[IS&T Security-FYI] SFYI Newsletter, February 25, 2013

Monique Yeaton myeaton at MIT.EDU
Mon Feb 25 17:22:18 EST 2013 

In this issue:


1. Beefing Up Public-Key Encryption

2. Still on Windows XP? Be Prepared to Migrate.

3. Identity Theft: Not so Funny for Most of Us

4. Laptop Tagging and Registration, Feb. 28



-------------------------------------------------

1. Beefing Up Public-Key Encryption

-------------------------------------------------


Public-key encryption is used by most financial transactions on the Internet. This cryptographic technique uses two keys that are mathematically related. One, the public key, is published on the Internet and any sender can use it to encrypt a message. The second, the private key, is known only to the recipient, and is required for decryption.


Financial institutions are seeking security against sophisticated attacks, called chosen-cyphertext attacks (CCA), that are able to successfully decrypt these public-key encrypted messages. The challenge is coming up with a scheme to protect public-key encryption from these attacks.


A pair of MIT postdocs presented a way to do so at MIT's Computer Science and Artificial Intelligence Lab. They showed a way to take a vulnerable public-key encryption scheme and turn it into a secure scheme.


Read the story online at the MIT News Office<http://web.mit.edu/newsoffice/2013/beefing-up-public-key-encryption-0215.html>.



----------------------------------------------------------------

2. Still on Windows XP? Be Prepared to Migrate.

-----------------------------------------------------------------


Are you prepared for the de-support of Windows XP<http://windows.microsoft.com/eos>? Microsoft support for Windows XP is ending April 8, 2014 and those users running the operating system after support ends will not receive security updates for Windows. Why are security updates important?<http://ist.mit.edu/security/patches>


IS&T now provides and supports Windows 7 in full and offers limited support for the business-class versions of Windows 8 (including Pro and Enterprise). The IS&T Software Grid<http://ist.mit.edu/software-hardware?type=33&platform=Windows&users=All&title=&recommended_only=All> shows which versions are available for download.


There are known issues running some software on Windows 8 machines, so if you rely on an application that is not yet fully compatible with Windows 8, you should hold off on upgrading or purchasing a new machine with Windows 8. Until software vendors have released versions of their applications that are compatible with Windows 8, IS&T will be unable to support them.



------------------------------------------------------------

3. Identity Theft: Not so Funny for Most of Us

-------------------------------------------------------------


I don't know if you've seen it listed in the movie section of your local paper, but Identity Thief, the movie, was released a week or two ago. I was pretty excited to see this, considering that the main focus of my job to help people protect against identity theft.


How quickly my excitement turned to disappointment, when I realized from the synopsis that the movie is a comedy<http://www.fandango.com/identitythief_v556210/plotsummary>. A poor sod gets his identity stolen by a unrepentant fraudster, who turns his credit rating into shambles and steals his carefully saved funds. He then goes on a mission to clear his name by going after her.


Not having seen the movie, I can't say too much about it, except this: although it didn't get high ratings from reviewers, it's currently at the top of the past week's box office ratings. So maybe there's something to be said for wanting to see a victim go after his identity thief.


For those of us who can't actually do this, here are some tips for preventing identity theft<http://ist.mit.edu/security/identity> from occurring in the first place.



--------------------------------------------------------

4. Laptop Tagging and Registration, Feb. 28

--------------------------------------------------------


On February 28, 11:00am - 1:00pm, laptop registration will be in W92–106A


On Thursday, MIT Campus Police is providing an opportunity for those in the West MIT Campus to tag and register laptop computers and electronic devices.


When registering your device, it receives a STOP tag. This loss prevention measure is a visible deterrent to theft. Take a look at this video<http://web.mit.edu/cp/www/_docs/theft_deterrent.wmv> to see the results. Each tag costs $10. Cash or a G/L account is accepted (no TechCash).


Details of this service and all upcoming dates and locations are listed here<http://kb.mit.edu/confluence/display/istcontrib/Campus+Police+Laptop+Tagging+and+Registration#CampusPoliceLaptopTaggingandRegistration-Q%3AWhereandwhencanIhaveequipmenttagged%3F>.



===================================================================================

Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.

===================================================================================

Thanks,

Monique

=========================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20130225/e7932f3c/attachment.htm

More information about the ist-security-fyi mailing list