Monday, December 28, 2009

SecurDigital, Inc. announces a reseller agreement with WC2I, LLC., for SecurVoice© Privacy Edition.

FOR IMMEDIATE RELEASE

Washington, DC., December 28, 2009 - SecurDigital, Inc. (SD), the master reseller for the market and technology leader in secure communications with SecurVoice©, announced today the reseller agreement with WC2I, LLC. (WC2I) for the SecurVoice© Privacy Edition. SecurVoice© is the world’s first completely secure voice, data and video encryption communication solution designed for government and enterprise customers who require communications privacy (ex. Health Care. Legal, Financial Services) and is now available to all corporations, companies and individuals, world-wide, through http://www.wc2i.com.

SecurDigital is expanding rapidly by partnering with foundation partners whose customers require secure communications. WC2I will be providing SecurVoice© Privacy Edition, v1.0, utilizing the VOIP (data channel) function on the Blackberry 8830, 96xx or Tour, running version 4.5 OS and up, which interacts with the SecurVoice© Enterprise servers (SaaS Hosted) running at Rackspace Managed Hosting (a Sarbanes/Oxley, SaaS 70 and Symantec certified MSP), or locally at EHIINSM. Customers may also purchase and install their own Enterprise Servers in their environment. The v2v (Voice2Voice) function will be available in Q110. SecurVoice© was designed to meet the GSA’s FIPS 140.2 compliance validation and the certification process is underway. US customers who require a FIPS certified system may place an order and will be notified when the certification has been completed by the NSA.

"WC2I,LLC. specializes in physical security assessments, executive security awareness and training, and researching security requirements for companies worldwide. Our approach to solutions is to only recommend services, equipment, and capabilities appropriate to the needs of the client, without limiting them to a single brand. This allows us to tailor our recommendations to the client and the environment, and not lock them or us in to a single product line. Unlike many of our peers who focus only on sole-source solutions, we deliver the right mix of products to create a specifically-tailored solution to our client’s security requirements. SecurVoice© is a welcome addition to our capability.” said Stephen Weatherford, President of WC2I,LLC.

“We welcome WC2I to the Securfamily as a preferred partner to promote, distribute and support SecurVoice©, specifically for our Asia/Pac customers.” said Bruce Magown, CEO, SecurDigital, Inc. “The partnership with W2CI allows us a personalized introduction with our prospective customers in the Asian/Pacific region; working primarily with governments, carriers, world corporations. This is essential to accomplish the rapid growth, technology adoption and market share we are focused on. W2CI’s capabilities and established relationships allow us to accelerate our market demographics with a very strong partner.” said Magown.

SecurVoice©, by The Genesis Key, Inc., secures whatever platform you are using. Securing multiple, distributed platforms allows a cellular user to call to a satellite user or a VoIP caller to access someone in on a Blackberry – there are no boundaries on how or on what platforms clients deploy. SecurVoice© is the one simple solution that works across all platforms. SecurVoice© Solutions are available in different configurations that provide maximum flexibility. From supporting a small group of devices to an Agency-wide installation, SecurVoice© solutions fit any requirement.

Saturday, December 19, 2009

Militants have been recording video from US Predator drones in Iraq and Afghanistan using laptops and $30 software; total lack of encrypti

Predator drones use less encryption than your TV, DVDs

Militants have been recording video from US Predator drones in Iraq and Afghanistan using laptops and $30 software, thanks to a total lack of encryption.
By Nate Anderson | Last updated December 17, 2009 11:13 AM


What three-letter Internet acronym best fits the bizarre news out of Iraq and Afghanistan that militants there have been intercepting US Predator drone video feeds using laptops and a $30 piece of Russian software: LOL, WTF, or OMG?

Actually, all three are appropriate for something this farcical, horrible, and brain-numbing. The reason that the transmissions could be picked up easily by a cheap satellite recording program? They were broadcast in the clear between the drone and ground control. That's right—no encryption was used.

Perhaps, you might be thinking to yourself in a mental bid to make the military seem competent here, no one could have suspected this would happen. But they did suspect it, because it had been happening for a decade already. The Wall Street Journal, which broke the story, included this tidbit in its report: "The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The US government has known about the flaw since the US campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said."

After finding various laptops containing hours of recorded drone footage, the military has at last moved to encrypt the downlink between the drone and ground control, but there are problems. Not with encryption technology, which is robust, but with the fact the military 1) did not use encryption at the beginning and retrofitting is hard, and 2) the Predator's maker uses some proprietary communications gear, so off-the-shelf encryption tools don't all work.

The sad but inevitable comparison has to be drawn here with consumer electronics. Blu-ray discs, which use the AACS control scheme, feature a new DRM scheme of bewildering complexity in an attempt to thwart pirates.
Encryption, Hollywood style

Operating system vendors have built entire "protected path" setups to guard audio and video all the way through the device chain. TVs and monitors now routinely use HDCP copy protection to secure their links over HDMI cables. Game consoles are packed with encryption schemes to prevent copied games from playing. Microsoft even goes out of its way to add encryption when Windows Media Center records unencrypted over-the-air TV content. Even the humble DVD, with its long-since-breached CSS encryption, offers more in the way of encryption.

But US drones, which spy on militants and rain down death from a distance, have none. The mind boggles, as it seems like the situation should be totally reversed: no encryption on legally-purchased content, more encryption on devices designed to watch and kill human beings.

Saturday, December 12, 2009

Security firm H4RDW4RE launches open source project to crack GSM encryption

by Andrew Munchbach on December 9th, 2009 at 1:04pm
Filed under: GSM, News 21 Comments

GSM Encryption

It has been long argued that the A5/1 encryption standard used to secure GSM traffic from eavesdropping is, in fact, insecure, and California based security firm H4RDW4RE is pioneering an effort to hammer that point home by cracking the encryption scheme. The A5/1 cipher is based on a 64-bit key — each cell phone has a 64-bit secret key which is also known by the connected GSM network. When you initiate a call the GSM network uses the secret key to generate a session key and encrypt your phone call. H4RDW4RE’s approach will be to crack this session key using a compressed and custom version of the A5/1’s 128-petabyte code book. Yikes. The aim of the project is to: take the vast code book and compress it down to around 2 or 3 terabytes of data, organize the data into rainbow tables, have these tables searched by a free P2P open-source program (much like SETI@home) in order to cipher session keys. Session keys will, theoretically, provide the ability to decrypt and listen in on GSM phone calls. H4RDW4RE’s goal is to push GSM vendors to finally admit that the technology is flawed and move to the more secure A5/3 code book, which is a 128-bit cipher, and already used by newer cellular technologies such as UTMS. Pretty powerful way to send a message, it sure does beat a letter writing campaign… Hit up the article for more details about the project.

Monday, December 7, 2009

W. Steven Garrett, Chairman, The Genesis Key, speaks on secure communication solutions interoperability at the Conference on Global Preparedness

SecurVoice© target markets include the world’s first totally secure, wireless, digital communications software only solution, for security and INTEROPERABILITY over wireless/VoIP communications. AVAILABLE TO ALL: EMERGENCY MANAGERS / FIRST RESPONDERS / EMS / FIREMEN / NATIONAL GUARD / STATE AND LOCAL LAW ENFORCEMENT / CRISIS MANAGERS / FEMA / DHS / HHS / SPORT TEAMS / CELEBRITIES / ETC
FOR IMMEDIATE RELEASE

Washington, DC., December 07, 2009 - The Genesis Key, Inc. (GK), the market and technology leader in secure communications with SecurVoice©, announced today W. Steven Garrett, Chairman, The Genesis Key, will be presenting SecurVoice©, the world’s first completely secure voice, data and video encryption communication solution designed for government and enterprise customers who require communications privacy at the 3rd Annual Conference on Global Preparedness in Melbourne, Fl. The Global Center for Preparedness at Florida Institute of Technology hosts the 3rd Annual Conference on Global Preparedness, featuring top leaders in business, industry, government, non-profits and academics gathered to address security and preparedness from a global perspective.

"At this year’s conference, you will hear speakers from public sectors and private industry, higher education, state, national and foreign governments—all presenting innovative practices and emerging technologies designed to protect and preserve national and global assets and human lives. Major topics will include emergency response, the economy, cyber-security, human factors and secure technology—raising the bar from sustainable to resilient. Presentations will show how these areas are interconnected to identify the challenges we face today as well." said Dr. Clifford R. Bragdon, AICP, FASA.

”Genesis Key has upped the ante considerably here. In a sudden leap, this innovative new product has shaken off the complexity of unified communications and has taken the lead in terms of ease of use, security and interoperability. Starting with simple encryption techniques in a Java-based application, Genesis Key has introduced SecurVoice© Privacy Edition, the next-gen secure digital data transmission solution, which takes the focus away from hardware or firmware centric smartphone offerings and provides a Solution that is application platform, operating system, device and carrier independent. SecurVoice© delivers encrypted voice, data or video transmission from any device to any device(s), with selectable encryption algorithms - allowing any agency to literally deploy “Secur Communications” across all devices." said W. Steven Garrett, Chairman, The Genesis Key, Inc.

SecurVoice©, by The Genesis Key, Inc., secures whatever platform you are using. Securing multiple, distributed platforms allows a cellular user to call to a satellite user or a VoIP caller to access someone in on a Blackberry – there are no boundaries on how or on what platforms clients deploy. SecurVoice© is the one simple solution that works across all platforms. SecurVoice© Solutions are available in different configurations that provide maximum flexibility. From supporting a small group of devices to an agency-wide installation, SecurVoice© solutions fit any requirement.