Gobiernos en guerra contra WhatsApp por su cifrado de extremo a extremo – El Mostrador

Tras el ataque al Parlamento Británico ocurrido la semana pasada, los políticos británicos han exigido que Whatsapp y otras aplicaciones de mensajería instantánea proporcionen acceso a la policía y fuerzas de seguridad para así poder monitorear conversaciones terroristas. Sin embargo, los expertos en tecnología discuten que abrir las “puertas traseras” de los servicios de mensajería popular, las cuales usan cifrado de extremo a extremo, arrojaría una serie de problemas.

Fuente: Gobiernos en guerra contra WhatsApp por su cifrado de extremo a extremo – El Mostrador


Court refuses request to force alleged hacker to divulge passwords | Technology | The Guardian

An alleged hacker fighting extradition to the US will not have to give the passwords for his encrypted computers to British law enforcement officers, following a landmark legal ruling.

Fuente: Court refuses request to force alleged hacker to divulge passwords | Technology | The Guardian


Apple's Tim Cook defends encryption. When will other tech CEOs do so? | Trevor Timm | Opinion | The Guardian

More high-profile titans need to use their platforms to make crystal clear how important encryption is to users everywhere

Fuente: Apple’s Tim Cook defends encryption. When will other tech CEOs do so? | Trevor Timm | Opinion | The Guardian


Apple believes bill creates ‘key under doormat for bad guys’ – FT.com

Shortly after Theresa May introduced the draft Investigatory Powers bill in November to update the UK’s surveillance laws for the internet age, the home secretary met privately with Tim Cook, Apple’s chief executive. He laid out a number of

Fuente: Apple believes bill creates ‘key under doormat for bad guys’ – FT.com


The hype over metadata is a dangerous myth – FT.com

Communications data — and the government’s powers to collect them — are at the heart of the draft Investigatory Powers Bill introduced by Theresa May, UK home secretary, which is currently under scrutiny. Such metadata are the digital exhaust of our

Fuente: The hype over metadata is a dangerous myth – FT.com


David Cameron seeks cooperation of US president over encryption crackdown | UK news | The Guardian

David Cameron seeks cooperation of US president over encryption crackdown | UK news | The Guardian.

PM to ask Barack Obama to put pressure on US internet companies to work more closely with UK intelligence agencies

 

 

David Cameron talking on the telephone to US president, Barack Obama
David Cameron talking on the telephone to US president, Barack Obama, from No 10 Downing Street, London. Photograph: Sergeant Dave Rose/PA

 

David Cameron is to urge Barack Obama to pressure internet firms such as Twitter and Facebook to do more to cooperate with Britain’s intelligence agencies as they seek to track the online activities of Islamist extremists.

 

As he becomes the first European leader to meet the president after the multiple shootings in Paris last week, the prime minister will seek to win Obama’s support for his plans to secure a new legal framework to deny terrorists a “safe space”.

 

The prime minister arrives after he proposed earlier this week that British intelligence agencies have the power to break the encrypted communications of suspected terrorists and insisting that the likes of Twitter and Facebook do more to cooperate with Britain’s GCHQ eavesdropping centre.


Operation Socialist: How GCHQ Spies Hacked Belgium’s Largest Telco

Operation Socialist: How GCHQ Spies Hacked Belgium’s Largest Telco.

BY RYAN GALLAGHER 

When the incoming emails stopped arriving, it seemed innocuous at first. But it would eventually become clear that this was no routine technical problem. Inside a row of gray office buildings in Brussels, a major hacking attack was in progress. And the perpetrators were British government spies.

It was in the summer of 2012 that the anomalies were initially detected by employees at Belgium’s largest telecommunications provider, Belgacom. But it wasn’t until a year later, in June 2013, that the company’s security experts were able to figure out what was going on. The computer systems of Belgacom had been infected with a highly sophisticated malware, and it was disguising itself as legitimate Microsoft software while quietly stealing data.

Last year, documents from National Security Agency whistleblower Edward Snowden confirmed that British surveillance agency Government Communications Headquarters was behind the attack, codenamed Operation Socialist. And in November, The Intercept revealed that the malware found on Belgacom’s systems was one of the most advanced spy tools ever identified by security researchers, who named it “Regin.”

The full story about GCHQ’s infiltration of Belgacom, however, has never been told. Key details about the attack have remained shrouded in mystery—and the scope of the attack unclear.

Now, in partnership with Dutch and Belgian newspapers NRC Handelsbladand De StandaardThe Intercept has pieced together the first full reconstruction of events that took place before, during, and after the secret GCHQ hacking operation.

Based on new documents from the Snowden archive and interviews with sources familiar with the malware investigation at Belgacom’s networks,The Intercept and its partners have established that the attack on Belgacom was more aggressive and far-reaching than previously thought. It occurred in stages between 2010 and 2011, each time penetrating deeper into Belgacom’s systems, eventually compromising the very core of the company’s networks.


Cryptolocker: what you need to know | Technology | theguardian.com

Cryptolocker: what you need to know | Technology | theguardian.com.

What happens when a computer is infected with the malicious software, and what should you do to protect your files?

 

 

Viruses such as Cryptolocker can be attacked by taking down the servers that control them.
Viruses such as Cryptolocker can be attacked by taking down the servers that control them. Photograph: imagebroker/Alamy

 

Cryptolocker is back in the headlines, thanks to a coordinated effort to take down the computers and criminals that run the notorious “ransomware”. But what is it? And how can you fight it?

Cryptolocker is ransomware: malicious software which holds your files to ransom

The software is typically spread through infected attachments to emails, or as a secondary infection on computers which are already affected by viruses which offer a back door for further attacks.

When a computer is infected, it contacts a central server for the information it needs to activate, and then begins encrypting files on the infected computer with that information. Once all the files are encrypted, it posts a message asking for payment to decrypt the files – and threatens to destroy the information if it doesn’t get paid.

The authorities have won users a two-week window of safety

The National Crime Agency (NCA) announced yesterday that the UK public has got a “unique, two-week opportunity to rid and safeguard” themselves from Cryptolocker. The agency didn’t go into more detail, but it seems likely that at least one of the central servers which Cryptolocker speaks to before encrypting files has been taken down.

The NCA has also taken down the control system for a related piece of software, known as GameOver Zeus, which provides criminals with a backdoor into users’ computers. That back door is one of the ways a computer can be infected with Cryptolocker in the first place.

What that means is, until the window is closed – and the virus cycles to new servers – users who are infected with Cryptolocker won’t lose their files to encryption. As a result, these users have the chance to remove the virus before it destroys data, using conventional anti-virus software. In other words, there has never been a better time to update the protection on your computer.

But watch out – while the servers that control Cryptolocker are out of action, it’s possible to be infected with it and not know. If you don’t keep your computer clean, then at the end of the two-week period, you could be in for a nasty surprise.


US and UK spy agencies defeat privacy and security on the internet | World news | The Guardian

US and UK spy agencies defeat privacy and security on the internet | World news | The Guardian.

• NSA and GCHQ unlock encryption used to protect emails, banking and medical records
• $250m-a-year US program works covertly with tech companies to insert weaknesses into products
• Security experts say programs ‘undermine the fabric of the internet’

Computer screen data

Through covert partnerships with tech companies, the spy agencies have inserted secret vulnerabilities into encryption software. Photograph: Kacper Pempel/Reuters

US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.

The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees thatinternet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.

The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – “the use of ubiquitous encryption across the internet”.

Those methods include covert measures to ensure NSA control over setting of international encryption standards, the use of supercomputers to break encryption with “brute force”, and – the most closely guarded secret of all – collaboration with technology companies and internet service providers themselves.

Through these covert partnerships, the agencies have inserted secret vulnerabilities – known as backdoors or trapdoors – into commercial encryption software.