Cybersecurity for the People: How to Keep Your Chats Truly Private With Signal

it’s possible to make sure that your private conversations are actually private. It starts with installing an app known as Signal, and getting your friends to install it too. Then you’ll want to tweak the settings to lock everything down.

Fuente: Cybersecurity for the People: How to Keep Your Chats Truly Private With Signal


The Strangers Who Got Snowden’s Secrets in the Mail

The story of Edward Snowden’s disclosure of NSA secrets to the press has been told and retold in books, films, and countless articles. Left unreported has been the quiet role of two journalists who literally had Snowden material mailed to them in a cardboard box.

Fuente: The Strangers Who Got Snowden’s Secrets in the Mail


Gobiernos en guerra contra WhatsApp por su cifrado de extremo a extremo – El Mostrador

Tras el ataque al Parlamento Británico ocurrido la semana pasada, los políticos británicos han exigido que Whatsapp y otras aplicaciones de mensajería instantánea proporcionen acceso a la policía y fuerzas de seguridad para así poder monitorear conversaciones terroristas. Sin embargo, los expertos en tecnología discuten que abrir las “puertas traseras” de los servicios de mensajería popular, las cuales usan cifrado de extremo a extremo, arrojaría una serie de problemas.

Fuente: Gobiernos en guerra contra WhatsApp por su cifrado de extremo a extremo – El Mostrador


¿Qué tenía el trabajo universitario que provocó una alerta de seguridad porque equivalía a “exportar armas nucleares a un gobierno hostil”? – El Mostrador

¿Por qué una agencia de espías de Estados Unidos no quería que los universitarios discutieran su trabajo en público? El caso es que no lograron acallarlos y, gracias a ello, tenemos la web.

Fuente: ¿Qué tenía el trabajo universitario que provocó una alerta de seguridad porque equivalía a “exportar armas nucleares a un gobierno hostil”? – El Mostrador


New York’s New Digital Crime Lab Is a Forensic Marvel

In an exclusive tour of the new lab, Fortune got a glimpse of Law & Order in the digital age. The lab is Exhibit A in how America’s biggest city is embracing big data analytics and a dash of hacker culture to solve complex crimes. It also raises hard questions about how to balance these sophisticated crime-fighting tools with civil liberties.

Fuente: New York’s New Digital Crime Lab Is a Forensic Marvel


Yahoo may have let the government spy on emails. Now will we embrace encryption? | Trevor Timm | Opinion | The Guardian

Finally, Yahoo’s possible betrayal of its users is another example of why whistleblowers and leaks to the press are so important. The US government considers this type of surveillance “legal” even though it shocks the conscience of many ordinary Americans and dozens of civil liberties groups have been attempting to have courts rule it illegal for years.

Fuente: Yahoo may have let the government spy on emails. Now will we embrace encryption? | Trevor Timm | Opinion | The Guardian


El pionero satélite cuántico chino que puede revolucionar las comunicaciones del mundo – El Mostrador

Se trata de un millonario y ambicioso proyecto apodado QUESS, que pone al gigante asiático a la cabeza de una revolución tecnológica: crear nuevas redes de comunicación globales a prueba de hackeos.

Fuente: El pionero satélite cuántico chino que puede revolucionar las comunicaciones del mundo – El Mostrador


FBI’s Secret Surveillance Tech Budget Is ‘Hundreds of Millions’

The FBI has “hundreds of millions of dollars” to spend on developing technology for use in both national security and domestic law enforcement investigations — but it won’t reveal the exact amount.

Fuente: FBI’s Secret Surveillance Tech Budget Is ‘Hundreds of Millions’


Tor Project is working on a web-wide random number generator / Boing Boing

Random number generators are the foundation of cryptography — that’s why the NSA secretly sabotaged the RNG standard that the National Institute for Standards and Technology developed.The Tor Project faces serious, state-level adversaries, including the FBI, and so it needs all the randomness it can get — randomness that can’t be made predictable even if you’ve compromised the user’s computer, even.

Fuente: Tor Project is working on a web-wide random number generator / Boing Boing


Snowden Debates CNN’s Fareed Zakaria on Encryption

NSA whistleblower and privacy advocate Edward Snowden took part in his first public debate on encryption on Tuesday night, facing off against CNN’s Fareed Zakaria, a journalist and author known for his coverage of international affairs.

Fuente: Snowden Debates CNN’s Fareed Zakaria on Encryption


With Facebook No Longer a Secret Weapon, Egypt’s Protesters Turn to Signal

Although the police in Cairo sealed off parts of the Egyptian capital where protests scheduled on Facebook were to have taken place on Monday, opposition activists managed to stage brief rallies that resembled flash mobs, calling for an end to military rule and the cancellation of a deal to surrender two islands to Saudi Arabia.The fact that Facebook is now so closely monitored by the security forces prompted one leading activist to offer an online tutorial in how to use a new tool, the encrypted messaging app Signal, to help protesters find each other on the city’s streets, and stay one step ahead of the authorities.

Fuente: With Facebook No Longer a Secret Weapon, Egypt’s Protesters Turn to Signal


Ron Wyden vows to filibuster anti-cryptography bill / Boing Boing

Senators Richard Burr [R-NC] and Dianne Feinstein [D-CA] finally introduced their long-rumored anti-crypto bill, which will ban US companies from making products with working cryptography, mandating that US-made products have some way to decrypt information without the user’s permission.

Fuente: Ron Wyden vows to filibuster anti-cryptography bill / Boing Boing


Microsoft y Apple redoblan lucha por privacidad de datos en EEUU – El Mostrador

Si bien estos casos judiciales destacados han sumado impulso, la ofensiva del sector contra la intrusión gubernamental en la información privada de los clientes comenzó hace al menos dos años, luego de las revelaciones de Edward Snowden sobre la recolección encubierta de datos que pusieron a todos a la defensiva.

Fuente: Microsoft y Apple redoblan lucha por privacidad de datos en EEUU – El Mostrador


La clave de cifrado global de BlackBerry, en manos de la polícia

Problemas para BlackBerry. Mientras Apple lucha en los tribunales -y fuera de ellos- para proteger la privacidad de los usuarios, Vice News desvela, a través de documentos por un caso de asesinato, cómo la Policía Canadiense habría obtenido la clave de cifrado global de BlackBerry, haciendo de la seguridad del sistema… algo prácticamente inservible y al servicio de las fuerzas y cuerpos de seguridad de Canadá. ¿Y lo peor del asunto? según fuentes de Vice, poseen esta clave desde 2010.

Fuente: La clave de cifrado global de BlackBerry, en manos de la polícia


Drive towards strong encryption will end

What happens when the wave of encryption rippling through the personal technology world washes up against the realities of the data economy?Most of the recent debate over the spread of encryption has centred on the implications for personal privacy and national security. Less has been said about business: in particular, what a greater use of encryption will mean for the usability of tech products and services, and for the business models that rely on capturing and extracting value from data.

Fuente: Drive towards strong encryption will end


Forget Apple's fight with the FBI – our privacy catastrophe has only just begun | Technology | The Guardian

The privacy crisis is a disaster of our own making – and now the tech firms who gathered our data are trying to make money out of privacy

Fuente: Forget Apple’s fight with the FBI – our privacy catastrophe has only just begun | Technology | The Guardian


Obama Wants Nonexistent Middle Ground on Encryption, Warns Against “Fetishizing Our Phones”

Obama’s first extended disquisition on the contentious issue of encryption suggests he’s only been listening to one side.

Fuente: Obama Wants Nonexistent Middle Ground on Encryption, Warns Against “Fetishizing Our Phones”


Snowden: FBI's claim it can't unlock the San Bernardino iPhone is 'bullshit' | Technology | The Guardian

NSA whistleblower rubbishes claims that only Apple can unlock killer’s iPhone 5C, indicating FBI has the means itself

Fuente: Snowden: FBI’s claim it can’t unlock the San Bernardino iPhone is ‘bullshit’ | Technology | The Guardian


NSA Is Mysteriously Absent From FBI-Apple Fight

The Federal Bureau of Investigation insisted that it was helpless. The bureau told a judge in February that Apple has the “exclusive technical means” to try to unlock the contents of San Bernardino shooter Syed Rizwan Farook’s iPhone — and that’s why it should be forced to do so. But notably missing from the FBI’s argument was any mention of whether it had consulted spies and sleuths from the government’s intelligence community — particularly the National Security Agency. The Twitterverse exploded with q

Fuente: NSA Is Mysteriously Absent From FBI-Apple Fight


Apple gains support from tech rivals in FBI case – FT.com

ft.com > Companies >TechnologySubscribe Sign in Home World Companies Energy Financials Health Industrials Luxury 360 Media Retail & Consumer Tech Telecoms Transport By Region Tools Markets Global Economy Lex Comment Management Life & Arts March 4, 2016 2:25 amApple gains support from tech rivals in FBI caseTim Bradshaw in San Francisco Share Print Clip CommentsFBI and Apple logos©FBI/AppleAmerica’s largest technology companies have joined Apple’s fight against the government over data protection and security, in an unusual display of unity by the Silicon Valley rivals.More than a dozen motions filed on Thursday sided with Apple as it tries to resist a demand to write software that would help the FBI unlock the San Bernardino shooter’s iPhone. Civil liberties groups and IT trade associations lined up alongside dozens of law professors and cryptography experts, after Apple filed its own motion for the judicial order to be withdrawn last week.

Fuente: Apple gains support from tech rivals in FBI case – FT.com


What has the FBI ordered Apple to do and why is it refusing? – FT.com

What has Apple been ordered to do?The US court has told Apple to write a piece of software that lowers an iPhone’s defences, enabling the FBI to use brute force to break in by bombarding the device with many possible passwords until it gets the right answer. The new tool would do three things:

Fuente: What has the FBI ordered Apple to do and why is it refusing? – FT.com


Wanting it badly isn't enough: backdoors and weakened crypto threaten the net / Boing Boing

As you know, Apple just said no to the FBI’s request for a backdoor in the iPhone, bringing more public attention to the already hot discussion on encryption, civil liberties, and whether “those in authority” should have the ability to see private content and communications — what’s referred to as “exceptional access.”

Fuente: Wanting it badly isn’t enough: backdoors and weakened crypto threaten the net / Boing Boing


EFF, ACLU, and Amnesty International voice support for Apple in FBI battle | The Verge

The American Civil Liberties Union (ACLU), Electronic Frontier Foundation (EFF), and Amnesty International have come out in support of Apple, after the company said it would contest a judge’s order to unlock an iPhone used by one of the San Bernardino shooters.

Fuente: EFF, ACLU, and Amnesty International voice support for Apple in FBI battle | The Verge


Apple’s FBI Battle Is Complicated. Here’s What’s Really Going On | WIRED

The news this week that a magistrate ordered Apple to help the FBI hack an iPhone used by one of the San Bernardino shooter suspects has polarized the nation—and also generated some misinformation.  In the interest of clarifying the facts and correcting some misinformation, we’ve pulled together a summary of the issues at hand.

Fuente: Apple’s FBI Battle Is Complicated. Here’s What’s Really Going On | WIRED


We cannot trust our government, so we must trust the technology | US news | The Guardian

Apple’s battle with the FBI is not about privacy v security, but a conflict created by the US failure to legitimately oversee its security service post Snowden

Fuente: We cannot trust our government, so we must trust the technology | US news | The Guardian


Bill Gates backs FBI in battle with Apple over San Bernardino killer's phone | Technology | The Guardian

US government is asking for a particular case, and Apple should comply, says Microsoft co-founder Gates

Fuente: Bill Gates backs FBI in battle with Apple over San Bernardino killer’s phone | Technology | The Guardian


Hillary Clinton and Bernie Sanders Refuse to Choose Between Apple and the FBI

Both candidates tried to occupy a middle ground that doesn’t really exist – either in the war between Apple and the FBI, or when it comes to the spread of unbreakable encryption.

Fuente: Hillary Clinton and Bernie Sanders Refuse to Choose Between Apple and the FBI


FBI Says Apple Court Order Is Narrow, But Other Law Enforcers Hungry to Exploit It

The Justice Department says Apple can destroy the hacking software it makes after it’s used once. But other law enforcers are already lining up to use it themselves.

Fuente: FBI Says Apple Court Order Is Narrow, But Other Law Enforcers Hungry to Exploit It


Apple to beef up customers’ iCloud encryption – FT.com

Apple is working on new ways to strengthen the encryption of customers’ iCloud backups in a way that would make it impossible for the company to comply with valid requests for data from law enforcement, according to people familiar with its plans.

Fuente: Apple to beef up customers’ iCloud encryption – FT.com


Apple's Tim Cook defends encryption. When will other tech CEOs do so? | Trevor Timm | Opinion | The Guardian

More high-profile titans need to use their platforms to make crystal clear how important encryption is to users everywhere

Fuente: Apple’s Tim Cook defends encryption. When will other tech CEOs do so? | Trevor Timm | Opinion | The Guardian


Apple believes bill creates ‘key under doormat for bad guys’ – FT.com

Shortly after Theresa May introduced the draft Investigatory Powers bill in November to update the UK’s surveillance laws for the internet age, the home secretary met privately with Tim Cook, Apple’s chief executive. He laid out a number of

Fuente: Apple believes bill creates ‘key under doormat for bad guys’ – FT.com


The hype over metadata is a dangerous myth – FT.com

Communications data — and the government’s powers to collect them — are at the heart of the draft Investigatory Powers Bill introduced by Theresa May, UK home secretary, which is currently under scrutiny. Such metadata are the digital exhaust of our

Fuente: The hype over metadata is a dangerous myth – FT.com


Comey Calls on Tech Companies Offering End-to-End Encryption to Reconsider “Their Business Model”

The FBI director essentially wants tech companies to roll back secure encryption to something less secure that law enforcement can intercept.

Fuente: Comey Calls on Tech Companies Offering End-to-End Encryption to Reconsider “Their Business Model”


How have journalists responded to revelations of mass surveillance? | Technology | The Guardian

How have journalists responded to revelations of mass surveillance? | Technology | The Guardian.

Two thirds of investigative journalists think they're being spied on, and many are taking action to combat that.

 Two thirds of investigative journalists think they’re being spied on, and many are taking action to combat that. Photograph: PAWEL KOPCZYNSKI/REUTERS

NSA whistleblower Edward Snowden’s revelations of mass surveillance by government agencies has made a big impact on investigative journalists, according to a new study.

The survey of 671 journalists, conducted by the US-based Pew Research Center and Columbia University’s Tow Center for Digital Journalism, found that 64% believe that the US government has probably collected data about their communications.

49% said that they have changed the way they store and share potentially sensitive documents in the last year as a result, while 29% have altered the way they communicate with fellow journalists.

However, only 3% have opted not to pursue a particular story due to concerns about electronic surveillance and hacking, although 13% have not reached out to a particular source for those reasons. Just 2% have considered abandoning investigative journalism.


PGP creator Phil Zimmermann: 'Intelligence agencies have never had it so good' | Technology | The Guardian

PGP creator Phil Zimmermann: ‘Intelligence agencies have never had it so good’ | Technology | The Guardian.

Phil Zimmermann: 'End-to-end encryption is everywhere now: in browsers, online banking...'

 Phil Zimmermann: ‘End-to-end encryption is everywhere now: in browsers, online banking…’

The recent hack against Sony Pictures is likely to have made companies of all sizes consider upping their cybersecurity measures. Perhaps, though, it’s also a different kind of wake-up call: a reason to think less about security, and more about privacy.

That’s the belief of Phil Zimmermann – the creator of email encryption software Pretty Good Privacy (PGP), and now president and co-founder of secure communications company Silent Circle – initially expressed in a blog post, and expanded on in an interview with the Guardian.

“Sony had all kinds of things: intrusion detection, firewalls, antivirus … But they got hacked anyway. The security measures that enterprises do frequently get breached. People break in anyway: they overcome them,” says Zimmermann.

“A lot of this stuff could have been encrypted. If those emails had been encrypted with PGP or GnuPG, the hackers wouldn’t have gotten very far. Those movie scripts that they stole? They could have been encrypted too.”

Zimmermann hopes that companies will look at what happened to Sony, and use it as a spur to explore encryption as a way to protect their employees’ privacy, rather than ramping up their spending on security measures to protect their data.

“People don’t think of privacy much when they think about enterprises, but enterprise privacy is a real thing: it’s the collective privacy of everybody in the company, and the privacy of the company assets as well,” he says.

“In Sony’s case, there were emails about Hollywood actresses that got breached. That’s connected with personal privacy. I think companies retain too much information.”

If more businesses shift their thinking from security to privacy, it’ll be good news for Silent Circle, which offers technology for encrypted voice calls, video chat and messaging, as well as being a key part of the privacy-focused Blackphonesmartphone.


David Cameron seeks cooperation of US president over encryption crackdown | UK news | The Guardian

David Cameron seeks cooperation of US president over encryption crackdown | UK news | The Guardian.

PM to ask Barack Obama to put pressure on US internet companies to work more closely with UK intelligence agencies

 

 

David Cameron talking on the telephone to US president, Barack Obama
David Cameron talking on the telephone to US president, Barack Obama, from No 10 Downing Street, London. Photograph: Sergeant Dave Rose/PA

 

David Cameron is to urge Barack Obama to pressure internet firms such as Twitter and Facebook to do more to cooperate with Britain’s intelligence agencies as they seek to track the online activities of Islamist extremists.

 

As he becomes the first European leader to meet the president after the multiple shootings in Paris last week, the prime minister will seek to win Obama’s support for his plans to secure a new legal framework to deny terrorists a “safe space”.

 

The prime minister arrives after he proposed earlier this week that British intelligence agencies have the power to break the encrypted communications of suspected terrorists and insisting that the likes of Twitter and Facebook do more to cooperate with Britain’s GCHQ eavesdropping centre.


Encriptación punto-a-punto: de la oscuridad al mainstream | Manzana Mecánica

Encriptación punto-a-punto: de la oscuridad al mainstream | Manzana Mecánica.

Lunes 5 Ene 2015

Carlos Castillo

En pocos días he llegado a un punto de saturación respecto a leer predicciones para el 2015. Muchas de las predicciones son, fundamentalmente, cosas que ya están sucediendo y que al autor de la predicción le gustaría que continuaran sucediendo. Eso no tiene nada de malo, pero no estaría mal llamar a las cosas por su nombre.

En ese espíritu, creo que hay algo muy importante que sucedió a fines del 2014 y que estaría muy bien que continuara sucediendo el 2015. Me refiero a la transición que están experimentando las tecnologías de nube con conocimiento cero, en particular la encriptación punto-a-punto.

Conocimiento cero = bueno

Almacenar cosas en la “nube” es valioso por varios motivos. Primero, poder acceder a tus propios archivos desde cualquier dispositivo (móvil, tabletlaptop, etc.) es muy conveniente. Segundo, un efecto secundario positivo es que tienes un respaldo de estos archivos. Tercero, es más fácil compartir un archivo con otra persona si tu archivo ya está en la “nube”.

Para muchas personas, resulta obvio que si, por ejemplo, subes algunas fotos a un sistema de almacenamiento, entonces tus fotos quedan a disposición de la gente que opera esa nube. La gente que trabaja para esa empresa puede ver tus fotos, y si los hackean a ellos, o si adivinan tu clave sin necesidad de tener acceso a tu dispositivo, entonces tus fotos pueden acabar en cientos de sitios en Internet.

Para un cliente corporativo, el problema de almacenar secretos de negocio en la nube es mucho más serio, sobre todo si se trata de un negocio del sector tecnológico (posible competidor del proveedor de nube) o que compite con alguna empresa estadounidense, como le sucedió a Petrobras.

Un proveedor de almacenamiento remoto no necesita tener acceso al contenido de tus archivos para poder almacenarlos.

Resulta obvio para casi todo el mundo que esta desventaja es una consecuencia inevitable de subir un archivo a Internet, pero no tiene por qué ser así. Desde hace décadas que existe tecnología para encriptar un archivo antes de subirlo, y decriptarlo después de bajarlo. En otras palabras, para que, sin necesidad de que tú tengas que hace nada ni siquiera preocuparte de lo que está sucediendo, un sistema de almacenamiento pueda funcionar con conocimiento cero.

En algunos casos, el proveedor de almacenamiento ofrece esta característica como una de sus cualidades principales, como es el caso de SpiderOak. En otros casos (e.g. Dropbox), es el mismo usuario el que debe configurar su computador para que utilice cero-conocimiento, como explicamos en un artículo anterior.


When it comes to surveillance, there is everything to play for | James Ball | Comment is free | theguardian.com

When it comes to surveillance, there is everything to play for | James Ball | Comment is free | theguardian.com.

Against a backdrop of hacks and terror attacks, it’s possible that surveillance powers will be further strengthened
Man looking through binoculars
‘Major players are starting to regard privacy as a selling point: Google and others are encrypting ever more of their traffic.’ Photograph: Tom Jenkins

Looking back at 2014 from the perspective of a surveillance reformer is a short and dispiriting task: almost nothing good happened.