Trust Service Providers according to eIDAS

Trust Service Providers (TSPs) are an idea that has come of age in Europe.  The notion of individual citizen privacy is still in debate in the US given the fact that President Trump and both houses of Congress recently passed legislation that effectively eliminates public privacy in the digital world.

How Trust Service Providers assure identification of signatories & services by using strong authentication, digital certificates & electronic signatures

Source: Trust Service Providers according to eIDAS

Thanks to Cryptomathic

Researchers exploit weakness in Apple iMessage encryption

“John Hopkins researchers were able to exploit a vulnerability in iOS 9.3 and decrypt media sent across the iMessage platform.”

The SafeJunction Digital Identity Vault platform is OS and transport agnostic – a great advantage for the security and privacy of your data.

Source: Researchers exploit weakness in Apple iMessage encryption | ZDNet


Thanks to ZDNet

IoT begs for Privacy

Gartner forecasts that there will be 4.9 billion connected things globally in 2015, reaching 25 billion by 2020– more than three times the number of people on earth today.  Do we actually think that the data generated from the three gadgets that every man woman and child on earth will possess or use will NOT subject us to some form of threat or intrusion?  Not to be negative mind you, but today many of us lock our doors, secure our phones and computers with passwords, and take efforts- however minor – to protect our identities, property, and things we care about.

As the world continues to expand, we will want to conduct ourselves openly – and with greater transparency – than any time in the history of mankind.  With openness comes expectations of trust, security, and honesty.   So why not create simple and effective methods to exclude clutter, intrusions, unwanted attention, and uninvited contact?

The possibilities for transparent privacy and security are endless and have created a tremendous opportunity for cost-effective products and services that will augment the systems we currently use – those that have not yet provided and environment where we can lead our lives without digital graffiti.


Thanks to our friends at SafeJunction

Police crackdown on pirated content sites sees 73% drop in advertising

Realizing that copyright theft probably doesn’t matter too much to the average Internet user, the crackdown on content sites is a small victory in the effort to clean-up the Internet.

Watch for a number of new products from SafeJunction that enable producers to protect their content and for users to assure that the materials they legally own are protected from illegal search and seizure.

Source: Police crackdown on pirated content sites sees 73% drop in advertising | The Drum

Thanks to The Drum

LastPass just got hacked, so it’s time to change your password

You woulda thought that the password keeper standard bearer, LastPass, could keep from being breached.  It just goes to show that there is no such thing as perfect security or identity protection.  So we’ll keep on rolling out products and services that will deter threats and maybe avoid short-term compromises.  As to the future . . .

“we have found no evidence that encrypted user vault data was taken”

Source: LastPass just got hacked, so it’s time to change your password

Keys to the Kingdom

We’ve written and discussed the difference between physical 20th Century and digital 21st Century privacy and security.  Formerly we depended upon physical boundaries and controls while now we depend much more upon virtual (digital) systems and technologies to protect our information and intellectual property.  Yes, we still physically lock our doors (at least some of us still do) and automobiles, but the emergence of technology systems that will supplant traditional bolts and locks are emerging.  IoT, the Internet of Things is leading the charge.

Physical control, possession, or occupancy has always been the standard against which risk or security was measured.  Today we depend more upon passwords, identity verification and validation, embedded cookies, two-factor authentication, bio-systems like thumbprint and iris scanners, RSA random number keys, and many more sophisticated means of limiting the number of possible handshake pairs to protect ourselves or our devices.

SafeJunction’s position is that third-party management of identity and privacy needs to take control over devices and messages and move it away from the user to locations and systems that may or may not have hardened firewalls, but which are harder to track, trace, or locate easily.

Understand, there is no perfect security or privacy system.  Like the famous tale of the jailer and the prisoner:  The jailer must know thousands of escape possibilities while the prisoner only needs to devise one.  So perfect security is mostly a dream, yet complex identity and privacy systems will increase the time it takes to find “stuff” so that the bad guys (you can decide who they are) won’t be able to compromise a complete privacy system quickly or easily.


So the new “keys” are cryptographic, the new privacy is encryption, and SafeJunction believes that users will quickly be attracted to reasonably priced products that protect identity and privatize information, messages, and data.

Look for the release of SafeJunction “Digital Identity Vault” platform products later this year.

Thanks to SafeJunction

Health checks by smartphone raise privacy fears

“Authorities and tech developers must stop sensitive health data entered into applications on mobile phones ending up in the wrong hands, experts warn.”

The problem isn’t the data itself, but the ability for the application provider’s database identifying the user.  The identity of the user (wearer) of the data collection device must be protected.

Health checks by smartphone raise privacy fears – Yahoo News.

Thanks to Yahoo News

IoT Requires Changes From Identity and Access Management Space

“In November, Gartner predicted 4.9 billion devices would be Internet-connected in 2015. Securing those devices however remains a challenge that consumers, IT departments and vendors will have to face. This is particularly true when it comes to the subject of authentication, and according to Gartner analyst Earl Perkins, current IAM solutions cannot meet the scale or complexity that IoT demands of the enterprise.”

via IoT Requires Changes From Identity and Access Management Space: Gartner | SecurityWeek.Com.

Image result for Identity security images

Thanks to : Gartner and SecurityWeek.Com

Staples breach exposed 1.16 million payment cards | TheHill

We continue to be appalled that our private financial information is compromised when a major retailer is hacked.

It would make more sense to this tech pro if we assumed that this would happen and then took steps to protect ourselves.

That means work.  Changing passwords, re-pinning credits cards.  Requesting new cards periodically and seeking identity protection.

Identity protection is an emerging industry.

Stay Tuned.

Staples breach exposed 1.16 million payment cards | TheHill.

Thanks to TheHill