Connect with us

Google Disables Quantum Security In Chrome Due To Software Bug

Published

on

A number of network devices with middleware are causing website connection failures.

Google specialists suspended Combined Elliptic-Curve and Post-Quantum 2 (CECPQ2) quantum security feature in Chrome. Experts have learned that a number of network devices with middleware are causing unexpected website connection failures for some users with CECPQ2 enabled.

Combined Elliptic-Curve and Post-Quantum 2 is designed to improve cryptography around TLS connections. When quantum computers become widely available in the future, attackers will not be able to decrypt HTTPS traffic and access to past secure communications.

CECPQ2 was developed in 2016 in collaboration with Cloudflare engineers and is included in Chrome 91 this May. The feature adds isogeny-based key agreements to the TLS negotiation component in Chrome to strengthen the encrypted HTTPS connection.

The error occurred because CECPQ2 was generating large TLS packets. According to Google, some devices with communication software cannot process these packets, resulting in unexpected connection failures.

With the release of Chrome 93, the tech giant has announced that it will temporarily disable CECPQ2 for all users. This will allow the company to work with the vendors of the affected middleware devices to release the required fixes. CECPQ2 will remain disabled for Chrome versions 93 and 94.

Users who would still like to use CECPQ2 can manually enable this feature by setting the following Chrome flag to “Enabled”:

chrome: // flags / # post-quantum-cecpq2

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Want to learn how to work with cloud databases and take the DP-900 certification exam for free?

Published

on

Take a two-day training session from Microsoft on October 25 and 26.

From Microsoft experts, you will learn about the key principles of Azure services, proven approaches, and the specifics of working with relational and non-relational data.

Have time sign up for training

Continue Reading

Security

Women and minorities are more likely to be cyberattacks than other people

Published

on

Women are more likely than men to receive messages from unknown numbers containing potentially malicious links.

Demographics play a large role in how often people are victims of cybercrime. Low-income and vulnerable populations are disproportionately affected by cybercrime. As the results showed poll 5 thousand people in Germany, the UK and the US, conducted by experts from Malwarebytes, Digitunity and Cybercrime Support Network, minorities, as well as groups of people with low income and low educational level, are more likely to be victims of a cyber attack. Some groups are much more likely to face online threats.

For example, women are much more likely to receive text messages from unknown numbers containing potentially malicious links than men (79% versus 73%). Almost half (46%) of women said their social media accounts had been hacked, compared with 37% of men.

Black, Indigenous and People of Color (BIPOC) social media accounts are more likely to be attacked than whites (45% versus 40%); BIPOC populations are also more likely to experience identity theft (21% versus 15%). In fact, only 47% of BIPOC respondents escaped the financial consequences of cybercriminals.

Age is also an important factor. 36% of people aged 65 and over have been victims of credit card information theft.

21% of women and 23% of BIPOC respondents experienced “significant” stress when faced with suspicious online activity.

According to the report, the statistics are linked to the overall sense of security (or lack thereof) in cyberspace. While half of all respondents do not feel secure online and 31% do not feel safe online, the numbers are different for women. Women feel the least private online (53% versus 47% of men) and the least secure (35% versus 27% of men).

Socioeconomic class also matters. People with higher incomes (51%) feel more secure online than people with lower incomes (40%). The same is true for educational attainment – users with the highest educational attainment feel more secure (48%) than those who graduated only from college (44%) or high school (40%).

Continue Reading

Security

The United States launched a program to replace network equipment Huawei and ZTE

Published

on

The US government allocated $ 1.9 billion for the implementation of the program.

On Monday, September 28, the US Federal Communications Commission (FCC) announced the launch of a program to replace network equipment of telecom operators in rural areas. The government allocated $ 1.9 billion to implement the program, writes Reuters.

The program was approved in July 2021, and applications for participation in it will open on October 29 and will last until January 14, 2022. Its goal is to remove from the networks of American telecom operators equipment manufactured by Chinese companies recognized in the United States as a threat to national security, in particular Huawei and ZTE.

Last year, the FCC recognized Huawei and ZTE as a threat to national security, thereby depriving US companies of the ability to use the $ 8.3 billion government fund to buy equipment from them. In December, the FCC passed regulations requiring carriers using ZTE and Huawei equipment to “dispose of and replace” it.

The requirement is a big problem for telecom operators in rural areas, which do not have the financial ability to purchase new equipment and find specialists who are able to carry out such a replacement.

The latest FCC ruling expands the program from telecom operators with 2 million or less subscribers to operators with 10 million or less subscribers.

Continue Reading

Most Popular