Ransomware hackers steal a hospital. Again.

methodhop

A month after a hospital in Hollywood was shut down by a ransomware infection that encrypted all the files on its computers and computer-controlled instruments and systems, another hospital, this one in Kentucky, has suffered a similar fate. Read the rest

Paris terrorists used disposable burner phones to hide plans. No evidence of encryption.

burner-phones

"Everywhere they went, the attackers left behind their throwaway phones."

Buried in the New York Times story Mark poked fun at earlier for its Crypto Panic vibe, a confirmation of sorts that there's really no evidence the terrorists used crypto at all. There is lots of evidence they used throwaway burner phones to evade detection while planning mass murder. Again, no evidence encryption, none, period. This is significant because these attacks, and similar ones that followed, are at the core of an anti-encryption charm offensive by the FBI and Department of Justice, now targeted at Apple's iPhone.

Ars Technica rehashes the details of the NYT piece and then puts it plainly:

Until we have stronger evidence to the contrary, it seems likely that encryption played little or no part in the Paris terrorist attacks.

Read the rest

NYT: If you see weird text on a computer screen, might be terrorist encryption software

CeFFWtxUEAAJ9BA
From a March 19, 2016 New York Times article:

One of the terrorists pulled out a laptop, propping it open against the wall, said the 40-year-old woman. When the laptop powered on, she saw a line of gibberish across the screen: β€œIt was bizarre β€” he was looking at a bunch of lines, like lines of code. There was no image, no Internet,” she said. Her description matches the look of certain encryption software, which ISIS claims to have used during the Paris attacks.

To summarize, if you see something on someone's computer screen that fits the description below, the person with the computer could be an ISIS terrorist! It looks like "a line of gibberish across the screen." It's "a bunch of lines, like lines of code." There's "no image." There's "no Internet."

It's good to know the spirit of Judith Miller lives on at the Times!

Read the rest

LGBTQ people and Apple vs FBI

gay-apple.png

Evan from Fight for the Future writes, "Everyone is focused on the high profile fight between Apple and the FBI, which is a good thing, because the outcome of this case will affect all of us." Read the rest

Apple engineers quietly discuss refusing to create the FBI's backdoor

5582667252_b3b46db1ec_b

If you're one of the few engineers at Apple qualified to code up the backdoor that the FBI is seeking in its court order, and if your employer loses its case, and if you think you have a solemn duty as a security engineer to only produce code that makes users more secure, not less, what do you do? Read the rest

Hack-attacks with stolen certs tell you the future of FBI vs Apple

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x989

Since 2014, Suckfly, a hacker group apparently based in Chengdu, China, has used at least 9 signing certs to make their malware indistinguishable from official updates from the vendor. Read the rest

As FBI war on crypto intensifies, Facebook, Google, WhatsApp to intensify use of encryption

FBI Director James Comey arrives for a House Judiciary hearing on "The Encryption Tightrope: Balancing Americans' Security and Privacy" on Capitol Hill in Washington March 1, 2016. REUTERS

In response to the FBI's attack on Apple's use of encryption-based security methods, some of the biggest names in technology are reported to be planning an expanded use of encryption for user data that passes through, or is stored on, their products and services.

Read the rest

The post-Snowden digital divide: the ability to understand and use privacy tools

Fort_Worth_Library_Computer_Lab

Ian Clark's long academic paper in the Journal of Radical Librarianship takes a while to get to the point, but when it arrives, it's a very, very good one: in the post-Snowden era, we can no longer address the "digital divide" just by providing access -- we also have to teach people how their online usage is spied on, how that will harm them, and what to do about it. Read the rest

John Oliver on Apple vs FBI and the new crypto wars

animation (1)

John Oliver continues to deliver the best comedy tech analysis in the business, with an epic rant/explainer that delves into Apple vs FBI and the new crypto wars with scathing wit and deep, technical truth that's made miraculously accessible to a general audience. Read the rest

Obama: cryptographers who don't believe in magic ponies are "fetishists," "absolutists"

foo

Obama's SXSW appearance included the president's stupidest-ever remarks on cryptography: he characterized cryptographers' insistence that there is no way to make working cryptography that stops working when the government needs it to as "phone fetishizing," as opposed to, you know, reality. Read the rest

If the FBI can force decryption backdoors, why not backdoors to turn on your phone's camera?

HAL9000.svg

Eddy Cue, Apple's head of services, has warned that if the FBI wins its case and can force Apple to produce custom software to help break into locked phones, there's nothing in principle that would stop it from seeking similar orders for custom firmware to remotely spy on users through their phones' cameras and microphones. Read the rest

Using distributed code-signatures to make it much harder to order secret backdoors

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x985

Cothority is a new software project that uses "multi-party cryptographic signatures" to make it infinitely harder for governments to order companies to ship secret, targeted backdoors to their products as innocuous-looking software updates. Read the rest

Help wanted: Simply Secure is hiring an ops person!

home-toolbox.png

Simply Secure is a nonprofit whose advisory board I volunteer for; they're devoted to making usable, human-centered interfaces to privacy tools that anyone can use, and they're hiring. Read the rest

Racial justice organizers to FBI vs Apple judge: crypto matters to #blacklivesmatter

600_439824805

Phenomena like the Harlem Cryptoparty demonstrate the connection between racial justice and cryptography -- civil rights organizers remember that the FBI spied on and blackmailed Martin Luther King, sending him vile notes encouraging him to kill himself. Read the rest

Apple vs FBI: The privacy disaster is inevitable, but we can prevent the catastrophe

5722059097_7dc346316a_b

My new Guardian column, Forget Apple's fight with the FBI – our privacy catastrophe has only just begun, explains how surveillance advocates have changed their arguments: 20 years ago, they argued that the lack of commercial success for privacy tools showed that the public didn't mind surveillance; today, they dismiss Apple's use of cryptographic tools as a "marketing stunt" and treat the proportionality of surveillance as a settled question. Read the rest

As Apple fights the FBI tooth and nail, Amazon drops Kindle encryption

TwFCy5vGnq2PQJQw.medium

Amazon's Kindle devices run a custom version of Android that, until today, supported full-disk encryption. Now they don't. Read the rest

ISIS opsec: jihadi tech bureau recommends non-US crypto tools

1123

The US government is attempting to force Apple to backdoor its Iphone security, congress is considering mandatory backdoors for all secure technology, and FBI director James Comey insists that this will work, because there's no way that America's enemies might just switch over to using technology produced in other countries without such mandates. Read the rest

More posts