WebProNews

Category: CybersecurityUpdate

CybersecurityUpdate

  • WhatsApp Delays Privacy Changes Amid Backlash

    WhatsApp Delays Privacy Changes Amid Backlash

    Facebook’s WhatsApp has announced it will delay its privacy policy changes, amid one of the biggest waves of backlash the company has faced.

    WhatsApp starting pushing a notification last week, informing users of changes to its privacy policy. Among the changes was data-sharing between WhatsApp and other Facebook owned companies. Users were not given the option to opt out, being given until February 8 to either accept the new terms or stop using the app.

    The reaction was swift and severe. People began closing their WhatsApp accounts and moving to competitors, especially Signal and Telegram. Soon after, Telegram announced it passed 500 million users, while Signal saw a 62-fold increase in downloads over the last week. Meanwhile, WhatsApp downloads experienced a 17% decline during the same period, according to U.S. News & World Report.

    The backlash appears to have gotten WhatApp’s attention, even if it’s not fundamentally changing the company’s plans. In a blog post entitled “Giving More Time For Our Recent Update,” the company says this:

    We’re now moving back the date on which people will be asked to review and accept the terms. No one will have their account suspended or deleted on February 8. We’re also going to do a lot more to clear up the misinformation around how privacy and security works on WhatsApp. We’ll then go to people gradually to review the policy at their own pace before new business options are available on May 15.

    In other words, WhatsApp is essentially saying: ‘We’ve heard you. Trust us, it’s not what you think, and we’re going to give you more time to get accustomed to us doing what we’re going to do regardless of whether you like it or not.”

    The problem with that approach? Trusting what Facebook says about privacy is like trusting the fox to guard the henhouse. The company has used up most people’s trust and goodwill after repeated and blatant privacy violations.

  • Signal Growing So Fast It Experienced Technical Issues

    Signal Growing So Fast It Experienced Technical Issues

    Signal has been adding so many new users that it experienced technical issues today.

    Signal is a messaging app that is widely considered one of the most secure communication platforms in existence. While the app has been popular among privacy-conscious users for some time, it has received a major boost since WhatsApp announced it would start sharing user data with other Facebook-owned companies.

    In fact, according to U.S. News & World Report, “Signal was downloaded by 17.8 million users over the past seven days, a 62-fold rise from the prior week, according to data from Sensor Tower. WhatsApp was downloaded by 10.6 million users during the same period, a 17% decline.”

    That growth hasn’t come without issues, however. For much of the day today, Signal has been experiencing technical difficulties, which the company has said is a reflection of its growth.

    The company later tweeted that it is making progress toward a resolution.

    Signal’s growth is good news for privacy advocates, and signals (pun intended) a bright future for the messaging app.

  • TikTok Improves Privacy Protections For Children

    TikTok Improves Privacy Protections For Children

    TikTok has announced a number of changes aimed at improving privacy protections for children on its platform.

    TikTok has come under widespread criticism for privacy and security violations. Not the least of those has been repeated violations of child privacy. The company’s ongoing security and privacy issues have prompted numerous companies and government agencies to restrict the app from company devices, as well as been a major factor in the US government attempting to ban the app.

    While TikTok’s future remains in question, the company has finally taken definitive steps to protect children using its platform.

    “Starting today, we’re changing the default privacy setting for all registered accounts ages 13-15 to private. With a private TikTok account, only someone who the user approves as a follower can view their videos. We want our younger users to be able to make informed choices about what and with whom they choose to share, which includes whether they want to open their account to public views. By engaging them early in their privacy journey, we can enable them to make more deliberate decisions about their online privacy.”

    The company has included additional changes, such as restricting comments on videos created by younger users, modifying Duet and Stitch settings for these groups, restricting friend suggestions and more. In addition, the company also offers a TikTok for Younger Users, specifically for users in the US under 13 years of age.

    TikTok’s announcement is a welcome improvement. It remains to be seen if it will do anything to help the company’s fight against its ban order.

  • Ring Adds End-to-End Encryption For Video Streams

    Ring Adds End-to-End Encryption For Video Streams

    Ring has announced it is now offering end-to-end encryption to protect videos through the entire process.

    Ring made headlines in late 2019 when a number of users reported their video streams being hacked, and outsiders watching what was happening in people’s homes and even speaking to them. In some cases, the incidents took very disturbing turns, with strangers talking with children or going on racist rants.

    It’s little wonder that Ring is rolling out end-to-end encryption, which the company is calling a technical preview at this point.

    By default, Ring already encrypts videos when they are uploaded to the cloud (in transit) and stored on Ring’s servers (at rest). With End-to-End Encryption, customer videos are further secured with an additional lock, which can only be unlocked by a key that is stored on the customer’s enrolled mobile device, designed so that only the customer can decrypt and view recordings on their enrolled device.

    Privacy, security and user control are foundational to Ring, and video End-to-End Encryption demonstrates Ring’s ongoing commitment to continually delivering enhanced privacy, security, and control to customers.

    Ring’s announcement is a welcome upgrade…even if it is long-overdue.

  • Equifax Acquiring Fraud Prevention Company Kount

    Equifax Acquiring Fraud Prevention Company Kount

    Equifax has announced it is acquiring Kount, one of the leading fraud prevention companies.

    Equifax made headlines in 2017 when it suffered one of the worst cyberattacks in history. The hack was a dark spot on a company whose entire existence revolves around consumer data and credit. To make matters worse, the company’s response was widely panned by critics, demonstrating a continued lack of good security measures. The company’s latest acquisition shows how serious it is about improving its security and offering the best options to its customers.

    Kount provides AI-driven fraud protection, helping businesses engage with customers while establishing online digital trust. Identity trust allows companies to establish a trust level for each and every transaction and account action, allowing businesses to determine the level of risk they are willing to take.

    The company’s portfolio will be an important addition to Equifax’s efforts to keep its customers safe.

    “As digital migration accelerates, managing authentication and online fraud while optimizing the consumer’s experience has become one of our customers’ top challenges. The acquisition of Kount will expand Equifax’s differentiated data assets to bring global businesses the information and solutions they need to establish identity trust online,” said Mark W. Begor, CEO of Equifax. “Equifax is taking advantage of our strong 2020 outperformance and cash generation to make this strategic acquisition. Our data and technology cloud investments allow us to quickly and aggressively integrate new data and analytics assets like Kount into our global capabilities and bring new market leading products and solutions to our customers.”

    “More than 9,000 brands worldwide rely on the Kount Identity Trust Global Network to protect against digital fraud while enabling personalized customer experiences and new e-commerce channels,” said Bradley Wiskirchen, CEO of Kount. “We are excited to be able to offer Kount solutions with an expansive set of Equifax data, analytics and products. Equifax’s global reach will accelerate Kount’s international adoption, allowing us to help more businesses around the world to better protect their digital innovations and their customers against emerging threats while improving the customer experience.”

    The deal is worth $640 million and is expected to close in the first quarter of 2021.

  • Judiciary Returning to Paper In Wake of SolarWinds Attack

    Judiciary Returning to Paper In Wake of SolarWinds Attack

    The US Judiciary is going decidedly low-tech in an effort to protect important information in the wake of the SolarWinds attack.

    The SolarWinds attack was one of the most devastating hacks the US has experienced. Multiple government agencies were compromised, with the federal Judiciary suspected to be among them.

    The attack was so successful because it was a supply chain attack. Rather than attacking individual target organizations, a supply chain attack relies on compromising a legitimate piece of software up the supply chain, installing a trojan and then gaining access to all the organizations that use the software in question. In this example, the compromised software was SolarWinds’ Orion IT monitoring and management software, used by government agencies and corporations alike.

    In the wake of the attack, access to public documents will not be impacted, but the Judiciary is taking no chances with sensitive documents.

    Under the new procedures announced today, highly sensitive court documents (HSDs) filed with federal courts will be accepted for filing in paper form or via a secure electronic device, such as a thumb drive, and stored in a secure stand-alone computer system. These sealed HSDs will not be uploaded to CM/ECF. This new practice will not change current policies regarding public access to court records, since sealed records are confidential and currently are not available to the public.

    These extraordinary measures are the latest indication of the damage and impact the SolarWinds attack has had on public and private institutions.

  • Intel Introduces RealSense ID Facial Recognition

    Intel Introduces RealSense ID Facial Recognition

    Intel has introduced RealSense ID Facial Authentication in an effort to deliver private, secure facial recognition.

    Traditional authentication methods leave much to be desired, especially with rise of ransomware attacks, software supply chain attacks, identity theft and additional threats. Intel’s hope is that RealSense ID will provide a more secure alternative, paving the way to use facial recognition to unlock access controls, smart locks, ATMs, kiosks, POS systems and more.

    Intel touts the ease with which RealSense can be deployed and used.

    With an easy enrollment process and no network setup needed, Intel RealSense ID brings a highly accurate, natural solution that simplifies secure entry. Using only a glance, users are able to quickly unlock what’s important to them. Intel RealSense ID combines active depth with a specialized neural network, a dedicated system-on-chip and embedded secure element to encrypt and process user data quickly and safely.

    Facial recognition has become one of the most controversial technologies in existence. It appears Intel is trying to bring some credibility and security to the technology, emphasizing the potential good it can offer.

  • Elon Musk: Use Signal

    Elon Musk: Use Signal

    Secure messaging app Signal has received a boost from one of the titans of tech, as Elon Musk tells his Twitter followers to “use Signal.”

    Signal exists in the same space as WhatsApp and Telegram. The app provides end-to-end encrypted chat and voice calls, and is widely considered one of the most secure communication methods on the planet. In fact, the EU commission, US Senate and some military units all recommend their members use it.

    While WhatsApp may be more popular, there have been growing concerns regarding its security and privacy. Most recently, WhatsApp announced a changed to its privacy policies, wherein it will share significant user data with Facebook and other Facebook companies. Needless to say, this has not gone over well with users who value privacy and security.

    Elon Musk is the latest to come out in favor of WhatsApp’s more secure alternative.

    Facebook has shown a repeated lack interest or ability in protecting people’s privacy. Using WhatsApp for secure communication is the equivalent of having the fox guard the henhouse.

    For any individuals concerned with privacy and security, Musk is right: Use Signal.

  • FBI Investigating If JetBrains Was Compromised by SolarWinds Hackers

    FBI Investigating If JetBrains Was Compromised by SolarWinds Hackers

    The FBI is trying to determine if JetBrains was compromised as part of the SolarWinds attack.

    The SolarWinds attack was one of the largest, most damaging hacks against US government and corporate entities. Some experts have said it will take months, or even years, to understand the extent of the damage.

    What made the SolarWinds attack so successful was that it was a supply chain attack. Rather than trying a brute force attack, or tricking organizations into installing suspect software, hackers compromised SolarWinds’ Orion IT monitoring and management software. Since this legitimate software is in use by countless organizations, by compromising it and installing a trojan directly in it, hackers were able to hack organizations using Orion IT.

    The FBI is now concerned a second application may have been compromised in a similar nature, according to Reuters. JetBrains makes a project management application called TeamCity. Like Orion IT, TeamCity is used by companies around the world, making it extremely important to determine if it was compromised as well.

    “We are not aware of any investigation nor have we been contacted by any agencies,” a JetBrains spokesman said. “We are not aware of any vulnerabilities in the product or breaches that would allow for this, nor that any of our customers were affected.”

  • Datadog CEO: 2020 Was Big Win For The Cloud

    Datadog CEO: 2020 Was Big Win For The Cloud

    “This year we’ve seen fairly brutal changes in patterns of usage in the cloud,” says Datadog CEO Olivier Pomel. “As you can imagine, streaming (has increased). All of a sudden everybody’s kids are watching Disney+. Also, video conferencing, online gaming, and all of that spiked pretty quickly. The way we see that is it’s a big win for the cloud, in general.”

    Datadog CEO Olivier Pomel says 2020 was a big win for the cloud:

    This year we’ve seen fairly brutal changes in patterns of usage in the cloud. As you can imagine, streaming (has increased). All of a sudden everybody’s kids are watching Disney+. Also, video conferencing, online gaming, and all of that spiked pretty quickly. Even if you think of the domains that were negatively impacted by COVID such as travel when all of a sudden everybody had to cancel their travel, it actually meant a lot more activity for the online sites of the travel companies.

    So you see all these patterns of companies pointing up and spinning down. The way we see that is it’s a big win for the cloud, in general. Companies could change their minds they could actually scale up. They could decide to shift different services to have them delivered at different scales instead of having to spend three to six months trying to retool everything and ship that to the data centers. They could do that very quickly in the cloud. We see that as a big win for the cloud.

    Read: SolarWinds Hack Was Supply Chain Attack, Says Datadog CEO

    Next year we still see some scaling from those customers. We see some of the industries that were negatively impacted coming back online and getting back up. Across the board, we see more and more renewed urgency around digital transformation and migration to the clutches precisely because the cloud made it possible for companies to react so quickly. Those who are not on the cloud were more impacted than the others.

    Datadog CEO Olivier Pomel: 2020 Was Big Win For The Cloud
  • Required WhatsApp Change Shares Significant User Data With Facebook

    Required WhatsApp Change Shares Significant User Data With Facebook

     

    WhatsApp Privacy Policy
    WhatsApp Privacy Policy

    WhatsApp is making major changes to its privacy policy, including sharing significant user data with Facebook.

    WhatsApp users are seeing an in-app notification of changes to the privacy policy. When going to WhatsApps new terms, it’s clear the messaging platform will begin integrating more tightly with Facebook’s other companies and services, including sharing data between them.

    As part of the Facebook Companies, WhatsApp receives information from, and shares information (see here) with, the other Facebook Companies. We may use the information we receive from them, and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings, including the Facebook Company Products.

    The information shared with Facebook is substantial, including:

    Your account registration information (such as your phone number), transaction data, service-related information, information on how you interact with others (including businesses) when using our Services, mobile device information, your IP address, and may include other information identified in the Privacy Policy section entitled ‘Information We Collect’ or obtained upon notice to you or based on your consent.

    The new policies will take effect on February 8. The changes are mandatory and individuals will not be able to use WhatsApp unless they accept the terms.

    This is the latest reason why users who value their privacy should switch to Signal for their secure, cross-platform messaging needs.

  • iboss Raises $145 Million to Aid Remote Work Security

    iboss Raises $145 Million to Aid Remote Work Security

    Cybersecurity firm iboss has raised an additional $145 million as the company continues to focus on cloud-based security.

    With an unprecedented number of employees working from home, companies have been forced to rethink security. With on-premise security, hardware plays a critical role in keeping corporate networks and resources secure. In contrast, remote work relies more heavily on software-based security.

    Iboss is a cybersecurity firm specializing in cloud-based security. The company recently won “a coveted Platinum 2020 ‘ASTORS’ Homeland Security Award from American Security Today for Best Network Security Solution.” The company has now raised an additional $145 million in funding as it looks to eventually have an IPO.

    “COVID-19 has exposed massive vulnerabilities with outdated, hardware-based cybersecurity solutions and accelerated the timeline of moving away from the old method of securing physical office perimeters,” said iboss CEO Paul Martini. “Implementing modern architecture that provides network security in the cloud is the best way to ensure safety and productivity, even as remote workers rely more and more on fast connections for things like video meetings and online productivity apps.”

    Iboss’ funding round is further evidence of how important cybersecurity has become, especially with the rise of remote work.

  • FBI Warns of Cyberattacks Against Online Learning

    FBI Warns of Cyberattacks Against Online Learning

    The FBI is warning that hackers are increasingly targeting online learning as students get back to class after the holidays.

    While the success of remote work and distance learning have exceeded many people’s expectations, it has also provided new opportunities for hackers and bad actors. Companies have had to take measures to ensure employees can connect remotely and schools have worked to protect their classes from Zoom-bombing and other hacks.

    Even so, the FBI is warning that hackers are increasing their attacks.

    “It’s of greater concern now when it comes to K-12 education, because so many more people are plugged into the technology with schooling because of the distance learning situation,” FBI Cyber Section Chief Dave Ring told ABC News. “So things like distributed denial of service attacks, even ransomware and of course, domain spoofing, because parents are interacting so much more with the schools online.”

    While Zoom-bombing may be one type of attack, ransomware is another common, more dangerous attack. According to the FBI, there has been a nearly 30% increase in ransomware attacks against schools.

    “The broader the move to distance learning, I think the more attacks you’re going to see, just simply because there are more opportunities for it and it’s more disruptive,” Ring said. “Not everybody’s looking to make money when it comes to criminal motivations for these attacks. A lot are they’re looking to steal information. They’re looking to use that for financial gain. They’re looking to collect ransoms.”

  • Exposed Credentials Leave 100,000+ Zyxel Firewalls and VPNS Vulnerable

    Exposed Credentials Leave 100,000+ Zyxel Firewalls and VPNS Vulnerable

    A researcher at Dutch security firm EYE has discovered a critical vulnerability in Zyxel’s firewall and VPN gateways, as a result of exposed credentials.

    Zyxel sells a line of popular firewall and VPN gateway devices. Niels Teusink, a researcher with EYE, discovered a major issues that leaves over 100,000 devices vulnerable.

    When doing some research (rooting) on my Zyxel USG40, I was surprised to find a user account ‘zyfwp’ with a password hash in the latest firmware version (4.60 patch 0). The plaintext password was visible in one of the binaries on the system. I was even more surprised that this account seemed to work on both the SSH and web interface.

    Teusink goes on to highlight why this vulnerability is so dangerous.

    As the zyfwp user has admin privileges, this is a serious vulnerability. An attacker could completely compromise the confidentiality, integrity and availability of the device. Someone could for example change firewall settings to allow or block certain traffic. They could also intercept traffic or create VPN accounts to gain access to the network behind the device. Combined with a vulnerability like Zerologon this could be devastating to small and medium businesses.

    Teusink recommends updating to the latest firmware version immediately.

  • SolarWinds Hackers Gained Access to Microsoft Source Code

    SolarWinds Hackers Gained Access to Microsoft Source Code

    Microsoft has revealed that hackers viewed some of its source code as part of the SolarWinds attack that government agencies are still investigating.

    The SolarWinds attack is one of the most devastating cyberattacks perpetrated against US companies and government agencies. Believed to be the work of Russian hackers, the attack was a supply chain attack, compromising SolarWind’s Orion IT monitoring and management software.

    As one of the organizations impacted, Microsoft has now revealed the hackers viewed some of its source code, but did not make any modifications.

    We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories. The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated.

    Microsoft is not concerned about the source code being viewed, since the company’s security protocols assume its source is being viewed by outside elements.

    At Microsoft, we have an inner source approach – the use of open source software development best practices and an open source-like culture – to making source code viewable within Microsoft. This means we do not rely on the secrecy of source code for the security of products, and our threat models assume that attackers have knowledge of source code. So viewing source code isn’t tied to elevation of risk.

    As with many companies, we plan our security with an “assume breach” philosophy and layer in defense-in-depth protections and controls to stop attackers sooner when they do gain access.

    Although Microsoft seems to be containing any damage adequately, the degree to which the attackers compromised one of the biggest tech companies in the world is further evidence just how successful the SolarWinds attack was.

  • T-Mobile Data Breach Exposes 200,000 Customers’ Data

    T-Mobile Data Breach Exposes 200,000 Customers’ Data

    T-Mobile has suffered a major data breach, impacting some 200,000 customers.

    Wireless carriers are prime cybersecurity targets, thanks to the wealth of customer data they have access to. According to T-Mobile’s disclosure, its cybersecurity team discovered unauthorized, malicious access to some of that customer information.

    Fortunately, “the data accessed did not include names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs.” The hackers may have accessed “phone number, number of lines subscribed to on your account and, in some cases, call-related information collected as part of the normal operation of your wireless service.”

    The company is working with law enforcement agencies and has begun notifying those customers affected.

    This is the third major breach T-Mobile has suffered, and the second of 2020. Especially with T-Mobile’s newfound status as the second-largest carrier, it will need to do more to keep its customers’ data safe.

  • FCC Cracks Down on Robocalls, Enlists Telcos to Help

    FCC Cracks Down on Robocalls, Enlists Telcos to Help

    The Federal Communications Commission (FCC) has unveiled new rules cracking down on robocalls, requiring phone companies’ assistance.

    The FCC has been working to address robocalls, a growing problem for American consumers. Beyond simply being an annoyance, many robocalls are designed to take advantage of the unsuspecting, scamming them out of private information, money or both. Even legitimate, non-commercial, robocalls can be a nuisance when there are no limits on the volume.

    “Americans are sick and tired of unwanted and illegal robocalls, and today’s separate actions are like a one-two punch to ward them off,” said FCC Chairman Ajit Pai. “Today, we are putting much needed limitations on robocalls to our homes, and taking additional steps regarding call blocking that will yield significant improvements for consumers.”

    The new rules tackle robocalls normally exempted from existing robocall regulation, such as those from tax-exempt organization, political calls and market research. The FCC will now “limit the number of exempted calls to three calls to any residential phone from any caller within any consecutive 30-day period. Previously, there was no limit on the number of non-telemarketing robocalls that any caller could make to a residence. Callers are also now required to allow consumers to opt out of these calls.”

    In addition, the FCC will require telcos to do more to crack down on robocalls on their own networks, and cooperate with the FCC and law enforcement efforts to identify the source of robocalls.

    The rules will likely be welcomed by consumers who are sick of being harassed.

  • Security Firm Corellium Wins Copyright Battle Against Apple

    Security Firm Corellium Wins Copyright Battle Against Apple

    A federal judge has sided with Corellium in the case Apple brought against it, ruling the company’s software met the burden of “fair use.”

    Corellium was founded in 2017 by husband and wife Amanda Gorton and Chris Wade. The company’s product allows security researchers to run “virtual” iPhones, eliminating the need to buy iPhones in order to look for bugs and security flaws in iOS.

    According to The Washington Post, Apple initially tried to purchase Corellium, before switching gears and suing the company when the acquisition talks stalled. Apple claimed the company’s software broke its copyrights and violated the Digital Millennium Copyright Act (DMCA) by circumventing Apple’s security measures.

    While the DMCA claim has not yet been thrown out, Judge Rodney Smith sided with Corellium on the copyright issue, finding the company’s software qualified as fair use. In particular, Judge Smith called Apple out for its “puzzling, if not disingenuous” claims that Corellium posed a risk. Apple has said the company’s products could open the way for attacks on actual iPhones if it fell into the wrong hands, and even went so far as to say that Corellium was selling its software indiscriminately.

    Judge Smith found the Corellium had a sufficient vetting process in place to negate those concerns. What’s more, rather than circumventing Apple’s security measures to make a competing product, Corellium’s work benefits all of Apple’s iOS customers.

    Apple works hard to cultivate an image of maintaining the moral high ground, often putting morality above basic profit. In this case, however, Apple got it wrong and Judge Smith’s ruling is a clear win for security researchers and Apple’s own customers.

  • Zoom Executive Charged For Shutting Down Meetings For China

    Zoom Executive Charged For Shutting Down Meetings For China

    US prosecutors have charged a China-based Zoom executive for shutting down meetings on behalf of Chinese authorities.

    Xinjiang Jin, also known as Julien Jin, is accused of fabricating reasons to take action against various accounts, especially those critical of or commemorating the Tiananmen Square massacre, according to The New York Times. Jin is accused of gaining access to meetings and then posting prohibited content, such as child pornography or terrorism-related items, in order to get the meetings flagged and shut down.

    “Americans should understand that the Chinese government will not hesitate to exploit companies operating in China to further their international agenda, including repression of free speech,” said FBI Director Christopher Wray in a statement.

    Zoom has since fired Jin and has placed other employees on administrative leave while it conducts an internal investigation. The company’s investigation has already shown that Jin accessed and shared user data with Chinese authorities, although Zoom says it was “fewer than 10 individual users” outside of China. This was despite Zoom’s efforts to restrict China-based employees from accessing the company’s global network.

    To date, Jin has not been arrested and will likely not be, given that he was aiding Chinese authorities. As the NYT points out, however, this is a significant escalation for US prosecutors, emphasizing the tightrope American tech companies operating in China must walk.

  • US Government Appeals TikTok Injunction

    US Government Appeals TikTok Injunction

    In the latest twist of the never-ending saga, the US government is appealing an injunction against its TikTok ban.

    The US government has been working to ban TikTok for some time. The Trump administration has accused TikTok of being a security threat, and made it clear that only a sale to an American company would prevent an outright ban. Oracle, with Walmart joining it, emerged as the winning bidder. Per the terms of the deal, however, Oracle would only gain a 20% stake in the company. Meanwhile, China signaled it would oppose a deal it felt was unfavorable to the country’s image.

    Meanwhile, TikTok was left in limbo as it tried to work out a deal with the US government as the deadline approached. The company won an injunction, with at least one judge even questioning if the ban was legally viable.

    Not willing to give up the fight, the US government is now appealing the injunction, according to Reuters. The Justice Department is bringing the case before the U.S. Court of Appeals for the District of Columbia.

    Given that Judge Carl Nichols — when granting the injunction — said the government had “likely overstepped” in its decision to ban TikTok, this case could redefine the limits of the government’s authority.

  • Cellebrite Did NOT Break Signal’s Encryption

    Cellebrite Did NOT Break Signal’s Encryption

    The BBC broke a story that seemingly indicated Cellebrite had broken Signal’s encryption — only it’s not true.

    Signal is a popular messaging app, boasting some — if not the best — security and end-to-end encryption of any messaging platform on the planet. It’s so secure that some military units, the US Senate and the EU Commission all recommend their members use it. In addition to politicians and military personnel, Signal is widely used by journalists, activists, political dissidents and others for whom privacy is paramount. The app even has features, such as the ability to blur faces in photos, to help protect that privacy.

    Celebrate, in contrast, is an Israeli company that specializes in hacking encrypted devices. The company’s products are used by the FBI, other law enforcement agencies, and have even been purchased by school districts for use on students’ phones.

    The BBC reported that Cellebrite claimed to have cracked Signal’s encryption, potentially casting doubt on the platform. In fact, the BBC’s article was entitled: “Signal: Cellebrite claimed to have ‘cracked’ chat app’s encryption.”

    Signal has written a blog post to set the record straight, calling the BBC’s headline “factually untrue.” Even the blog post Cellebrite wrote outlining their efforts, a post Signal called “embarrassing” (for Cellebrite), has been significantly altered and shortened, toning down the company’s claims from the original version (accessible via archives here).

    So what happened? Did Cellebrite break Signal’s encryption? The short answer is No.

    Cellebrite’s entire “success” depended on having physical access to an Android phone that was already unlocked with the screen on. In the realm of computer security, a simple rule is: If someone has physical access to your device, all bets are off. Once physical access is obtained, it’s usually only a matter of time before security measures are compromised to some degree or another.

    More to the point, however, Signal, like other similar apps, is designed to protect messages and communication from electronic eavesdropping — not from someone who has unfettered access to the devices the messages reside on. As Signal’s blog points out, it’s a simple matter to open up any app, take screenshots of the contents and thereby “compromise” the data on the device for which someone already has unlocked, unfettered, physical access.

    In essence, the Cellebrite Physical Analyzer does just that. It simply automates the process of accessing and recording the contents of apps on an unlocked phone. In the world of programming, this is neither complicated nor difficult.

    As a side note, if a person is concerned about that possibility, it’s easy to enable disappearing messages in Signal. This added step ensures there is nothing to recover from a device that has been physically compromised.

    As Signal’s rebuttal post point out, the entire episode is an embarrassing situation for Cellebrite, a company that so many law enforcement agencies depend on.

    It’s hard to know how a post like that got out the door or why anyone thought revealing such limited abilities was in their interest. Based on the initial reception, Cellebrite must have realized that amateur hour was not a good look, and the post was quickly taken down. They then must have realized that a 404 error isn’t any better, and replaced that again with a vague summary.

    It’s also hard to know how such an embarrassing turn of events became anything other than a disaster for Cellebrite, but several news outlets, including the BBC, published articles about Cellebrite’s “success,” despite the existence of clarifying information already available online.

    The takeaway is that Cellebrite essentially accomplished nothing with their so-called “success.” They did not break Signal’s encryption and they did not compromise the messaging platform. Cellebrite’s entire “success” was no more of an accomplishment than being handed an unlocked phone, perusing it and taking screenshots of the contents.

    John Scott-Railton, a senior researcher at internet watchdog Citizen Lab, out of the University of Toronto, agreed with Signal.

    https://twitter.com/jsrailton/status/1341421365371559938?s=21

    The evidence is clear: Signal remains one of — if not THE — most secure messaging platforms on the planet.