Articles about Encryption

Back towards the end of 2014, Facebook unveiled a new .onion address that allowed Tor users to visit the social network securely. Following on from this, the company is now giving Android users the ability to browse the site using Tor and the Facebook app.

Security, privacy and anonymity may be words readily associated with Tor, but few people would use them in the same sentence as Facebook. The social network says that there is increased demand for secure connections to Facebook from Tor-enabled browsers, hence spreading to the largest mobile platform. The news will make some mobile users happy, but there are currently no plans to migrate the feature from Android to iOS.

Continue reading →

Secure communications exist for many reasons, including free speech from behind the borders of certain nations, to business secrets being discussed. These days it's under attack from several sectors, including law enforcement agencies investigating crimes and those who claim to need info for catching terrorists -- something we've recently found can be futile in some cases.

Just the other day we heard that the state of New York is looking to legislate backdoors into mobile devices, a law that seems unlikely to pass, given the amount of opposition and evidence against it being effective to anyone but the hackers, who are likely to be quick to find these openings.

Continue reading →

BlackBerry has spoken out to deny claims that its encryption has been cracked by groups associated with the police in the Netherlands. The company has long-prided itself on the level of security it offers, but that security has been called into question recently.

Reports circulated that Mexican drug lord El Chapo was able to be found partly because of his decision to use a BlackBerry (specifically a BlackBerry Z30, fact fans) to arrange interviews with actor Sean Penn. Coming after claims by the Netherlands Forensic Institute (NFI) that it had been able to decrypt hundreds of encrypted emails on a BlackBerry handset, the Canadian company felt compelled to respond -- by blaming user error.

Continue reading →

Cryptography has become popular in the post-Edward Snowden era. Everyone seems to be worried about being spied upon and is looking for ways to avoid it. While the majority of users likely have nothing to hide, it's still a creepy feeling to know that someone can, and possibly is, checking what you say and do.

There has been a lot of talk about adding backdoors, mostly from those who want to spy and those who simply don't understand the technology. The latest of this is currently taking place in New York.

Continue reading →

Silicon Valley met with the US government on Friday to discuss how to tackle online terrorist propaganda from the likes of IS. At a closed-door meeting, Tim Cook and representative of Facebook, Twitter, Microsoft and other tech firms spoke with White House officials to try to find a way to combat terrorists on the web.

Joined by the likes of the NSA and FBI, the technology firms, and the Obama administration are seeking ways to stop terrorist propaganda being disseminated online. IS has already proved itself to be a masterful manipulator of the media, and has successfully used social networks such as Facebook and Twitter to get its message out.

Continue reading →

Cross-platform viruses and malware are something of a rarity, but now there's a first-in-its-class JavaScript-based ransomware that can infect Mac, Windows and Linux. Ransom32 uses the Node.js runtime environment running on the NW.js platform to burrow into the target operating system and hold files to ransom.

While on the face of it, this is just another example of ransomware that encrypts files and seeks Bitcoin payments to decrypt them, it is more than that. The NW.js framework not only allows for cross-platform infections, but also means it is harder to detect. Ransom32 bears some resemblance to CryptoLocker and has been dubbed Ransomware-as-a-Service.

Continue reading →

Microsoft, like many companies, ships some of its products with disk encryption and that's a good thing given the state of today's world. The vast majority of customers have nothing to hide, but they also don't wish to be watched by the prying eyes of governments and others.

However, it is being reported that the Windows maker is storing encryption keys in the cloud. While that doesn't necessarily mean a problem, it's also a bit scary because of the potential for what can go wrong -- a Murphy's Law scenario. This issue was first reported by The Intercept, which notes that your keys "may" be stored in the cloud -- not everyone's are.

Continue reading →

Apple may have said that it opposes the idea of weakening encryption and providing governments with backdoors into products, but things are rather different in China. The Chinese parliament has just passed a law that requires technology companies to comply with government requests for information, including handing over encryption keys.

Under the guise of counter-terrorism, the controversial law is the Chinese government's attempt to curtail the activities of militants and political activists. China already faces criticism from around the world not only for the infamous Great Firewall of China, but also the blatant online surveillance and censorship that takes place. This latest move is one that will be view very suspiciously by foreign companies operating within China, or looking to do so.

Continue reading →

With many U.S. lawmakers calling for an end to encryption, Tim Cook has decided to reiterate Apple’s stance on the matter. Apple’s CEO believes that when it comes to encryption there is no trade-off between privacy and national security.

During CBS’ program 60 Minutes, on Sunday Cook defended the need for encryption and how it important it is to Apple and its consumers. According to Cook, there is no reason why Americans should not be able to have privacy while simultaneously protecting America’s national security.

Continue reading →

Tim Cook is a vocal opponent of any form of encryption weakening, and now Apple has spoken out against the UK government's Investigatory Powers Bill -- otherwise known as the snooper's charter. Currently in draft form, the bill would require ISPs to retain customers' browsing histories for a year, and would require technology companies to implement backdoors that would allow encryption to be bypassed.

Apple says that it has serious concerns about the proposed bill in its current form, and calls for sweeping changes to be implemented. The company has famously refused to allow access to encrypted iMessage chats, and this is a stance it is reiterating.

Continue reading →

We are living in a post NSA-world (and I am a post-NSA girl...) and privacy is in the public consciousness more than ever before. After the government surveillance revelations that came courtesy of Eddy Snowden, most tech companies have been trying to stress to customers and clients just how willing they are to stand up for privacy.

But not BlackBerry. Company CEO John Chen has used a blog post to lash out at his contemporaries for supporting strong encryption. He makes a thinly-veiled reference to Apple, accusing that an unwillingness to comply with law enforcement requests put us all in a "dark place". Chen says that "our privacy commitment does not extend to criminals", seemingly failing to recognize that privacy is very much an all-or-nothing concept.

Continue reading →

There’s a lot of talk about encryption these days. Often the issue arises when moving data to the cloud, using solutions like Dropbox or Box. We start to wonder if our information will be safe if it’s no longer stored locally on computers in our offices. We are confident that Dropbox and Box store everything in a secure way -- we have little reason to believe that they don’t, right?

Next, we think, "OK, what happens when information leaves or enters the cloud? Is our communication safe? Maybe that information should be encrypted, too". Actually, there’s no question about it. Data should be encrypted when it moves in and out of a network and when it’s stored in the cloud.

Continue reading →

Encryption is not all it’s cracked up to be according to a recent security report, with coding flaws introducing a number of vulnerabilities into smartphones and their software.

Seven in eight Android apps and 80 percent of all iOS apps have encryption flaws, claims Veracode’s State of Software Security report.

Continue reading →

Crypto-ransomware is one of the latest trends in the world of malware. Encrypting and holding files to ransom provides a way to extort money from victims, but a new example takes things one step further.

Chimera not only locks users out of their files until a ransom is paid, but also threatens to release unencrypted copies of the files online if payment is not made. Security company Trend Micro says this is the first instance of this type of threat. Interestingly, Chimera also seems to be part of an affiliate program.

Continue reading →

In the panic that followed the attacks on Paris by ISIS there have been calls for various measures to be put in place to stop similar atrocities happening in the future. As well as calls for an increase in online surveillance, politicians have also suggested that encryption should be weakened or banned entirely.

Secure email service ProtonMail found itself the subject of unwanted attention when it transpired that ISIS recommended using it to evade detection. The company has remained silent about the post-Paris backlash; until now.

Continue reading →