InfoQ Homepage Cryptography Content on InfoQ
-
.NET 7 Brings Networking Improvements
The .NET 7 launch has brought many improvements around the whole API surface of the .NET Framework. In networking operations, .NET 7 improves the capabilities and performance of the existing HTTP and WebSockets protocols. It exposed a new protocol called QUIC and has many performance improvements compared to .NET 6.
-
Amazon S3 Encrypts All New Objects with AES-256
Since January 5th, Amazon S3 encrypts all new objects by default with AES-256 to protect data at rest. S3 automatically applies server-side encryption using Amazon S3-managed keys for each new object, unless a different encryption option is specified.
-
AWS Key Management Service Now Supports External Key Stores
AWS recently announced the availability of AWS Key Management Service (AWS KMS) External Key Store (XKS), allowing organizations to store and manage their encryption keys outside the AWS KMS service.
-
Open-Source Constellation K8 Engine Aims to Bring Confidential Computing to Kubernetes
Constellation is a Kubernetes engine that shields Kubernetes clusters from the rest of the cloud infrastructure using confidential computing and confidential VMs. This creates a confidential context that ensures data is always encrypted, both at rest and in memory.
-
Google Cloud Certificate Manager Generally Available
Google Cloud recently announced the general availability of Certificate Manager, a service to acquire, manage, and deploy TLS certificates for use with Google Cloud workloads.
-
Amazon Introduces Encrypted Communication Service AWS Wickr
A year after the acquisition of the company Wickr, Amazon recently announced the preview of the collaboration suite AWS Wickr. Built on a proprietary encryption protocol, the new managed service provides enterprises and government agencies with security and administrative controls to meet security and compliance requirements.
-
Virtual Machine Threat Detection in Google Security Command Center Now Generally Available
Google Cloud recently announced the general availability (GA) of Virtual Machine Threat Detection (VMTD) as a built-in service in Security Command Center Premium, which can detect if hackers attempt to mine cryptocurrency in a company's cloud environment.
-
Ant Group Open Sources Privacy-Preserving Computation Framework
Alibaba financial arm Ant Group has open sourced SecretFlow, its privacy-preserving framework, with a specific focus on data analysis and machine learning.
-
OpenSSL Releases Fix for High-Severity Vulnerability
OpenSSL 3.0.4, released less than a month ago, introduced a bug that enabled a remote code execution vulnerability on machines computing 2048 bit RSA keys on X86_64 CPUs. A fix is now available in OpenSSL 3.0.5.
-
Google's BigQuery Introduces Column-Level Encryption Functions and Dynamic Masking of Information
Google recently released new features for its SaaS data warehouse BigQuery which include column level encryption functions and dynamic masking of information. Specifically, dynamic masking of information can be used for real-time transactions whereas column level encryption provides additional security for data at rest or in motion where real-time usability is not required.
-
TLS 1.2 Becoming the Minimum TLS Protocol Level on AWS
AWS recently announced that TLS 1.2 is going to become the minimum protocol level for API endpoints. The cloud provider will remove backward compatibility and support for versions 1.0 and 1.1 on all APIs and regions by June 2023.
-
Encryption in the Ukrainian War
Encryption is a major part of Russia's invasion of Ukraine, where the lack of encryption on Russia's part has led to military setbacks and the death of a general. Ordinary Ukrainians have ramped up usage of end-to-end encrypted messaging.
-
Google Cloud Introduces Certificate Manager
Google Cloud recently introduced the public preview of Certificate Manager, a service that integrates with External HTTPS Load Balancing to manage multiple certificates and domains.
-
HashiCorp Boundary 0.7 and Boundary Desktop 1.4 Released with Dynamic Host Catalogs
HashiCorp has released version 0.7 of their Boundary open-source project that automates secure identity-based user access to hosts and services across environments. Boundary Desktop 1.4 has also been released for Mac, Linux, and Windows. Key new features include dynamic host catalogs, plugin support (currently for internal use only), and managed groups and resource filtering in the admin console.
-
Building Quality in for Blockchain Systems
Blockchain technology can be used to build solutions that can naturally deliver better software quality. Using blockchain we can shift to smaller systems that store everything in a contract. We have to understand our data needs and decide what is stored in the chain and what off-chain, and think about how requirements, defects and testing history can be built into the contract models.