Wednesday, April 6, 2016

Whatsapp encrypts messages and phonecalls by default

Many readers have started the day with a Whatsapp notification: "Messages you send to this chat and calls are now secured with end-to-end encryption". We'll also talk about two technological monsters, the CERN and Google, because they tell us how do they protect themselves and we´ll meet the Bug Bounties expert, Katie Moussouris.



WhatsApp, with more than one thousand million users, has become in the end-to-end encryption tool most used in the planet. WhatsApp had promised this upgrade two years ago, when it was ordered to the popular hacker Moxie, Signal protocol creator, the same protocol used by the Signal voice and messenger app, the Edward Snowden's preferred option. But, caution: the content will be encrypted, but not whom we write or call to.

Google mistrust

What attract our attention today are two big companies of the technological revolution, Google and the European Organization's for Nuclear Research (CERN), they explain how they defend themselves from cyberattacks. Google has published a document, "BeyondCorp", where they show their security model of the last five years. What really attracts our attention is the mistrust in all networks, with the same threat to internal than to external networks.

Everybody against CERN

From there to Swiss CERN, the challenge is maintaining the security in a free academic environment, with 40.000 professors and experts connecting and disconnecting their own devices or accessing remotely, 13.000 servers to maintain and 100.000 hard disks. All this with constant attacks, with different intensities, stolen passwords via phishing, infected computers, etc. "In terms of who is attacking us: everybody", they say.

Bug Bounties's Lady

We finish with an in depth-interview to the person behind the introduction of the bounty programs in exchange of Microsoft and Pentagon failures (Bug Bounty). She is Katie Moussouris, from the HackerOne company and now working as independent consultant helping to companies and organizations interested in launching this kind of programs.


0 comments:

Post a Comment