TechLetters #85 - NIST quantum-resistant cryptography. Breaches may cause bankruptcy. Apple lets users disable some features to gain more security

Security

European and American organizations put at risk of bankruptcy after cybersecurity breaches. "median cost of a cyber attack almost $17k". Layoffs after a breach happened in some cases. Report here. But watch out, this company is offering cyber insurance. It’s in their interest to publish such reports. Disclaimer: this newsletter is (sadly!) not funded in any way :-)

NIST selected Quantum-Resistant Cryptographic Algorithms. CRYSTALS-KYBER (key-establishment, for encryption), CRYSTALS-Dilithium, FALCON, Sphincs+ (digital signatures), release. Full report about Quantum-Resistant Cryptographic Algorithms is here. This is a big decision. Transitions will take time. Quantum-resistant transition is now a thing. That said, there is no reliable quantum computer around the corner. It’s a hypothetical risk. Yet, it may be viewed as a high impact risk that could potentially nullify today’s encryption. So it makes sense to try to prepare.

Apple deploys security-enhanced Lockdown Mode. Extra hardening at the expense of limited functionality. That functionality typically responsible for hacking iPhones. Indeed, more functions means larger threat surface. Less features - systems easier to secure. Most users can choose not to use this. But those at risk should choose security over functionality. For example: at-risk journalists, activists, CEOs, policymakers. Presidents and Prime Ministers should turn it on.

Privacy

Technology Policy

Other

---

In case you feel it's worth it to forward this content further:

If you’d like to share: