Our Miami based client is looking to create a team of Sr Systems Engineers to act as the final point of contact for all escalated issues regarding the implementation of a proprietary  POS System.  This team will be part of a large deployment & be considered Level 3 Tier Support.  MUST have extensive knowledge -Windows Desktop applications.  The team will consist of both perm and contract employees.
Six years ago, two Microsoft cryptography researchers discovered some weirdness in an obscure cryptography standard authored by the National Security Agency. There was a bug in a government-standard random number generator that could be used to encrypt data.
The researchers, Dan Shumow and Niels Ferguson, found that the number generator appeared to have been built with a backdoor — it came with a secret numeric key that could allow a third party to decrypt code that it helped generate.
According to Thursday’s reports by the ProPublica, the Guardian, and The New York Times, classified documents leaked by NSA whistleblower Edward Snowden appear to confirm what everyone suspected: that the backdoor was engineered by the NSA. Worse still, a top-secret NSA document published with the reports says that the NSA has worked with industry partners to “covertly influence†technology products.
That sounds bad, but so far, there’s not much hard evidence about what exactly has been compromised. No company is named in the new allegations. The details of the reported modifications are murky. So while much of the internet’s security systems appear to be broken, it’s unclear where the problems lie.
The result is that the trustworthiness of the systems we used to communicate on the internet is in doubt. “I think all companies have a little bit of taint after this,†says Christopher Soghoian, a technologist with the American Civil Liberties Union.
The latest documents show that the NSA has vast crypto-cracking resources, a database of secretly held encryption keys used to decrypt private communications, and an ability to crack cryptography in certain VPN encryption chips. Its goal: to crack in a widespread way the internet’s security tools and protocols.
David Dampier, the director of the Center for Computer Security Research at Mississippi State University, says it’s “wrong†for companies to add backdoors. But he added that the latest revelations of the government’s alleged decryption capabilities aren’t surprising.
“I think that no encryption created by anyone is going to protect you from everyone. The stronger the encryption the harder they are going to work to decrypt it,†he said. “I don’t care what company is selling you encryption software. Whatever they are going to sell you, it can be decrypted. There’s nothing that is infallible.â€
The reports talk about the NSA’s attempts to exploit software bugs, break codes and accumulate encryption keys — this is all stuff that most security experts expected the surveillance agency to be doing. But here’s the most unsettling part: A leaked excerpt from the agency’s 2013 budget request talks about the NSA working with “US and foreign IT industries to covertly influence and/or overtly leverage their commercial products designs.†The document explicitly says: “These design changes make the systems in question exploitable.â€
Daniel Castro, a senior analyst with the Information Technology and Innovation Foundation, calls the latest leaks disturbing. “We went through this debate with the Clipper Chip, and it was clear where public opinion stood,†he says, referring to a backdoor technology the NSA wanted to install in all encryption two decades ago.
“If these claims are true, and the NSA introduced backdoors into global security standards, this seems like a clear perversion of democracy,†Castro added. “This just further erodes the competitiveness of U.S. tech companies. In particular, I think this enlarges the scope of companies that will suffer backlash since cryptographic standards are often embedded in hardware.â€
Castro wrote a report last month predicting that Snowden’s PRISM revelations could cost the U.S. cloud-computing industry as much as $35 billion over the next three years as companies shied away from U.S. internet service providers, which are said to be providing government access to their servers.
You’ll hear much the same from Dave Jevans, the founder of Marble Security, an enterprise mobile security provider and the former chief executive of IronKey, He says that it “would be extremely bad†for a tech company to give the government a backdoor.
“It may not be the death knell,†he added, referring to Crypto AG, a Swiss encryption companies alleged to have rigged their machines for the NSA in the 1990s. â€They’re still around, but barely.â€
But not everyone thinks that U.S. competitiveness will be hit. The documents talk about the NSA working with foreign companies too. “I don’t think there’s going to be any direct major impact because there aren’t any other countries that are cherubs in all this either,†says Paul Kocher, president of Cryptography Research.
The number generator found in 2007 — called Dual_EC_RNG — was hardly a technical triumph. It was clumsy and slow and never widely used, but it is supported in Microsoft’s Windows operating system.
Microsoft has said in the past that it does not provide the government with “direct and unfettered†access to customer data, and it says much the same today. “We have significant concerns about the allegations of government activity reported yesterday and will be pressing the government for an explanation,†the company said Friday.
But the doubt is still there. And that’s the problem.
By DAVID KRAVETS AND ROBERT MCMILLAN
Over the years, SherlockTech has given away thousands of Dollars in referral cash and with our Lucy Number Poker Chip cash draw.
We’ve been handing out $100 Lucky Number Poker Chips at user group meetings and networking events all over South Florida. Now we are offering all our newsletter readers the opportunity to Earn $100 Cash with SherlockTech Virtual Poker Chip.
We have developed Virtual Poker Chips! It works like this – every time you register for and event through the the SherlockTech Newsletter or the SherlockTech Event Calendar, you will be offed the opportunity to register for a Virtual Poker Chip. Once registered, your V-Chip will be emailed to you. Just keep an eye on upcoming SherlockTech Newsletters of the SherlockTech Facebook page for winning number announcements.
The IT Palooza band is ready to ROCK-n-ROLL again with you!
We need you!
We need guest IT professionals that play music and have some chops in ANY instrument!
Here’s what we need from you:
If you got what it takes, then you are all set to play with The IT Palooza band this December 2013!
If (You_Got_What_It_Takes == true)
ItPaloozaBand = ITPaloozaBand + 1;
Come and join us, show off your chops and have some fun!
http://itpalooza.e2mktg.com/itpalooza-band/
Here are some video clips from IT Palooza 2012:
IT Palooza – Almost Cut My Hair
http://www.youtube.com/watch?v=O5t02tcPFDY
IT Palooza – Folsom Prison Blues
http://www.youtube.com/watch?v=k0jx3GDhu6g
IT Palooza – Mr Jones
http://www.youtube.com/watch?v=uQ_Jzqavpek
IT Palooza – Right Place Wrong Time
On Thursday August 29th, the iCoast CIO Council held its yearly cocktail reception and sponsor appreciation evening at the trendy YOLO restaurant in Las Olas, Fort Lauderdale. Sponsors, vendors and iCoast CIO members enjoyed a great evening of networking, food and hospitality.
Want to hire great developers, business analysts, engineers or project manager?
