Story image

Why the Government needs to leave Apple and Google encryption alone

22 Feb 16

 

The cat is already out of the bag with all of the advancements in encryption software. Even if Apple or Google were to make it possible for the government to unlock an iPhone or Android phone and read their encrypted communications, there are other encryption applications terrorists and criminals could use on most smartphones that Apple and Google could not help the government crack.

These would be independent encryption programs that are not dependent on a smartphone’s operating system. So in effect these represent encryption engines that live inside an application.

I think Open Whisper is one such encryption program. Snowden recommends using it.

Of course, these ‘operating system-independent encryption engines’ are expensive to build, and a clever hacker could likely find an exploit that enables him or her to ‘crack’ it, so this type of software would cost a lot of money to develop, maintain and keep secure. Nothing is perfect.

But it doesn’t make any sense to put so much pressure on Apple or Google when in the end, they don’t control all the keys to the kingdom, even for apps on their smartphones.

Article by Avivah Litan, Gartner analyst

ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Kiwis concerned about being scammed – survey
This unease is warranted given the growing sophistication of scammers and their activities, and numbers of attempted fraud.
It's time to rethink your back-up and recovery strategy
"It is becoming apparent that legacy approaches to backup and recovery may no longer be sufficient for most organisations."
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Interview: Aruba’s NZ country manager talks channel strategy
“What we're taking to market is that message around simplification and having everything in one place.”
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.