|By Maxime Charlès||
|June 19, 2014 03:51 AM EDT||
En matière de chiffrement de données, le logiciel gratuit et open source TrueCrypt a longtemps fait office de référence absolue. Seulement voilà, depuis le 28 mai dernier, les développeurs de TrueCrypt ont surpris toute la communauté informatique en affichant sur la page Sourceforge du projet ce message :
« Attention : l’utilisation de TrueCrypt n’est pas sûre, car il peut contenir des problèmes de sécurité non résolus »
Ils précisent même quelques lignes plus bas que « le développement de TrueCrypt a cessé en mai 2014 après que Microsoft ait arrêté le support de Windows XP ».
Rappel sur les avantages de TrueCrypt
Le logiciel TrueCrypt existe depuis une dizaine d’années et sa réputation avait fait de lui un des outils les sûrs en matière de sécurité des données. Cet outil avait acquis sa renommée lors d’une affaire financière en juillet 2008 (Opération Satyagraha), où l’institut Nationale de Criminologie Brésilienne (INC) puis le FBI, après 1 an de travail, se sont tour à tour retrouvé dans l’incapacité de décrypter les données de Daniel Dantas, le banquier accusé de fraudes financières.
Son mode fonctionnement simple mais terriblement efficace est basé sur des algorithmes de chiffrement comme AES, Serpent et Twofish. Il compte, à ce jour, des millions d’utilisateurs à travers le monde. Il était réellement une référence dans le domaine des logiciels de sécurité en informatique.
En février dernier, un rapport d’audit (Open Crypto Audit Project) avait démontré que le logiciel ne souffrait d’aucunes failles majeures. Quelques mois plus tôt, le gouvernement français par l’intermédiaire de l’Agence nationale de la sécurité et des systèmes d’information (ANSSI) avait délivré à l’outil un certificat de sécurité de premier niveau. (CSPN). Il est d’autant plus étonnant de constater cet arrêt soudain et brutal.
Les alternatives à TrueCrypt
Quelques temps après l’annonce de l’abandon du support de TrueCrypt, de l’Agence nationale de la sécurité et des systèmes d’information a publié un communiqué pour recommander, en vertu du principe de précaution, une liste de solutions de chiffrement alternatives. L’ANSSI cite alors des logiciels comme ZoneCentral, StormShield Cryhod, Zed! ou Security Box.
La communauté open source s’est également mobilisée pour continuer à offrir une alternative gratuite et dont le code source reste disponible. Depuis la disparation de TrueCrypt, trois forks (logiciel crée à partir d’un code source existant) ont vu le jour : Ciphersed.org, TrueCrypt.ch et une solution française VeraCrypt, développée par la société Idrix, qui promet d’avoir même améliorer la sécurité de l’outil.
The post Les alternatives à TrueCrypt pour le chiffrement de données appeared first on Provectio - Cloud Computing et Infogérance.
Building low-cost wearable devices can enhance the quality of our lives. In his session at Internet of @ThingsExpo, Sai Yamanoor, Embedded Software Engineer at Altschool, provided an example of putting together a small keychain within a $50 budget that educates the user about the air quality in their surroundings. He also provided examples such as building a wearable device that provides transit or recreational information. He then reviewed the resources available to build wearable devices at home including open source hardware, the raw materials required and the options available to power s...
Jan. 28, 2015 11:00 AM EST Reads: 2,237
“The age of the Internet of Things is upon us,” stated Thomas Svensson, senior vice-president and general manager EMEA, ThingWorx, “and working with forward-thinking companies, such as Elisa, enables us to deploy our leading technology so that customers can profit from complete, end-to-end solutions.” ThingWorx, a PTC® (Nasdaq: PTC) business and Internet of Things (IoT) platform provider, announced on Monday that Elisa, Finnish provider of mobile and fixed broadband subscriptions, will deploy ThingWorx® platform technology to enable a new Elisa IoT service in Finland and Estonia.
Jan. 28, 2015 11:00 AM EST Reads: 1,658
Advanced Persistent Threats (APTs) are increasing at an unprecedented rate. The threat landscape of today is drastically different than just a few years ago. Attacks are much more organized and sophisticated. They are harder to detect and even harder to anticipate. In the foreseeable future it's going to get a whole lot harder. Everything you know today will change. Keeping up with this changing landscape is already a daunting task. Your organization needs to use the latest tools, methods and expertise to guard against those threats. But will that be enough? In the foreseeable future attacks w...
Jan. 28, 2015 11:00 AM EST Reads: 3,002
From telemedicine to smart cars, digital homes and industrial monitoring, the explosive growth of IoT has created exciting new business opportunities for real time calls and messaging. In his session at @ThingsExpo, Ivelin Ivanov, CEO and Co-Founder of Telestax, shared some of the new revenue sources that IoT created for Restcomm – the open source telephony platform from Telestax. Ivelin Ivanov is a technology entrepreneur who founded Mobicents, an Open Source VoIP Platform, to help create, deploy, and manage applications integrating voice, video and data. He is the co-founder of TeleStax, a...
Jan. 28, 2015 10:45 AM EST Reads: 3,113
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover how hardware commoditization, the ubiquitous nature of connectivity, and the emergence of Big Data a...
Jan. 28, 2015 10:45 AM EST Reads: 2,996
"There is a natural synchronization between the business models, the IoT is there to support ,” explained Brendan O'Brien, Co-founder and Chief Architect of Aria Systems, in this SYS-CON.tv interview at the 15th International Cloud Expo®, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Jan. 28, 2015 10:45 AM EST Reads: 3,478
We certainly live in interesting technological times. And no more interesting than the current competing IoT standards for connectivity. Various standards bodies, approaches, and ecosystems are vying for mindshare and positioning for a competitive edge. It is clear that when the dust settles, we will have new protocols, evolved protocols, that will change the way we interact with devices and infrastructure. We will also have evolved web protocols, like HTTP/2, that will be changing the very core of our infrastructures. At the same time, we have old approaches made new again like micro-services...
Jan. 28, 2015 10:30 AM EST Reads: 2,431
The Internet of Things will greatly expand the opportunities for data collection and new business models driven off of that data. In her session at @ThingsExpo, Esmeralda Swartz, CMO of MetraTech, discussed how for this to be effective you not only need to have infrastructure and operational models capable of utilizing this new phenomenon, but increasingly service providers will need to convince a skeptical public to participate. Get ready to show them the money!
Jan. 28, 2015 10:30 AM EST Reads: 2,860
Disruptive macro trends in technology are impacting and dramatically changing the "art of the possible" relative to supply chain management practices through the innovative use of IoT, cloud, machine learning and Big Data to enable connected ecosystems of engagement. Enterprise informatics can now move beyond point solutions that merely monitor the past and implement integrated enterprise fabrics that enable end-to-end supply chain visibility to improve customer service delivery and optimize supplier management. Learn about enterprise architecture strategies for designing connected systems tha...
Jan. 28, 2015 10:00 AM EST Reads: 2,980
The Internet of Things is a misnomer. That implies that everything is on the Internet, and that simply should not be - especially for things that are blurring the line between medical devices that stimulate like a pacemaker and quantified self-sensors like a pedometer or pulse tracker. The mesh of things that we manage must be segmented into zones of trust for sensing data, transmitting data, receiving command and control administrative changes, and peer-to-peer mesh messaging. In his session at @ThingsExpo, Ryan Bagnulo, Solution Architect / Software Engineer at SOA Software, focused on desi...
Jan. 28, 2015 10:00 AM EST Reads: 2,272
Today’s enterprise is being driven by disruptive competitive and human capital requirements to provide enterprise application access through not only desktops, but also mobile devices. To retrofit existing programs across all these devices using traditional programming methods is very costly and time consuming – often prohibitively so. In his session at @ThingsExpo, Jesse Shiah, CEO, President, and Co-Founder of AgilePoint Inc., discussed how you can create applications that run on all mobile devices as well as laptops and desktops using a visual drag-and-drop application – and eForms-buildi...
Jan. 28, 2015 10:00 AM EST Reads: 2,723
"For over 25 years we have been working with a lot of enterprise customers and we have seen how companies create applications. And now that we have moved to cloud computing, mobile, social and the Internet of Things, we see that the market needs a new way of creating applications," stated Jesse Shiah, CEO, President and Co-Founder of AgilePoint Inc., in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Jan. 28, 2015 09:30 AM EST Reads: 2,223
Things are being built upon cloud foundations to transform organizations. This CEO Power Panel at 15th Cloud Expo, moderated by Roger Strukhoff, Cloud Expo and @ThingsExpo conference chair, addressed the big issues involving these technologies and, more important, the results they will achieve. Rodney Rogers, chairman and CEO of Virtustream; Brendan O'Brien, co-founder of Aria Systems, Bart Copeland, president and CEO of ActiveState Software; Jim Cowie, chief scientist at Dyn; Dave Wagstaff, VP and chief architect at BSQUARE Corporation; Seth Proctor, CTO of NuoDB, Inc.; and Andris Gailitis, C...
Jan. 28, 2015 09:00 AM EST Reads: 2,663
Recurring revenue models are great for driving new business in every market sector, but they are complex and need to be effectively managed to maximize profits. How you handle the range of options for pricing, co-terming and proration will ultimately determine the fate of your bottom line. In his session at 15th Cloud Expo, Brendan O'Brien, Co-founder at Aria Systems, session examined: How time impacts recurring revenue How to effectively handle customer plan changes The range of pricing and packaging options to consider
Jan. 28, 2015 09:00 AM EST Reads: 2,577
The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, data security and privacy.
Jan. 28, 2015 09:00 AM EST Reads: 2,675
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
Jan. 28, 2015 07:00 AM EST Reads: 7,824
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series data. By focusing on enterprise applications and the data center, he will use OpenTSDB as an example t...
Jan. 28, 2015 02:45 AM EST Reads: 3,000
Code Halos - aka "digital fingerprints" - are the key organizing principle to understand a) how dumb things become smart and b) how to monetize this dynamic. In his session at @ThingsExpo, Robert Brown, AVP, Center for the Future of Work at Cognizant Technology Solutions, outlined research, analysis and recommendations from his recently published book on this phenomena on the way leading edge organizations like GE and Disney are unlocking the Internet of Things opportunity and what steps your organization should be taking to position itself for the next platform of digital competition.
Jan. 28, 2015 02:00 AM EST Reads: 2,931
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using the URL as a basic building block, we open this up and get the same resilience that the web enjoys.
Jan. 28, 2015 02:00 AM EST Reads: 2,907
SYS-CON Media announced that Splunk, a provider of the leading software platform for real-time Operational Intelligence, has launched an ad campaign on Big Data Journal. Splunk software and cloud services enable organizations to search, monitor, analyze and visualize machine-generated big data coming from websites, applications, servers, networks, sensors and mobile devices. The ads focus on delivering ROI - how improved uptime delivered $6M in annual ROI, improving customer operations by mining large volumes of unstructured data, and how data tracking delivers uptime when it matters most.
Jan. 28, 2015 01:45 AM EST Reads: 3,701