RSA 2016 took place earlier this week at Moscone Center in San Francisco. This year’s theme for the conference was “Connect to Protect,” to “promote connections not only among the information security community, but also IT and other parts of the enterprise, private and public sectors, and the past, present, and future,” stated on the RSA Conference website. This year’s closing keynote included a 1x1 discussion between actor Sean Penn and RSA President Amit Yoran. There were a variety of sessions offered to attendees; from security panels on IoT to cyberbullying and future inability to disconnect, the featured sessions hosted a full gamut of security topics on how both people and businesses can connect to share ideas and collaborate without compromising security while doing so. Session presentations were made available on the RSA Conference website at the end of each day and can be found here.
Hello from the Other Side
In concurrence with the recent news around FBI and Apple, the Obama administration made an appearance to the conference to address the ever more present issues of national security. On Tuesday, Attorney General Loretta E. Lynch addressed the conference, looking to establish some middle ground. “I know that neither our technology companies nor their leaders have any sympathy for terrorists or criminals who target Americans,” said Lynch. “And the Department of Justice will never sacrifice the safety of the American people or the ideals we all cherish.” The full story is available on the New York Times.
Encryption Gone Cold With Amazon Fire
Amazon has removed on-device encryption, a feature offered on the Fire tablet that was uncommon with users. The on-device encryption provided a scrambling of data, forcing users to enter the correct password when looking to access that data. The Verge indicates that any unencrypted device would allow an attacker or thief to potentially access any local data, including personal information such as photos, texts, emails, and any logins and credit card credentials.
New Exploit May Threaten Your Apple Pay Account
A new attack on Android and iOS devices (running on iOS 7 to iOS 8.3) that would steal crypto keys protecting Bitcoin wallets and Apple Pay Accounts has been discovered. The side-channel attack involves using a simple, magnetic probe near a mobile device to extract cryptographic keys that authenticate any financial transactions, similar to the previous Xcode iOS vulnerability allowing sideloading of apps. More technical specificities can be found via arstechnica.
WhatsApp Ain’t Down with Blackberry
WhatsApp, the popular messaging app, announced this week that it would no longer be available on a range of devices, including Blackberry, Nokia, Android, and Windows. The full list of unsupported devices can be found here. The company plans to “focus [their] efforts on the mobile platforms the vast majority of people use.”