Browsed by
Month: May 2015

Caution needed with anti-encryption tools that dodge data retention surveillance

Caution needed with anti-encryption tools that dodge data retention surveillance

Hot on the heels of Canberra’s successful push for mandatory retention of telco records about who we call, and how much we web surf, and when we email, we sense a new debate about technologies that scramble the actual contents of our communications, so an investigator may be able to work out who we called or mailed, but never what was said or written. Recent media articles have noted that the New South Wales Crime Commission has been hindered by phone systems that encrypt conversations that…

Read More Read More

Privacy advocates and tech giants support encryption, which the FBI director finds “depressing”

Privacy advocates and tech giants support encryption, which the FBI director finds “depressing”

There’s a privacy battle brewing between the FBI and other federal government groups on one side, and tech companies, cryptologists, privacy advocates (and some elected American lawmakers) on the other. Basically, the FBI (circa-2015 edition) opposes the use of encryption to keep data secure from hackers, on the grounds that the government couldn’t get at it either. So this week, a wide variety of organizations ranging from civil-liberty groups and privacy advocates to tech companies and trade associations to security…

Read More Read More

Google Hangouts doesn’t use end-to-end encryption

Google Hangouts doesn’t use end-to-end encryption

If you’re using Google Hangouts as your main messaging service, you might want to know that Hangouts doesn’t use end-to-end encryption (E2EE), a must-have feature for messaging services in the post-Snowden world. This was recently confirmed during a Reddit Ask Us Anything (AUA) session by Google’s Richard Salgado, Director for Law Enforcement and Information Security, and David Lieber, Senior Privacy Policy Counsel. As far as messaging services go, end-to-end encryption is a method of encrypting data so that only the…

Read More Read More

Google admits Hangouts doesn’t use end-to-end encryption, opening the door for government wiretaps

Google admits Hangouts doesn’t use end-to-end encryption, opening the door for government wiretaps

If you’re really worried the government may be keeping tabs on your conversations, then you’d best avoid Hangouts. According to Motherboard, a Google representative confirmed that Hangouts conversations are only encrypted “in transit,” meaning after the message arrives at the intended recipient Google could access it if forced to do so by a government wiretap. The question arose from a Reddit AMA with two senior members of Google’s public policy and legal team. An ACLU representative pinned them down about encryption, but wasn’t…

Read More Read More

Flawed encryption leaves millions of smart grid devices at risk of cyberattacks

Flawed encryption leaves millions of smart grid devices at risk of cyberattacks

Millions of smart meters, thermostats, and other internet-connected devices are at risk of cyberattacks because they come with easily crackable encryption, a study has warned. A paper by Philipp Jovanovic and Samuel Neves published in late April analyzed the cryptography used in the Open Smart Grid Protocol (OSGP), a group of specifications published by a European telecoms standards body. The protocol is used in more than four million devices, and said to be one of the most widely used protocols…

Read More Read More