Tag Archive for: Encryption
Apple plans new encryption system to ward off hackers and protect iCloud data
Constellation Research founder R ‘Ray’ Wang discusses Apple’s privacy push and Big Tech’s stock performances amid crises abroad.
Apple Inc. is planning to significantly expand its data-encryption practices, a step that is likely to create tensions with law enforcement and governments around the world as the company continues to build new privacy protections for millions of iPhone users.
The expanded end-to-end encryption system, an optional feature called Advanced Data Protection, would keep most of the iCloud’s data secure, even in the event that Apple is hacked. It would also prevent Apple from being able to provide data from iCloud phone backups in response to law-enforcement requests.
While Apple has drawn attention in the past for being unable to help agencies such as the Federal Bureau of Investigation access data on its encrypted iPhones, it has been able to provide much of the data stored in iCloud backups upon a valid legal request. Last year, it responded to thousands of such requests in the U.S., according to the company.
People wearing face masks walk their dogs past an Apple store on a shopping street, after the lockdown placed to curb the coronavirus disease (COVID-19) outbreak was lifted in Shanghai, China June 1, 2022. REUTERS/Aly Song (REUTERS/Aly Song / Reuters Photos)
With these new security enhancements, Apple would no longer have the technical ability to comply with certain law-enforcement requests such as for iCloud backups—which could include iMessage chat logs and attachments and have been used in many investigations.
APPLE SUED BY WOMEN WHO CLAIM AIRTAG DEVICES LET STALKERS TRACK VICTIMS
The company said the security enhancements, which were announced Wednesday, are designed to protect Apple customers from the most sophisticated attackers.
| Ticker | Security | Last | Change | Change % |
|---|---|---|---|---|
| AAPL | APPLE INC. | 142.65 | +1.71 | +1.21% |
“As customers have put more and more of their personal information of their lives into their devices, these have become more and more the subject of attacks by advanced actors,” said Craig Federighi, Apple’s senior vice president of software engineering, in an interview. Some of these actors are going to great lengths to get their hands…
Data and encryption strategies in a post-quantum world: Harvest now, decrypt later
Paul German, CEO, Certes Networks, explains the risk associated with bulk encryption strategies and the importance of crypto-segmentation in reducing criminal exposure to data in a post-quantum world
It is now inevitable that the encryption algorithms used to secure vital data across the world – from defence and banking to infrastructure and air travel – will be breached. With the escalation in computing power enabled by quantum technology, the question is not if, but when potentially devastating breaches will occur.
With ‘harvest now, decrypt later’ hacking strategies currently in progress, criminals are banking on the power of quantum computing to allow them to unlock huge data resources. The onus is on companies not just to consider the future quantum threat but to determine how best to protect current resources today.
Here, I explain the risk associated with bulk encryption strategies and the importance of crypto-segmentation in reducing criminal exposure to data in a post-quantum world.
A quantum leap
Quantum computing is edging ever closer to reality, with venture capitalists investing almost $1.02 billion in quantum computing start-up companies in 2021 alone. While there is huge excitement around the step change in AI performance, there are issues such as the quantum computing power which could be unleashed– to which the security implications are potentially devastating.
Globally, security experts expect quantum computers to herald the breach of the asymmetric cryptography used to secure everything – from defence to infrastructure. While classical compute power would take billions of years to execute Shor’s Algorithm, which is proven to break the encryption strategies currently in place, the arrival of a quantum computer of sufficient size and complexity totally changes the game.
For companies reviewing security strategies, this post-quantum security threat is not in the future; it is not about considering how to respond when quantum computing becomes available. Criminal organisations globally are embarking upon mass data harvesting and breach schemes today on the basis that even though the information cannot be immediately decrypted, at some point in…
The Commission’s gross violation of privacy — endangering encryption – POLITICO
Press play to listen to this article
Markéta Gregorová is a member of the European Parliament from the European Pirate Party.
Strong end-to-end encryption is an essential part of a secure and trustworthy Internet. It protects us every time we make an online transaction, when we share medical information or when we interact with friends and family.
Strong encryption also protects children — it allows them to communicate with trusted friends and family members in confidence, and allows others to report online abuse and harassment confidentially. It keeps our personal data personal, and our private conversations private.
But now that fundamental technology is being threatened by the European Commission.
The European Union’s new regulation intending to fight child sexual abuse online will require Internet platforms — including end-to-end encrypted messaging apps like Signal and WhatsApp — to “detect, report and remove” images of child sexual abuse shared on their platforms. In order to do this, however, platforms would have to automatically scan every single message — a process known as “client-side scanning.”
But not only is this a gross violation of privacy, there’s no evidence that the technology exists to do this effectively and safely, without undermining the security provided by end-to-end encryption. And while the proposed regulation is well-intentioned, it will result in weakening encryption and making the Internet less secure.
Only two months ago, the New York Times reported that Google had flagged medical images that a man in San Francisco had taken of his son’s groin as child sexual abuse material. He had sent the images to his doctor seeking medical advice for his child, only to have his account shut down and become the subject of a police investigation.
The current regulations would create such mandatory measures for platforms, enforcing them with significant fines of up to 6 percent of an offender’s global turnover — meaning tech companies would be forced to be overzealous for fear of falling foul of the rules. This greatly increases the possibility of such false-positives…