end-to-end encryption | Breaking Cybersecurity News | The Hacker News

The most popular open source Instant messaging application based on the ' Extensible Messaging and Presence Protocol ' (XMPP), formerly known as Jabber that enables you to connect with other people over the Internet will begin refusing unencrypted connections as from today. In an announcement yesterday, The XMPP Standard Foundation (XSF) informs that a large number of XMPP service operators and software developers permanently turned on mandatory encryption for client-to-server and server-to-server connections from today in order to harden the security of the messaging service. Many XMPP-based services operate independently, so it is tough to enforce all of them to use Encryption . ' While XMPP is an open distributed network, obviously no single entity can "mandate" encryption for the whole network - but as a group we are moving in the right direction ,' reads the blog post. ' If you use an XMPP service provided by someone else and you encounter problems contact

It's an era of Mass Surveillance, where Encryption has become more important today for all of us than any other time in the History. But the trouble is that Crypto programs are too hard for Non-Internet-Savvy to implement and use. Time is loudly announcing the need to switch to some alternatives that provide end-to-end encryption for communication between two devices in order to keep your personal data away from NSA's prying eyes and respect your Privacy . But, many services, including Facebook's messaging application, don't support encryption and therefore are weak in providing security of our online data, which could result in data breach either by cyber criminals or by our own Government under surveillance programs. Because Facebook's messaging application doesn't support end-to-end encryption, an Open-source and most popular crypto chat-encryption application called 'Cryptocat' has made it possible to chat with your Facebook friends and rel

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Constant password breaches and Snowden revelations about Government Surveillance have raised many questions that why don't cloud and email Services encrypt the data stored on their server?  Revelations forced the popular Internet Giants such as Google and Yahoo to contemplate on the privacy and security issues and in response companies started enhancing their encryption standard by enabling HTTPS by default and removed the option to turn it off. A few days back, Google admitted that their automated systems read your content, including incoming and outgoing emails to provide you personally relevant advertisements. That means Internet giants generally do encrypt your data, but they have the key so they can decrypt it any time they want. Encryption is mandatory in Modern Internet and web services should consider Encrypting and decrypting your data locally, so that no one can snoop on. Such cryptographic mechanism is called End-to-End Encryption , that means content of yo

TWITTER is taking users' privacy and security very seriously and in an effort to prevent Government snooping, the company has secured your Twitter emails with with TLS (Transport Layer Security). Twitter emails were previously using a plain text communication protocol, that now has been upgraded to an encrypted (TLS or SSL) connection using STARTTLS . In a blog post, Twitter announced : " Since mid-January, we have been protecting your emails from Twitter using TLS in the form of StartTLS. StartTLS encrypts emails as they transit between sender and receiver and is designed to prevent snooping. It also ensures that emails you receive from Twitter haven't been read by other parties on the way to your inbox if your email provider supports TLS. " " These email security protocols are part of our commitment to continuous improvement in privacy protections and complement improvements like our securing of web traffic with forward secrecy and always-on HTT

Cryptocat , an open source encrypted web-based chat client, is now available for iOS Devices from the  Apple's App store , which was initially rejected by the Apple last December. It is not clear why it was rejected previously, but the good news is that, now ' Cryptocat ' is available for all iOS Devices. So far Cryptocat was only available for Linux and Mac OS X, and as an extension for web browsers Mozilla Firefox, Google Chrome 3, Apple Safari and Opera . Cryptocat has become quite popular in the wake of the NSA Controversy, because of its end-to-end encryption that doesn't allow anyone in the middle to read your messages. Cryptocat for iPhone uses the OTR protocol for private conversations, a cryptographic protocol for secure instant messaging, and perfect forward secrecy, a system that constantly generates new user keys. So, snoops cannot decrypt older messages. It doesn't require any username or account rather just one time nickname makes the

With revelations of NSA spying and some of the most jaw-dropping surveillance leaks, many people feel unencrypted and central-server service is bad in most of the cases, but end-to-end encryption can be used to reduce this problem. Worldwide Government surveillance raises privacy concerns and acquisition of WhatsApp by Facebook also made us think about the security concern with chat applications as well; though it was not so secure previously. People who care about having their SMS and Instant messages protected from prying eyes, now they can use end-to-end encrypted services, like  TextSecure .  It is a free Android-based messaging app, completly open-source , easy to use and designed with privacy in mind. Encrypting the stored data on the servers is as important as transferring data over an encrypted connection, but the most important factor of the encryption is that ' who has the decryption key '. If the company has the keys, then Government could snoop through your fi

WhatsApp acquisition may have had a negative impact on the reputation of the company, it seems many users are planning to switch the service and a few of them have already done it. In our previous article, we have mentioned that why you should switch from WhatsApp to an encrypted Chat messaging service . Mobile messaging apps often used to deliver sensitive data or used for personal and corporate communications, so the data stored by the service provider should be encrypted end-to-end, which is not yet in the case of WhatsApp. There are many mobile messaging applications like Japan-based  Line , China's  WeChat , Korea-based  KakaoTalk , and Canada's  Kik , India-based  Hike  and many more, but they are not end-to-end encrypted messengers. Time is loudly announcing the need to shift to some alternates which provides end-to-end encryption for communication between two devices and respect your Privacy. There are a number of solutions available includes -  Telegram,  Surespot