Thursday the Kudelski Group's cybersecurity division released "a tool for Linux that allows creation of multiple hidden volumes on a storage device in such a way that it is very difficult, even under forensic inspection, to prove the e...
The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library (but does not affect OpenSSL versions before 3.0).
CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses, insights, and commentaries on computer security and cryptography. In this issue, Random Notes on the SQL Slammer, The Importance of Authentication, and a nice analysis of Matt Blaze's door locks attack in Locks and Full Disclosure. "I'd rather have as much information as I can to make an informed decision about security. I'd rather have the information I need to pressure vendors to improve security. I don't want to live in a world where locksmiths can sell me a master key system that they know doesn't work or where the government can implement security measures without accountability.". . .
Hearing "open-source", "PSP", and "security" all together got me excited with my initial reaction thinking it was about AMD's Platform Security Processor (PSP) albeit that's not the case here. Google's PSP is the "PSP Security Protocol" and is designed for dealing with cryptographic hardware offloading at data center scale and used by Google already in production.