Displaying items by tag: NSA

The world lives in fear of zero-day exploits although the average person does not even know it. A zero-day exploit is a bug or a flaw that has not been discovered by the developers yet, but is known to someone outside. This can be good guys, bad guys or other, but it is still a flaw that can be used to do harm to a computer system and no one has a patch for it yet. When the good guys (security researchers) know about them they work with companies to patch them. When the bad guys know about these things get very ugly indeed. But what happens if someone knows about one (or a bunch of them) and does not tell anyone at all?

Published in Editorials

Encryption is an interesting thing. On the surface it offers protection from prying eyes and sense of security in protecting your communication and files. At least that is what you should feel when talking about encryption. The problem is that encryption is only as secure as the protocol and API that is in use. Even if you have a rock solid certificate the protocol and APIs that you use to connect can be compromised to by-pass this. This is what has happened to almost every major SSL/TLS stack. So far in 2014 we have watched them fall one at a time to the dismay of security experts.

Published in Editorials

Apple is truly ramping up the PR machine and has even managed to get a few people in government to make some rather outrageous statements on the new phone and iOS 8. One of the new stories going around is about how the new iPhone and iOS8 are suddenly “NSA Proof” because they have added data encryption. The fallacy of this claim is almost beyond belief and shows once again that most in the technical press have absolutely no memory.

Published in News

We have more news from the Snowden front as Der Spiegel reports one a joint NSA, GCHQ program dubbed treasure map. Although the program was originally revealed by the NY Times in late 2013 it was originally described as a network mapping program with no surveillance application. This claim is no longer holding up as more and more information come out about the two agencies plans to map the entire internet in real time.

Published in News

It is not often that we can write about a big company like Microsoft and say they are doing “the right thing”. This is even more true in light of the Snowden revelations that showed the close cooperation that Microsoft (and others) had with many data collection programs run by the NSA. Any trust that people had in Microsoft and their drive to protect their customer’s data vanished in an instant. Since those days Microsoft has been working very hard to rebuild consumer trust. They have put SSL and TLS encryption on their email service and have put a few privacy (pronounce that security if you are in government) features in place to help change the public opinion.

Published in News
Tagged under
Monday, 25 August 2014 12:01

NSA Bug Leaks to Tor No Big Surprise

Over the weekend a story broke that alleged that the NSA (National Security Agency) and GCHQ (Government Communications Headquarters) might actually be helping the Tor network to find and fix bugs in their systems. The news that this might be going on appeared to come as a shock to most people and new agencies reporting on rumor. Of course if you look at the Tor project’s history and the way it is still used today you will find that it is actually in the best interest of the governments in question to keep TOR alive and healthy.

Published in News

DEF CON 22, Las Vegas, NV 2014 - Yesterday at DEF CON we had the chance to listen to Christopher Soghoian, Principal Technologist, American Civil Liberties Union talk about the state of the surveillance state and how we can help fight against it. Of course you might think that his talk would be about the use of spy proof technologies, but oddly enough very little of that was talked about except to make it clear that talk of spy-proof technology makes people in Washington nervous.

Published in Editorials

There is a lot of information flying around the internet about security this month. Much of this is due to the looming Black Hat and DEF CON conferences that kick off in August. While many of the articles hitting the net are malware centric we are hearing about a few more that punch more than a few holes in the security of some very popular devices. We have seen Blackberry poke at Samsung and their Knox secure phone layer and vice versa. The biggest one that we have seen is the 58 page document published by security expert Jonathan Zdiarski about the iPhone.

Published in News

Yesterday we reported that Apple had lost a big to toss out a patent suit aimed at their iPhone and iPad in China. This was quite a blow to the company that has made China its manufacturing home. Normally Apple can get its way when dealing with patents simply because of the mythology they have created.  However this has not always held up in China as we have seen multiple decisions go against Apple.

Published in News

As we have reported on multiple occasions, Microsoft is working very hard to change the way that people see them. There are many reasons that they need to do this and it is a job that is not going to happen overnight. This has been a big part of what new CEO Satya Nadella has been doing since he took the top job at Microsoft. After changing the push for the Xbox One and Windows they are now trying to overcome the stigma dropped on them by Edward Snowden’s revelations of complicity with the NSA.

Published in News
Page 2 of 6