backdoors – Page 5 – SSL and internet security news

Adding a Hardware Backdoor to a Networked Computer

October 18, 2019 infossl

backdoors, firewall, hacking, hardware, Security technology, spyware, supplychain

Interesting proof of concept: At the CS3sthlm security conference later this month, security researcher Monta Elkins will show how he created a proof-of-concept version of that hardware hack in his basement. He intends to demonstrate just how easily spies, criminals, or saboteurs with even minimal skills, working on a shoestring budget, can plant a chip … Read More “Adding a Hardware Backdoor to a Networked Computer” »

More on Law Enforcement Backdoor Demands

September 11, 2019 infossl

backdoors, encryption, lawenforcement, reports, Security technology, smartphones

The Carnegie Endowment for International Peace and Princeton University’s Center for Information Technology Policy convened an Encryption Working Group to attempt progress on the “going dark” debate. They have released their report: “Moving the Encryption Policy Conversation Forward. The main contribution seems to be that attempts to backdoor devices like smartphones shouldn’t also backdoor communications … Read More “More on Law Enforcement Backdoor Demands” »

Supply-Chain Attack against the Electron Development Platform

August 8, 2019 infossl

backdoors, Security technology, securityengineering, supplychain, vulnerabilities

Electron is a cross-platform development system for many popular communications apps, including Skype, Slack, and WhatsApp. Security vulnerabilities in the update system allows someone to silently inject malicious code into applications. From a news article: At the BSides LV security conference on Tuesday, Pavel Tsakalidis demonstrated a tool he created called BEEMKA, a Python-based tool … Read More “Supply-Chain Attack against the Electron Development Platform” »

More on Backdooring (or Not) WhatsApp

August 2, 2019 infossl

artificialintelligence, backdoors, facebook, privacy, Security technology, whatsapp

Yesterday, I blogged about a Facebook plan to backdoor WhatsApp by adding client-side scanning and filtering. It seems that I was wrong, and there are no such plans. The only source for that post was a Forbes essay by Kalev Leetaru, which links to a previous Forbes essay by him, which links to a video … Read More “More on Backdooring (or Not) WhatsApp” »

Facebook Plans on Backdooring WhatsApp

August 1, 2019 infossl

backdoors, encryption, facebook, Security technology, whatsapp

This article points out that Facebook’s planned content moderation scheme will result in an encryption backdoor into WhatsApp: In Facebook’s vision, the actual end-to-end encryption client itself such as WhatsApp will include embedded content moderation and blacklist filtering algorithms. These algorithms will be continually updated from a central cloud service, but will run locally on … Read More “Facebook Plans on Backdooring WhatsApp” »

ACLU on the GCHQ Backdoor Proposal

July 30, 2019 infossl

aclu, backdoors, encryption, gchq, Security technology, uk

Back in January, two senior GCHQ officials proposed a specific backdoor for communications systems. It was universally derided as unworkable — by me, as well. Now Jon Callas of the ACLU explains why. Powered by WPeMatico

Attorney General William Barr on Encryption Policy

July 24, 2019 infossl

backdoors, cryptowars, encryption, essays, lawenforcement, nationalsecuritypolicy, Security technology

Yesterday, Attorney General William Barr gave a major speech on encryption policy — what is commonly known as “going dark.” Speaking at Fordham University in New York, he admitted that adding backdoors decreases security but that it is worth it. Some hold this view dogmatically, claiming that it is technologically impossible to provide lawful access … Read More “Attorney General William Barr on Encryption Policy” »

Backdoor Built into Android Firmware

June 21, 2019 infossl

android, backdoors, crime, firmware, google, malware, phones, Security technology, supplychain

In 2017, some Android phones came with a backdoor pre-installed: Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday. Triada first came to light in 2016 in articles published by Kaspersky here and here, the first of which said … Read More “Backdoor Built into Android Firmware” »

Cryptanalyzing a Pair of Russian Encryption Algorithms

May 10, 2019 infossl

academicpapers, algorithms, backdoors, cryptanalysis, cryptography, encryption, hashes, russia, Security technology

A pair of Russia-designed cryptographic algorithms — the Kuznyechik block cipher and the Streebog hash function — have the same flawed S-box that is almost certainly an intentional backdoor. It’s just not the kind of mistake you make by accident, not in 2014. Powered by WPeMatico

Vulnerability in French Government Tchap Chat App

April 24, 2019 infossl

backdoors, france, Security technology, vulnerabilities

A researcher found a vulnerability in the French government WhatsApp replacement app: Tchap. The vulnerability allows anyone to surreptitiously join any conversation. Of course the developers will fix this vulnerability. But it is amusing to point out that this is exactly the backdoor that GCHQ is proposing. Powered by WPeMatico