• Sharing password data safely to bolster cybersecurity

    An unfortunate reality for cybersecurity researchers is that real-world data for their research too often comes via a security breach. Now computer scientists have devised a way to let organizations share statistics about their users’ passwords without putting those same customers at risk of being hacked.

  • Apple refuses to comply with court order to help FBI investigate San Bernardino terrorists

    Apple’s encryption technology has placed the company at the heart t of the privacy vs national security debate, as the company said it would defy a court order which requires to company to help investigate the San Bernardino attack by helping the FBI crack the code of an iPhone , Syed Rizwan Farook, one of terrorists, used. The U.S. government, stunned by Apple’s refusal to help in investigating a terrorist attack on U.S. soil, persuaded a court to issue on order compelling Apple to cooperate in the investigation.

  • Encryption prevents FBI from cracking San Bernardino attackers’ phone

    U.S. law enforcement agencies have been unable to access a telephone used by the two Islamist attackers in the San Bernardino shooting, FBI director James Comey said Tuesday. Comey stressed that the post-Snowden end-to-end encryption some technology companies are now offering their customers make it impossible for law enforcement to learn more about terrorists and criminal networks, even after terrorist or criminal acts have been committed and even if a court has approved access to the information.

  • Reframing the encryption debate

    A new report examines the high-profile debate around government access to encryption, and offers a new perspective gleaned from the discussion, debate, and analyses of an exceptional and diverse group of security and policy experts from academia, civil society, and the U.S. intelligence community. The report takes issue with the usual framing of the encryption debate and offers context and insights that widen the scope of the conversation more accurately to reflect the surveillance landscape both now and in the future.

  • World leaders urged to oppose encryption back doors

    In an open letter made public on Monday, nearly 200 Internet and digital rights leaders and experts, companies, and organizations are calling on the Obama administration and other world leaders to reject efforts to create “back doors” to encryption. “Encryption tools, technologies, and services are essential to protect against harm and to shield our digital infrastructure and personal communications from unauthorized access,” the letter states.

  • Images, codes offer alternative to multiple device password systems

    A system using images and a one-time numerical code could provide a secure and easy to use alternative to multi-factor methods dependent on hardware or software and one-time passwords. The developers of the system believe their new multi-level authentication system GOTPass could be effective in protecting personal online information from hackers. It could also be easier for users to remember, and be less expensive for providers to implement since it would not require the deployment of potentially costly hardware systems.

  • Terrorists used encrypted apps to plan, coordinate Paris attacks

    The leaders of U.S. and European law enforcement and intelligence agencies have been explicit in their warnings: commercially available communication devices equipped with end-to-end encryption software make it impossible for security services to track terrorists plotting an attack – or monitor the terrorists’ communication while the attack is under way. Sources close to the investigation of the 13 November Paris terrorist attacks have now confirmed that the terrorists used the encrypted WhatsApp and Telegram messengers apps to communicate for a period before the attacks – and with each other during the attacks. What was said in those encrypted messages, and who sent and received these messages, may never be known, because the companies themselves do not have the key – or back door – to decrypt these messages. Thus, security services could not monitor such messages before an attack in order to prevent it, and cannot read these message after an attack to learn more about the terrorists’ network and support system.

  • DHS questioned over pressure it put on a library to disable Tor node

    Back in September, Kilton Public Library in Lebanon, New Hampshire briefly disabled its Tor relay after local police, following a tip from agents with Homeland Security’s investigations branch that the network may be used by criminals or terrorists. A Congresswoman from California wants to know why DHS officials pressured the New Hampshire library to take down the relay node, and whether DHS has leaned on other organizations to do so.

  • FBI unable to break 109 encrypted messages Texas terror attack suspect sent ahead of attack

    FBI director James Comey told lawmakers this week that one of the suspects in the foiled terror attack in Garland, Texas, in May had exchanged 109 messages with sources in a “terrorist location” overseas ahead of the attack. U.S. intelligence and law enforcement agencies, however, have not been able to break into and read those messages because they were exchanged on devices equipped with end-to-end encryption software which, security services in the United States and Europe argue, make it impossible to monitor and track terrorists and criminals.

  • Untraceable communication -- guaranteed

    Anonymity networks, which sit on top of the public Internet, are designed to conceal people’s Web-browsing habits from prying eyes. The most popular of these, Tor, has been around for more than a decade and is used by millions of people every day. Recent research, however, has shown that adversaries can infer a great deal about the sources of supposedly anonymous communications by monitoring data traffic though just a few well-chosen nodes in an anonymity network. Researchers have developed a new, untraceable text-messaging system designed to thwart even the most powerful of adversaries.

  • Tech companies: weakening encryption would only help the bad guys

    Leading technology companies — Apple, Microsoft, Google, Samsung, Twitter, Facebook, and fifty-six other technology companies — have joined forces to campaign against weakening end-to-end encryption, insisting that any weakening of encryption would be “exploited by the bad guys.” Apple’s chief executive Tim Cook recently asserted that “any backdoor is a backdoor for everyone.”

  • E-mail security is better than it was, but far from perfect

    E-mail security helps protect some of our most sensitive data: password recovery confirmations, financial data, confidential correspondences, and more. A new report finds that e-mail security is significantly better than it was two years ago, but still has widespread issues.

  • Encryption firm tightens access following Paris attacks

    Encrypted communications specialist Silent Circle, after learning that ISIS was recommending two of the company’s products — the encrypted Blackphone handset and Silent Phone applications for private messaging — to the organization’s followers, is taking steps to make it more difficult for terrorists and their followers to use these products.

  • Telegram IM app recalibrates policies after Paris attacks

    Pavel Durov, the creator of the popular instant messaging app Telegram, has said that following the Paris terrorist attacks, his company has blocked dozens of accounts associated with the jihadist Islamic State group. As is the case with other technology companies, Telegram is trying to negotiate the balance between privacy and security: the same privacy-enhancing technology which keeps customers’ communication private, also helps terrorists communicate with each other and plot attacks safe from monitoring and surveillance by intelligence agencies and law enforcement.

  • Paris terrorist attacks reignite debate over end-to-end encryption, back doors

    The exact way the terrorists who attacked France last Friday communicated with each other, and their handlers, in the run-up to the attack is not yet clear, but the attack has prompted law enforcement and intelligence agencies in Europe and the United States to renew their call to regulate the use of new encryption technologies which allow users to “go dark” and make it difficult, if not altogether impossible, to retrieve the contents of communication.