ITsecurity
twitter facebook rss

Apple stands to defend customer’s Privacy

Posted by Tara Taubman-Bassirian on February 18, 2016

Apple is defending the customer’s right to Privacy against the FBI’s Security arguments. On Tuesday, a judge in California ordered Apple to help the FBI break into the phone of San Bernardino shooter Syed Farook. The FBI claims, based on the All Writs Judiciary Act of 1789,  to have the right to force Apple to write a software […]

Encryption and privacy: indissoluble partners

Posted by Kevin on January 7, 2016

Earlier this week the Dutch government announced that it would not be seeking to curtail or backdoor encryption. This has been seen as a big win for privacy. In reality, as Matthijs R. Koot notes in his English translation, this is not a permanent rejection but a disinclination to do anything ‘at this time‘. Nevertheless, […]

Microsoft’s encryption: a surveillance sleight of hand

Posted by Kevin on December 30, 2015

A leopard does not change its spots. The Microsoft that sells Windows 10 devices today is the same Microsoft that failed to adequately explain the existence of the NSAKEY in its code, discovered by Andrew Fernandes in 1999. The only thing that has changed in the intervening years is that politicians and politicians’ servants have […]

CISO view: encryption backdoors

Posted by Kevin on October 5, 2015

A group of Chief Information Security Officers within Wisegate was asked for its views on encryption backdoors specifically for law enforcement. The response was an overwhelming rejection. no encryption should ever have a backdoor for anyone “today’s backdoor is tomorrow’s compromise” “if data is required, information can be subpoenaed or NSLs can be issued” Snowden’s […]

Passwords, PINs, Needles and Haystacks

Posted by David Harley on July 13, 2015

David Harley photo

An interesting conference on passwords, but why so sloppy about deadline date formatting?

Encryption and Politics

Posted by David Harley on July 1, 2015

David Harley photo

Where encryption is weakened by law, it’s unlikely that criminals or terrorists will stop benefiting from strong encryption in order to obey the law.

iStorage FIPS 140-2 Encrypted Storage Devices

Posted by Alexander Hanff on May 28, 2015

My first Privacy News Video is a review of i-Storage’s FIPS 140-2 Certified Hardware Encrypted Storage Devices. Given the current climate and security concerns since the Snowden revelations began it is impossible to guarantee any main stream encryption is secure and there is a great deal of work ongoing to review existing specifications after it […]

Encryption in the Cloud

Posted by Kevin on April 4, 2015

The pressure to allow staff to use cloud storage is enormous. Not only are there strong economic arguments and business benefits, they’re going to do it anyway. So just saying No is not really an option — it’s better to have visibility into what is being used than to attempt to prevent it. But here’s […]

The long slow slide into tyranny

Posted by Kevin on January 21, 2015

21 Jan, 2014 Just yesterday F-Secure published a blog titled Why David Cameron’s Communication Promise is Foolish. Cameron, you will recall, has latched on to the Charlie Hebdo terrorist outrage in order to promote what he and the UK intelligence agencies want for the UK: access not just to everyone’s metadata but also to their […]

It’s time to ditch compliance because most companies simply ignore it

Posted by Kevin on December 11, 2014

Many security experts worry that compliance is driving security rather than the other way round. Being compliant doesn’t mean being secure. But faced with the choice between the minimum to be compliant rather than the minimum to be secure, companies tend to choose the former. That, at least, is current received opinion. And it just […]