Posts Tagged COMSEC

New Sofware From Apple and Google Better At Protecting Your Information From Government

From Reason.com:

Observant tech journalists have noticed something big in their latest privacy notes. Apple has changed its encryption so that the company itself cannot access the data on its users’ phones and iPads without the passcode. Thus, if police or the feds come to Apple with warrants to grab potentially useful private data off a device, they couldn’t comply even if they wanted to.

From ArsTechnica:

The Washington Post is reporting that Google will finally step up security efforts on Android and enable device encryption by default. The Post has quoted company spokeswoman Niki Christoff as saying “As part of our next Android release, encryption will be enabled by default out of the box, so you won’t even have to think about turning it on.”

The move should bring Android up to parity with iOS. Apple recently announced enhanced encryption for iOS 8, which Apple says makes it impossible for the company to decrypt a device, even for law enforcement. While Android’s encryption was optional, it seems to work in a similar way, with Christoff saying “For over three years Android has offered encryption, and keys are not stored off of the device, so they cannot be shared with law enforcement.”

 

, , , , ,

No Comments

Possible Backdoor in iPhone OS

From The Daily Mail:

A security expert has warned Apple’s iOS software contains potentially sinister tools that could be used by governments to spy on iPhone and iPad users.

Speaking at the ‘Hackers on planet Earth’ conference in New York, Jonathan Zdziarski said that most users are unaware of the lack of protection for iPhone data.

He added files found hidden within the firm’s software contain a file-relay service that can be used to access the user’s address book, photos, voicemail and any accounts configured on the device.

However, Apple has denied the claims the backdoor was created deliberately for government or surveillance purposes.

, , , , , , , , , ,

No Comments

Google Removes Privacy Feature From Android, Claims Release Was Accidental

From: EFF

Google told us that the feature had only ever been released by accident — that it was experimental, and that it could break some of the apps policed by it. We are suspicious of this explanation, and do not think that it in any way justifies removing the feature rather than improving it.

more

No Comments

Android App Warns When You’re Being Watched

From: MIT

Researchers find a way to give Android users prominent warnings when apps are tracking their location.

more

No Comments

Repeated attacks hijack huge chunks of Internet traffic.

From: Ars Technica

Man-in-the-middle attacks divert data on scale never before seen in the wild.

The hacks, which exploit implicit trust placed in the border gateway protocol used to exchange data between large service providers, affected “major financial institutions, governments, and network service providers” in the US, South Korea, Germany, the Czech Republic, Lithuania, Libya, and Iran.

more

, ,

No Comments

NSA has Laid the Foundation for a Police State

From: MIT

… by eavesdropping on all Americans, they’re building the technical infrastructure for a police state.

We’re not there yet, but already we’ve learned that both the DEA and the IRS use NSA surveillance data in prosecutions and then lie about it in court. Power without accountability or oversight is dangerous to society at a very fundamental level.

more

, , , , ,

No Comments

Did the NSA Build a Backdoor into U.S. Crypto?

From: Threat Level

… The talk was only nine slides long (.pdf). But those nine slides were potentially dynamite. They laid out a case showing that a new encryption standard, given a stamp of approval by the U.S. government, possessed a glaring weakness that made an algorithm in it susceptible to cracking. But the weakness they described wasn’t just an average vulnerability, it had the kind of properties one would want if one were intentionally inserting a backdoor to make the algorithm susceptible to cracking by design.

more

, , , ,

No Comments

Microsoft and Google Sue U.S. Government

From: IGN

Back in July, Microsoft and Google were among a number of tech giants who signed on to a coalition movement asking the U.S. government for more transparency when it comes to sharing the private online data of citizens. Today, the two companies have decided to move forward with litigation against the government, asking the courts to uphold their right to “speak more freely.”

more

 

, ,

No Comments

Concern Increasing Over Skype’s Security

From Electronic Freedom Foundation:

This security limitation has concerned us for a long time. Last year, Chris Soghoian argued that, for this reason, “Skype is in a position to give the government sufficient data to perform a man in the middle attack against Skype users.” Soghoian argued that Skype should change its design to eliminate this ability, or else disclose the risk more prominently. One way of limiting man-in-the-middle attacks would be for Skype to introduce a way for users to do their own encryption key verification, without relying on the Skype service. As Soghoian notes, that’s what many other encrypted communications tools do—but such a verification option is missing from Skype.

, , , , , , ,

No Comments

Why ‘I Have Nothing to Hide’ Is the Wrong Way to Think About Surveillance

The problem is that “good” people almost never see how fascist government actions will ever effect them. They just don’t think that way. They believe as long as they are law abiding, the government will never do them harm. But ask someone who lived with the Stazi (Ministry for State Security) in East Germany or the KGB (Committee for State Security) in the Soviet Union, watching their every move. They can tell you why you should be afraid, and there are plenty of them still around to talk to. If we don’t stop this now we will probably never again have the chance.

From: Wired

If the federal government can’t even count how many laws there are, what chance does an individual have of being certain that they are not acting in violation of one of them?

more

, , , , ,

No Comments

President Obama says he’s not Big Brother, NPR responds.

George Orwell

George Orwell

NPR is, in my opinion, the undisputed master of ultra-subtle propaganda. The publicly funded “News” organization is actually a chillingly effective tool of Collectivism and Big (Brother) Government.  Effective because most of my right-leaning moderate friends can see no manipulation at all. After reading this piece on what NPR calls “Our Surveillance Society” you most likely will consider it balanced and objective.  And yet I feel like a hound that can’t get the blaring tea kettle sound from two blocks away out of his head, while no one around him can hear it at all. Well at least they bothered to write something instead of ignoring it. That in and of itself, plus the exquisite subtlety of the propaganda, is an indication of just how onerous these unconstitutional actions are.

From: NPR

President Obama says he’s not Big Brother. The author who created the concept might disagree.

Addressing the controversy over widespread government surveillance of telephone records and Internet traffic Friday, Obama said, “In the abstract, you can complain about Big Brother and how this is a potential program run amok, but when you actually look at the details, then I think we’ve struck the right balance.”

more

, , , , , ,

No Comments

Chinese Hackers Breached Google’s Surveillance Database

From: Threat Level

Hackers Who Breached Google in 2010 Accessed Company’s Surveillance Database

…The database contained years’ worth of information on law enforcement surveillance surveillance orders issued by judges around the country. The hackers were hoping to discover if law enforcement agents were investigating undercover Chinese intelligence operatives who were working out of the U.S.

, , , , ,

No Comments

OPSEC For Journalists And Leakers

Wired’s Danger Room has some tips for journalists to protect their identity from subpoenas like the one involving the AP.

We now live in a world where public servants informing the public about government behavior or wrongdoing must practice the tradecraft of drug dealers and spies. Otherwise, these informants could get caught in the web of administrations that view George Orwell’s 1984 as an operations manual.

, , , , , , , , , , , ,

No Comments

Is It Illegal to Unlock Your Phone?

From: EFF

Is It Illegal To Unlock a Phone? The Situation is Better – and Worse – Than You Think

Legal protection for people who unlock their mobile phones to use them on other networks expired last weekend. According to the claims of major U.S. wireless carriers, unlocking a phone bought after January 26 without your carrier’s permission violates the Digital Millennium Copyright Act (“DMCA”) whether the phone is under contract or not. In a way, this is not as bad as it sounds. In other ways, it’s even worse.

More

No Comments

Joe Biden Accidentally Helped Us All E-Mail in Private

From: Danger Room

In the late ’80s and early ’90s, Phil Zimmermann was a Colorado peacenik with a half-written program that he swore would one day let people exchange messages without Big Brother peering inside. The problem was, with a freelance job and two kids, Zimmermann could never quite find the time to finish the damn code — until Joe Biden came along.

more

, , , ,

No Comments