#CyberSecurityPulse: The eternal dispute: backdoors and national security

ElevenPaths    16 May, 2018
social networks image

A bipartisan group of legislators from the house of representatives has introduced a piece of legistation which will prevent the federal government of the United States from demanding companies to design technology with backdoors to ensure law enforcement can have access to certain information. This bill represents a last effort from legislators in Congress to eliminate the battle between the federal officials in charge of making them comply to the law and the technology companies’ which are for the encryption. It reached a boiling point in 2015 when the FBI fought with Apple in regards to a blocked iPhone which was linked to the terrorist attack case in San Bernadino.

However, Apple has not been the only Company which has had problems with the law during recent years. The vice-president of Facebook in LatinAmerica was also detained by the Federal Police in Brazil for refusing to share information with the authorities in regards to a drug trafficking investigation. Therefore, in 2016 some of the manufacturers started to take measures to adapt to the needs of the new times in terms of privacy. The implementation of encryption from end to end was taken up by Whatsapp; and also within Google’s periodic report on the number of requests for information on its users by the Security Forces and Corps, these are just some examples.

However, this technology situation has also provoked some countries such as Russia to put pressure upon the implementation of backdoors by government legislation or others such as China which obliges the technology companies to collaborate in issues which are considered as national security. Even though, sometimes these measures may be seen as far fetched; there is still a fear that terrorism for example, which is having a great impact on the west could provoke an end to our freedom in exchange for a greater sense of security.

More information available at The Hill

Highlighted News

Google and Microsoft ask the governor of Georgia to veto the draft law of hack back

anti-doping imagen

Google and Microsoft are asking the governor of Georgia, Nathan Deal, to veto the quite controversial draft law which would allow them to criminalise the ‘unauthorized access to equipment’ in which a company could carry out offensive operations. The general assembly of Georgia passed the draft law at the end of March and sent it to Deal, who has 40 days to sign it. The law has been received negatively by the community, which could have a staggering impact upon the legitimate investigation on an incident. Therefore, Google and Microsoft representatives wrote a letter dated 16th April in which they focus on one of the provisions of the draft, where they ensure that this law gives companies sufficient authority to conduct offensive operations for competitive purposes.

More information available at Legis

Seeking elections in the United States without foreign interference

EI-ISAC imagen

With the primary United States elections on the point of entering full bloom, the Department of National Security is getting up-to-date in order to help to guarantee that the state electoral systems are secure against the manipulation of third parties. The department has commented that it has completed its evaluations in only nine of the seventeen states of which have formally asked them to do it. However, they have promised to do it in November for each State which requests it. The officials from the National Security attribute the delay to a major demand of such reviews since the 2016 presidential elections and they want to ensure that they are dedicating more money and resources into reducing the waiting times. The reviews normally last two weeks for each one.

More information available at Fifthdomain

News from the rest of the week

Severe errors in PGP and S/MIME can reveal encrypted email addresses in plain text

A team of investigators from the European Security has published a warning about a set of critical vulnerabilities discovered in the encrypted S/MIME and PGP tools which could reveal their emails in plain text. For those who do not know, PGP utilizes a standard open code end to end encryption to encrypt email addresses in a way so that nobody could intercept them. S/MIME is a technology which is based upon asymmetric cryptography, which allows the users to send digitally and encrypted signed emails. The Electronic Frontier Foundation (EFF) has also confirmed the existence of ‘undisclosed’ vulnerabilities and has recommended that the users uninstall their PGP and S/MIME applications until they repair the errors.

More information available at EFF and Efail

A serious error is discovered in Signal for Windows and Linux

Investigators have discovered a serious vulnerability in the popular messaging application called Signal, which is used for Windows and Linux and could allow the attackers to execute malicious code in the recipient’s system remotely by just sending a message, without requiring any interaction from the user. However, the technical details of the vulnerability have not been revealed until now, the problem appears to be a vulnerability in the remote execution of the code in Signal or at least something very close to the persistent cross-site scripting (XSS) which eventually could allow the attackers to inject malicious code into target Windows and Linus systems.

More information available at The Hacker News

FacexWorm targets crypto-currency trading platforms using Facebook Messenger for their propagation

A malicious Chrome extension called FacexWorm utilizes diverse techniques in order to affect cryptocurrency platforms, of which you can access through an affected browser and it spreads through Facebook Messenger. The new version incorporates the listing and mailing links exercise through social engineering techniques to friends of the affected Facebook account. However, now they can also steal accounts and credentials from websites of interest. It also redirects the possible victims to cryptocurrency scams, injects mining code into websites, redirects them to program links related with cryptocurrencies and hijacks transactions in trading platforms and wallets in the cloud by replacing the recipient’s address with the attacker’s address.

More information available at TrendMicro

Other News

More than 400 websites attacked by the cryptojacking campaign due to a failure in Drupal

More information available at Badpackets

The ransomware SynAck implements the Doppelgänging evasion technique

More information available at SC Magazine

The Nigelthorn malware infected more than 100,000 systems which took advantage of Chrome extensions

More information available at Radware

Leave a Reply

Your email address will not be published.