backdoors – Page 9 – SSL and internet security news

WhatsApp Security Vulnerability

January 17, 2017 infossl

backdoors, encryption, facebook, Security technology, signal, usability, vulnerabilities, whatsapp

Back in March, Rolf Weber wrote about a potential vulnerability in the WhatsApp protocol that would allow Facebook to defeat perfect forward secrecy by forcibly change users’ keys, allowing it — or more likely, the government — to eavesdrop on encrypted messages. It seems that this vulnerability is real: WhatsApp has the ability to force … Read More “WhatsApp Security Vulnerability” »

Encryption Working Group Annual Report from the US House of Representatives

December 21, 2016 infossl

backdoors, encryption, lawenforcement, nationalsecuritypolicy, Security technology

The Encryption Working Group of the House Judiciary Committee and the House Energy and Commerce Committee has released its annual report. Observation #1: Any measure that weakens encryption works against the national interest. Observation #2: Encryption technology is a global technology that is widely and increasingly available around the world. Observation #3: The variety of … Read More “Encryption Working Group Annual Report from the US House of Representatives” »

My Priorities for the Next Four Years

December 15, 2016 infossl

backdoors, encryption, fear, nationalsecuritypolicy, privacy, Security technology, voting

Like many, I was surprised and shocked by the election of Donald Trump as president. I believe his ideas, temperament, and inexperience represent a grave threat to our country and world. Suddenly, all the things I had planned to work on seemed trivial in comparison. Although Internet security and privacy are not the most important … Read More “My Priorities for the Next Four Years” »

Securing Communications in a Trump Administration

November 23, 2016 infossl

backdoors, computersecurity, encryption, lawenforcement, nationalsecuritypolicy, privacy, Security technology, surveillance, uk

Susan Landau has an excellent essay on why it’s more important than ever to have backdoor-free encryption on our computer and communications systems. Protecting the privacy of speech is crucial for preserving our democracy. We live at a time when tracking an individual — a journalist, a member of the political opposition, a citizen engaged … Read More “Securing Communications in a Trump Administration” »

Smartphone Secretly Sends Private Data to China

November 18, 2016 infossl

android, backdoors, cellphones, china, Security technology, vulnerabilities

This is pretty amazing: International customers and users of disposable or prepaid phones are the people most affected by the software. But the scope is unclear. The Chinese company that wrote the software, Shanghai Adups Technology Company, says its code runs on more than 700 million phones, cars and other smart devices. One American phone … Read More “Smartphone Secretly Sends Private Data to China” »

Recovering an iPhone 5c Passcode

September 15, 2016 infossl

academicpapers, backdoors, encryption, fbi, ios, iphone, lies, passwords, Security technology

Remember the San Bernardino killer’s iPhone, and how the FBI maintained that they couldn’t get the encryption key without Apple providing them with a universal backdoor? Many of us computer-security experts said that they were wrong, and there were several possible techniques they could use. One of them was manually removing the flash chip from … Read More “Recovering an iPhone 5c Passcode” »

Apple's Cloud Key Vault

September 8, 2016 infossl

apple, backdoors, backups, cloudcomputing, keys, lawenforcement, Security technology

Ever since Ian Krstić, Apple’s Head of Security Engineering and Architecture, presented the company’s key backup technology at Black Hat 2016, people have been pointing to it as evidence that the company can create a secure backdoor for law enforcement. It’s not. Matthew Green and Steve Bellovin have both explained why not. And the same … Read More “Apple's Cloud Key Vault” »

Microsoft Accidentally Leaks Key to Windows Backdoor

August 15, 2016 infossl

backdoors, cryptography, keys, leaks, microsoft, Security technology

In a cautionary tale to those who favor government-mandated backdoors to security systems, Microsoft accidentally leaked the key protecting its UEFI Secure boot feature. As we all know, the problems with backdoors are less the cryptography and more the systems surrounding the cryptography. Powered by WPeMatico

"Surreptitiously Weakening Cryptographic Systems"

February 25, 2015 infossl

academicpapers, backdoors, cryptanalysis, cryptography, sabotage, schneiernews, Security technology

New paper: “Surreptitiously Weakening Cryptographic Systems,” by Bruce Schneier, Matthew Fredrikson, Tadayoshi Kohno, and Thomas Ristenpart. Abstract: Revelations over the past couple of years highlight the importance of understanding malicious and surreptitious weakening of cryptographic systems. We provide an overview of this domain, using a number of historical examples to drive development of a weaknesses … Read More “"Surreptitiously Weakening Cryptographic Systems"” »