Category: Cyber

150902-encrypt-android-100611883-primary.idge

Secrecy, privacy, security, transparency

End-to-end encryption for civilian messaging services is a dearly-held dream of many outside the intelligence and security communities. It certainly isn’t something that I myself disagree with; I’d like to think that the messages I send to my loved ones are, in fact, being read only by my loved ones. However, every time that somebody uses an app with E2EE to send a message or make a call, members of the worldwide intelligence communities cradle their heads in their hands and cry.

Allo-app-img_6663-640x427Yesterday, Google jumped on the ‘encryption-for-all!’ bandwagon, announcing their new messaging service Allo, messages sent through which not even Google itself will be able to decrypt (theoretically, and for now) when the app is operating in Incognito mode. After all, to the average citizen it is perfectly reasonable to take steps to ensure one’s privacy, especially when you know good and well that there are those out there with the capacity to intercept and read your unencrypted (and therefore insecure) messages should they choose to.

In fact, Google is actually late to the game on this one. As Wired pointed out earlier today, Facebook (with Messaging and Whatsapp) as well as Apple (iMessage, Facetime) have been quietly encrypting your communications for some time now. More people are aware of this now, due both to the consequences of the Snowden revelations and the extremely public throw down between Apple and the FBI over getting into the iPhone of the San Bernadino shooter. And that’s the real rub. For all that we are entitled to privacy (and so we should be, not disagreeing with that!), our intelligence services and security organizations have the duty to protect against threats to the security of the State and the citizens therein (that would be us). Of course, the problem with that is privacy for everyone means privacy for everyone….including criminals and terrorists. Apple cannot build the FBI a backdoor into an iPhone, because that sets a dangerous precedent for the future. Not to mention, once that capacity exists it can’t be taken back, and absolutely nobody can guarantee that it won’t eventually trickle down to some who will use it negatively. This is an ethical as well as legal dilemma, and there really is no simple (or, so far, complex) solution.

Read More

opm-hack-3-750px-640x360

What would you pay for security?

Security is an expensive and precious commodity in the current age. Over the last decade in particular there has been an almost inconceivable increase in the amount of data available online. Equivalently, there has been a huge increase in the danger posed to the individual with an online presence.

Governmental bodies and software companies have taken advantage of the very real cyber threat by asserting standards of certification and authentication, normalizing online behaviour, and offering security packages designed to increase (the perception of) online security. Unfortunately, and as is becoming increasingly evident, security in cyberspace may be a pipe dream, at least in the sense of assured or total security.

I’m sure everyone has read at least the headlines of a half-dozen or more articles this year alone screaming about the massive loss of client or customer data by this firm or that. You’ve probably read or heard about the JPMorgan Chase hacks, the credit card info stolen from Target; maybe you yourself have been the victim of cyber exploitation. The point is, cyberspace is looking more and more like the American Wild West. Or possibly a game of Snakes and Ladders cut with the worst-ever game of Monopoly (pay each player $….). So, what would you do to remain (or become) safer online? 

Read More

Powered by WordPress & Theme by Anders Norén

Get the most important and interesting articles right at your inbox. Sign up for B+D periodic emails.