Drive towards strong encryption will end

What happens when the wave of encryption rippling through the personal technology world washes up against the realities of the data economy?Most of the recent debate over the spread of encryption has centred on the implications for personal privacy and national security. Less has been said about business: in particular, what a greater use of encryption will mean for the usability of tech products and services, and for the business models that rely on capturing and extracting value from data.

Fuente: Drive towards strong encryption will end


Apple Macs targeted by KeRanger ransomware for first time | Technology | The Guardian

Apple customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks have revealed.Ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data.

Fuente: Apple Macs targeted by KeRanger ransomware for first time | Technology | The Guardian


The hype over metadata is a dangerous myth – FT.com

Communications data — and the government’s powers to collect them — are at the heart of the draft Investigatory Powers Bill introduced by Theresa May, UK home secretary, which is currently under scrutiny. Such metadata are the digital exhaust of our

Fuente: The hype over metadata is a dangerous myth – FT.com


El iPhone 6 se blinda ante el espionaje | Internacional | EL PAÍS

El iPhone 6 se blinda ante el espionaje | Internacional | EL PAÍS.


Apple no facilitará las claves de sus clientes a la agencia de espionaje de EE UU

El bloqueo del nuevo teléfono inquieta a los servicios de seguridad

Un grupo de personas espera para poder comprar el iPhone6, en Berlín. / HANNIBAL HANSCHKE (REUTERS)

Enviar a LinkedIn39
Enviar a TuentiEnviar a Eskup

EnviarImprimirGuardar

El flamante iPhone 6, recién lanzado al mercado, es el primer teléfono inteligente a prueba de espías. Un algoritmo en su sistema operativo hace que solo el usuario tenga acceso a los contenidos protegidos, con lo que Apple no podría entregar información ni siquiera por orden judicial.

“Si no eres el cliente, eres el producto”, una máxima de Jan Koum, fundador de la aplicación de mensajería móvil WhatsApp, para defender la privacidad de los usuarios vuelve a estar de actualidad. Apple se ha sumado a este principio con iOS 8, el sistema operativo que viene por defecto en los nuevos modelos de iPhone, 6 y 6 Plus.

Tim Cook, consejero delegado de Apple, rompe así el axioma general de Internet. Lo ha explicado en una carta incluida en los cambios de su política de privacidad: “A diferencia de nuestros competidores, Apple no va a pasar por encima de tu contraseña y, en consecuencia, no puede acceder a esos datos. Técnicamente, ya no podremos asumir las peticiones del Gobierno para capturar datos de aparatos que estén en posesión, siempre que tengan instalado iOS8”. No habrá posibilidad, por tanto, de que Apple colabore con la Agencia Nacional de Seguridad (NSA) en caso de que se lo requiera.

En los aparatos de Apple habrá una única manera de descifrar los contenidos protegidos: la clave que da acceso a su identidad de usuario. Hasta ahora, solo el correo @me.com, la cuenta que ofrece a los clientes, seguía esta dinámica. Con el iOS 8 esta función se hace extensiva a mensajes (aplicación que une tanto SMS, WhatsApp…, pero solo entre dispositivos de Apple), calendarios, contactos y fotos.

El nuevo sistema pone la responsabilidad final en cada cliente individual. Antes de la actualización, Apple podía descifrar claves, contraseñas y códigos de bloqueo bajo petición judicial. Ahora ya no podrá hacerlo y derivará las peticiones a los dueños de los móviles.


BitTorrent Sync, una alternativa segura a Dropbox

BitTorrent Sync, una alternativa segura a Dropbox.


El uso de datos en la nube se ha incrementado con el uso de dispositivos móviles y la conexión permanente. Unos datos que circulan sin nuestro control efectivo.

El control por parte de empresas privadas de ese alojamiento y las noticias a propósito de su seguridad y privacidad siempre ha despertado suspicacias sobre su uso.

  La Compañía BitTorrent ofrece una forma nueva de usar el protocolo que le da nombre para crear nuestro propio almacén de datos.

BitTorrent Sync

BitTorrent Sync

Después de un periodo de prueba cerrada, la aplicaciónBitTorrent Sync acaba de liberada al público. Con ella, se nos ofrece un  control completo de los datos que queramos mantener sincronizados y compartidos entre los dispositivos y usuarios que elijamos.
Una de las tendencias actuales mas extendidas es el uso de datos de forma remota. La mayor parte de usuarios de múltiples dispositivos estamos de una manera u otra inmersos en ella. Así disponer de un repositorio propio al que poder acceder desde cualquier aparato y lugar es casi una pauta habitual entre los usuarios más intensivos.
A todos nos han asaltado dudas en torno a donde están alojados realmente nuestros archivos cuando los subimos a los diferentes servicios que nos ofrecen almacenamiento en la nube. La virtualización de servicios es otra de las tendencias que acompaña a este uso externo de nuestros datos. Plataformas como  Dropbox, Google Drive, SkyDrive o iCloud son las formas más extendidas por el momento en el empleo de datos compartidos. Sin embargo, todos estos casos  están bajo el control de unas compañías que no garantizan ni la integridad de esos datos ni el eventual uso que podrían hacer de estos al amparo de  nuevas legislaciones que se abren camino a costa de nuestra privacidad.  Quizás en este sentido una opción surgida al calor de un protocolo bien conocido como BitTorrent pueda abrirse paso.
Buscar alternativas que nos ofrezcan control completo y una privacidad garantizada, es una prioridad si queremos que la tecnología no  avance a costa de nuestra privacidad. Hasta ahora, la complejidad y la falta de suficiente popularidad han hecho que algunas alternativas de código abierto surgidas con esta premisa no consiguieran alcanzar la popularidad de las opciones propietarias. La Compañía  BitTorrent parece haber encontrado la forma de ofrecer una alternativa a esa nube propietaria.

Privacy boom brings digital paranoia into the open – FT.com

Privacy boom brings digital paranoia into the open – FT.com.

High quality global journalism requires investment. Please share this article with others using the link below, do not cut & paste the article. See our Ts&Cs and Copyright Policy for more detail. Email ftsales.support@ft.com to buy additional rights. http://www.ft.com/cms/s/0/f970d000-0291-11e4-a68d-00144feab7de.html#ixzz36Vcdb6PE

The growing interest in secrecy should serve as a wake-up call
Cyber crime security ID©Dreamstime

There seems to be a booming market in paranoia. The Blackphone, which went on sale in the US this week, is purpose-built for the post-Snowden era: it encrypts all of a user’s data and comes preloaded with apps designed with secrecy in mind to block “information leakage”.

Then there is Wickr, a messaging system that boasts far more robust encryption than that available on other widely used services. It raised a hefty $30m in venture capital last week.

In a telling sign of the times, the Wickr investment was led by Jim Breyer, a Silicon Valley venture capitalist best known for making a killing on Facebook. The culture of secrecy-minded companies such as Wickr is far removed from the heightened transparency that fuels Facebook’s social network.

This is still a decidedly niche market. The vast audiences of companies such as Google and Facebook have not turned away because governments have sought to penetrate their systems or because of their periodic privacy gaffes.

For most internet users, the immediate gratification of using a search engine or social network – and the advantages of bringing their “real world” identities online – far outweighs any abstract concern about notional privacy trade-offs.

But the growing interest in secrecy should come as a wake-up call. The Snowden leaks have served as a reminder of the information-gathering practices of the internet companies. “Big data” has become an industry branding nightmare, conjuring images of vast pools of private information waiting to be tapped by spies or sold to the highest bidder.

Internet companies are only just beginning to combat this conflation of illicit surveillance and commercial data gathering.

The first response has been to try to show that they are serious about taking their users’ side against overreaching governments. That has meant greater use of encryption in their networks and a more robust rejection of official requests that stop short of legally binding orders.

But it is hard to mount a convincing argument that users’ interests always come first when one of the longest-running privacy debates – about the use of cookies to track users and send targeted advertising – remains unresolved. In the US, the failure of the online advertising industry to come up with an effective “do not track” system has been an enduring reminder of the contradiction that lies at the heart of advertising-driven services.

Mobile apps have become another sore point. They usually involve a take it or leave it choice: most require users to consent to them accessing a wide array of personal information while giving little idea about how it will be used.

Trusting the companies that hold data will require a leap of faith. That explains why Apple made much of privacy at its recent developers’ conference when it revealed the digital platforms it was building for the internet of things

The Blackphone’s default settings block apps that seek to tap into things such as a user’s location and contact lists. But given the data promiscuity of the average smartphone app, anyone opting for these settings would be barred from many of the most widely used smartphone services.

The internet of things – the coming mass of smartwatches, intelligent home thermostats and other connected gadgets – is about to present a new test.

Much of the information collected by these devices will have even greater personal sensitivity. In some cases it will involve health data, gathered from fitness trackers or from sensors around the body. In others, it will include intimate details of what is happening inside users’ homes, collected through things such as security cameras and other smart monitors.

Trusting the companies that hold this data will require a leap of faith. That explains why Apple made much of privacy at its recent developers’ conference when it revealed the digital platforms it was building for the internet of things.

Its HealthKit and HomeKit are intended to become two of the data hubs of the connected physical world. They will draw information from many devices to assemble a comprehensive, deeply personal picture of their users’ lives.

It also explains why chief executive Tim Cook broke with his normal tempered delivery to pour scorn on Google’s Android mobile operating system, quoting an article describing it as a “toxic hellstew of vulnerabilities”. Apple, with its reputation for managing a controlled, “closed” system, may start in a stronger position in this new world than Google, with its preference for more open platforms.

For now, convenience still trumps paranoia when it comes to the use of everyday digital services. But without a concerted effort to address the proliferating privacy issues, that won’t be something that can always be taken for granted.

Richard Waters is the Financial Times’ West Coast Editor

 


Twitter adds more security to thwart predators – and government agencies | Technology | The Observer

Twitter adds more security to thwart predators – and government agencies | Technology | The Observer.

Company joins Google and Facebook in using ‘perfect forward secrecy’ to protect data of its 218 million users
Lady Gaga

Lady Gaga has the third most followed Twitter account Photograph: Henry Lamb/Photowire/BEI/REX

Twitter has announced a significant increase in its data security as it moves to protect users from attacks by the “apex predators” of theinternet.

An internal team of security engineers has spent several months implementing “perfect forward secrecy”, which adds an extra layer of security to the widely used https encryption deployed by banks online, by retailers and, increasingly, consumer web services.

Google, Facebook, Dropbox and Tumblr have all implemented forward secrecy already, and LinkedIn is understood to be introducing it in 2014.

Users may not immediately notice any difference, other than a barely perceptible time lag as they use the service across desktop, mobile and through third-party services, but for Twitter the move asserts its credentials as a company fiercely protective of its users’ data.

That data includes not only messages that users choose to publish publicly, but also direct, private messages, protected tweets and data on what users say, who they comment on and who else they read. Collectively, large datasets, such as those of Twitter’s 218 million users, can be analysed to identify connections between people, locations and interests.

Announcing the new implementation, which has been running as a trial since 21 October, a detailed post on Twitter’s engineering blog encouraged other sites to “defend and protect the users’ voice” by implementing https and forward secrecy.