As Apple fights the FBI tooth and nail, Amazon drops Kindle encryption

TwFCy5vGnq2PQJQw.medium

Amazon's Kindle devices run a custom version of Android that, until today, supported full-disk encryption. Now they don't. Read the rest

ISIS opsec: jihadi tech bureau recommends non-US crypto tools

1123

The US government is attempting to force Apple to backdoor its Iphone security, congress is considering mandatory backdoors for all secure technology, and FBI director James Comey insists that this will work, because there's no way that America's enemies might just switch over to using technology produced in other countries without such mandates. Read the rest

Today, Congress finally showed it's willing to fight the FBI on encryption

FBI Director James Comey arrives for a House Judiciary hearing on "The Encryption Tightrope: Balancing Americans' Security and Privacy" on Capitol Hill in Washington March 1, 2016. REUTERS

It took a while, but FBI director Jim Comey got a little bit of the grilling he has earned in the FBI vs. Apple case. Freedom of the Press Foundation's Trevor Timm writes on today's House Judiciary Committee hearings on Capitol Hill, at which both the government and the Cupertino tech giant were represented.

Read the rest

#FBIvsApple could lead to "virtually limitless" surveillance powers, warns judge in iPhone case

apple-157031_960_720.png

What's at stake in the fight between the FBI and Apple over those iPhones? Oh, no big deal, just the legal green light for “virtually limitless” surveillance under the Internet of Things. That's what a federal judge has ruled in an order rejecting a government request in a New York drug case.

Read the rest

Apple-FBI crypto hearing was surprisingly hostile to FBI Director James Comey

FBI Director James Comey, 2014.  [REUTERS]

The House Judiciary committee hearing today titled, “The Encryption Tightrope: Balancing Americans’ Security and Privacy” ended up being full of drama, and riveting moments of confrontation--along with a cavalcade of inept analogies for encryption and hardware security.

Read the rest

Watch it live: U.S. Senate floor speeches on proposed Digital Security Commission

warner

From the camp of two lawmakers who recently introduced Senate legislation to establish “an independent National Commission on Security and Technology Challenges,” news that Senators Mark R. Warner (D-VA) and Cory Gardner (R-CO) will join their Senate colleagues in discussing the legislation on the Senate Floor. You can watch it live, and you should. Today at 3pm ET/12pm PT.

Read the rest

FBI claims it has no records of its decision to delete its recommendation to encrypt your phone

bhSWigm

Two years ago, the FBI published its official advice to "protect your mobile device," including a recommendation to encrypt your storage. This year, the FBI is suing Apple to force it to break its encryption. Read the rest

Math denialism: crypto backdoors and DRM are the alternative medicine of computer science

giphy

My latest Guardian column, The FBI wants a backdoor only it can use – but wanting it doesn’t make it possible, draws a connection between vaccine denial, climate denial, and the demand for backdoors in secure systems, as well as the call for technologies that prevent copyright infringement, like DRM. Read the rest

U.S. lawmakers expected to introduce major encryption bill

L: House Homeland Security Committee Chair Michael McCaul (R-TX). R: Sen. Mark Warner (D-VA)

Two lawmakers are reported to be planning to unveil details of a major encryption bill Wednesday, as the FBI's battle with Apple continues and a debate grows over what role government should play in regulating technology.

Read the rest

To improve national security, improve crypto usability

SOC_Security_Monitors

Scout Sinclair Brody (previously) is executive director of Simply Secure, a nonprofit I volunteer for that works on impriving the usability of privacy tools so that normal people can understand and benefit from them. Read the rest

Wanting it badly isn't enough: backdoors and weakened crypto threaten the net

fantasy-639115_960_720
As you know, Apple just said no to the FBI's request for a backdoor in the iPhone, bringing more public attention to the already hot discussion on encryption, civil liberties, and whether “those in authority” should have the ability to see private content and communications -- what's referred to as “exceptional access.”[1]

NH bill would explicitly allow libraries to run Tor exit nodes

IMG_0050

Inspired by the Library Freedom Project's uncompromising bravery in the face of a DHS threat against a town library in Kilton, NH, that was running a Tor exit node to facilitate private, anonymous communication, the New Hampshire legislature is now considering a bill that would explicitly permit public libraries to "allow the installation and use of cryptographic privacy platforms on public library computers for library patrons use." Read the rest

What a serious keysigning ceremony looks like

animation (2)

In his excellent technical explainer about the Iphone decryption order, the Electronic Frontier Foundation's Joseph Bonneau discusses the actual process of cryptographically signing a new release of a major piece of Internet infrastructure like IOS. Read the rest

The first-ever tech expert on Obama's NSA advisory board is *A*W*E*S*O*M*E*

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x964

The president's NSA advisory board grew teeth in the wake of the Snowden revelations, and they have done good service in identifying the civil liberties issues raised by the NSA's program of secret mass surveillance. Read the rest

Hackers steal a hospital in Hollywood

OLYMPUS DIGITAL CAMERA

A hospital is a computer we put sick people into, so when ransomware creeps infected the hospital's IT systems and encrypted all their data, they asked for a whopping $3.6m to turn the data loose again. Read the rest

Gmail will warn you when your correspondents use unencrypted mail transport

Unencrypted Message

A basic best-practice for email servers is to use TLS (Transport Layer Security) when they connect to one another, which guards against "man in the middle" attacks that would allow attackers to read or change emails while they travel between mail-servers. Read the rest

In promoting Cybersecurity National Action Plan, White House conspicuously fails to mention encryption

crypto

The White House released an announcement today on President Obama's Cybersecurity National Action Plan. In thousands of not actually bad at all words about cybersecurity, they managed not to say the word "encryption" once.

Read the rest

More posts