Articles about Encryption

Crypto-ransomware is the malware du jour, and the likes of TelsaCrypt 4 and KeRanger are just some of the names to hit the headlines recently. One of the latest examples of ransomware, PETYA, is taking a slightly different and more worrying approach -- it not only targets enterprise users, but also encrypts entire hard drives rather than just a selection of files.

PETYA -- also known as RANSOM_PETYA.A -- goes to some lengths to make sure that victims know that their computers are infected, overwriting the MBR (Master Boot Record) to display a ransom note during the boot process. The malware uses a "military grade encryption algorithm" to lock users out of their files, and victims are directed to venture onto the dark web using the Tor browser to make a Bitcoin ransom payment.

Continue reading →

The tech industry is on Apple’s side when it comes to the dispute with FBI over the unlocking of the San Bernardino shooter’s iPhone.

This was, once again, confirmed through a research done by security vendor AlienVault. According to the company’s survey, which polled 1,500 IT security professionals, 33 percent support FBI, while the rest think unlocking the phone will do nothing but weaken overall product security.

Continue reading →

If you are an email user, there is a very good chance you use Google's ubiquitous Gmail service. While there are countless other options, such as Outlook, AOL, Yahoo and more, the search giant's offering is quite popular. It is easy to see why -- it is easy to use, secure, and can double as a Google account for things such as Play access on the wildly popular Android.

Today, Google announces that it is making Gmail even more secure. With so much talk about enryption in the news nowadays, the search giant is enhancing its email service with improved TLS encryption. How is it doing this? By working with other email providers, such as Microsoft to make sure encrypted emails remain that way in transmission.

Continue reading →

The FBI attempts to force Apple to unlock the San Bernardino shooter's iPhone have been in the headlines for a while now, stirring up debate about which side of the argument is in the right. Apple has refused point blank to help, but a recent twist saw the FBI changing its mind by saying it doesn't need Apple's help after all.

An outside party -- believed, but not known, to be Israeli security firm Cellebrite -- contacted the FBI to help access Syed Farook's iPhone. The Justice Department said it is "cautiously optimistic" that the proposed method, which is currently being tested, will be successful, but some reports suggest that it has already been used to break into some iPhones. Apple will obviously want to take steps to secure other devices if the hack is effective, but it has been classified to keep it secret.

Continue reading →

Unless you've been chilling under a rock, news of Apple's fight with the FBI has been everywhere. Even though the iPhone-maker is clearly on the correct side of the encryption-cracking battle, some have sided with the agency. I understand that people want to access the terrorist's phone as a way to thwart future attacks, but when we give up our rights and privacy, the terrorists win.

Today, using the excuse that it might have found a third party solution to cracking the terrorist's phone, the FBI has requested to cancel tomorrow's court appearance. A judge has officially granted the agency's request, postponing the court meeting until April 5.

Continue reading →

Apple might be currently talking about its unbreakable encryption and how it's a good thing for privacy, but the FBI ruing it. The privacy arguement certainly stannds up to scrutiny, but strong encryption can also be used as a weapon, as demonstrated by countless examples of ransomware. There are numerous breeds of ransomware out there, but one of the most prolific is TeslaCrypt.

It's just a year since the first version of TeslaCrypt appeared on the scene, and it's gone through various updates and iterations over the ensuing months. Now it's hit version 4 and as well as continuing to threaten victims with sharing their files online, it also boasts what is being referred to as 'unbreakable encryption'.

Continue reading →

As the battle between the FBI and Apple rumbles on, the debate about encryption has intensified, bringing with it renewed discussion about privacy. There are few people who would want to give up their right to privacy and allow unrestricted access to their personal communication, but there are some for whom privacy is even more important.

Tim Cook is just one of the voices shouting that a backdoor for the government would be a backdoor for anyone. Most people and companies have sided with Apple saying that rather than backdoor access, what's needed is stronger encryption, greater security, even more robust privacy. It's something that has the support of people from all walks of life, but it's an issue that's very close to the hearts of the LGBTQ community.

Continue reading →

In the Apple vs FBI fight, the issue is very black and white for many people; you support Apple's position of standing firm against the FBI, or you believe the FBI should have unfettered access to whatever data it wants, regardless of the consequences.

Tim Cook has been steadfast in his position, but in an interview with TIME the Apple CEO admits that the situation is not entirely binary. Presented with a thought experiment Cook appears to concede there are gray areas, opening up the possibility of assisting the FBI to break into the San Bernardino shooter's iPhone.

Continue reading →

Encryption is a must-have in today’s digital communications, IT pros agree, adding that what the government is (trying to) achieve with surveillance could mean the death of privacy altogether.

Those are the results of a new survey conducted by security firm AlienVault. It surveyed the attitudes of more than 1,500 IT (including security) professionals about today’s privacy, and came up with interesting results -- 34 percent believe the government should be able to eavesdrop on communications for the purposes of national security.

Continue reading →

Let’s assume for a minute that the FBI got its way. It coerces Apple into disabling the self-destruct function on the San Bernardino terrorist’s iPhone, allowing it to brute force the password. Effectively, the FBI and Apple create a backdoor that theoretically works the same across all iPhones. Police even uses the same tactic on the dozens of other iPhones that are currently involved in active investigations. People across the world sacrifice their privacy, while the police has a new tool to fight terrorists.

Except they don’t, really. Sure, iMessage and other iCloud services could be decrypted without a password, but what Apple critics often fail to realize is the abundance of third-party encryption tools widely available. Free, open-source alternatives exist to encrypt chats, phone calls, files, and even entire hard drives. That pesky self-destruct function the FBI is so eager to remove? Alternatives for that exist as well, and they are all easily accessible with nothing more than a Google search. By removing the default encryption built in iPhones, the FBI isn’t stopping terrorists. It’s merely inconveniencing them.

Continue reading →

Symantec today announced the global release of a new product which will help companies encrypt user data on their websites.

The new product is called Encryption Everywhere, and it will be offered through hosting providers. According to a press release following the announcement, there will be a couple of levels of encryption and general protection the new service will offer, but Symantec would love to see every "legitimate" website in the world have at least the basic level of encryption by 2018.

Continue reading →

Top news websites including the BBC, the New York Times and MSN were hit over the weekend by a co-ordinated malware campaign. Delivered through the advertising networks used by the sites, the malvertising attack aimed to install ransomware on victims' computers.

On-site ads are far from loved, hence the prevalence of ad-blocking tools. But as well as being an annoyance, online ads can also pose a serious security risk -- something highlighted by this attack. The infected ads redirected people to servers hosting the Angler exploit kit and was engineered to target US-based web users.

Continue reading →

The Information Technology and Innovation Foundation (ITIF), a nonpartisan research and educational institute and policy think tank, today became the latest to come out and urge the US government not to limit the commercial use of encryption.

In its new report, entitled Unlocking Encryption: Information Security and the Rule of Law, co-author Alan McQuinn -- an ITIF research assistant -- argued that restricting encryption for use by law abiding citizens and businesses would reduce overall security and be ineffective at keeping encryption out of the hands of terrorists.

Continue reading →

Privacy and security has always been a hot topic, but never more so than in recent months. The Apple/FBI case has really brought things to a head, enlivening the debate between privacy and security advocates, and those who side with the government. As Apple fights to prevent the FBI from accessing the San Bernardino shooter's iPhone, Facebook, Google and others are looking to increase encryption and lockdown user data even further.

The Guardian has learned that a number of Silicon Valley companies are working on ultra-secure encrypted messaging systems. With President Obama having made a sideways reference to supporting the inclusion of backdoors for government, Facebook is planning to not only bring encryption to Whatsapp's voice messages, but also to bolster the security of Facebook Messenger.

Continue reading →

"They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety". So goes the quote from Benjamin Franklin, one of the Founding Fathers of the United States, in 1755. Little did he know that over 250 years later, his words would be frequently cited in one of the most complex debates of modern times.

In a world where data is collected, shared and sold as the norm, the liberty vs. security question has never been so relevant. The topic has been brought into the public eye by the UK Home Secretary’s draft Investigatory Powers Bill -- or Snoopers’ Charter -- and honed-in on the issue of encryption. More specifically, whether government agencies should be given the power to access encrypted, private communications, by forcing service providers to hand them over.

Continue reading →