Searching for smart, safe news you can TRUST?
Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.
Searching for smart, safe news you can TRUST?
Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul
Tampa-St. Petersburg news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg
A customer tries out a new Apple iPhone 6S at an Apple store in Chicago. Photo: Kiichiro Sato / AP
Slovak and Czech researchers have found a vulnerability that leaves government and corporate encryption cards vulnerable to hackers to impersonate key owners, inject malicious code into digitally signed software, and decrypt sensitive data, Dan Goodin reports for ArsTechnica. The researchers exposed that some of these keys can be easily hacked, which is notable since it was previously thought that these kinds of keys were virtually impervious to hackers.
Why it matters, from Axios' Senior Developer Chris Barna: Although breaking these keys could take a lot of time and money, "when you have the resources of a malicious government, 17 days and hundreds of thousands of dollars can be worth it if the perceived payoff is big enough."
What to watch for, as Graham Steel, CEO of encryption consultancy Cryptosense, told ArsTechnica: "If you have a document digitally signed with someone's private key, you can't prove it was really them who signed it. Or if you sent sensitive data encrypted under someone's public key, you can't be sure that only they can read it."