Please turn JavaScript on
Attomus icon

Attomus

Welcome to Attomus’s blog - Cybersecurity, Advanced technology and Security discussions from around the globe.

Click on “Follow” and decide if you want to get news from Attomus via RSS, as email newsletter, via mobile or on your personal news page.

Subscription to Attomus comes without risk as you can unsubscribe instantly at any time.

You can also filter the feed to your needs via topics and keywords so that you only receive the news from Attomus which you are really interested in. Click on the blue “Filter” button below to get started.

Title: Attomus

Publisher:  attomus
Message frequency:  0.12 / day

Message History

A zero-knowledge proof lets one party prove to another that a statement is true whilst revealing nothing beyond the truth of the statement itself: not the evidence, not the underlying data, not the working, only the fact. It sounds like a conjuring trick, and most people, hearing it described, assume it cannot be done. It can.

The technique is not new. It was set out i...


Read full story

The short answer first: the quantum threat to public-key cryptography is real, it is not imminent, and almost everything needed to deal with it in an orderly fashion already exists. That combination is rare in security. One audience is told the sky is falling and sold “quantum-safe” products of uneven seriousness; another decides the whole business is decades away and files i...


Read full story

Every conversation about data security eventually arrives, or should arrive, at the same place. Not “is the data encrypted?” — almost everything is encrypted now, in some sense, somewhere. The question that actually determines your position is: who can use the keys without your participation?

It is remarkable how much architectural and marketing complexity exi...


Read full story

Ask most organisations why they trust a supplier with their data and the answer, once unpacked, is a stack of paper. A contract with a confidentiality clause. A SOC 2 report. An ISO 27001 certificate. A data processing agreement. Perhaps a penetration test summary, suitably redacted. Each of these documents says, in essence, the same thing: we promise to behave.

...

Read full story

Generative AI is already part of day-to-day business. Staff use it to summarise meetings, draft documents, write code, analyse data, speed up research, and automate routine tasks. Some of that use is sanctioned. Some of it is not.

That is the problem with shadow AI. It gives employees a useful shortcut, but it can also move client information, source code, personal dat...


Read full story