cryptography

AppWizard
July 1, 2026
B3 has deployed a secure mobile solution to 1,000 employees in two weeks using Android Enterprise, enhancing security with AI threat detection and Managed Google Play. The transition is expected to yield a 30% cost savings over the next decade. B3 prioritized security and compliance while providing devices that ensure constant availability and productivity. The deployment process was streamlined through collaboration with Samsung and Android Enterprise's zero-touch enrollment, allowing centralized management of devices. Employees received lightweight devices with 7-inch screens and longer battery life, leading to positive feedback. B3 is also expanding its use of AI to improve productivity and plans to refresh hardware more frequently due to the anticipated cost savings.
Winsage
June 19, 2026
Microsoft has introduced the Microsoft Execution Containers (MXC) SDK to establish Windows as a reliable operating system for autonomous agents, focusing on containment, identity, and manageability. The MXC framework serves as a policy-driven execution layer for agents on Windows and Windows Subsystem for Linux (WSL), allowing developers to set access permissions using JSON or TypeScript. It employs process and session isolation for agent containment and identity. Future enhancements will include micro-VM support for high-risk tasks and integration with Windows 365 for cloud PC workloads. IT teams can manage MXC policies through Entra ID and Intune, while Defender and Purview provide protection and observability. The MXC framework is built on Microsoft's security initiatives, including Secure Boot and passwordless sign-in, allowing agents to inherit a secure foundation. However, early commentary expresses caution regarding MXC's perception as a comprehensive security solution, noting issues with overly permissive policies and the lack of outbound network filtering. Other platforms, such as Linux, are also enhancing security for agents with kernel-level isolation and secure environments like NVIDIA's OpenShell runtime. Various projects are focusing on agent sandboxes within Kubernetes, employing technologies like gVisor and Kata Containers for isolation. Overall, no singular dominant platform security model for AI agents has emerged, with Windows' MXC still considered nascent compared to existing solutions in Linux and Kubernetes ecosystems.
AppWizard
June 5, 2026
Google Chrome has achieved scores of 61 in Speedometer 3.1 and 469 in JetStream 3, marking a 10% increase in JetStream and a 5% boost in Speedometer compared to the previous year. These benchmarks were measured on a MacBook Pro with macOS 26.0.1 and the Apple M5 chip. Enhancements in Chrome's performance are largely due to improvements in the V8 JavaScript engine, which included optimizations for asynchronous tasks, string comparison, and data sorting. The Chrome team has improved code optimization decision-making and made advancements in BigInt handling and memory allocation for security. Additionally, Chrome has upgraded WebAssembly performance, optimizing internal data management and compiler times. The rendering engine, Blink, has been tuned for better code translation into visual pages, and page loading has been improved through SIMD processing and optimizations in typography and graphics handling.
Winsage
June 4, 2026
Active Directory Certificate Services (ADCS) now supports the generation of post-quantum certificates, enhancing quantum-safe cryptography within Windows' secure connection protocols. Microsoft has integrated PQ TLS hybrid key exchange into the Windows Transport Layer Security (TLS) stack, providing protection against "Harvest Now, Decrypt Later" attacks. The PQ TLS hybrid key exchange combines traditional cryptographic methods with the NIST ML-KEM algorithm, offering three hybrid combinations: X25519MLKEM768, SecP256r1MLKEM768, and SecP384r1_MLKEM1024. This feature is available in preview via the Windows Insider Program and will be rolled out to Windows 11 and Windows Server. Additionally, Windows cryptography APIs now support composite ML-KEM and ML-DSA algorithms, which are NIST-approved standards for key exchange and digital signatures, enhancing security by requiring multiple components to be compromised. Microsoft emphasizes the importance of establishing new Certification Authorities (CAs) for implementing post-quantum certificate issuance, as existing CAs cannot be upgraded. The introduction of ML-DSA support within ADCS allows organizations to counter HNDL risks associated with long-lived data. Organizations are encouraged to inventory their use of public-key cryptography, prioritize systems protecting sensitive data, and test hybrid and composite approaches in non-production environments to facilitate a smooth transition to quantum-safe cryptography.
Winsage
May 28, 2026
A Secure Boot certificate refresh is being deployed across supported Windows devices via Windows Update. The Secure Boot certificates from 2011 will begin to expire in June 2026, prompting Microsoft to introduce new 2023-dated certificates to maintain security. Most users will require minimal action if their PCs are updated, but older devices may face challenges. The current certificates include: - Microsoft Corporation KEK CA 2011: expires June 24, 2026 - Microsoft UEFI CA 2011: expires June 27, 2026 - Microsoft Windows Production PCA 2011: expires October 19, 2026 The new certificates will remain valid until 2038, with plans for post-quantum cryptography around 2030. While PCs using the 2011 certificates will continue to function, they will lose access to new security protections, making them vulnerable to emerging threats. A notable example of such a threat is the BlackLotus bootkit, which exploited vulnerabilities to bypass Secure Boot. Microsoft's rollout strategy involves a staged update process that typically takes around 48 hours and may require restarts. Users are advised to keep Windows updated and check their Secure Boot status. Known issues may arise for older PCs, systems that bypassed Windows 11 requirements, Legacy BIOS systems, and custom firmware configurations. IT teams managing devices should inventory their systems, monitor specific event IDs, test updates, and document devices that cannot be updated.
AppWizard
May 8, 2026
Recent research from Surfshark indicates that Meta's Messenger app collects 32 out of 35 possible data types, making it the "most data-hungry messaging app." Following Meta's decision to disable end-to-end encryption for Instagram direct messages on May 8, 2026, user privacy is compromised, allowing Meta access to message content. Cybersecurity experts express concerns about the implications of this change and highlight that users provide valuable data to the company. In contrast, WhatsApp continues to offer end-to-end encryption. Surfshark also notes that 90% of messaging apps now incorporate AI features, raising privacy concerns regarding user data sharing. For privacy-conscious users, Signal is ranked as a top alternative due to its minimal data collection and strong encryption. A VPN, or Virtual Private Network, is highlighted as a tool for enhancing online privacy and security.
Search