Friday, October 17, 2014

It is for your safety

“It is for your own good”, “It is the least bad option we must go through to ensure effective fight against terrorism", " We should not fear it, because we have nothing to hide." Some of these phrases may sound familiar to you. They are arguments employed by governments (in behalf of intelligence agencies) calling for calm over control of personal information in digital media. And there is no doubt that its prime aim is exactly the same as the one pursued by citizens. Nevertheless successful campaigns should find the balance between privacy and absolute centralization of information.

The FBI is making headlines again due to the words of its director, James B. Corney, who has launched a statement to responded accusations made by Edward Snowden earlier this week. “Those charged with protecting our people aren’t always able to access the evidence we need to prosecute crime and prevent terrorism even with lawful authority,” Comey said translating the Agency’s concern regarding tech companies’ movements towards the privacy of its users.

Intelligence agencies are constantly in the spotlight of criticism, which leads them to take their own and external measures to ensure proper use of the information they handle. The Inspector General of Australian Intelligence and Security (IGIS) annual report was tabled in the Australian parliament on yesterday. It claims that the Australian Security Intelligence Organisation (Asio) spies on their own employees, not only to prevent counter-espionage, but to have a larger action perimeter in case of a security breach, as it happened before in rare situations, presumably by human and technical failures.

Although the law gradually favor citizens, it has not always been so, as recalled by Wired in relation to Microsoft and Non-IP case. Conficker worm’s emerge in 2008 jeopardized the business of the Redmond company. When Microsoft found out that many attacks came from Non-IP users, it demanded the judge access and control to Dan Durrer (CEO of No-IP) service, which basically generate static DNS on dynamic IP connections (eg to install a server running on ADLS at home). The judge ruled in favor of Microsoft, without giving any notice the company affected, which saw how its service had fallen overnight and how its users’ data was on other’s hands.

Government, corporate, and financial espionage. The old guard never gets old. One day we are telling you about a new vulnerability as POODLE, and the next day we talk about the exploitation of vulnerabilities as old as the one that struck Adobe Reader and Acrobat long ago, which is known by the technical name CVE-2013-2729. It returns to the field brought by Dyreza, a suite of bank theft tools now focused on bitcoins. It spreads, as usual, by email on a .PDF attachment.

We understand that all our readers know that public WiFi networks are very dangerous, but it never hurts to remind you what boots an attacker can obtain in just fifteen minutes. For instance, data about the woman who is sat in front him, such as where she was born, what she studied, that she usually do Yoga, that she or her husband snore at night, that she recently visited Thailand and Laos, and that possibly relationship is not at its best moment. This applied to any public WiFi, just while you use your device.

To put an end to this article we bring you the chronicle written by ThinkBig about the Security Innovation Day, the Telefonica’s security conference held yesterday in Madrid. They talk about the $ 10,000 prize for the best implementation of Latch service, a program launched by Eleven Paths; about digital certification of documents with SmartAccess; or about a tool for automatic detection of fraudulent applications on Google's market used by the Guardia Civil everyday.

These are the news and stories of the technology sector towards and against the privacy: The need of securing communications, of preventing bad boys entering in your house, and all what that implies for agencies whose mission is to hunt them.


Post a Comment