appeared first on Security Boulevard.

Should’ve listened to Edison: After the arrest of Pavel Durov—the Telegram CEO—comes news of domestic extremists using the chat app to organize.

The post ‘Terrorgram’ Telegram Terrorists Trash Transformers — Grid in Peril appeared first on Security Boulevard.

After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a result of the PQC Standardization Process. The public-key encapsulation mechanism selected was CRYSTALS-KYBER, along with three digital signature schemes: CRYSTALS-Dilithium, FALCON, and SPHINCS+.

These algorithms are part of three NIST standards that have been finalized:

• FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard
• FIPS 204: Module-Lattice-Based Digital Signature Standard
• FIPS 205: Stateless Hash-Based Digital Signature Standard...

The post NIST Releases First Post-Quantum Encryption Algorithms appeared first on Security Boulevard.

Google is adding greater encryption capabilities to Chrome to better protect users from information-stealing malware, a move that comes after the company's controversial decision to once again delay getting rid of third-party cookies.

The post Google Using Enhanced Encryption to Protect Cookies appeared first on Security Boulevard.

On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022. In a public GitHub repository committed in December of that year, someone working for multiple US-based device manufacturers published what’s known as a platform key, the cryptographic key that forms the root-of-trust anchor between the hardware device and the firmware that runs on it. The repository was located at https://github.com/raywu-aaeon/Ryzen2000_4000.git, and it’s not clear when it was taken down...

The post Compromising the Secure Boot Process appeared first on Security Boulevard.

Ongoing European Union quest to break end-to-end encryption (E2EE) mysteriously disappears.

The post EU Aims to Ban Math — ‘Chat Control 2.0’ Law is Paused but not Stopped appeared first on Security Boulevard.

DNS enables the easy navigation from website to website as you currently know it. However, the system wasn’t exactly designed with your privacy and security in mind.

Many DNS resolvers - such as your internet service provider's (ISP) - do not encrypt queries and may log data and metadata surrounding your queries. Additionally, unencrypted queries can be captured, viewed, and otherwise "consumed" (used) by eavesdropping third parties since data is exchanged in clear text.

Fortunately, using an encrypted DNS server provider can be a viable option for some users out there. This post aims to explore how and why - and doesn't leave out the limitations of encrypted DNS.

DNS and your privacy

Assuming you know the basics of DNS and how the system works, privacy issues surrounding DNS frequently involve the potential capture and “snooping” of DNS queries made by a device and the sending of unnecessary information (typical in the absence of QNAME minimization) to DNS servers performing the resolution.

DNS servers can log data about the device making the query, times queries were requested, and of course the query itself - ex: avoidthehack.com. Naturally, the amount of logging or even the presence of logging depends on the DNS service itself; for example, ISPs often log DNS queries and share them with a variety of third parties. Users often get no "say" or may not even be aware of this.

With unencrypted queries - which is often the default for most resolvers - third-parties to the transaction between the device and the DNS resolver can “eavesdrop” on queries made by devices. Eavesdropping has been has been performed by public and private organizations alike to surveil DNS traffic (and potentially hijack it.)

With the presence of HTTPS, third-party snooping devices won’t be able to see what data is passed between the client device and the web server - but with unencrypted DNS queries, it would be able to see that a query was made. Captured over time, browsing habits can be inferred from DNS requests observed.

What data is sent to DNS Servers?

Internet connections to visited websites and web apps start out as a DNS request. Assuming the absence of the requested website in a DNS cache - which can be in the browser and/or on the device itself - a query is sent to the DNS resolver.

The DNS resolver can be a machine local to the network or a service managed by a DNS service provider. The latter is generally more common (especially for most users out there); though, it is worth mentioning that local resolvers often pass queries to "upstream" DNS servers.

Again, generally, many users use the ISP’s DNS resolvers as it is the "default" and most do not know these can be changed in the browser or on the device/network (hardware/firmware permitting). Of those who know how to change DNS settings, we can safely assume most of these users, who are already a minority amongst most users, aren't running a local recursive resolver.

Exact data sent to DNS resolvers vary, but data sent to DNS resolvers typically include:

• Top-level domain (TLD) requested. This includes link clicked/domains typed into the browser address bar and background connections initiated by apps/services and resources called by websites.
• If HTTP is used: Visited pages within the TLD. The commonality of HTTPS makes this irrelevant in the modern landscape, though some websites still serve content using a mix of HTTP/HTTPS.
• Timestamp request was made
• IP address of client device
• Protocol (UDP or TCP)
• Record type (A, AAAA, etc)

Data sent with the queries themselves can also be logged by DNS resolvers, but as mentioned previously, the details of logged data and the action of logging itself ultimately depends on the DNS service provider.

Depending on the service provider, additional information about network subnets and device identifiers (such as MAC addresses) may be embedded within DNS queries, essentially fingerprinting users or their networks.

Who can see DNS information?

Ultimately, it depends.

As mentioned, DNS queries are typically unencrypted and thus clear text and readily available for anyone willing to listen.

Even with encrypted DNS, generally your device, the router, and the DNS provider can see DNS requests. If you are using your ISP’s DNS servers - which are usually the default - then they can also see your DNS requests.

Your ISP may log this information and potentially use it for their own endeavors and/or share this data with third parties - which can include advertisers or government agencies.

Unless you are using a virtual private network (VPN) or an onion routing service like the Tor network, your ISP can still see connections to IP addresses.

Benefits of using encrypted (and privacy-friendly) DNS services

Benefits of using encrypted DNS services include preventing third-party DNS query sniffing, keeping DNS traffic private from ISP, and blocking ads on a network.

Eliminate third-party sniffing of DNS queries

The primary benefit of using any encrypted DNS server is preventing third parties from sniffing traffic and seeing what DNS queries users' devices make. This is true even if the encrypted DNS provider is capturing device information or otherwise logging DNS query data and metadata (though this is far from ideal.)

However, it's worth mentioning that if the encrypted DNS server is indeed logging information, they may share this information with third parties - this is a different threat vector than a third party listening or capturing the queries themselves. This can be alleviated by using a "trusted" encrypted DNS provider.

Filtered (and encrypted) DNS servers can block ads/malicious domains on the network level

Some encrypted DNS providers also offer domain filtering. Depending on the provider, they may filter domains known to serve malware, ads, trackers - or any combination of these.

For example, if you set your router to use such a resolver, it will provide blocking services for devices connected to your home network.

Some DNS providers give users customization options for what is blocked or filtered. Others run specific blocklists on their servers and do not allow the user to customize what is blocked. In either case, devices/networks using DNS providers with filtering services will not connect...

The post DNS and Your Privacy: Should you use encrypted DNS? appeared first on Security Boulevard.

The post Does Real Queryable Encryption mean there is a Fake Queryable Encryption? appeared first on Baffle.

The post Does Real Queryable Encryption mean there is a Fake Queryable Encryption? appeared first on Security Boulevard.

The post From Promising to Practical: The Transformative Impact of Homomorphic Encryption appeared first on TechSpective.

The post From Promising to Practical: The Transformative Impact of Homomorphic Encryption appeared first on Security Boulevard.

The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s actually needed, the DMP, as the feature is abbreviated, reduces latency between the main memory and the CPU, a common bottleneck in modern computing. DMPs are a relatively new phenomenon found only in M-series chips and Intel’s 13th-generation Raptor Lake microarchitecture, although older forms of prefetchers have been common for years...

The post Hardware Vulnerability in Apple’s M-Series Chips appeared first on Security Boulevard.