encrypted
Latest
Signal's encrypted messaging app stops working in China
One of the last Western social media apps available in China, Signal, has now gone dark in the nation.
Mozilla is shutting down Firefox Send and Notes
Mozilla plans to say goodbye to two of its lesser-known products this year.
Signal lets you see more info before you accept a message from a stranger
Signal lets you see a sender's profile before you accept, delete or block a message or call.
European police hacked encrypted phones used by thousands of criminals
In one of the largest law enforcement busts ever, European police and crime agencies hacked an encrypted communications platform used by thousands of criminals and drug traffickers.
Zoom acquires security startup Keybase to offer end-to-end encryption
As part of its 90-day plan to improve security, Zoom acquired Keybase, a startup that provides encrypted communication services.
Oman lifts restrictions on secure video chats
In an effort to help businesses and schools function remotely, Oman is lifting restrictions on some video calling services. Its Telecommunications Regulatory Authority (TRA) tweeted that it will allow Skype for Business, Google Meet and Zoom, so that organizations can better communicate "during this exceptional period."
Huawei technicians may have helped African governments spy on opponents
An investigation by The Washington Post claims Huawei technicians helped African governments spy on domestic political opponents. According to the report, Huawei employees helped authorities in Uganda intercept encrypted messages and allowed police in Zambia to locate opposition bloggers. Such claims could validate the Trump administration's concerns about the use of Huawei technology in the US, but Huawei told The Washington Post it has "never been engaged in 'hacking' activities."
BlackBerry Messenger shuts down for good today
Today, Emtek pulls the plug on BlackBerry Messenger. The company announced last month that it would shut down the consumer service, which has been steadily losing users and failing to attract new ones. As a consolation for diehard fans, BlackBerry opened BBM Enterprise, its enterprise-grade encrypted Messenger (BBMe), for personal use. That's available on Android, iOS, Windows and Mac.
Firefox Send's free encrypted file transfers are now available to all
Mozilla has made privacy Firefox's calling card, while lambasting companies it believes don't meet the bar on security. Its latest update to its web browser, an end-to-end encrypted file transfer service, fits the mold. Firefox Send was introduced in 2017 as part of the now-defunct Firefox Test Pilot, which allowed early adopters to try out experimental features, and is now being graduated. Those with Firefox accounts can now share files up to 2.5GB in size between browsers, while everyone else is limited to 1GB. It's also getting its very own Send Android app in beta.
Facebook only cares about privacy because it has to
When your reputation is as shattered as Facebook's, all you can do is try to change course. And amid an ongoing crisis caused by its continuous disregard for protecting users' data, co-founder and CEO Mark Zuckerberg wrote a 3,000-word manifesto on his "privacy-focused vision" for the company. In it, the embattled Facebook chief detailed how he plans to take the social network into a new era by focusing on "simple, intimate places" where people can have private interactions and enjoy features such as end-to-end encryption. Additionally, Zuckerberg said Facebook will start reducing permanent content and offering better safety and secure data storage, though it's unclear when these changes are going to take place.
WhatsApp clamps down on forwarding to reduce hoaxes and spam
While parent company Facebook shifts policies on how to handle content that it said can lead to violence, WhatsApp is also in a state of change. A blog post describes how it's limiting the ability to forward messages to multiple chats at once, apparently in hopes that it will slow the spread of hoaxes and misinformation that have incited recent lynchings in India. Previously users could forward to over 250 people at once, and now the limit globally has been reduced to 20. In India, it will be restricted to five, and a "quick forward" button next to media messages will be removed. The company called these changes a "test," while a spokesperson said to Recode that "We're horrified by the violence in India, and we've announced number of different product changes to help address these issues." WhatsApp already shifted to labeling forwarded messages, it recently started funding research into the problem and now it's making another attempt to put the brakes on. TechCrunch points out a report from The Economic Times that WhatsApp execs have met with India's election commission and plan to bring over the news verification model recently used in Mexico.
Signal adds encrypted profiles to beta chat app
Signal, the encrypted chat app preferred by the US Senate, has finally launched profiles -- but only as part of its latest beta release. You can now add a photo and a display name to make group chats less confusing. But since this is Signal we're talking about, it's not as straightforward as other apps': your photo and name, like your messages, are end-to-end encrypted.
QSAlpha in talks to bring Quasar IV smartphone to China Mobile
A couple weeks ago we covered a new Indiegogo campaign from QSAlpha, a company aiming to produce a super-encrypted smartphone (along with a software-based platform for standard Android users as well). Despite the fact that the funding phase didn't go so well, the manufacturer recently announced that its phones will go into production and begin shipping in Q2 of next year. But which operators will take on this hardcore encrypted handset? Sources have confirmed to Engadget that QSAlpha is closely working with China Mobile to bring the Quasar IV handset to market. An official launch isn't likely to happen right away -- nor could our sources go into more detail on what the deal entails -- but at least this is good news for anyone who is rooting for this particular device to become a reality. It's hard to say whether or not we'll see it available anywhere else, though we wouldn't be surprised if we have the opportunity to buy one online in other parts of the world.
Indian official claims BlackBerry eavesdropping standoff is 'heading towards a resolution'
Oh, bureaucracies, the fun in dealing with them is that you're told exactly what they want you to know -- or at least, believe. That's the name of the game in India, where -- as you're surely aware -- the government has been at odds with RIM for years over its insistence that the Waterloo firm provide the means to monitor encrypted emails and BBM messages. In a revelation that may relate to those BlackBerry servers in Mumbai, R. Chandrasekhar of India's Department of Information Technology has asserted, "The issue is heading towards a resolution." While it's difficult to know whether monitoring is already in place, Chandrasekhar added that, "Law enforcement agencies will get what they need." Another unknown is whether RIM played a role in these developments. For its part, the company claims, "RIM maintains a consistent global standard for lawful access requirements that does not include special deals for specific countries." So, if everything is now clear as mud for you, just remember: that's how those in charge like it.
Passwords stored in plain text after Lion update
Legacy FileVault users (those who used FileVault before Lion) running a recently updated version of Mac OS X Lion should consider changing their login passwords. According to a report in ZDNet, an Apple programmer inadvertently left a debug flag in the latest 10.7.3 version of Mac OS X that turns on a system-wide debug log file. This log file stores the user's login passwords in plain text and is located in an unencrypted area. Any user with admin or root access can read this file, grab the login credentials and access your encrypted data. If you use Time Machine to backup your system, this log file is also available from your archive. This glitch affects users who enabled FileVault encryption, upgraded to Lion and kept folders encrypted using FileVault. FileVault 2 users are not affected by this bug. This glitch was first noticed by an Apple Support Community member who posted about the plain text passwords back in February.
Calyx Institute to create ISP that keeps customer traffic private, away from prying governmental eyes
Wouldn't it be nice if we were free to surf the web free from fear of having our traffic monitored and emails scraped by the NSA? Well, if Nicholas Merrill has his way, we won't have to rely on anonymous browsers or proxy servers -- we'll have a new ISP built from the ground up to protect customer privacy. A non-profit, the Calyx Institute, will run the ISP that'll employ end-to-end encryption on web traffic, plus encrypted emails to prevent anyone other than the user, including the ISP itself, from seeing people's internet activity. Because of this structure, Calyx, quite literally, won't be able to comply with governmental requests to obtain customer traffic data under the Patriot or Foreign Intelligence Surveillance Acts. The best part is, such online privacy may cost as little as $20 a month, and Merrill has hopes to provide a similarly secure VoIP service at some point as well. Of course, the venture will only be possible if Merrill can raise the $2 million needed to get it going -- which is why he's pitching the idea to venture capitalists in Silicon Valley and the general public through crowd-sourced funding site IndieGogo. Want to help out? Hit the source below to make a donation.
RIM builds BlackBerry server center in Mumbai, right where Indian government wants it
This is the epilogue to a story that started as far back as 2008, when the Indian government first demanded access to encrypted BBM traffic. In 2010, RIM made "certain proposals" that satisfied politicos and averted a ban, and now it's gone one step further -- placing 5,000 BES Enterprise servers directly beneath officials' noses in Mumbai. It's not yet clear if messages will be subject to any more scrutiny than they were before, but N4BB reports that a "team of officers" has already inspected the installation and that "permission for direct monitoring" is "expected to be issued." Looks like those snoops will soon be working double shifts.
ASUS now catching heat for locked Transformer Prime bootloader, probably wishes the thing was never made
Man, talk about not being able to catch a break. After launching what was largely considered the first Android tablet worth drooling over at AsiaD, ASUS has ran into every conceivable issue in the months since. Delays, on-again / off-again claims about GPS and now, a locked bootloader that has the vocal Android modding community all sorts of angry. The primary issue here is that the Prime is a WiFi-only device, which leaves little room for ASUS to justify its decision to thwart the use of uncertified ROMs. Of course, HTC has faced similar pressures in the past, and its decision to cut loose of the locked bootloader chains won it universal praise from a universal audience. Time for ASUS to step up and do likewise?
Researchers use children's toy to exploit security hole in feds' radios, eavesdrop on conversations
Researchers from the University of Pennsylvania have discovered a potentially major security flaw in the radios used by federal agents, as part of a new study that's sure to raise some eyebrows within the intelligence community. Computer science professor Matt Blaze and his team uncovered the vulnerability after examining a set of handheld and in-car radios used by law enforcement officials in two, undisclosed metropolitan areas. The devices, which operate on a wireless standard known as Project 25 (P25), suffer from a relatively simple design flaw, with indicators and switches that don't always make it clear whether transmissions are encrypted. And, because these missives are sent in segments, a hacker could jam an entire message by blocking just one of its pieces, without expending too much power. What's really shocking, however, is that the researchers were able to jam messages and track the location of agents using only a $30 IM Me texting device, designed for kids (pictured above). After listening in on sensitive conversations from officials at the Department of Justice and the Department of Homeland Security, Barnes and his team have called for a "substantial top-to-bottom redesign" of the P25 system and have notified the agencies in question. The FBI has yet to comment on the study, but you can read the whole thing for yourself, at the link below.
Twitter adds 'Always use HTTPS' option, makes cyberterrorists FOF
One small checkbox for your mouse pointer, one giant leap for your Twitter account's security. The microblogging site that every techie knows, loves, and occasionally loathes, has added a new option to allow users to go HTTPS full-time. For the unenlightened among you, that means all your communications with Twitter can now be done over an SSL-encrypted channel, which massively boosts their resilience to external attacks. That won't protect you if you're careless with your password or leave your account logged in on computers other than your own, but at least you can sleep a little more restfully knowing that nobody other than yourself will be embarrassing you on the Twittersphere.
