Department of Justice: iPhone encryption will lead to the death of a child

SMS Relay Text Message Forwarding iOS 8.1

Apple and the government have long been engaged in a bitter war of words over encryption and security practices employed in Apple’s iOS devices, but a new Wall Street Journal report indicates that the Department of Justice is really starting to take the rhetoric to the next level.

According to the Journal, a DOJ official actually told Apple executives during a meeting last month that in the future the Cupertino company could eventually be directly responsible for the death of a child. Read more

FBI director continues push against Apple & Google on smartphone encryption (Video)

James Comey FBI Director

FBI Director James Comey isn’t backing down from his position that Apple and Google are wrong to encrypt customer smartphone data preventing law enforcement agencies the possibility of access if requested. After last month sharing that the FBI was in talks with the two companies to discuss concerns with marketing devices as being inaccessible to third-parties including the government, the FBI Director spoke with CBS News in an interview where he continued to make the case against such encryption… Read more

US attorney general latest gov’t official to challenge Apple on smartphone encryption

US Attorney General Eric Holder

United States Attorney General Eric Holder, who announced plans to resign earlier this week pending confirmation of a successor, has criticized Apple and Google for encrypting smartphone data beyond law enforcement official access, Reuters reports.

“It is fully possible to permit law enforcement to do its job while still adequately protecting personal privacy,” Holder said in a speech before the Global Alliance Against Child Sexual Abuse Online.

Read more

FBI director says officials have been in talks with Apple, Google over device encryption policies

tim cook death stare

Director of the Federal Bureau of Investigation James Comey expressed his concern today over Apple and Google’s decision to encrypt information stored on smartphones, the Huffington Post reports, adding that FBI officials are pushing both companies to change their policies in order to allow law enforcement officials to access data in certain instances.

“I am a huge believer in the rule of law, but I am also a believer that no one in this country is above the law,” Comey told reporters at FBI headquarters in Washington. “What concerns me about this is companies marketing something expressly to allow people to place themselves above the law.”

In the case of the iPhone maker, Apple CEO Tim Cook used the company’s privacy stance as a major marketing point on a number of occasions over the past month. Read more

Apple begins encrypting iCloud email sent between providers

MailIcon

Last month Apple confirmed that it would soon beef up encryption for iCloud email following a report detailing security flaws in major email services. While Apple previously encrypted emails sent between its own iCloud customers, now the company has enabled encryption for emails in transit between iCloud and third-party services for me.com and mac.com email addresses. 

The change is documented on Google’s transparency website that shows the percentage of emails encrypted in transit for both inbound and outbound email exchanges (pictured below): Read more

Review: Wiper encrypted messaging/calling app with neat erase feature (and iOS 8 update details)

Yes, another secure and ephemeral messaging app. There’s Wickr, Snapchat, Confide, so what makes Wiper Messenger different? I’ve had the chance to play around with the new free chatting app on iOS, and it seems to act as a fusion of WhatsApp, Snapchat, and Wickr. The app prompts you for your email address or phone number in order to create your account, and then you are brought to a fairly simple interface with three tabs across the bottom: Chats, Contacts, and More. Let’s go tab-by-tab:

Read more

Box adds secure collaborative notes to its iPhone and iPad apps

Box Notes

We showed you Box’s big 3.0 rewrite of its iPhone and iPad app earlier this year and today the cloud service is adding a major feature for its users: Box Notes. Box introduced its Notes feature to users last month, and now it is extending support for Box Notes to iPhone and iPad users.

The company says it’s focus on security for business users makes its approach to collaborative note capturing and sharing differently than other offerings. Box’s new Notes feature on iPhone and iPad is presented in the same app as other media stored in the cloud service as it’s a single app to know and manage.

Read more

Researcher claims iOS 7 (including current 7.1.1) does not encrypt email attachments, Apple aware of issue

Screen Shot 2014-05-05 at 6.29.21 AM

Security researcher Andreas Kurtz has discovered that versions of iOS 7, including iOS 7.1.1 (the current release), iOS 7.1, and iOS 7.0.4 do not encrypt email attachments in the bundled Mail application. This is an issue itself, but more worrisome as iOS, according to Apple, is supposed to encrypt email attachments. Here’s a page from Apple’s website indicating that:

Read more

Passware: Filevault can be brute force cracked during the span of a lunchbreak

FileVault has been included in Macs by Apple since the release of Panther many years ago. In Apple’s most recent release, OS X Lion, the company included FileVault that brought new ways of encryption. FileVault lets you encrypt your entire drive with a master password to protect key-chain passwords, files, and more. FileVault 2 uses a separate partition to store the FileVault login information.

Cnet pointed us to a new report from password recovery company PassWare, who claimed it can decrypt Apple’s FileVault 2 in under 40 minutes. Obviously, this is a big concern because FileVault contains so much of users’ information.

PassWare decrypts FileVault by going in through the system’s firewire connection and using live-memory analysis to extract the encryption key from the FileVault partition (so the machine must assumedly be running?). From there, a user can uncover keychain files and login passwords that can be used to unlock the whole HDD/SSD.

PassWare conveniently makes PassWare 11.3 available to do this, but you will have to throw down a lofty $995 to get the software. PassWare makes this software primarily available for law enforcement.

Read more

Gamers beware: Steam’s database hacked, including encrypted credit card information and passwords

Popular game platform Steam, owned by Valve, has been hacked (via PC Gamer). Hackers were able to get into a Steam database, which included encrypted credit card information and passwords of many of its users. Steam isn’t sure at this point if the encryption of the credit card numbers or passwords have been obtained, but warns users to be on the look out for malicious activity. Steam’s Gabe Newell said in a statement to users:

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked.”

Steam is currently keeping their forums closed down while they investigate the situation. The Steam platform hasn’t been knocked down, however. Gabe’s full statement after the break:

Read more