Category Archives: Encryption
The new avatar of the encryption wars – Hindustan Times
The government has proposed a new bill to regulate mathematics. The bill envisages that certain mathematical operations such as multiplication, division, LCM and GCD would be banned, if they are prime numbers and have more than 309 digits and a licensing regime, which would only allow licensed entities to perform these operations.
If the above reads like a parody, it may soon cease to be and become reality.
An Australian Prime Minister, Malcolm Turnbull declared in 2017 that, The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia.
In a joint communique issued on October 11, 2020, the Five Eye nations (United States, United Kingdom, Australia, New Zealand, Canada), along with Japan and India, stated, Particular implementations of encryption technology... pose significant challenges to public safety, including to highly vulnerable members of our societies like sexually exploited children and called upon technology companies to enable law enforcement access to content in a readable and usable format where an authorisation is lawfully issued, is necessary and proportionate, and is subject to strong safeguards and oversight.
The specific implementation of encryption technology that has worried governments the world over is the Signal protocol (E2EE), which guarantees that even intermediaries who provide these services will not be able to decrypt these messages in transit. It also guarantees plausible deniability, where if someone receives an encrypted message from you, they can be absolutely sure you sent it (rather than having been forged by some third party), but cant prove to anyone else that it was a message you wrote.
A variation of their anxieties played out in India, in the WhatsApp traceability debate, where the government pushed for traceability (Tell me who the sender is), but also said that it does not want to break end-to-end encryption, an impossible request, as sender deniability is at the heart of the end-to-end encryption. When repeatedly rebuffed by WhatsApp, an attempt was made to resolve the matter through the judicial system to compel the intermediaries (WhatsApp) to stop deploying messaging systems that use E2EE.
Given this background, the use of children in the statement to build a case for banning E2EE is interesting because it uses a propaganda technique called Pedophrasty, where children are invoked to prop up an argument, and make the opponents against the argument look like unprincipled savages and make everyone else suspend all rational and critical thinking, and agree to the argument.
But we must not agree to this dangerous set of proposals, as they are a continuum to the encryption wars, which started in the 1970s, where Western governments tried to limit use of encryption technologies by using export controls and ultimately failed.
In the 1990s, the National Security Agency in the US proposed the use of Clipper Chip in every phone, which implemented encryption but gave backdoor access to the US government. After Matt Blaze showed how rogue applications can use the chip to access data without the government backdoor, this attempt was abandoned.
In 2010, Google published a blog post, detailing how Chinese state backed hackers, attacked Gmail to spy on Chinese human rights advocates via a backdoor, installed by Google at the behest of the US government in Gmail to comply with search warrants on users. When Ericsson put backdoors into Vodafone products and deployed these in Greece for aiding law enforcement, these backdoors were used to spy on the Greek prime minister, by unknown perpetrators, who were never found.
All these incidents point out two fundamental realities. The first one is that backdoors are always dual-use and can be used by anyone and, hence, they dont keep anyone safe. The second is that E2EE is safe and easy enough for anyone to use and hence has achieved mainstream adoption. This has made the usual approach preferred by law enforcement agencies of coercing intermediaries to put backdoors irrelevant and obsolete.
Outlawing E2EE deployment and forcing intermediaries to comply with these proposed rules or leave the country by threatening to shut down their business operations, hence, may become the preferred policy response. But these rules, even if they become the law everywhere, are doomed to fail, in the same way, the discovery of irrational numbers (square root of 2) could not be suppressed by drowning its inventor Hippasus, in the sea, as it takes only a rented computer at 700 a month to run a back-end service implementing E2EE.
If existing intermediaries are forced to abandon it, others like EncroChat (popular among drug cartels) will step in and fill the void. The busting of EncroChat, when law enforcement agencies successfully penetrated the drug cartels by putting a tool in its servers, also indicates that it is possible to work around E2EE in some cases, using offensive technical measures by compromising endpoints. It would also be a far more proportionate measure than attempting to ban mathematical equations.
Anand Venkatanarayanan researches disinformation, cyber weapons and data security and is a privacy advocate
The views expressed are personal
See original here:
The new avatar of the encryption wars - Hindustan Times
What Does the Fifth Circuits Vacating of HHS HIPAA Fines Mean for Companies This Year? – JD Supra
Will HHS approach for imposing penalties in the aftermath of a data breach become a little clearer in 2021? This is a distinct possibility in the wake of a Fifth Circuit decision vacating penalties against MD Anderson Cancer Center. The hospital suffered three data breaches, leading HHS to impose over $4 million in civil penalties. That fine was reversed recently by the Fifth Circuit as arbitrary, capricious, and contrary to law.
MD Anderson first reported to HHS a lost unencrypted laptop that contained ePHI of 29,021 individuals in 2012. It also misplaced two unencrypted USB thumb drives in 2012 and 2013, the first had ePHI of over 2,000 individuals, and the other had ePHI of nearly 3,600 individuals. On February 8, 2019, following HHSs inquiry and investigation, an HHS Appeals Board affirmed an Administrative Law Judges decision sustaining HHSs civil monetary penalties for the companys alleged (i) failure to implement encryption or adopt an alternative and equivalent method to limit access to ePHI stored on electronic devices, and for (ii) unauthorized disclosure of protected health information in violation of HIPAA and the HITECH Act.
According to the Fifth Circuit, the HHS ruling on the companys encryption measures was incorrect. The Security Rule does not address the effectiveness of an encryption mechanism, only that a covered entity must implement an encryption mechanism or adopt an alternative and equivalent method to protect ePHI. While these particular devices in question were not encrypted, MD Anderson did have an encryption mechanism in place. Thus, the court found that MD Anderson did meet the Security Rules encryption requirement. On the ruling regarding the disclosure of ePHI, the Fifth Circuit held that HHS had failed to establish that MD Anderson disclosed ePHI to someone outside of the covered entity. The court clarified that under HIPAAs definition of disclosure, a disclosure required an affirmative act to disclose information and that HHS must prove that the information was actually disclosed to someone outside of the covered entity.
The court found that the penalty imposed by HHS was arbitrary and capricious because it enforced the civil monetary penalty rules against some entities and not others. As an example, the court pointed to another hospital that also lost an unencrypted laptop containing ePHI of more than 33,000 patients, which HHS investigated and imposed no penalty at all. Finally, the court was concerned that HHS had misinterpreted the per-year cap at $1,500,000 when, the Fifth Circuit stated, it is really $100,000. HHS had previously admitted it had misinterpreted the statute back in 2019.
Putting it Into Practice: This decision may result in more consistency in penalties and decisions imposed by HHS after companies report data breach incidents to the agency.
View post:
What Does the Fifth Circuits Vacating of HHS HIPAA Fines Mean for Companies This Year? - JD Supra
Comprehensive Report on Cloud Encryption Software Market 2021 | Size, Growth, Demand, Opportunities & Forecast To 2027 | Ciphercloud, Boxcryptor,…
Cloud Encryption Software Market research report is the new statistical data source added by A2Z Market Research.
Cloud Encryption Software Market is growing at a High CAGR during the forecast period 2021-2027. The increasing interest of the individuals in this industry is that the major reason for the expansion of this market.
Cloud Encryption Software Market research is an intelligence report with meticulous efforts undertaken to study the right and valuable information. The data which has been looked upon is done considering both, the existing top players and the upcoming competitors. Business strategies of the key players and the new entering market industries are studied in detail. Well explained SWOT analysis, revenue share and contact information are shared in this report analysis.
Get the PDF Sample Copy (Including FULL TOC, Graphs and Tables) of this report @:
https://www.a2zmarketresearch.com/sample?reportId=287324
Note In order to provide more accurate market forecast, all our reports will be updated before delivery by considering the impact of COVID-19.
Top Key Players Profiled in this report are:
Ciphercloud, Boxcryptor, Trend Micro, Sophos, Perspecsys, Voltage Security, Skycrypt, Google, Safenet, Vaultive, Hitachi, Porticor, Viivo, Symantec., HP, Vormetric.
The key questions answered in this report:
Various factors are responsible for the markets growth trajectory, which are studied at length in the report. In addition, the report lists down the restraints that are posing threat to the global Cloud Encryption Software market. It also gauges the bargaining power of suppliers and buyers, threat from new entrants and product substitute, and the degree of competition prevailing in the market. The influence of the latest government guidelines is also analyzed in detail in the report. It studies the Cloud Encryption Software markets trajectory between forecast periods.
Global Cloud Encryption Software Market Segmentation:
Market Segmentation: By Type
Infrastructure-as-a-ServiceSoftware-as-a-ServicePlatform-as-a-Service
Market Segmentation: By Application
Banking, Financial Services, and Insurance (BFSI)HealthcareGovernment and Public UtilitiesTelecom and ITRetailAerospace and DefenseOthers (manufacturing, education, and media and entertainment)
Get up to 30% Discount on this Premium Report @:
https://www.a2zmarketresearch.com/discount?reportId=287324
Regions Covered in the Global Cloud Encryption Software Market Report 2021: The Middle East and Africa (GCC Countries and Egypt) North America (the United States, Mexico, and Canada) South America (Brazil etc.) Europe (Turkey, Germany, Russia UK, Italy, France, etc.) Asia-Pacific (Vietnam, China, Malaysia, Japan, Philippines, Korea, Thailand, India, Indonesia, and Australia)
The cost analysis of the Global Cloud Encryption Software Market has been performed while keeping in view manufacturing expenses, labor cost, and raw materials and their market concentration rate, suppliers, and price trend. Other factors such as Supply chain, downstream buyers, and sourcing strategy have been assessed to provide a complete and in-depth view of the market. Buyers of the report will also be exposed to a study on market positioning with factors such as target client, brand strategy, and price strategy taken into consideration.
The report provides insights on the following pointers:
Market Penetration: Comprehensive information on the product portfolios of the top players in the Cloud Encryption Software market.
Product Development/Innovation: Detailed insights on the upcoming technologies, R&D activities, and product launches in the market.
Competitive Assessment: In-depth assessment of the market strategies, geographic and business segments of the leading players in the market.
Market Development: Comprehensive information about emerging markets. This report analyzes the market for various segments across geographies.
Market Diversification: Exhaustive information about new products, untapped geographies, recent developments, and investments in the Cloud Encryption Software market.
Table of Contents
Global Cloud Encryption Software Market Research Report 2021 2027
Chapter 1 Cloud Encryption Software Market Overview
Chapter 2 Global Economic Impact on Industry
Chapter 3 Global Market Competition by Manufacturers
Chapter 4 Global Production, Revenue (Value) by Region
Chapter 5 Global Supply (Production), Consumption, Export, Import by Regions
Chapter 6 Global Production, Revenue (Value), Price Trend by Type
Chapter 7 Global Market Analysis by Application
Chapter 8 Manufacturing Cost Analysis
Chapter 9 Industrial Chain, Sourcing Strategy and Downstream Buyers
Chapter 10 Marketing Strategy Analysis, Distributors/Traders
Chapter 11 Market Effect Factors Analysis
Chapter 12 Global Cloud Encryption Software Market Forecast
Buy Exclusive Report @:
https://www.a2zmarketresearch.com/buy?reportId=287324
If you have any special requirements, please let us know and we will offer you the report as you want.
About A2Z Market Research:
The A2Z Market Research library provides syndication reports from market researchers around the world. Ready-to-buy syndication Market research studies will help you find the most relevant business intelligence.
Our Research Analyst Provides business insights and market research reports for large and small businesses.
The company helps clients build business policies and grow in that market area. A2Z Market Research is not only interested in industry reports dealing with telecommunications, healthcare, pharmaceuticals, financial services, energy, technology, real estate, logistics, F & B, media, etc. but also your company data, country profiles, trends, information and analysis on the sector of your interest.
Contact Us:
Roger Smith
1887 WHITNEY MESA DR HENDERSON, NV 89014
[emailprotected]
+1 775 237 4147
What is end-to-end encryption, and what makes it so secure? – Yahoo News
The Week
No president is immune from scandal, President Biden included, Trevor Noah said on Monday's Daily Show. But maybe not all scandals are created equal. "Over the weekend, Biden took a short break from his day-to-day presidenting to catch the Super Bowl from his home in Delaware and if you aren't immediately outraged about that, well, you obviously haven't been watching the last 48 hours of conservative news media," Noah said. "But it's not surprising that Biden bent the travel rules for himself, because he's been president for less that three weeks and already he's had more scandals than we can keep track of although, my friends, we are going to try in our brand-new segment: 'Joe Biden, The Worst President in History That We Can Remember.'" Noah covered White House Press Secretary Jen Psaki's Space Force brouhaha, Biden's comments about honorable FBI agents, Hunter Biden's memoir deal, and the three scandals Biden chalked up even before becoming president. "That's right, Joe Biden stole 10 minutes of Donald Trump's presidency, or as Fox News calls it, Tenghazi," Noah deadpanned. "Who knows what Trump could have accomplished in those 10 minutes? I mean, maybe that's when he was finally going to release his health care plan. He could have used that time to walk down half a ramp! And do you have any idea how much Fox News Trump could have watched in that 10 minutes? Like, 10 minutes! So those are they many Joe Biden scandals by the muckraking journalists of conservative media in just his first three weeks in office." He predicted some Biden scandals that could come next. One of those conservative would-be Biden muckrakers lost his platform over the weekend, and The Daily Show also took a moment to say farewell to Fox Business host Lou Dobbs, "the most North Korean broadcaster America has ever seen." Watch his highlight reel below. More stories from theweek.comWatch Day 1 of Trump's 2nd impeachment trial in 270 seconds or lessTrump allies are amazed at how much his reputation has recovered since the Capitol riotSen. Coons: Trump's impeachment defense is 'the Four Seasons Landscaping of the legal profession'
See the original post here:
What is end-to-end encryption, and what makes it so secure? - Yahoo News
Signal is at the center of a new battle over content moderation – Business Insider
Over the past month, messaging app Signal has been downloaded tens of millions of times. But unlike most social platforms, the company hardly knows anything about its users.
Signal which is owned by a nonprofit and doesn't sell ads or user data avoids collecting people's demographic or personal information other than phone numbers, which are required to create accounts. All groups and direct messages on the platform are encrypted, meaning the company doesn't know how its app is being used, and doesn't want to find out.
Now, Signal is at the center of a new battle over online privacy and content moderation.
The company is under pressure to claim responsibility for how its platform is used amid concerns that extremists are flocking to it after being exiled from Parler and closed Facebook groups. Signal employees have internally raised concerns that the app isn't doing enough to stave off abuse, The Verge reported Monday.
Those concerns build on longstanding pressure from the US and other governments to break encryption in order to aid law enforcement investigations, a measure Signal has previously rejected. Meanwhile, so long as Signal's primary form of distribution is through Apple and Google's app stores, it's beholden to their rules around moderating harmful content something that could prove precarious as it continues to grow and add new features.
Privacy experts told Insider that Signal's practice of not collecting user data puts it in uncharted territory as it adapts to surging growth. While experts agree that breaking encryption is antithetical to the app's purpose, they said that Signal may have to write an entirely new playbook to ensure the app isn't used for nefarious purposes without compromising privacy.
"Now is the time to start thinking about these concerns," said Megan Squire, an Elon University professor and Southern Poverty Law Center senior fellow tracking online extremism. "I think it's probably past time."
A Signal spokesperson did not immediately respond to Insider's request for comment. In an interview last August, Signal CEO Moxie Marlinspike told Insider that the importance of protecting privacy should outweigh concerns that private channels are used for illegal activity.
"It's important to realize that real change happens in private. That has to be true. And if you don't have any truly private spaces left, I think you're sacrificing a lot," Marlinspike said.
The company was founded with a privacy-first mentality meant to run counter to the data-collection practices of big tech companies like Facebook and Google. Marlinspike has highlighted its commitment to protecting the secrecy of people's conversations on the platform.
"There's this insanity to how everything works right now. Just a handful of companies have a massive amount of data about everybody it's a dangerous equation," Marlinspike said in the August interview.
Signal has become a target among groups targeting online extremism in recent weeks. After reports surfaced that the Jan. 6 siege of the Capitol was organized by users on Facebook and Twitter, those companies began cracking down and banning accounts linked to the violence. Parler, a social media platform used by some riot participants, was taken offline by Amazon for failing to moderate content on its site.
The same week, tens of millions of new users flocked to Signal, as well as other encrypted messaging apps like Telegram. That surge was likely also driven by an exodus of users from WhatsApp over its new data-sharing policies, but its proximity to the online crackdowns following the Capitol siege made Signal an area of interest to extremism researchers, according to Squire.
While Signal has traditionally offered direct messages and small group messages using its encryption protocol, its newer group links feature rolled out in October is garnering more concern. The feature, which is available on rivals such as WhatsApp, makes it possible to share a public link through which anyone can join an encrypted group of up to 1,000 people.
That function raises red flags to those fighting online extremism according to Squire, extremists typically use encrypted chats to plan specific events while evading scrutiny while using larger groups to spread "propaganda."
"What you end up with is these large, encrypted groups full of people that don't really know each other and aren't accountable and could be getting radicalized and doing weird stuff," Squire said. "As Signal starts to add more features, that makes it look like a one-stop shop."
It moves Signal closer to a threshold that, when crossed, could expose it to demands to moderate its content. Right now, Signal doesn't advertise these groups within the app, but competitor Telegram does let users search for hashtags and terms to surface publicly visible forums.
For example, just this week, Insider searched Telegram for the #stopthesteal hashtag and found an open group with more than 800 members.
Telegram says it's taken steps to increase moderation on its platforms, but the way in which it amplifies these groups has drawn criticism in recent weeks, with the app coming under fire for hosting groups that have been linked to violence.
In response, nonprofit Coalition for a Safer Web sued Apple for not taking down Telegram following the Capitol attack.
Coalition president Marc Ginsberg acknowledged to Insider that encryption on apps like Signal and Telegram has been a force for good, such as helping users in autocratic regimes shield their communications, but argues that Telegram makes it far too easy for users to find groups posting hateful content.
"Our fight is not to take on encryption," he said. "Our efforts are right now focused on content moderation."
Even privacy advocates note that large groups carry different expectations of privacy than direct messages. John Callas, project director at the privacy-focused Electronic Frontier Foundation, told Insider he does find pressure to decrypt group chats "concerning" but added that as groups surpass hundreds of members, encryption becomes increasingly moot because there's less of an expectation of privacy.
"I believe there's a basic human right for two people to be able to talk in private," Callas said. "But when you have a group that big, encryption is not the issue."
As it continues to build out new features that could be ripe for abuse, Signal's more immediate threat may be Apple and Google, which have rules for any app on their store that produces user-generated content which is to say, content created by people for other people to view (Google defines it as content "visible to or accessible by at least a subset of the app's users.")
Apple and Google demand that apps producing this content have sufficient moderation policies to stamp out harmful content such as hate speech, and language inciting violence. That rule was recently enforced when Google and Apple suspended social media app Parler from their app stores following the Capitol Hill riots. The app, which is popular with far-right Trump supporters, was hosting content inciting violence and did not have sufficient moderation policies to ban that content, Google and Apple said.
Governments have been pressuring tech companies to break encryption for more than a decade. Department of Justice officials during the Obama and Trump administrations urged companies including Signal, Apple, and Facebook to build "encryption backdoors" that would let them decrypt suspects' messages in order to solve crimes.
Privacy experts fiercely oppose that measure, saying it would compromise everyone's privacy by weakening encryption. Evan Greer, deputy director of digital privacy advocacy group Fight for the Future, told Insider that she's skeptical of renewed calls to break encryption to counter far-right extremism online.
"Encryption is essential for millions of peoples' safety," Greer said, noting that activists and political dissidents worldwide rely on encryption to avoid persecution. "We have a lot of work to do to address harmful, hateful ideologies, but we have to stop looking for these quick fixes of, 'Let's blame the technology.'"
Read the original post:
Signal is at the center of a new battle over content moderation - Business Insider
Police Chief Demands Holes In Encryption Because Some Cops Decided To Participate In The DC Insurrection – Techdirt
from the sure,-make-this-all-about-us-when-it's-really-just-about-you dept
As more evidence comes to light showing a disturbing amount of law enforcement participation in the January 6th attack on the Capitol, police departments around the nation are finally being forced to face something they've ignored for far too long.
The law enforcement officers who participated in the insurrection attacked officers attempting to defend the building, or, at the very least, did nothing to discourage the lawless actions occurring all around them. The officers that went to DC and engaged in a riot aren't an anomaly. They've been part of law enforcement for as long as law enforcement has existed: bigots with a penchant for violence and a thirst for power.
These officers are finally beginning to be rooted out, but only because they did things no one can ignore. Hundreds of participants produced hundreds of recordings, turning their own celebration of their attempted election-thwarting into the evidence needed to identify them and charge them with federal crimes. Posts made to social media platforms provided more evidence, tying incriminating statements to location data to place off-duty cops on the scene.
Now that agencies are finally confronting their in-house white supremacist/militia problem, they're asking for everyone to be made less secure so they can handle the problem that's been hiding in plain sight for years.
Houston Police Chief Art Acevedo -- who presides over an agency with more than its share of bad cops -- was asked what officials like himself are doing to confront this problem. In response, Chief Acevedo asked for Congress to do him -- and other law enforcement agencies -- a favor:
Acevedo... said anonymous online platforms on the dark web are making such [internal] investigations impossible, even for departments with sufficient resources. He expects the move away from public platforms like Facebook and Twitter to grow rapidly in response to the FBI arrests of those who rioted at the Capitol.
This month, Acevedo was asked by the House Oversight and Reform Committee to explain what actions police chiefs are taking, and responded by asking for help. For years, law enforcement officials have asked for passage of a federal law that would require such platforms to have a back door that law enforcement can access if they have a legitimate investigative need and a court order to gain entry.
Then he blamed social media platforms for his own inability to police his police, calling them out as the real lawbreakers here:
Congresss failure to act has enabled industry giants to flaunt the law and operate with impunity, Acevedo wrote in response.
First off, if the bad cops are shifting to "dark web" platforms in response to their own opsec failures during the January 6th riot, mandating backdoors that affect "industry giants" isn't going to make it any easier to track down cops who've moved on to "darker" web services.
Second, law enforcement agencies' continuous failure to hold officers accountable or to perform rigorous background checks should not be used as leverage to make services and devices less secure for millions of Americans. Citizens have already had to watch their tax dollars pay the salaries of brutal thugs whose loyalty to each other often supersedes their sworn duties as public servants. They don't need to be punished further just so it's a little easier for cops to perform the occasional internal investigation.
Finally, the encryption offered by device makers and communications platforms also protects cops -- not just from accountability, as Acevedo implies here -- but from malicious hackers and criminals who would love access to cops' devices, communications, and sensitive files. A backdoor for bad cops is a backdoor for good cops -- and a backdoor that strips a layer of security away from everyone who uses these devices and services.
The ugliness that permeates law enforcement needs to be rooted out. But the security of millions of Americans shouldn't be weakened just because those policing the police haven't done much of this policing for decades. They've had open access to evidence for years and rarely used it. Now that their sins are too big to ignore until the next news cycle hits shouldn't be the impetus for backdoor mandates.
Thank you for reading this Techdirt post. With so many things competing for everyones attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise and every little bit helps. Thank you.
The Techdirt Team
Filed Under: art acevedo, backdoors, encryption, going dark, insurrection, washington dc
Continued here:
Police Chief Demands Holes In Encryption Because Some Cops Decided To Participate In The DC Insurrection - Techdirt
Houston Police Chief Tries To Blame Encryption for Failure To Uncover Far-Right Cops – Reason
Several police officers were among the mob that invaded the U.S. Capitol on January 6, a fact that has prompted some serious questions for law enforcement agencies about what they're doing to tackle the far-right presence in their departments. An article in Monday's Washington Post discusses how police might work to recognize problematic recruits before they're hired, and how to make it easier to discipline officers who express violent political attitudesa challenge as cop-friendly arbitrators often intervene and force law enforcement agencies keep them on board.
Deep down in the Post story, the debate takes a comically absurdist twist. A former Houston police officer was among those charged with joining the violent mob at the Capitol. With the problem at his doorstep, Houston Police Chief Art Acevedo, who is also president of the Major Cities Chiefs Association, decided to blameencryption:
Acevedo also said anonymous online platforms on the "dark web" are making such investigations impossible, even for departments with sufficient resources. He expects the move away from public platforms like Facebook and Twitter to grow rapidly in response to the FBI arrests of those who rioted at the Capitol.
This month, Acevedo was asked by the House Oversight and Reform Committee to explain what actions police chiefs are taking, and responded by asking for help. For years, law enforcement officials have asked for passage of a federal law that would require such platforms to have a "back door" that law enforcement can access if they have "a legitimate investigative need and a court order" to gain entry.
"Congress's failure to act has enabled industry giants to flaunt the law and operate with impunity," Acevedo wrote in response.
Destroying encryptionand yes, mandatory backdoors would utterly destroy encryptionhas been a pet cause of the U.S. Department of Justice for years. The invocation of the "dark web" as a boogeyman has been a constant recently too. Usually those who have demanded encryption back doors have insisted that it was necessary to fight child trafficking and terrorism.
It feels a bit desperate to invoke encryption as a reason why police departments don't know they've got some dangerous officers, particularly whenlet's be frankthese guys weren't being all that secretive. As the Brennan Center for Justice notes, "These officers' racist activities are often known within their departments, but only result in disciplinary action or termination if they trigger public scandals."
Meanwhile, Acevedo has inadvertently revealed that people are right to worry that law enforcement would abuse encryption backdoors. Police leaders have traditionally insisted that they need these to make sure tech platforms and communication tools comply with legal warrants. But Acevedo is talking about using backdoors to investigate potential or current police officers without any specific connection to criminal activity. This isn't crimefighting; it's domestic surveillance. This is precisely why backdoors are dangerous. Worse yet: The whole premise of these investigations is that there are abusive, authoritarian cops out there who can't be trusted. This is supposed to be a reason to give officers more access topeople's communications?
It's absolutely disheartening to see coverage of encrypted communications that suggests apps like Signal or Telegram are problems because they do not (and cannot) police content, therefore allowing extremists to communicate with each other. A tool can be used for good reasons or bad. We don't throw away hammers and move back into caves because they can also be used to beat somebody to death.
To reiterate for the umpteenth time, encryption protects us from criminals, hackers, and authoritarian governments. What Acevedo proposes won't help fight crime. It would actually make us more likely to be victims of crime. And that doesn't even get into what happens when some of our more violent governments across the world start using the backdoors precisely the way Acevedo describes, but against citizens trying to organize for more freedom, not just to cancel an election whose outcome they didn't like.
We shouldn't be surprised Acevedo that doesn't know what his cops are up to. For years, right under his nose, corrupt narcotics officers have been involved in a racket that involved falsifying records, which culminated in 2019 in a botched raid where officers killed a couple. As Reason's Jacob Sullum noted just this week, Acevedo is still trying to defend some of the officers involved and maintaining that there are not systemic problems in his department. What good would backdoors be to a man who refuses to acknowledge the evidence that's already in front of him?
Original post:
Houston Police Chief Tries To Blame Encryption for Failure To Uncover Far-Right Cops - Reason
EU warned of ‘slippery slope’ with new encryption plans Just now – Siliconrepublic.com
ProtonMail, Threema, Tresorit and Tutanota are sounding the alarm over a resolution adopted by the Council of the European Union.
A group of encrypted service providers has penned an open letter to EU lawmakers to denounce plans to alter encryption rules in Europe.
ProtonMail, Threema, Tresorit and Tutanota, which provide email and data storage products, said the stance recently taken by the Council of the European Union will undermine security for Europeans.
In December, the Council adopted a resolution on encryption with the slogan security through encryption and security despite encryption, which had been anticipated but still came in for criticism.
The Council said that encryption is necessary for protecting fundamental rights and the digital security of governments, industry and society but also argued for law enforcement having the ability to exercise their lawful powers, both online and offline protecting our societies and citizens.
It is seeking to create some balance between encryption for users but also access for authorities when necessary. However, the open letter from the four companies said the language used in the resolution could be interpreted as stipulating backdoors into encrypted communications.
The resolution makes a fundamental misunderstanding: encryption is an absolute, data is either encrypted or it isnt, users have privacy or they dont, the letter reads.
The desire to give law enforcement more tools to fight crime is obviously understandable. But the proposals are the digital equivalent of giving law enforcement a key to every citizens home and might begin a slippery slope towards greater violations of personal privacy.
While the resolution adopted by the Council is not legally binding, it could open up opportunities for the Commission to prepare proposals for possible legislation.
This is not the first time weve seen anti-encryption rhetoric emanating from some parts of Europe, and I doubt it will be the last. But that does not mean we should be complacent, Andy Yen, chief executive of ProtonMail, said.
The difference this time is that the Council has taken a more subtle approach and avoided explicitly using words like ban or backdoor. But make no mistake, this is the intention. Its important that steps are taken now to prevent these proposals going too far and keep Europeans rights to privacy intact.
Encrypted and secure communications have garnered a lot of attention of late after the backlash against WhatsApps latest update. The furore saw swathes of sign-ups for alternative encrypted messaging apps such as Signal and Telegram. WhatsApps update has since been pushed back to May.
The letter from ProtonMail, Threema, Tresorit and Tutanota has been issued to coincide with Data Privacy Day, a campaigning initiative by the National Cybersecurity Alliance, a group of tech and finance firms.
Excerpt from:
EU warned of 'slippery slope' with new encryption plans Just now - Siliconrepublic.com
PSA: Telegram Chats Arent End-to-End Encrypted by Default – How-To Geek
Arthur_Shevtsov/Shutterstock.com
Telegram and Signal are widely popular privacy-focused messaging apps. However, the two apps have some big differences: While all messages sent via Signal are always end-to-end encrypted by default, Telegram messages arent. End-to-end encryption is an optional feature in Telegram.
End-to-end encryption means that only the sender and the receiver of a message can see its contents. Not even the company running the server in the middle of the conversations can see the contents of the communications.
With Signal, all conversations are always end-to-end encrypted: The Signal Foundation cant see the contents of the messages.
With Telegram, the company in charge of Telegram is technically capable of seeing the contents of the messages on its servers.
There is still some encryption in Telegram, of course: Encryption is used to transmit messages between your Telegram app, Telegrams servers, and the other persons Telegram app. Your internet service provider, network operator, and any third parties snooping on your internet activity cant see the contents of your communications. (Thats a big improvement from traditional SMS, which lets your cellular provider see all your messages!)
If Telegrams servers were hacked at some point in the future, for example, the attackers could see the contents of peoples Telegram conversations. However, if Signals servers were hacked, the attackers couldnt see the conversations.
Telegram and Signal are very different in this way. Telegram is much more of a traditional messaging application. It syncs your chats between your devices and stores them in the cloud. If you dont care about end-to-end encryption, thats fineand Telegrams features can definitely be convenient.
But if you are sending sensitive informationor if you just want to ensure that your conversations arent being snooped onyou should use end-to-end encryption.
You dont have to switch to Signal to use end-to-end encryption. Its built right into Telegram. Its just an optional feature that most people arent aware of.
In Telegram, only secret chats are encrypted. To use Telegrams end-to-end encryption, you have to start a secret chat by tapping the persons name, the More or menu button, and Start Secret Chat.
Secret chats appear separately from non-secret chats in Telegrams chat list. For secret chats, Telegram shows the persons name in green next to a green padlock icon. If youre already talking to someone, youll see two separate conversations in your list.
In a secret chat, you can also enable a self-destruct timer for messages, ensuring that theyll be deleted after a given amount of time. (Of course, the person youre talking to can always take a screenshot of your conversation to preserve it if they want to.)
RELATED: How to Start an Encrypted Secret Chat in Telegram
Because of the end-to-end encryption, secret chats dont sync between the Telegram app on multiple devices. A secret chat on one device stays on that device. So if you start a secret chat on your phone, you cant continue that same secret chat on a tablet or computer. It stays on your phone.
Signal was designed from the ground up for end-to-end encryption, so it can optionally sync end-to-end encryption between your devices. Signal lets you link the app on your phone to another device like a Windows PC, Mac, or iPad. You can carry on your conversations between multiple devices without sacrificing end-to-end encryption, as you would have to do with Telegram.
Telegram offers huge group chats with up to 200,000 people in a channel. However, in Telegram, only one-on-one conversations can be end-to-end encrypted with the secret chats feature.
Signal only supports up to 1000 people in a group chat.However, those group chats are always end-to-end encrypted. If you want end-to-end encrypted group chats with three or more people, Signal is the app to choose.
In other words, Telegrams group chats are ideal for big public channels with thousands of people, while Signals group chat feature is ideal for private conversations with a smaller number of people.
Telegram is undoubtedly a polished messaging app with a slick interface. Its great that it offers the option to have a secret chat with end-to-end encryption, too.
However, if you really care about end-to-end encryption, you should use Signal instead. In Signal, encryption isnt an optional featureits built into every single conversation that you have. All of Signals featuresincluding message sync between devices and group chatswork with end-to-end encryption.
That ease of use is very helpful for getting people on board with secure, private chats. If you want to have end-to-end encrypted conversations with your friends, family members, or coworkers, its much easier for them to use Signal. The end-to-end encryption just works in all conversations, and you wont have to explain the difference between secret chats and non-secret chats to them, as you would with Telegram.
So which is better, Signal or Telegram? Well, theyre different. As of the start of 2021, Telegram clearly has a shinier, more polished interface, with prettier stickers and chat backgrounds. Its also ideal for big public channels, making it almost a sort of social network.
However, if youre looking for end-to-end encryption so that the company operating the chat app cant see your messages (and they cant be accessed by hackers who breach the companys servers), Signal is the best option.
Thankfully, Telegram at least offers end-to-end encryption as an option. If you ever need to transmit sensitive information (say, financial details), you can switch over to a secret chat for that.
RELATED: Signal vs. Telegram: Which Is the Best Chat App?
The rest is here:
PSA: Telegram Chats Arent End-to-End Encrypted by Default - How-To Geek
The hardware encryption market is expected to be valued at USD 262 million in 2020 and reach USD 313 million by 2025, growing at a CAGR of 3.6% -…
Some of the factors such as an increase in the penetration of internet users and the growing adoption of digital content are the drivers for the growth of the hardware encryption market. Hardware encryption market for inline network encryptor product to share the largest market share in 2019
New York, Jan. 28, 2021 (GLOBE NEWSWIRE) -- Reportlinker.com announces the release of the report "Hardware Encryption Market by Product Type, Application and Region - Forecast to 2025" - https://www.reportlinker.com/p04603855/?utm_source=GNW The inline network encryptor segment accounted for the largest size of the hardware encryption market in 2019.The commercialization of the internet of things has led to surged demand for inline network encryptor globally.
Moreover, the increase in digital content has led to the growth in the procurement of inline network encryptors for the encryption of data at various levels.
Hardware encryption market for consumer electronics application to share the largest market share in 2019The hardware encryption market for consumer electronics application is expected to grow at the highest CAGR during the forecast period considering the demand for security and safety of data which is stored in these devices and is even sent to others. Encryption has enabled a sense of satisfaction for the customers as their data is stored at various levels of encryption.
APAC region is accounted for the largest share in 2020 and further in the forecast period.The hardware encryption market in APAC region is projected to share the largest market share during the forecast period.The highest CAGR is because of the huge population, which is technology-savvy and is demanding encryption enabled products.
The numerous electronics and semiconductor manufacturing companies in the region create demand for these products for their internal applications and for installing hardware encryption in their products.
Breakdown of the profile of primary participants: By Company Type: Tier 1 60 %, Tier 2 25%, and Tier 3 15% By Designation: C-level Executives 50%, Directors - 30%, and Others -20% By Region: APAC 40 %, NA 25%, Europe 20%, and RoW 15%
The major players profiled in this report include: Western Digital Corp. (US) Samsung Electronics Co. Ltd. (South Korea) Micron Technology Inc. (US) NetApp (US) Kingston Technology Corp. (US) Seagate Technology PLC (Ireland) KIOXIA (Japan) Kanguru Solutions (US) Intel (US), WinMagic Inc. (US) Maxim Integrated Products, Inc. (US) Thales e-Security (US) Mcafee (US) Broadcom (US) IBM (US)
Research CoverageThe study segments the hardware encryption market report into architecture type (FPGA and ASIC), by product type (External HDD, Internal HDD, SSD, Inline network encryptor and USB flash drive) and by application (consumer electronics, IT & Telecom, transportation, healthcare, aerospace and defense and others) The study also provides market size for various segments regarding global regions.
Reasons to buy the report
The report would help the market leaders/new entrants in this market in the following ways:1. This report segments the hardware encryption market comprehensively provides the closest approximations of the overall market size and those of the subsegments across different applications and regions.2. The report provides a detailed analysis of the hardware encryption market with the help of competitive leadership mapping, including crucial companies in the market and their relations in the ecosystem.3. The report helps stakeholders understand the pulse of the market and provide them information on the key market drivers, restraints, challenges, and opportunities.4. This report would help stakeholders understand their competitors better and gain insights to enhance their position in the business. The competitive landscape section includes the competitor ecosystem, product developments, partnerships, and mergers & acquisitions in the hardware encryption market.
Read the full report: https://www.reportlinker.com/p04603855/?utm_source=GNW
About ReportlinkerReportLinker is an award-winning market research solution. Reportlinker finds and organizes the latest industry data so you get all the market research you need - instantly, in one place.
__________________________
Story continues