Monday, December 28, 2009
SecurDigital, Inc. announces a reseller agreement with WC2I, LLC., for SecurVoice© Privacy Edition.
Washington, DC., December 28, 2009 - SecurDigital, Inc. (SD), the master reseller for the market and technology leader in secure communications with SecurVoice©, announced today the reseller agreement with WC2I, LLC. (WC2I) for the SecurVoice© Privacy Edition. SecurVoice© is the world’s first completely secure voice, data and video encryption communication solution designed for government and enterprise customers who require communications privacy (ex. Health Care. Legal, Financial Services) and is now available to all corporations, companies and individuals, world-wide, through http://www.wc2i.com.
SecurDigital is expanding rapidly by partnering with foundation partners whose customers require secure communications. WC2I will be providing SecurVoice© Privacy Edition, v1.0, utilizing the VOIP (data channel) function on the Blackberry 8830, 96xx or Tour, running version 4.5 OS and up, which interacts with the SecurVoice© Enterprise servers (SaaS Hosted) running at Rackspace Managed Hosting (a Sarbanes/Oxley, SaaS 70 and Symantec certified MSP), or locally at EHIINSM. Customers may also purchase and install their own Enterprise Servers in their environment. The v2v (Voice2Voice) function will be available in Q110. SecurVoice© was designed to meet the GSA’s FIPS 140.2 compliance validation and the certification process is underway. US customers who require a FIPS certified system may place an order and will be notified when the certification has been completed by the NSA.
"WC2I,LLC. specializes in physical security assessments, executive security awareness and training, and researching security requirements for companies worldwide. Our approach to solutions is to only recommend services, equipment, and capabilities appropriate to the needs of the client, without limiting them to a single brand. This allows us to tailor our recommendations to the client and the environment, and not lock them or us in to a single product line. Unlike many of our peers who focus only on sole-source solutions, we deliver the right mix of products to create a specifically-tailored solution to our client’s security requirements. SecurVoice© is a welcome addition to our capability.” said Stephen Weatherford, President of WC2I,LLC.
“We welcome WC2I to the Securfamily as a preferred partner to promote, distribute and support SecurVoice©, specifically for our Asia/Pac customers.” said Bruce Magown, CEO, SecurDigital, Inc. “The partnership with W2CI allows us a personalized introduction with our prospective customers in the Asian/Pacific region; working primarily with governments, carriers, world corporations. This is essential to accomplish the rapid growth, technology adoption and market share we are focused on. W2CI’s capabilities and established relationships allow us to accelerate our market demographics with a very strong partner.” said Magown.
SecurVoice©, by The Genesis Key, Inc., secures whatever platform you are using. Securing multiple, distributed platforms allows a cellular user to call to a satellite user or a VoIP caller to access someone in on a Blackberry – there are no boundaries on how or on what platforms clients deploy. SecurVoice© is the one simple solution that works across all platforms. SecurVoice© Solutions are available in different configurations that provide maximum flexibility. From supporting a small group of devices to an Agency-wide installation, SecurVoice© solutions fit any requirement.
Saturday, December 19, 2009
Militants have been recording video from US Predator drones in Iraq and Afghanistan using laptops and $30 software; total lack of encrypti
Militants have been recording video from US Predator drones in Iraq and Afghanistan using laptops and $30 software, thanks to a total lack of encryption.
By Nate Anderson | Last updated December 17, 2009 11:13 AM
What three-letter Internet acronym best fits the bizarre news out of Iraq and Afghanistan that militants there have been intercepting US Predator drone video feeds using laptops and a $30 piece of Russian software: LOL, WTF, or OMG?
Actually, all three are appropriate for something this farcical, horrible, and brain-numbing. The reason that the transmissions could be picked up easily by a cheap satellite recording program? They were broadcast in the clear between the drone and ground control. That's right—no encryption was used.
Perhaps, you might be thinking to yourself in a mental bid to make the military seem competent here, no one could have suspected this would happen. But they did suspect it, because it had been happening for a decade already. The Wall Street Journal, which broke the story, included this tidbit in its report: "The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The US government has known about the flaw since the US campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said."
After finding various laptops containing hours of recorded drone footage, the military has at last moved to encrypt the downlink between the drone and ground control, but there are problems. Not with encryption technology, which is robust, but with the fact the military 1) did not use encryption at the beginning and retrofitting is hard, and 2) the Predator's maker uses some proprietary communications gear, so off-the-shelf encryption tools don't all work.
The sad but inevitable comparison has to be drawn here with consumer electronics. Blu-ray discs, which use the AACS control scheme, feature a new DRM scheme of bewildering complexity in an attempt to thwart pirates.
Encryption, Hollywood style
Operating system vendors have built entire "protected path" setups to guard audio and video all the way through the device chain. TVs and monitors now routinely use HDCP copy protection to secure their links over HDMI cables. Game consoles are packed with encryption schemes to prevent copied games from playing. Microsoft even goes out of its way to add encryption when Windows Media Center records unencrypted over-the-air TV content. Even the humble DVD, with its long-since-breached CSS encryption, offers more in the way of encryption.
But US drones, which spy on militants and rain down death from a distance, have none. The mind boggles, as it seems like the situation should be totally reversed: no encryption on legally-purchased content, more encryption on devices designed to watch and kill human beings.
Saturday, December 12, 2009
Security firm H4RDW4RE launches open source project to crack GSM encryption
Filed under: GSM, News 21 Comments
GSM Encryption
It has been long argued that the A5/1 encryption standard used to secure GSM traffic from eavesdropping is, in fact, insecure, and California based security firm H4RDW4RE is pioneering an effort to hammer that point home by cracking the encryption scheme. The A5/1 cipher is based on a 64-bit key — each cell phone has a 64-bit secret key which is also known by the connected GSM network. When you initiate a call the GSM network uses the secret key to generate a session key and encrypt your phone call. H4RDW4RE’s approach will be to crack this session key using a compressed and custom version of the A5/1’s 128-petabyte code book. Yikes. The aim of the project is to: take the vast code book and compress it down to around 2 or 3 terabytes of data, organize the data into rainbow tables, have these tables searched by a free P2P open-source program (much like SETI@home) in order to cipher session keys. Session keys will, theoretically, provide the ability to decrypt and listen in on GSM phone calls. H4RDW4RE’s goal is to push GSM vendors to finally admit that the technology is flawed and move to the more secure A5/3 code book, which is a 128-bit cipher, and already used by newer cellular technologies such as UTMS. Pretty powerful way to send a message, it sure does beat a letter writing campaign… Hit up the article for more details about the project.
Monday, December 7, 2009
W. Steven Garrett, Chairman, The Genesis Key, speaks on secure communication solutions interoperability at the Conference on Global Preparedness
FOR IMMEDIATE RELEASE
Washington, DC., December 07, 2009 - The Genesis Key, Inc. (GK), the market and technology leader in secure communications with SecurVoice©, announced today W. Steven Garrett, Chairman, The Genesis Key, will be presenting SecurVoice©, the world’s first completely secure voice, data and video encryption communication solution designed for government and enterprise customers who require communications privacy at the 3rd Annual Conference on Global Preparedness in Melbourne, Fl. The Global Center for Preparedness at Florida Institute of Technology hosts the 3rd Annual Conference on Global Preparedness, featuring top leaders in business, industry, government, non-profits and academics gathered to address security and preparedness from a global perspective.
"At this year’s conference, you will hear speakers from public sectors and private industry, higher education, state, national and foreign governments—all presenting innovative practices and emerging technologies designed to protect and preserve national and global assets and human lives. Major topics will include emergency response, the economy, cyber-security, human factors and secure technology—raising the bar from sustainable to resilient. Presentations will show how these areas are interconnected to identify the challenges we face today as well." said Dr. Clifford R. Bragdon, AICP, FASA.
”Genesis Key has upped the ante considerably here. In a sudden leap, this innovative new product has shaken off the complexity of unified communications and has taken the lead in terms of ease of use, security and interoperability. Starting with simple encryption techniques in a Java-based application, Genesis Key has introduced SecurVoice© Privacy Edition, the next-gen secure digital data transmission solution, which takes the focus away from hardware or firmware centric smartphone offerings and provides a Solution that is application platform, operating system, device and carrier independent. SecurVoice© delivers encrypted voice, data or video transmission from any device to any device(s), with selectable encryption algorithms - allowing any agency to literally deploy “Secur Communications” across all devices." said W. Steven Garrett, Chairman, The Genesis Key, Inc.
SecurVoice©, by The Genesis Key, Inc., secures whatever platform you are using. Securing multiple, distributed platforms allows a cellular user to call to a satellite user or a VoIP caller to access someone in on a Blackberry – there are no boundaries on how or on what platforms clients deploy. SecurVoice© is the one simple solution that works across all platforms. SecurVoice© Solutions are available in different configurations that provide maximum flexibility. From supporting a small group of devices to an agency-wide installation, SecurVoice© solutions fit any requirement.
Wednesday, November 25, 2009
So Much Data, So Little Encryption
The reasons for this dismal state of affairs range from cost and integration challenges to entrenched organizational resistance exacerbated by a lack of leadership. The compliance focus is particularly galling. Encrypting a subset of data amounts to a "get-out-of-jail-free card" because it may relieve companies from having to notify customers of a breach. But knowingly doing the bare minimum to check a compliance box isn't security; it's a cop-out.
Admittedly, IT pros often face stiff resistance when they try to do more. "Our IT staff is working to increase the use of encryption, but frankly, users are more interested in quick and easy access to their data and don't really think about security," says one respondent. "The idea of getting data on a flash drive or laptop encrypted never enters the minds of most of the staff, from the director on down."
We say entrenched resistance because this isn't a new phenomenon--back in 2007, a Ponemon Institute survey found that just 16% of U.S. companies take an enterprise-wide approach to encryption. Network Computing examined the state of enterprise encryption at the time and found adoption to be a gradual process, often starting with backup tapes and spreading from there. A piecemeal approach was the norm then, and we're still moving in fits and starts, despite the momentum generated by compliance frameworks such as PCI, which requires encryption of credit card data in transit.
The Interoperability Factor
Part of the problem is that standards efforts have yielded exactly zero breakthroughs where we need them most--in interoperability, which would make encryption management easier and less expensive. We don't expect that situation to get better anytime soon.
When we asked IT pros what would increase their companies' use of encryption, responses ranged from built-in operating system support for creating encrypted files and folders (something Microsoft is working toward, as we'll discuss) to improved ease of use and performance, lower cost, and better key management. A few desperate souls wished for more regulation, or even a breach that would require notification of customers, to use as leverage for gaining funding and management buy-in.
"I'd like to think that it would only take the force of will to do the right thing," says a network director at an educational institution. "In reality, it would probably require a breach or exposure to shine the light on the problem."
Our favorite response: "I wish I knew so I could exploit it."
Thursday, November 19, 2009
The Genesis Key announces a reseller agreement with EHI-INSM, Inc., for SecurVoice© Privacy Edition
Washington, DC., November 16, 2009 - The Genesis Key, Inc. (GK), the market and technology leader in secure communications with SecurVoice©, announced today the reseller agreement with EHI-INSM, Inc. (EHIINSM) for the SecurVoice© Privacy Edition. SecurVoice© is the world’s first completely secure voice, data and video encryption communication solution designed for government and enterprise customers who require communications privacy (ex. Health Care. Legal, Financial Services) and is now available to all corporations, companies and individuals, world-wide, through www.ehiinsm.com.
The Genesis Key, Inc. is expanding rapidly by partnering with foundation partners whose customers require secure communications. EHIINSM will be providing SecurVoice© Privacy Edition, v1.0, utilizing the VOIP (data channel) function on the Blackberry 8830, 96xx or Tour, running version 4.5 OS and up, which interacts with the SecurVoice© Enterprise servers (SaaS Hosted) running at Rackspace Managed Hosting (a Sarbanes/Oxley, SaaS 70 and Symantec certified MSP), or locally at EHIINSM. Customers may also purchase and install their own Enterprise Servers in their environment. The v2v (Voice2Voice) function will be available in Q110. SecurVoice© was designed to meet the GSA’s FIPS 140.2 compliance validation and the certification process is underway. US customers who require a FIPS certified system may place an order and will be notified when the certification has been completed by the NSA.
“EHIINSM has a vast amount of experience in the IT Security space as well, providing integrated solutions for global enterprise clients, encompassing firewalls, vulnerability analyses, intrusion detection systems, and anti-piracy media protection products (Cerebus Media Security™) for our clients, helping them to avoid critical breaches and proactively assess future concerns in an automated fail-safe manner.” said Mike Stollarie, CEO, EHI-INSM, Inc. “Unlike our competition, who focus only on point solutions, we deliver a synergistic blend of products that deliver a cohesive solution, which is tailored to our client’s requirements. SecurVoice© is a welcome addition to the family.” said Stollaire.
Tuesday, November 3, 2009
Android's Smartphone Battle - CNBC.com
Android's Smartphone Battle - CNBC.com
From: Gartner | November 02, 2009. New Security in android not working yet... Read more at Gartner »
- By W. Steven Garrett, Chairman at The Genesis Key, Inc.
Differences between Rim's solutions, including BlackBerry Enterprise Server and Microsoft Mobile Solutions
http://rapidrequest.emediausa.com/2/Go.aspx?Xinb6a90G7qYnUqYnrXL/GX6UkiU9uSzBMggFgQQ8h0=
Friday, October 23, 2009
Just How Safe Is Mobile Banking? | Bank News, Bank Deals, My Bank Tracker Source: mybanktracker.com
Source: mybanktracker.com
Just How Safe Is Mobile Banking?
Word is out that mobile banking may soon become the new black. Account balance and recent transaction inquiries, and fund transfers may be the most common mobile banking transactions nowadays, but with the development of better and more advanced phone banking applications, it certainly won’t be long before you’re using your phone more than your local branch for banking matters.
If you think about it, it’s not surprising at all that more people would be encouraged to take up mobile banking. It is after all, the ultimate in banking convenience. Even when you’re on a road trip or having fun under the sun in the Caribbean, a forgotten payment due date or an account running low on funds isn’t that much of a problem as payments and transfer are just a few cell phone keys away. But once you’ve established how convenient and time-saving the technology is, you’d most likely ask yourself, “How safe is mobile banking?”
The Genesis Key, Inc. announces the formation of the SecurDigital companies, world-wide, to support SecurVoice Comunications Solutions
The Genesis Key, Inc. announces the formation of the SecurDigital companies, world-wide, to support the promotion, distribution and support of the “SecurVoice© Privacy Edition”, which provides secure communications for the Health Care, Emergency Management, Banking, Financial, Technology, Energy, Utilities, Gas and Oil Institutions – all corporations, companies and individuals with an attractive new pricing model.
Washington, DC., October 7, 2009 - The Genesis Key, Inc. (GK), the market and technology leader in secure communications with SecurVoice©, the world’s first completely secure voice, data and video encryption Solution announced today that SecurVoice© Privacy Edition, designed for government and enterprise customers who require communications privacy (ex. Health Care. Legal, Financial Services) is now available to all corporations, companies and individuals, locally, through www.securdigital.com.
SecurVoice by www.SecurDigital.com is addressing two distinct customer segments; Consumer Markets first and then Federal and State. Although our products have broad application, we have targeted the Banking Institutions, Financials Services, and Legal Confidentiality corporate market concerns, plus the US Government needs of Privacy (128-bit encryption) as our initial area of focus.
Strategic and channel vendors with consumer distribution capabilities will be approached first. The proceeds from this raise will be utilized for product development and to build sales, marketing and support resources for these sectors. In the Federal and State initiative, SecurVoice will work to attain both Secret and Top Secret Certification from the U.S. Government and the NSA.
posted 1 day ago