encryption

Auto Added by WPeMatico

Two Years After FBI vs Apple, Encryption Debate Remains

Two Years After FBI vs Apple, Encryption Debate Remains

It’s been two years since the FBI and Apple got into a giant fight over encryption following the San Bernardino shooting, when the government had the shooter’s iPhone, but not the password needed to unlock it, so it asked Apple to create a way inside. What’s most surprising is how little has changed since then. From a report: The encryption debate remains unsettled, with tech companies largely opposed and some law enforcement agencies still making the case to have a backdoor. The case for strong encryption: Those partial to the tech companies’ arguments will note that cyberattacks and hacking incidents have become even more common, with encryption serving as a valuable way to protect individuals’ personal information. The case for backdoors: Criminals are doing bad stuff and when devices are strongly encrypted they can do it in what amounts to the perfect dark alley, completely hidden from public view.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, encryption
Camera Makers Resist Encryption, Despite Warnings From Photographers

Camera Makers Resist Encryption, Despite Warnings From Photographers

An anonymous reader shares an article from the security editor of ZDNet:
A year after photojournalists and filmmakers sent a critical letter to camera makers for failing to add a basic security feature to protect their work from searches and hacking, little progress has been made. The letter, sent in late 2016, called on camera makers to build encryption into their cameras after photojournalists said they face “a variety of threats…” Even when they’re out in the field, collecting footage and documenting evidence, reporters have long argued that without encryption, police, the military, and border agents in countries where they work can examine and search their devices. “The consequences can be dire,” the letter added.

Although iPhones and Android phones, computers, and instant messengers all come with encryption, camera makers have fallen behind. Not only does encryption protect reported work from prying eyes, it also protects sources — many of whom put their lives at risk to expose corruption or wrongdoing… The lack of encryption means high-end camera makers are forcing their customers to choose between putting their sources at risk, or relying on encrypted, but less-capable devices, like iPhones.
We asked the same camera manufacturers if they plan to add encryption to their cameras — and if not, why. The short answer: don’t expect much any time soon.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, encryption
Ransomware Asks For High Score Instead of Money

Ransomware Asks For High Score Instead of Money

An anonymous reader quotes a report from Ars Technica: Rensenware” forces players to get a high score in a difficult PC shoot-em-up to decrypt their files. As Malware Hunter Team noted yesterday, users on systems infected with Rensenware are faced with the usual ransomware-style warning that “your precious data like documents, musics, pictures, and some kinda project files” have been “encrypted with highly strong encryption algorithm.” The only way to break the encryption lock, according to the warning, is to “score 0.2 billion in LUNATIC level” on TH12 ~ Undefined Fantastic Object. That’s easier said than done, as this gameplay video of the “bullet hell” style Japanese shooter shows. As you may have guessed from the specifics here, the Rensenware bug was created more in the spirit of fun than maliciousness. After Rensenware was publicized on Twitter, its creator, who goes by Tvple Eraser on Twitter and often posts in Korean, released an apology for releasing what he admitted was “a kind of highly-fatal malware.” The apology is embedded in a Rensenware “forcer” tool that Tvple Eraser has released to manipulate the game’s memory directly, getting around the malware’s encryption without the need to play the game (assuming you have a copy installed, that is). While the original Rensenware source code has been taken down from the creator’s Github page, a new “cut” version has taken its place, showing off the original joke without any actually malicious forced encryption.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, encryption
Web Inventor Sir Tim Berners-Lee Slams UK and US Net Plans

Web Inventor Sir Tim Berners-Lee Slams UK and US Net Plans

The web’s creator has attacked any UK plans to weaken encryption and promised to battle any moves by the Trump administration to weaken net neutrality. From a report on BBC: Sir Tim Berners-Lee was speaking to the BBC following the news that he has been given the Turing Award. It is sometimes known as the Nobel Prize of computing. Sir Tim said moves to undermine encryption would be a “bad idea” and represent a massive security breach. Home Secretary Amber Rudd has said there should be no safe space for terrorists to be able to communicate online. But Sir Tim said giving the authorities a key to unlock coded messages would have serious consequences. “Now I know that if you’re trying to catch terrorists it’s really tempting to demand to be able to break all that encryption but if you break that encryption then guess what — so could other people and guess what — they may end up getting better at it than you are,” he said. Sir Tim also criticised moves by legislators on both sides of the Atlantic, which he sees as an assault on the privacy of web users. He attacked the UK’s recent Investigatory Powers Act, which he had criticised when it went through Parliament: “The idea that all ISPs should be required to spy on citizens and hold the data for six months is appalling.” In the United States he is concerned that the principle of net neutrality, which treats all internet traffic equally, could be watered down by the Trump administration and the Federal Communications Commission. “If the FCC does move to reduce net neutrality I will fight it as hard as I can,” he vowed.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, encryption
After 20 Years, OpenSSL Will Change To Apache License 2.0, Seeks Pasts Contributors

After 20 Years, OpenSSL Will Change To Apache License 2.0, Seeks Pasts Contributors

After nearly 20 years and 31,000 commits, OpenSSL wants to change to Apache License v2.0. They’re now tracking down all 400 contributors to sign new license agreements, a process expected to take several months. Slashdot reader rich_salz shares links to OpenSSL’s official announcement (and their agreement-collecting web site).

“This re-licensing activity will make OpenSSL, already the world’s most widely-used FOSS encryption software, more convenient to incorporate in the widest possible range of free and open source software,” said Mishi Choudhary, Legal Director of Software Freedom Law Center and counsel to OpenSSL. “OpenSSL’s team has carefully prepared for this re-licensing, and their process will be an outstanding example of ‘how to do it right.'”

Click through for some comments on the significance of this move from the Linux Foundation, Intel, and Oracle.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, encryption