As revelations about the depth and breadth of the NSA's digital eavesdropping program continue to come to light, Ohio-based Battelle Memorial Institute is rolling out a new kind of network encryption designed to be virtually un-hackable -- not only now, but in the future. The non-profit research and development contractor has installed the first quantum key distribution (QKD) protected network in the U.S. linking its headquarters in Columbus to those in its manufacturing facilities in Dublin, Ohio, some 20 miles away.
NSA Spying Revelations Boost Strong Crypto
Of course, there is no such thing as unbreakable encryption, but what do you expect from the corporate media? From Fortune:
Brazil Planning Encrypted Email Service
Following on the hells of German, from BBC:
Brazil has confirmed plans to create a secure email service, following revelations of cyber-surveillance techniques used by the US and UK.President Dilma Rousseff posted a series of tweets over the weekend, saying the move was required to "prevent possible espionage". She added the country's Federal Data Processing Service (Serpro) would be charged with developing the system.
One expert said the tech involved was well established but had limitations.
"There's a good precedent for this with the German provider Gmx.de," said Prof Ross Anderson, head of the security research group at the University of Cambridge's computer laboratory.
"They just need to tell a company to keep the servers in Brazil, encrypt all the traffic inside or outside the country, and only give access to Brazilian police and intelligence services.
"Bang, finished, it's trivial. It's a well understood and well solved problem."
He said that the Brazilian system could be designed to interact with Gmx and equivalent encrypted services, in which case the NSA (US National Security Agency) and GCHQ (UK Government Communications Headquarters) would effectively be shut out unless the countries where the relevant servers were based decided to co-operate.
Germany Plans National Communications Network Hub
From The Local:
Telekom now wants to go a step further by using domestic only connections to protect the private data of German users in the wake of the NSA spying scandal. Whistleblower Edward Snowden revealed a massive electronic surveillance programme by the US and British security agencies.
Email data is currently exchanged between users worldwide via international network hubs, where the data is processed and then sent on to its destination.
But this system has come into disrepute since information leaked by Snowden showed the US and UK governments had used the hubs to spy on millions of private emails.
Deutsche Telekom's plan would change the system so that emails between German users are no longer transferred via the international hubs, but stay in networks within German borders.
Chrome Cache Security Vulnerability
Make sure to dump that cache. From USA Today:
A major security flaw in Google's popular Chrome browser was exposed on Thursday by data management firm Identity Finder. The flaw comes into play anytime you type personal information into webforms at trusted websites or directly into the Chrome browser address bar.
Researchers found that Chrome's caching mechanism routinely stores names, e-mail addresses, street addresses, phone numbers, bank account numbers, social security numbers and credit card numbers directly onto your hard drive in plain text -- without your knowledge or consent. The function of a browser cache is to store files from websites, mainly to speed display of web pages on your next visit. It's trivial for anyone with physical access to your computer to view and copy all of this sensitive personal data.
ICANN Concerned Massive Government Surveillance Erodes Trust and Confidence in Internet
A statement issued by ICANN:
The leaders of organizations responsible for coordination of the Internet technical infrastructure globally have met in Montevideo, Uruguay, to consider current issues affecting the future of the Internet.
The Internet and World Wide Web have brought major benefits in social and economic development worldwide. Both have been built and governed in the public interest through unique mechanisms for global multistakeholder Internet cooperation, which have been intrinsic to their success. The leaders discussed the clear need to continually strengthen and evolve these mechanisms, in truly substantial ways, to be able to address emerging issues faced by stakeholders in the Internet.
In this sense:
They reinforced the importance of globally coherent Internet operations, and warned against Internet fragmentation at a national level. They expressed strong concern over the undermining of the trust and confidence of Internet users globally due to recent revelations of pervasive monitoring and surveillance.
They identified the need for ongoing effort to address Internet Governance challenges, and agreed to catalyze community-wide efforts towards the evolution of global multistakeholder Internet cooperation.
They called for accelerating the globalization of ICANN and IANA functions, towards an environment in which all stakeholders, including all governments, participate on an equal footing.
They also called for the transition to IPv6 to remain a top priority globally. In particular Internet content providers must serve content with both IPv4 and IPv6 services, in order to be fully reachable on the global Internet.
You Are Being Fingerprinted and Tracked
From Kuleuven:
A new study by KU Leuven-iMinds researchers has uncovered that 145 of the Internet’s 10,000 top websites track users without their knowledge or consent. The websites use hidden scripts to extract a device fingerprint from users’ browsers. Device fingerprinting circumvents legal restrictions imposed on the use of cookies and ignores the Do Not Track HTTP header. The findings suggest that secret tracking is more widespread than previously thought.
UK Launches Attack Against Torrent Sites
From Torrent Freak:
The newly founded Intellectual Property Crime Unit of the City of London Police has scored its first victories. Several domain names of major torrent sites have been suspended by their registrars following an urgent request from the unit. SumoTorrent and MisterTorrent lost control over their domains and ExtraTorrent had its .com domain suspended. Not all registrars are caving in that easily though, as easyDNS is refusing to comply and sees the requests as abuse of power.In the City of London, by the way, corporations are allowed to vote.
Subscribe to:
Posts (Atom)