In a recent story about the U.S. National Security Agency’s controversial Internet surveillance operations, the New York Times reported that “the agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems.”
The bolding is mine, because if in fact the agency did crack the encryption schemes used for bank transactions (the Times is somewhat unclear on that point), then in doing so it may have solved a math problem that has long puzzled cryptographers and number theorists alike.
To help prevent breaches, mobile devices should be encrypted even if storage of sensitive information on them is prohibited, says security expert Melodi Mosley Gates.
Even with the best of intentions, and the most technically enforced policy, a ban for putting sensitive information on mobile devices is probably not going to be 100 percent effective,
That's because all mobile devices enable users to enter data and to receive e-mails that may, in some cases, contain sensitive information.
The Internet Protocol, version 6 (IPv6) was designed to alleviate the address space
limitations of IPv4 and provide additional security and routing capabilities. The protocol
itself, however, can be misused to deliver malware in a way that eludes detection by
firewalls or intrusion detection systems (IDS) not configured to recognize IPv6 traffic.
This problem can be amplified in cases where malware is used to reconfigure vulnerable hosts to allow IPv6 traffic.
Conditions and Technology