I came across this intriguing report recently -“Microsoft worker accidentally exposes 38TB of sensitive data in GitHub blunder — Included secrets, private keys, passwords, 30,000+ internal Teams messages” https://www.theregister.com/2023/09/18/more_microsoft_token_trouble/ What about the idea of the identical cryptographic keys generated on-the-fly when (only when) 3 out of 10 or so pre-registered…

“The Army’s Most Important Warfighting Tool Isn’t A Weapon, It’s A Network” https://www.forbes.com/sites/lorenthompson/2023/09/14/the-armys-most-important-warfighting-tool-isnt-a-weapon-its-a-network/?sh=4abca7ca127c I am concerned about what is not mentioned at ‘Cybersecurity’ in this report — “Tactical messages will need to be encrypted to avoid interception and exploitation by adversaries. …

Since we announced the formation of a team with the top brand of quantum resistant cryptography (*1), I sense the noticeable increase in the cases of unfounded criticism on our proposition of Expanded Password System. *1 “Cyber Leaders Join Forces to Protect Digital Identities and Data at Risk” https://usnavyseals.einnews.com/pr_news/644965697/cyber-leaders-join-forces-to-protect-digital-identities-and-data-at-risk

“Attackers access military data through fencing supplier” https://www.theregister.com/2023/09/04/zaun_breach_windows_7 We know that traditional solutions to cope with this kind of threats are - Encryption of the data + Decryption keys hidden somewhere on the device or net + Text-password protection of the personnel who handle decryption keys Now, although little known…

“Move over AI, quantum computing will be the most powerful and worrying technology” https://www.linkedin.com/posts/theteleports_move-over-ai-quantum-computing-will-be-the-activity-7106738158230274048-akU4 We are extremely lucky to have teamed up with the top brand of quantum resistant cryptography in 2023 — the ‘reset’ year for quantum computing according to this report. I expect to see more and more people fully convinced that quantum resistant cryptography would make the best sense when it comes with the most reliable identity authentication — However mathematically strong, the security that cryptography provides is not above the identity security of the people who handle a decryption key.

In my previous post “Shoulder Surfing — Possibility and Probability” https://www.linkedin.com/posts/hitoshikokumai_identity-authentication-password-activity-7106543136469905408-NzzE I mentioned the following - “Assume a solution that is effective in fending off the cyberattacks where people are careful about their security but fails to fend off the attacks where people are careless and reckless about their own…

You are describing a bad password easily broken by simply observing which image you access” This is a comment left on one of my recent posts written on the merits of image-based identity authentication. This is not an isolated case: I have heard similar ‘criticism’ from time to time over…

Today’s serious topic is serious — “Microsoft explains how China stole one of its secret keys” https://www.theregister.com/2023/09/06/microsoft_stolen_key_analysis/ Crypto keys hidden somewhere on the device or net could be stolen, whether crash dump or otherwise, and could wreak havoc. …

Someone presumably sowed the seed of confusion decades ago when they came up with a numbers-only short password and called it ‘PIN = Personal Identification Number’ instead of ‘Personal Authentication Number’. It is like “This is a fork called a knife. Amazingly, cybersecurity people apparently did not argue and were…