Items tagged with Encryption

It’s no secret that Obama Administration doesn’t think too highly of smartphone encryption. Officials for the Department of Justice and the FBI have railed against encryption, likening it to obstruction of justice. “The notion that we would market devices that would allow someone to place themselves beyond the law, troubles me a lot,” said FBI Director James Comey last year. “As a country, I don't know why we would want to put people beyond the law. “The notion that people have devices, again, that with court orders, based on a showing of probable cause in a case involving kidnapping or child exploitation or terrorism, we could never open that phone? My sense is that we've gone too far when we've... Read more...
Since he brought to light the enormous spying efforts of the US government two years ago, Edward Snowden has opened our eyes to a slew of related and (sometimes, not so related) topics. Some are not quite expected, though, such as one he revealed during a chat with Neil deGrasse Tyson on his StarTalk podcast. Essentially, encryption could harm our chances of making contact with aliens. E.T. phone home? Not easily done with encryption. During the chat, Snowden says that if encryption is implemented really well, then it wouldn't be recognizable as encryption at all. Instead, it'd simply be random noise. Because of that, if aliens managed to pick up a signal, it could simply be chalked up as randomness,... Read more...
Whether you use Snapchat to send goofy faces to friends and family, or fling more sultry looking photos to a lover, you probably don't want those snapshots falling into the wrong hands. Unfortunately for users in the United Kingdom, new legislation could force messaging applications to be less secure so the government can peep encrypted communications.Apps like WhatsApp, iMessage, and Snapchat would all be banned as currently constructed if the new laws take effect. That's because the legislation being pushed would only allow apps to use encryption if there's a backdoor for government agents. The idea is to prevent terrorists from being able to communicate with one another without government... Read more...
"Xara" might sound like a cool name for an exploit, but according to researchers at three different US universities, it's one that should cause some alarm. At its root, if Xara is properly exploited, attackers would be able to procure passwords stored in OS X's Keychain, which could be used for most or all of someone's applications. Specific details are not covered, but it seems that if an app is installed on OS X that takes advantage of this exploit, it can take control of the stored passwords, and other information that might be present (eg: the login username itself). Examples given are hijacking the passwords in Google Chrome, Evernote, WeChat, Facebook, and iCloud. The researchers were successful... Read more...
Microsoft this week announced that web searches made using the company's Bing search engine will soon be encrypted by default. In actuality, users have been able to encrypt searches made via Bing for around a year and a half now, though sometime before summer comes to an end, it will be a standard option for all users. The move will level the playing field with Google and Yahoo, both of which already offer encrypted searches by default. Of course, the bodies at Microsoft still need to eat and so the company will conintue to pass along referrer strings to marketers and webmasters that identify traffic as coming from Bing. What won't be included are the specific search query terms that users input,... Read more...
At this point, the resetting of a mobile phone to a from-the-factory state is something we have all done, perhaps simply to get a fresh start with a device that has become sluggish and over-burdened with years of downloaded flotsam. But more likely, we do it for the purpose of selling the phone or passing it along to a friend or family member. We rely on such a reset to completely wipe the phone of any trace of our having used it, all settings and sensitive data. The results of a study performed in the UK by University of Cambridge researchers entitled Security Analysis of Android Factory Resets, however, now show that emails, text messages, Google access tokens and other... Read more...
Where’s Jackie Treehorn when you need him? There’s a new browser exploit that’s making the rounds across the internet, and it’s capable of some pretty nasty stuff. Closely related to the FREAK exploit that we detailed a few months back, Logjam works its magic by using a main-in-the middle attack on the Diffie-Hellman protocol, downgrading vulnerable transport layer security (TLS) connections to just 512-bits of encryption — skilled hackers could crack 512-bit encryption keys in mere minutes. According to WeakDH, the Logjam exploit affects 0.2 percent of the top one million domains on the web. That puts roughly 20,000 sites at risk. But there’s both good news and bad news with regards to tackling... Read more...
Apple and Google are part of a coalition consisting of more than 140 tech firms, cryptologists, and civil society groups who have come together to urge President Barack Obama to shut down any government proposals that would require smartphones and other communications to have so-called backdoors for law enforcement to view customer data. The coalition sent a letter obtained by The Washington Post talking about the importance of "strong encryption." It serves as a counterargument to the recent warnings of senior law enforcement officials who warn that restricting access to data and communications poses a threat to security. FBI Director James B. Comey and some other high ranking officials find... Read more...
Thanks to the former NSA contractor Edward Snowden, we know that the United States government has in place a sophisticated and all-encompassing spying program, and as time goes on, additional details leak out that underscore how little privacy we truly have. Whether it's intercepting Skype communications or tampering with hard drives, the concept of privacy is fast becoming an illusion. So, would it really be surprising to find out that the Central Intelligence Agency (CIA) has been working for years to exploit Apple's iPhone and iPad devices?It's true, according to The Intercept, which claims to have obtained "top-secret documents." Assuming they're real, the documents point to an annual meeting... Read more...
U.S. President Barack Obama is getting a little hot under the collar, and we’re not talking about the speech that Israeli Prime Minister Benjamin Netanyahu gave this morning. Instead, President Obama is troubled over new regulations that are being proposed by the Chinese government, which would affect American tech companies that conduct business within China’s borders. President Obama is fearful that China’s plans — which include allowing the Chinese government to install security backdoors, requiring companies to hand over encryption keys, and keeping user data on Chinese soil — are an assault on intellectual property held by American companies and leaves customers open to privacy violations.... Read more...
Encryption has been a feature of Android since 2011, though it's never been turned on by default. That was supposed to change with Android 5.0 Lollipop, as Google said in no uncertain terms back in September 2014 that users wouldn't have to give the feature a second thought. Unfortunately, it appears as though Google has backed down from its requirement that all Lollipop devices ship with encryption enabled by default. According to ArsTechnica, some new Lollipop phones from Google's partners are shipping without encryption turned on. One of them is the second-generation Moto E, and it's being reported that Samsung's demo units of its just-announced Galaxy S6 at Mobile World Congress also don't... Read more...
Samsung has confirmed that some of its slightly older Smart TV models are currently uploading recorded voice communication without any form of encryption to protect the user's privacy. This goes against what Samsung stated in a recent blog post clarifying the limited circumstances in which voice commands are recorded and transmitted to a server. Backtracking a moment, the web freaked out when it was discovered that Samsung's Smart TVs were seemingly eavesdropping on living room conversations. The truth wasn't quite as nefarious, though a supplement to Samsung's privacy policy did reveal that some voice commands could be transmitted to a third-party service to convert the speech to text, in part... Read more...
It's bad enough when you're in possession of a database containing 80 million customer records and it gets hacked. But what's even worse than that is when you fail to encrypt all that data. Such is the unfortunate situation facing Anthem, the second largest healthcare provider in the U.S., and its tens of millions of customers who are potentially affected by a recent security breach. Had Anthem encrypted its records, the stolen data might not be all that valuable to hackers, or at least more difficult to access. But the reason Anthem consciously chose not to encrypt all that data is so that it would be easier for employees to track healthcare trends and share information with states and health... Read more...
If you believe that your privacy is important - so important that the government can't even breach it - you're not going to like president Obama's latest comments. During a meeting at the White House with UK prime minister Dave Cameron, it was established that both leaders share the same stance on user privacy: you're fine to have it, as long as the government can peer in. With the latest release of Apple's iOS and Google's Android, both companies have proven that they believe that consumers have the right to their privacy. Both of the latest OSes have introduced encryption that they claim they can't even break through - not even if law enforcement comes knocking. Flickr: Barack Obama That move... Read more...
Google is on a mission to make end-to-end encryption more accessible for less savvy users than existing tools like PGP and GnuPG. The way it intends to do this is through its End-to-End tool, a work in progress that's currently in alpha form, albeit recently updated and in the process of being migrated to GitHub in hopes that more developers will comb over the protocol. Yahoo is working with Google on its End-to-End encryption tool and has already offered up several contributions, many of which are found in the latest release. The latest alpha also includes more documentation, including a fleshed out project wiki with additional information about End-to-End, both for developers and security researchers.... Read more...
It's sad that we can't go more than a day lately without learning more about how governments love to eavesdrop on us, removing whatever privacy we have left. Just yesterday, we talked about the continued pressure law enforcement is putting on companies like Apple and Google regarding encryption on their respective mobile devices. For the end-user, encryption is a great thing. For governments trying to dig up information on you, it's not - which in turn is yet another great thing for consumers. Because spying has become such a major issue, the EFF has done much to inform the public about the best ways to protect themselves. This week, the organization points us to a new tool that will reveal whether... Read more...
It's been no secret that most law enforcement, including the biggest US government agencies, would rather encryption didn't exist outside of its own use. Just this past week, we saw the Department of Justice defend its stance on scooping up user data en masse, and in September, we talked twice about the 'major heartburn' that companies like Apple and Google were causing law enforcement with their stance on encryption. In both the latest version of Apple's iOS (8) and Google's Android (5), data encryption is turned on by default. As soon as both companies made that fact known, law enforcement immediately took action to coax both into changing their position. So far, that hasn't happened. For the... Read more...
We're constantly being reminded that our government has a great interest in our private lives, whether it's flying specially equipped planes over densely populated areas to trick tens of thousands of phones into forking over sensitive data, or snooping on Internet traffic, big brother's watching us. One of the few ways to maintain a little bit of privacy these days is through encryption, and in collaboration with Open Whisper Systems, WhatsApp is now providing end-to-end encryption for its users by default. The most recent WhatsApp for Android client includes support for the TextSecure encryption protocol that's being used for billions of messages that are being exchanged daily. At present, it... Read more...
Apple is making a big deal about its encryption scheme in iOS 8 and is championing itself as a purveyor of user privacy. The way Apple chief Tim Cook explains it, Apple wouldn't be able to help law enforcement infiltrate your iPhone even if it wanted to because the encryption is too strong. Google's been echoing a similar sentiment in regards to its forthcoming Android L release, which will turn on encryption by default. But are such mechanisms truly secure? That depends on the context. Using encryption is certainly more secure than not using it, but when it comes to the U.S. government and its various agencies that have a penchant for spying on users, these encryption measures only slow down... Read more...
There's a fine line between privacy and safety, and the question we face as a nation is how much information should government agencies be allowed to access? Privacy advocates would argue that the U.S. government is stepping way over the line with the level of spying it's capable of, and in the aftermath of that all that, Google and Apple have implemented strong encryption schemes into their latest mobile platforms. This isn't sitting well with the Federal Bureau of Investigation (FBI). James B. Comey, director of the FBI, heavily criticized Google and Apple for their decision to lock down smartphones with encryption that's so strong, law enforcement officials would have a tough time breaking... Read more...
Among all the different things Google is introducing in Android L, the next major version of Android, the one that will be of most interest to anyone concerned about privacy is the default setting for encryption. It will be the first version of Android to enable the setting by default, which means that a password will be required to view pictures, messages, and other data stored on the phone or tablet. Encryption has actually been an optional feature in Android since 2011, though it's not turned on by default. And since many users don't know how to enable it -- or that the setting even exists -- there are a lot of unsecured Android phones and tablets out there. That will change with Android L.... Read more...
Not even three weeks removed from a rather controversial iCloud hacking incident in which hackers were able to obtain nude photos of celebrities and post them online, Apple is championing itself as the protector of user privacy. Not many companies have the marketing mojo to go from one extreme end of the spectrum to the other, let alone do it in such a short time, but that's Apple for you. The iCloud incident is now old news, and the focus going forward is how Apple has your back when it comes to privacy. Apple CEO Tim Cook posted a message on the company's website talking about trust, respect, privacy, encryption, and how they all relate to the iPhone 6 and iPhone 6 Plus. Privacy is a hot topic,... Read more...
First ... Prev 4 5 6 7 8 Next