Saturday, April 25, 2015

To protect... and to spy

We all remember the major European powers raising the tone when news about NSA spying began to circulate, right? The question is: was it an affected, feigned pose, just a gesture to the gallery? We got up on Saturday with a story close to the unpleasantness, because it is the bitter side of this question.

According to Der Spiegel, the German Federal Intelligence Service (BND), have been helping US National Security Agency (NSA) to spy on businesses and political office since 2008, and even before. There are no petty names. Here we have the aerospace firm EADS, manufacturer of Airbus, or Eurocopter from this same industry. Some initial revelations (2013) from Snowden noticed this aid between agencies, and that provoked the reaction from the German authorities. Today we know that such assistance espionage operations were much greater than that once was said.

What is in everyone's mind in North America and Europe is if we should (or not) accept espionage in exchange for security. Because while some headlines make us to cover the face with the hands, others news speak very clearly who is ahead. US Secretary of Defense Ash Carter, recently presented at the University of Stanford's new cybersecurity strategy, which includes three missions and five primary objectives. One of these is to build and maintain robust international alliances and partnerships to deter shared threats and increase international security and stability.

On the other side what we hopefully have is a powerful control and infection system. Because the other side is called China, and its 1,350 million population, given the choice between freedom and security, they have neither the one nor the other. Google has reported its research on DDoS attack against open source repository GitHub (https://plus.google.com/+CigtrInfo/posts/PbEwsQpvjPG). The documented report show that actions of hacking groups supposedly supported or organized by Chinese government, take things very seriously and with a lot of preparation. And, of course, Google signs with its own message: if all web traffic was encrypted with TLS protocols, such attacks would not be possible.

And from Google 1 to Google 2, we end this review of infosec currents with the lead engineer for Android security, Adrian Ludwig, at the RSA Conference: "It's tremendously valuable that all these security companies are doing this research, but for the end user the potential increase in value from a security standpoint is very small relative to the costs of space and storage and battery". You could say higher but not clearer: Google ensures the security of your Android. Indeed, each terminal is remotely monitored at least once per week.

Are 'they' spying on you. Maybe yes. Maybe not. Privacy is dead, so deal with it. In exchange for...?

0 comments:

Post a Comment