Expert insights. Personalized for you.
Collateral damage is already being felt by the likes of Signal, a popular, encrypted-messaging app blocked by some governments But 'Domain Fronting' Was Also Used to Mask Cybercriminal Activity Following in Google's footsteps, Amazon has closed a technical loophole that helped some online services evade censorship filters, but which was also abused by cybercriminals. MORE
Apple is bowing to pressure from the Chinese government and storing encryption keys in China. apple china cloudcomputing encryption iphone keyescrow privacyWhile I would prefer it if it would take a stand against China, I really can't blame it for putting its business model ahead of its desires for customer privacy. Two more articles. MORE
Officials say they are concerned about their ability to fight crime and protect citizens, while privacy advocates remain critical of government interference. Cryptography Facebook Privacy Attorney General William Barr Consumer Privacy Encryption Instagram internet Mark Zuckerberg messaging private messaging WhatsApp MORE
Cryptography Government Mobile Security Privacy Android criminal communications Criminals EncroChat encrypted chat Encryption European Union France law enforcement mobile murder network secure mobile messaging The Netherlands U.K. MORE
The IEEE came out in favor of strong encryption: IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications. We oppose efforts by governments to restrict the use of strong encryption and/or to mandate exceptional access mechanisms such as "backdoors" or "key escrow schemes" in order to facilitate government access to encrypted data. MORE
One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. The encryption in our products is handled by a chip inside the actual hardware itself. MORE
The Lawful Access to Encrypted Data Act is being decried as "an awful idea" by security experts. Government Privacy apple Data Privacy Encryption End to end encryption Facebook FBI Lawful Access to Encrypted Data Act Security MORE
This is true even though encryption will impose costs on society, especially victims of other types of crime. [.]. I am unaware of a technical solution that will effectively and simultaneously reconcile all of the societal interests at stake in the encryption debate, such as public safety, cybersecurity and privacy as well as simultaneously fostering innovation and the economic competitiveness of American companies in a global marketplace. [.]. MORE
Technology Giant Didn't Want to 'Poke the Bear,' Sources Tell Reuters Apple previously scuttled plans add end-to-end encryption to iCloud backups, Reuters reports, noting that such a move would have complicated law enforcement investigations. MORE
government and tech companies continue to butt heads over the idea of encryption and what that means for law enforcement. Government Newsmaker Interviews Videos apple backdoor EARN IT Encryption FBI government Lawful Access to Encrypted Data ActThe U.S. MORE
erwin recently hosted the second in its six-part webinar series on the practice of data governance and how to proactively deal with its complexities. The business drivers and motivation should be the starting point for any data governance initiative. Govern PII “at rest”. MORE
Encryption is a cornerstone of digital commerce. Related: A ‘homomorphic-like’ encryption solution We know very well how to encrypt data in transit. And we’ve mastered how to encrypt — and decrypt — data at rest. However, we’ve yet to arrive at a seminal means to crunch encrypted data – without first having to decrypt it. PKI is the authentication and encryption framework on which the Internet is built. MORE
Tutanota , the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening. MORE
The government's latest attack is aimed at discouraging the company from following through with its planned rollout across platforms. Security Security / Privacy MORE
The Apple Mail app available on macOS stores leave s a portion of users encrypted emails in plaintext in a database called snippets. The Apple expert Bob Gendler discovered that the Apple Mail app available on macOS stores leaves a portion of users encrypted emails in plaintext in a database called snippets. But the fact that Apple is still somehow leaving parts of encrypted emails out in the open, when they’re explicitly supposed to be encrypted, obviously isn’t good.” MORE
The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security MORE
Data Encryption Shields the Energy Sector Against Emerging Threats. Government Accountability Office (GAO) report notes that the energy industry faces “significant cybersecurity risks” because “threat actors are becoming increasingly capable of carrying out attacks.”. Encryption. MORE
UK intelligence agency GCHQ released emulators for World War II cipher machines (Enigma, Typex and The Bombe) that can be executed in the encryption app CyberChef. UK intelligence agency GCHQ, as part of the celebration of its centenary , has released emulators for World War II cipher machines that can be executed in the encryption app CyberChef released for educational purposes. Breaking News Hacking Intelligence CyberChef encryption GCHQ Pierluigi Paganini Security Affairs MORE
Slack announced today to launch encryption keys that will help businesses to protect their data. Slack announced today to launch encryption keys that will help businesses to protect their data. Slack announced today to launch encryption keys that will help businesses to protect their data. What is the purpose of Enterprise Key Management if Slack really encrypts the data? Slack currently encrypts your data in transit and at rest. MORE
Protecting Sensitive Data with Luna Key Broker for Microsoft Double Key Encryption. Thales has integrated its Luna HSMs with DKE for Microsoft 365, which work together to enable organizations to protect their most sensitive data while maintaining full control of their encryption keys. MORE
Yesterday, Attorney General William Barr gave a major speech on encryption policy -- what is commonly known as "going dark." Particularly with respect to encryption marketed to consumers, the significance of the risk should be assessed based on its practical effect on consumer cybersecurity, as well as its relation to the net risks that offering the product poses for society. I think this is a major change in government position. MORE
UK, and Australia: Weak Encryption Puts Billions of Internet Users at Risk. government information security privacy SecurityThe Open Technology Institute has an Open Letter to Law Enforcement in the U.S., press release , letter.) I am pleased to be one of the signers. In closely related news, nominations for the 2020 Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies are open. MORE
government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. “It only indicates that the connection is encrypted. government. Many U.S. MORE
The video-conferencing specialist has yet to roll out full encryption, but it says it's working on it. Government Mobile Security Privacy Web Security Consumer Protection Procedures Act damages End to end encryption false advertising Lawsuit legal challenges sued Washington D.C. MORE
Last month, Attorney General William Barr gave a major speech on encryption policywhat is commonly known as "going dark." Particularly with respect to encryption marketed to consumers, the significance of the risk should be assessed based on its practical effect on consumer cybersecurity, as well as its relation to the net risks that offering the product poses for society. I think this is a major change in government position. MORE
Six months since the GDPR (General Data Protection Regulation) came into force, pseudonymisation and data encryption remain the only technology measures specifically mentioned in the famously technology-agnostic Regulation. Article 32 of the GDPR highlights “the pseudonymisation and encryption of personal data” as one of the “appropriate technical and organisational measures to ensure a level of security appropriate to the risk”. To further protect data, we look to encryption. MORE
Two years on since the first draft, the final act of the legislative passage saga of the long-awaited People’s Republic of China Encryption Law ended with its passage on 26 October 2019. To read Hogan Lovells’ The grand “finale” of China’s Encryption Law, click here. MORE
The debate over the government's authority to access private encrypted data on digital devices was amplified when the Federal Bureau of Investigation Director Christopher Wray called unbreakable encryption an 'urgent public safety issue.'. Cryptography Government Mobile Security Privacy Android Smartphones apple Christopher Wray Electronic Frontier Foundation FBI Director Christopher Wray Federal Bureau of Investigation Going Dark. MORE
After Arresting Phantom Secure CEO, Authorities Reportedly Saw Secrets for Sale The Canadian government has arrested a senior intelligence official on charges of working as a mole. He was reportedly unmasked after investigators found someone had pitched stolen secrets to the CEO of Phantom Secure, a secure smartphone service marketed to criminals that authorities shuttered last year MORE
Data Security Starts with Data Governance. Lack of a solid data governance foundation increases the risk of data-security incidents. Without data governance, organizations lack the ability to connect the dots across data governance, security and privacy – and to act accordingly. MORE
The service's mixed messages have frustrated cryptographers, as the US government and other sensitive organizations increasingly depend on it. Security Security / Security News MORE
Two years on since the first draft, the final act of the legislative passage saga of the long-awaited People’s Republic of China Encryption Law ended with its passage on 26 October 2019. To read Hogan Lovells’ The grand “finale” of China’s Encryption Law, click here. MORE
Last month, Wired published a long article about Ray Ozzie and his supposed new scheme for adding a backdoor in encrypted devices. The public key goes into the processor and the device, and is used to encrypt whatever user key encrypts the data. backdoors cryptowars cryptography encryption keyescrow lawenforcement securityengineeringIt's a weird article. MORE
All the sites eventually will use the HSTS protocol, which ensures that a users' connection to a website is encrypted and can protect against man-in-the middle attacks and cookie hijacking MORE
A newly-passed Australian law could allow the government to force tech companies to create backdoors in their products. Government Hacks Privacy assistance and access act EternalBlue government surveillance tech MORE
and some allied governments are continuing to pretend that criminals will get a free pass - and police won't be able to crack cases - so long as individuals and businesses have access to products and services that use strong encryption MORE
Crumple Zones' in crypto mechanisms can make it possible - but astronomically expensive - to access encrypted data, say researchers from Boston University and Portland State University MORE
Government Can Force Technology Companies to Break Encryption Australia's Parliament has passed new laws enabling it to compel technology companies to break their own encryption. Although the government argued the laws are needed to combat criminal activity and terrorism, opponents argued the powers could creep beyond their scope and weaken the security of all software MORE
This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee. MORE
Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? The disturbing thing is that in North America and Europe more and more arguments are being raised in support of creating and maintaining encryption backdoors for government use. Here are excerpts edited for clarity and space: LW: What’s wrong with granting governments the ability to break encryption? MORE
Threatpost
JULY 27, 2020
government and tech companies continue to butt heads over the idea of encryption and what that means for law enforcement. Government Newsmaker Interviews Videos apple backdoor EARN IT Encryption FBI government Lawful Access to Encrypted Data ActThe U.S.
Data Breach Today
DECEMBER 7, 2018
Government Can Force Technology Companies to Break Encryption Australia's Parliament has passed new laws enabling it to compel technology companies to break their own encryption. Although the government argued the laws are needed to combat criminal activity and terrorism, opponents argued the powers could creep beyond their scope and weaken the security of all software
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Threatpost
JUNE 24, 2020
The Lawful Access to Encrypted Data Act is being decried as "an awful idea" by security experts. Government Privacy apple Data Privacy Encryption End to end encryption Facebook FBI Lawful Access to Encrypted Data Act Security
Data Breach Today
JULY 5, 2019
The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security
Threatpost
AUGUST 13, 2020
The video-conferencing specialist has yet to roll out full encryption, but it says it's working on it. Government Mobile Security Privacy Web Security Consumer Protection Procedures Act damages End to end encryption false advertising Lawsuit legal challenges sued Washington D.C.
Threatpost
JULY 3, 2020
Cryptography Government Mobile Security Privacy Android criminal communications Criminals EncroChat encrypted chat Encryption European Union France law enforcement mobile murder network secure mobile messaging The Netherlands U.K.
Data Breach Today
SEPTEMBER 17, 2019
After Arresting Phantom Secure CEO, Authorities Reportedly Saw Secrets for Sale The Canadian government has arrested a senior intelligence official on charges of working as a mole. He was reportedly unmasked after investigators found someone had pitched stolen secrets to the CEO of Phantom Secure, a secure smartphone service marketed to criminals that authorities shuttered last year
The Last Watchdog
SEPTEMBER 17, 2018
Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? The disturbing thing is that in North America and Europe more and more arguments are being raised in support of creating and maintaining encryption backdoors for government use. Here are excerpts edited for clarity and space: LW: What’s wrong with granting governments the ability to break encryption?
Schneier on Security
JANUARY 23, 2020
This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee.
erwin
APRIL 2, 2021
Data Security Starts with Data Governance. Lack of a solid data governance foundation increases the risk of data-security incidents. Without data governance, organizations lack the ability to connect the dots across data governance, security and privacy – and to act accordingly.
Krebs on Security
MARCH 25, 2020
government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. “It only indicates that the connection is encrypted. government. Many U.S.
|
Schneier on Security
JULY 24, 2019
Yesterday, Attorney General William Barr gave a major speech on encryption policy -- what is commonly known as "going dark." Particularly with respect to encryption marketed to consumers, the significance of the risk should be assessed based on its practical effect on consumer cybersecurity, as well as its relation to the net risks that offering the product poses for society. I think this is a major change in government position.
Schneier on Security
MAY 7, 2018
Last month, Wired published a long article about Ray Ozzie and his supposed new scheme for adding a backdoor in encrypted devices. The public key goes into the processor and the device, and is used to encrypt whatever user key encrypts the data. backdoors cryptowars cryptography encryption keyescrow lawenforcement securityengineeringIt's a weird article.
Security Affairs
MARCH 18, 2019
Slack announced today to launch encryption keys that will help businesses to protect their data. Slack announced today to launch encryption keys that will help businesses to protect their data. Slack announced today to launch encryption keys that will help businesses to protect their data. What is the purpose of Enterprise Key Management if Slack really encrypts the data? Slack currently encrypts your data in transit and at rest.
Schneier on Security
JUNE 27, 2018
The IEEE came out in favor of strong encryption: IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications. We oppose efforts by governments to restrict the use of strong encryption and/or to mandate exceptional access mechanisms such as "backdoors" or "key escrow schemes" in order to facilitate government access to encrypted data.
The Last Watchdog
JULY 30, 2018
One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. The encryption in our products is handled by a chip inside the actual hardware itself.
Schneier on Security
AUGUST 14, 2019
Last month, Attorney General William Barr gave a major speech on encryption policywhat is commonly known as "going dark." Particularly with respect to encryption marketed to consumers, the significance of the risk should be assessed based on its practical effect on consumer cybersecurity, as well as its relation to the net risks that offering the product poses for society. I think this is a major change in government position.
Data Breach Today
JUNE 23, 2020
All the sites eventually will use the HSTS protocol, which ensures that a users' connection to a website is encrypted and can protect against man-in-the middle attacks and cookie hijacking
Security Affairs
FEBRUARY 17, 2020
Tutanota , the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening.
Data Breach Today
OCTOBER 13, 2020
and some allied governments are continuing to pretend that criminals will get a free pass - and police won't be able to crack cases - so long as individuals and businesses have access to products and services that use strong encryption
erwin
MARCH 25, 2021
erwin recently hosted the second in its six-part webinar series on the practice of data governance and how to proactively deal with its complexities. The business drivers and motivation should be the starting point for any data governance initiative. Govern PII “at rest”.
The Last Watchdog
MARCH 17, 2020
Encryption is a cornerstone of digital commerce. Related: A ‘homomorphic-like’ encryption solution We know very well how to encrypt data in transit. And we’ve mastered how to encrypt — and decrypt — data at rest. However, we’ve yet to arrive at a seminal means to crunch encrypted data – without first having to decrypt it. PKI is the authentication and encryption framework on which the Internet is built.
Schneier on Security
OCTOBER 28, 2019
This is true even though encryption will impose costs on society, especially victims of other types of crime. [.]. I am unaware of a technical solution that will effectively and simultaneously reconcile all of the societal interests at stake in the encryption debate, such as public safety, cybersecurity and privacy as well as simultaneously fostering innovation and the economic competitiveness of American companies in a global marketplace. [.].
WIRED Threat Level
APRIL 4, 2021
The government's latest attack is aimed at discouraging the company from following through with its planned rollout across platforms. Security Security / Privacy
Schneier on Security
FEBRUARY 28, 2018
Apple is bowing to pressure from the Chinese government and storing encryption keys in China. apple china cloudcomputing encryption iphone keyescrow privacyWhile I would prefer it if it would take a stand against China, I really can't blame it for putting its business model ahead of its desires for customer privacy. Two more articles.
Dark Reading
MARCH 19, 2018
Crumple Zones' in crypto mechanisms can make it possible - but astronomically expensive - to access encrypted data, say researchers from Boston University and Portland State University
Security Affairs
NOVEMBER 10, 2019
The Apple Mail app available on macOS stores leave s a portion of users encrypted emails in plaintext in a database called snippets. The Apple expert Bob Gendler discovered that the Apple Mail app available on macOS stores leaves a portion of users encrypted emails in plaintext in a database called snippets. But the fact that Apple is still somehow leaving parts of encrypted emails out in the open, when they’re explicitly supposed to be encrypted, obviously isn’t good.”
Threatpost
JANUARY 10, 2018
The debate over the government's authority to access private encrypted data on digital devices was amplified when the Federal Bureau of Investigation Director Christopher Wray called unbreakable encryption an 'urgent public safety issue.'. Cryptography Government Mobile Security Privacy Android Smartphones apple Christopher Wray Electronic Frontier Foundation FBI Director Christopher Wray Federal Bureau of Investigation Going Dark.
Thales Cloud Protection & Licensing
JANUARY 13, 2021
Data Encryption Shields the Energy Sector Against Emerging Threats. Government Accountability Office (GAO) report notes that the energy industry faces “significant cybersecurity risks” because “threat actors are becoming increasingly capable of carrying out attacks.”. Encryption.
Threatpost
OCTOBER 4, 2019
Officials say they are concerned about their ability to fight crime and protect citizens, while privacy advocates remain critical of government interference. Cryptography Facebook Privacy Attorney General William Barr Consumer Privacy Encryption Instagram internet Mark Zuckerberg messaging private messaging WhatsApp
Data Breach Today
MAY 2, 2018
Collateral damage is already being felt by the likes of Signal, a popular, encrypted-messaging app blocked by some governments But 'Domain Fronting' Was Also Used to Mask Cybercriminal Activity Following in Google's footsteps, Amazon has closed a technical loophole that helped some online services evade censorship filters, but which was also abused by cybercriminals.
HL Chronicle of Data Protection
NOVEMBER 22, 2019
Two years on since the first draft, the final act of the legislative passage saga of the long-awaited People’s Republic of China Encryption Law ended with its passage on 26 October 2019. To read Hogan Lovells’ The grand “finale” of China’s Encryption Law, click here.
WIRED Threat Level
APRIL 3, 2020
The service's mixed messages have frustrated cryptographers, as the US government and other sensitive organizations increasingly depend on it. Security Security / Security News
Adam Shostack
DECEMBER 11, 2019
UK, and Australia: Weak Encryption Puts Billions of Internet Users at Risk. government information security privacy SecurityThe Open Technology Institute has an Open Letter to Law Enforcement in the U.S., press release , letter.) I am pleased to be one of the signers. In closely related news, nominations for the 2020 Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies are open.
IT Governance
NOVEMBER 13, 2018
Six months since the GDPR (General Data Protection Regulation) came into force, pseudonymisation and data encryption remain the only technology measures specifically mentioned in the famously technology-agnostic Regulation. Article 32 of the GDPR highlights “the pseudonymisation and encryption of personal data” as one of the “appropriate technical and organisational measures to ensure a level of security appropriate to the risk”. To further protect data, we look to encryption.
Security Affairs
MARCH 18, 2019
UK intelligence agency GCHQ released emulators for World War II cipher machines (Enigma, Typex and The Bombe) that can be executed in the encryption app CyberChef. UK intelligence agency GCHQ, as part of the celebration of its centenary , has released emulators for World War II cipher machines that can be executed in the encryption app CyberChef released for educational purposes. Breaking News Hacking Intelligence CyberChef encryption GCHQ Pierluigi Paganini Security Affairs
Thales Cloud Protection & Licensing
APRIL 1, 2021
Protecting Sensitive Data with Luna Key Broker for Microsoft Double Key Encryption. Thales has integrated its Luna HSMs with DKE for Microsoft 365, which work together to enable organizations to protect their most sensitive data while maintaining full control of their encryption keys.
HL Chronicle of Data Protection
NOVEMBER 22, 2019
Two years on since the first draft, the final act of the legislative passage saga of the long-awaited People’s Republic of China Encryption Law ended with its passage on 26 October 2019. To read Hogan Lovells’ The grand “finale” of China’s Encryption Law, click here.
Threatpost
DECEMBER 7, 2018
A newly-passed Australian law could allow the government to force tech companies to create backdoors in their products. Government Hacks Privacy assistance and access act EternalBlue government surveillance tech
109 
Let's personalize your content