Its a long-simmering disagreement that shows no sign of reaching a conclusion: law enforcement wants access to encrypted devices and messaging apps to fight crime. Tech companies say any system that allows for lawful access would instantly be attacked and put legitimate users in danger.

The latest spat between the FBI and Apple was over the locked devices of Mohammed Saeed Alshamrani, who was suspected of killing three people and injuring eight in a shooting spree on a Navy base in Pensacola, Florida on December 6, may have escalated the conflict, but it's unlikely to break the deadlock.

While the debate has been framed as a battle between privacy and security, the reason for the stalemate is that the conversation between law enforcement and tech firms has largely focused on one solution. With tech firms moving to stronger security and end-to-end encryption across messaging apps, the US Justice Department along with the UK and Australia - has asked companies to create a key or backdoor into the design of their products that would allow law enforcement to unlock the phones of criminal suspects and access data a move that Facebook says is impossible without weakening the strength of its encryption.

Surprisingly little thought, however, has been given to alternative ways of handling the challenge of thwarting criminals who hide behind encryption, while also preserving the privacy of legitimate users. So what are the alternatives, and is there a possibility that both sides could agree a middle ground?

Facebook has offered its own solution. Anxious to avoida scenario where unbreakable encryption would effectively become illegal,Facebook says it should still be able to provide some critical location and account information.

This is because end-to-end encryption hides all content, but not all metadata of the conversation taking place.We are building tools to look for signals and patterns of suspicious activity so that we can stop abusers from reaching potential victims, Facebooks Jay Sullivan told the Judiciary Committee last month.

The big fear, however, is that 12 million referrals of child sexual abuse - currently flagged by tech giants - would be lost annually if Facebook implements its plans. Stronger encryption would limit the chances of identifying the abusers and rescuing the victims.

Then there is the argument that Facebook cannot be trusted, with critics pointing to numerous security breaches and the mass collection of users personal data for financial gain.

Anotheroption, put forward by the Carnegie Endowment for International Peace in a new paper calledMoving the Encryption Policy Conversation Forward, attempts to find some middle ground by separating data at rest and data in motion. It would prevent police from being able to carry out live surveillance of discussions that are in progress, but allow them with a court-ordered search warrant to see data at rest on mobile phones.This would include photos and messages that are already held on suspects mobile phones, laptops and in cloud storage.

Exploring mobile phone data at rest seems to be an area most likely to kick start the debate.New York County District Attorney Cyrus Vance is among supporters of this approach and wants federal legislative action to push it through.His frustration stems from Apples refusal to provide access to the phone of the San Bernardino shooter following the 2015 massacre.

Even so,many in the computer security community are skeptical, and the approach rigorous testing and debate to see if its viable.

A third option isnt so much a backdoor, more an emergency entrance. Here the government, the tech company and a neutral third party, such as a court, would each keep a fragment of a cryptographic key. Authorities would get sanctioned and pre-agreed access to messaging data a bit like a bank safe deposit box which can only be opened if the bank and the customer are present.

According to Andersen Cheng, CEO of Post-Quantum, this scenario option would significantly limit the ability of rogue actors to get access because it means no one authority has a master key to unlock millions of accounts. Any concerns over government control can be allayed because the key management could be hosted by the social media companies, he says.

The only problem and its a big one - is that no one appears to have any idea how to create such a thing at scale that will remain secret. Tech companies are likely to rail against any technical steps that would fundamentally weaken communications.

Then, theres the current solution. Each year,US police districts give millions of dollars to third-party commercial developers to access data saved to the cloud. As we know from recent scandals, undetectable spyware exploits vulnerabilities in software, allowing the buyer to access a device to read texts, pilfer address books, remotely switch on microphones and track the location of their target. There is no shortage of commercial surveillance companies that offer these services, and police reportedly used similar tools to access the phone of the San Bernardino shooter when Apple wouldnt help.

This kind of technology is playing an increasing part in helping government agencies all over the world prevent and investigate terrorism and crime and save lives: almost 50% of police investigations now involve cloud data.

Controversial Israeli firm NSO Group was involved in the capture notorious drug lord El Chapo, and recently police in Western Europe said that NSO spyware was helping them track a terror suspect they feared was plotting an attack during Christmas.

Despite this, encrypted devices and messaging platforms continue to complicate crime investigations, not least becausecritical evidence is often only available on the device itself, not in the cloud. The tools provided by commercial companies can also be expensive, with police claiming that justice is sometimes unattainable for crime victims in areas where police departments do not have the means to decrypt phones.

Campaigners also point to potential abuses and a lack of transparency over new forms of surveillance being used, and a more widespread adoption of this approach will mean that governments will have to impose careful controls to prevent misuse and enforce oversight.

Whatever the solution to the current debate over encryption, its unlikely to perfectly suit everyone. As the Carnegie Endowment report points out,cybersecurity advocates may have to accept some level of increased security risk, just as law enforcement advocates may not be able to access all the data they seek.

The first step, however, is recognizing that, with the lives and safety of so many at stake, lawmakers and tech firms should investigate every option.

Read more:
Options to End the End to End Encryption Debate - Infosecurity Magazine

from the this-makes-no-sense dept

Last month, we noted that Attorney General William Barr was making a bizarre attack on Section 230 of the Communications Decency Act, claiming that the DOJ was "studying Section 230 and its scope" and arguing -- without evidence -- that 230 might be contributing to "unlawful behavior" online. As we noted at the time, Section 230 explicitly exempts federal criminal charges from what it applies to, meaning that it literally cannot interfere with any DOJ prosecution. So it's truly bizarre to see the DOJ concerned about the issue.

But Barr has continued to push forward with this anti-230 kick, and is going to host a "workshop" about 230 in a few weeks.

The U.S. Justice Department is hosting a workshop next month seeking a wide diversity of viewpoints on Section 230 of the Communications Decency Act, the federal statute that, with few exceptions, protections major internet companies and private website owners from liability when it comes to the posts and comments generated by users.

While the DOJ claims that this workshop will have that "diversity of viewpoints," as we've seen in other contexts with the DOJ, that this is rarely the actual case. It may offer up a sacrificial lamb in support of 230, but it is likely to stack the deck against 230. This is the same thing that the DOJ has done, repeatedly, with regard to the encryption debate and questions around "going dark." Indeed, we've noted before the similarities between the government's efforts to attack encryption and the playbook that was used to attack Section 230 in 2018. In fact, we've heard that the very same former Hollywood lobbyist is a key player in both efforts.

Given the similarities in the playbook, and the fact that the DOJ is not hindered at all by 230, it makes you wonder if Barr and the DOJ are playing this anti-230 card simply as a method of punishing the internet industry for opposing his desire to gut encryption? The whole thing seems to be little more than an abuse of DOJ power to intimidate and threaten an entire industry for daring to support online security and free speech online against a government which would prefer neither thing be enabled.

Filed Under: cda 230, doj, encryption, section 230, william barr

See the original post here:
Is William Barr's Latest Attack On Section 230 Simply An Effort To Harm Tech Companies For Blocking His Desire To Kill Encryption? - Techdirt

Once again, the FBI is putting pressure on Apple to help them break into the phone of a mass shooter. And once again, Apple has been largely resistant to the effort. Which is good, because a government having control over a private company that gives them secret backdoor access into people's personal technology devices is an authoritarian wet dream waiting to happen.

It also doesn't matter anyway because as Reuters pointed out this week Apple already buckled under FBI pressure a few years and cancelled their plans to add end-to-end encryption to all iPhone backups in iCloud:

The company said it turned over at least some data for 90% of the requests it received [from the FBI]. It turns over data more often in response to secret U.S. intelligence court directives, which sought content from more than 18,000 accounts in the first half of 2019, the most recently reported six-month period.

But what if the FBI wants access to someone's locked iPhone, and they haven't backed it up to iCloud? Theystill don't need Apple's help, because as with the San Bernardino shooting there are plenty of third-party companies that can and will gladly solve the problem in exchange for money.

From OneZero:

Over the past three months,OneZero sent Freedom of Information Act (FOIA) requests to over 50 major police departments, sheriffs, and prosecutors around the country asking for information about their use of phone-cracking technology. Hundreds of documents from these agencies reveal that law enforcement in at least 11 states spent over $4 million in the last decade on devices and software designed to get around passwords and access information stored on phones.

[]

The documents range from contracts, requests for proposals (RFPs), invoices for payments by law enforcement, quotes from forensic companies, and emails traded between officials discussing vendor approval. They suggest that most law enforcement agencies bought forensic investigation products from a small group of companies that includeCellebrite, Grayshift, Paraben, BlackBag, and MSAB. In addition to selling the software and hardware needed to unlock phones, these companies also charge thousands of dollars each year to upgrade the software in their products. In addition, their customers spend thousands on training sessions to teach personnel in their offices how to use the tools.

And perhaps that's the most frustrating thing about this whole scenario. The US government is always warning us about the authoritarian overreaches of surveillance states like those in China, but really, they just want to replicate it without feeling guilty. Meanwhile, supposed-innovations of free market enterprise are providing the same opportunities for authoritarian surveillance capitalism, but, ya know, privately-owned, so immune to any legal oversight or transparency, because America. Isn't that supposed to be the dream?

Exclusive: Apple dropped plan for encrypting backups after FBI complained [Joseph Menn / Reuters]

Exclusive: U.S. Cops Have Wide Access to Phone Cracking Software, New Documents Reveal [Michael Hayes / OneZero]

Image via the White House

No encrypted iCloud backups for you, citizen!

The time is always right to do what is right, thats true. But the timing of this is a pretty ugly retconespecially after a new trove of FBI files on Martin Luther King, Jr. were just released six months ago, painting an ugly picture of frequent sexual misconduct.

Gee, thanks.

You dont need to be a climate scientist in order to know that the Earth is in serious trouble, but the good news is that you also dont need to necessarily make any drastic changes to your lifestyle in order to do your part to help. This nOcean Wearable Reusable Silicone Straw will help you []

When it comes to conquering that resolution list and hitting all of your goals in 2020, nothing is more important than getting a great nights sleep every night so you can wake up feeling refreshed and extra productive. The CarbonIce: 7-in-1 Bacteria Protection & Cooling Pillow will help you do just that, and right now []

Its no secret that business leaders and project managers require a certain set of skills in order to outpace the competition and increase the overall efficiency of their company or team. The Lean Six Sigma Expert Training Bundle will take your managerial skills to the next level through training that will help you earn some []

See the original post:
The FBI doesn't need Apple to give it a backdoor to encryption, because it already has all the access it needs - Boing Boing

While the fallout from the LifeLabs privacy breach continues to reverberate in the form of proposed class action lawsuits and patients still trying to determine if their personal medical information was accessed, the Office of the Information and Privacy Commission of B.C. has confirmed there is no legislation that mandates private information held by a company be encrypted.

Neither the Freedom of Information and Protection of Personal Information Act (FIPPA), which applies to public bodies, nor the Personal Information Protection Act, (PIPA), which applies to private organizations, specifically mention encryption, the Information and Privacy Commission confirmed in an email response to a query from KTW.

Personal information of up to 15-million LifeLabs patients, primarily in B.C. and Ontario, may have been accessed during a cyberattack on the companys computer systems in October. LifeLabs reported it to authorities on Nov. 1, but the breach was not made public until mid-December.

LifeLabs said it retained outside cybersecurity consultants to investigate and assist with restoring the security of its data.

While LifeLabs states on its website that its patient information is encrypted, company CEO Charles Brown told the CBCs Early Edition on Dec. 18 that he did not know if the information hacked was, indeed, encrypted.

Here is the text that can be found on the Life Labs website: Our security practices are designed to protect your personal information and prevent unauthorized access. Only authorized employees are permitted to access personal information and only when the access is necessary. Your information is protected using industry best practices, and all information is transmitted over secure, encrypted channels.

Section 30 of the Freedom of Information and Protection of Personal Information Act states: A public body must protect personal information in its custody or under its control by making reasonable security arrangements against such risks as unauthorized access, collection, use, disclosure or disposal.

Section S.34 of the Personal Information Protection Act states: An organization must protect personal information in its custody or under its control by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification or disposal or similar risks.

Noel Boivin, senior communications officer for the Office of the Information and Privacy Commission of B.C., said the department has the authority to issue legally binding orders to ensure organizations comply with those requirements.

Decisions such as these are made based on the unique facts of each case, Boivin said. Based on these requirements in both pieces of legislation, our office recommends encryption as a best practice.

The Office of the Information and Privacy Commission recommends organizations implement technical safeguards, including ensuring computers and networks are secure from intrusion by using firewalls, intrusion-detection software and antivirus software and by encrypting personal information.

Boivin noted findings from previous investigation reports call for organizations to encrypt data on personal storage devices.

Our guidance is that personal information should be encrypted in transit and at rest in order to protect against unauthorized access, said Caitlin Lemiski, the Office of the Information and Privacy Commissions director of policy.

The encryption, and key management, should be based on current industry-accepted standards for protecting data and should be reviewed regularly.

LifeLabs has four clinics in Kamloops two downtown, one in Aberdeen and one in North Kamloops.

According to the company, hackers gained access to the computer system that held customer information from 2016 and earlier that could include names, addresses, email addresses, login user names and passwords, dates of birth, health card numbers and lab test results.

The access was accompanied by a ransom demand, which LifeLabs paid.

LifeLabs set up a dedicated phone line and information on its website for those affected by the breach. To find out more, the public should go online tocustomernotice.lifelabs.comor contact LifeLabs at 1-888-918-0467.

In January 2013, patient information for 16,100 Kamloops-area residents was on a computer hard drive that went missing as it was being transferred by LifeLabs to Burnaby from Kamloops.

Read the original here:
There is no legislation mandating encryption of private information - Kamloops This Week

The US government is once again reviving its campaign against strong encryption, demanding that tech companies build backdoors into smartphones and give law enforcement easy, universal access to the data inside them.

At least two companies that sell phone-cracking tools to agencies like the FBI have proven they can defeat encryption and security measures on some of the most advanced phones on the market. And a series of recent tests conducted by the National Institute of Standards and Technology (NIST) reveal that, while there remain a number of blind spots, the purveyors of these tools have become experts at reverse engineering smartphones in order to extract troves of information off the devices and the apps installed on them.

Asked whether the NIST test results have any bearing on the public debate about backdoors for police, Barbara Guttman, who oversees the Computer Forensic Tool Testing program for NIST told Motherboard, None at all.

This is a completely different question. Thats a policy question, she said, adding that NISTs only purpose is to ensure that If youre acquiring the phone [data], you should acquire it correctly.

But the demonstrated ability of phone cracking tools to break into and extract data from the latest phones is further proof that the government is perfectly capable of getting into terrorists devices, Andres Arrieta, the director of consumer privacy engineering at the Electronic Frontier Foundation, told Motherboard.

When it comes to the capabilities from law enforcement, I think these documents show theyre quite capable, he said. In the San Bernardino case, they claimed they didnt have the capabilities and they made a big circus out of it, and it turned out they did. Theyve proven consistently that they have the tools.

The never-ending public debate over smartphone security has focused on backdoors for law enforcement to bypass device encryptionand more recently, Apple features that erase all data after 10 failed password attempts or block data extraction through lightning ports. But accessing a phone is only part of the battle; once inside, digital forensic investigators have to understand the complicated data structures they find and translate them into a format that meets the high accuracy standards for evidence, using acquisition tools from companies like Cellebrite, Grayshift, and MSAB.

Results from an NIST test of Cellebrite found that it largely works as expected.

In a series of reports published over the last year, NISTs Computer Forensic Tool Testing program documented how well the latest tools perform that task on dozens of different smartphones and apps. The tests paint a picture of an industry trying to keep pace with the constantly changing smartphones and social media landscapewith mixed results.

Lets say you can get into the phone, you can defeat the encryption. Now you have a blob of ones and zeros, Bob Osgood, a veteran FBI agent who is now the director of digital forensics at George Mason University, told Motherboard. Smartphones contain millions of lines of code, the structures of which differ between every device and can change with every OS or app update. Cracking a phones encryption doesnt necessarily mean an investigator can access the code on it, including deleted and hidden files, hence the need for the tools tested by NIST. In the digital forensics world, the state of complete Nirvana is to get a complete image of the phone, Osgood said. The amount of technical know-how it takes to actually do this stuffreverse engineer, beat the encryption, get data itselfis massive. There are a million moving targets.

Take Cellebrite, the Israeli company whose Universal Forensic Extraction Device (UFED) is a favorite of police departments and the FBI. In June, the company announced that its new premium tool could crack the encryption on any iOS device and many top-end Androidsa major win for law enforcement agencies that had been complaining about built-in encryption.

The companys current UFED 4PC software is then capable of accurately extracting the vast majority of important device informationGPS data, messages, call logs, contactsfrom an iPhone X and most previous models, according to a NIST test from April. It was able to partially extract data from Twitter, LinkedIn, Instagram, Pinterest, and Snapchat as well. NIST did not test the extraction ability for other apps, like Signal.

UFED 4PC could not extract email data from newer iPhone models, but police can gain access to cloud email services like Gmail with a warrant.

Results from Cellebrite on Android phones

Cellebrite was less successful with phones running Android and other operating systems, though. The UFED tool was unable to properly extract any social media, internet browsing, or GPS data from devices like the Google Pixel 2 and Samsung Galaxy S9 or messages and call logs from the Ellipsis 8 and Galaxy Tab S2 tablets. It got absolutely nothing from Huaweis P20 Pro phone.

Some of the newer operating systems are harder to get data from than others. I think a lot of these [phone] companies are just trying to make it harder for law enforcement to get data from these phones ... under the guise of consumer privacy, Detective Rex Kiser, who conducts digital forensic examinations for the Fort Worth Police Department, told Motherboard. Right now, were getting into iPhones. A year ago we couldnt get into iPhones, but we could get into all the Androids. Now we cant get into a lot of the Androids.

Cellebrite, which did not respond to requests for comment, frequently updates its products to address the failures discovered in testing and in the field, experts said, so the weaknesses NIST identified may no longer exist. Previous NIST testing data, though, shows that many blindspots can last for years.

It is important to note that just because a cracking tool cant successfully extract data doesnt mean a forensic investigator cant eventually get to it. The process just becomes much longer, and requires significant expertise.

Kiser said that Cellebrite is currently the industry leader for most devices. The exception is iPhones, where Grayshift, an Atlanta-based company that counts an ex-Apple security engineer among its top staff, has taken the lead.

Like Cellebrite, Grayshift claims that its GrayKey toolwhich it sells to police for between $15,000 and $30,000can also crack the encryption on any iPhone. And once inside, NIST test results show that GrayKey can completely extract every piece of data off an iPhone X, with the exception of Pinterest data, where the tool achieved partial extraction.

Grayshift did not respond to a request for comment.

Other products, like Virginia-based Parabens E3:DS or Swedish MSABs XRY displayed weaknesses in acquiring social media, internet browsing, and GPS data for several phones. Some of those tests, though, are older than the recent results for Cellebrite and Grayshift.

In the NIST tests, both Cellebrite and Grayshift devices were able to extract nearly all the data from an iPhone 7one of the phones used by the Pensacola naval air station shooter. That incident prompted the Department of Justices latest call for phone manufacturers to create encryption backdoors, despite ample evidence that hacking tools can break into the latest, most privacy conscious phones, like the iPhone 11 Pro Max.

This whole thing with the new terrorists and [the FBI] cant get into their phones, thats complete BS, Jerry Grant, a private New York digital forensic examiner who uses Cellebrite tools, told Motherboard.

The rest is here:
Government Report Reveals Its Favorite Way to Hack iPhones, Without Backdoors - VICE

This article originally appeared on VICE US.

The US government is once again reviving its campaign against strong encryption, demanding that tech companies build backdoors into smartphones and give law enforcement easy, universal access to the data inside them.

At least two companies that sell phone-cracking tools to agencies like the FBI have proven they can defeat encryption and security measures on some of the most advanced phones on the market. And a series of recent tests conducted by the National Institute of Standards and Technology (NIST) reveal that, while there remain a number of blind spots, the purveyors of these tools have become experts at reverse engineering smartphones in order to extract troves of information off the devices and the apps installed on them.

Asked whether the NIST test results have any bearing on the public debate about backdoors for police, Barbara Guttman, who oversees the Computer Forensic Tool Testing program for NIST told Motherboard, None at all.

This is a completely different question. Thats a policy question, she said, adding that NISTs only purpose is to ensure that If youre acquiring the phone [data], you should acquire it correctly.

But the demonstrated ability of phone cracking tools to break into and extract data from the latest phones is further proof that the government is perfectly capable of getting into terrorists devices, Andres Arrieta, the director of consumer privacy engineering at the Electronic Frontier Foundation, told Motherboard.

When it comes to the capabilities from law enforcement, I think these documents show theyre quite capable, he said. In the San Bernardino case, they claimed they didnt have the capabilities and they made a big circus out of it, and it turned out they did. Theyve proven consistently that they have the tools.

The never-ending public debate over smartphone security has focused on backdoors for law enforcement to bypass device encryptionand more recently, Apple features that erase all data after 10 failed password attempts or block data extraction through lightning ports. But accessing a phone is only part of the battle; once inside, digital forensic investigators have to understand the complicated data structures they find and translate them into a format that meets the high accuracy standards for evidence, using acquisition tools from companies like Cellebrite, Grayshift, and MSAB.

Results from an NIST test of Cellebrite found that it largely works as expected.

In a series of reports published over the last year, NISTs Computer Forensic Tool Testing program documented how well the latest tools perform that task on dozens of different smartphones and apps. The tests paint a picture of an industry trying to keep pace with the constantly changing smartphones and social media landscapewith mixed results.

Lets say you can get into the phone, you can defeat the encryption. Now you have a blob of ones and zeros, Bob Osgood, a veteran FBI agent who is now the director of digital forensics at George Mason University, told Motherboard. Smartphones contain millions of lines of code, the structures of which differ between every device and can change with every OS or app update. Cracking a phones encryption doesnt necessarily mean an investigator can access the code on it, including deleted and hidden files, hence the need for the tools tested by NIST. In the digital forensics world, the state of complete Nirvana is to get a complete image of the phone, Osgood said. The amount of technical know-how it takes to actually do this stuffreverse engineer, beat the encryption, get data itselfis massive. There are a million moving targets.

Take Cellebrite, the Israeli company whose Universal Forensic Extraction Device (UFED) is a favorite of police departments and the FBI. In June, the company announced that its new premium tool could crack the encryption on any iOS device and many top-end Androidsa major win for law enforcement agencies that had been complaining about built-in encryption.

The companys current UFED 4PC software is then capable of accurately extracting the vast majority of important device informationGPS data, messages, call logs, contactsfrom an iPhone X and most previous models, according to a NIST test from April. It was able to partially extract data from Twitter, LinkedIn, Instagram, Pinterest, and Snapchat as well. NIST did not test the extraction ability for other apps, like Signal.

UFED 4PC could not extract email data from newer iPhone models, but police can gain access to cloud email services like Gmail with a warrant.

Results from Cellebrite on Android phones

Cellebrite was less successful with phones running Android and other operating systems, though. The UFED tool was unable to properly extract any social media, internet browsing, or GPS data from devices like the Google Pixel 2 and Samsung Galaxy S9 or messages and call logs from the Ellipsis 8 and Galaxy Tab S2 tablets. It got absolutely nothing from Huaweis P20 Pro phone.

Some of the newer operating systems are harder to get data from than others. I think a lot of these [phone] companies are just trying to make it harder for law enforcement to get data from these phones ... under the guise of consumer privacy, Detective Rex Kiser, who conducts digital forensic examinations for the Fort Worth Police Department, told Motherboard. Right now, were getting into iPhones. A year ago we couldnt get into iPhones, but we could get into all the Androids. Now we cant get into a lot of the Androids.

Cellebrite, which did not respond to requests for comment, frequently updates its products to address the failures discovered in testing and in the field, experts said, so the weaknesses NIST identified may no longer exist. Previous NIST testing data, though, shows that many blindspots can last for years.

It is important to note that just because a cracking tool cant successfully extract data doesnt mean a forensic investigator cant eventually get to it. The process just becomes much longer, and requires significant expertise.

Kiser said that Cellebrite is currently the industry leader for most devices. The exception is iPhones, where Grayshift, an Atlanta-based company that counts an ex-Apple security engineer among its top staff, has taken the lead.

Like Cellebrite, Grayshift claims that its GrayKey toolwhich it sells to police for between $15,000 and $30,000can also crack the encryption on any iPhone. And once inside, NIST test results show that GrayKey can completely extract every piece of data off an iPhone X, with the exception of Pinterest data, where the tool achieved partial extraction.

Grayshift did not respond to a request for comment.

Other products, like Virginia-based Parabens E3:DS or Swedish MSABs XRY displayed weaknesses in acquiring social media, internet browsing, and GPS data for several phones. Some of those tests, though, are older than the recent results for Cellebrite and Grayshift.

In the NIST tests, both Cellebrite and Grayshift devices were able to extract nearly all the data from an iPhone 7one of the phones used by the Pensacola naval air station shooter. That incident prompted the Department of Justices latest call for phone manufacturers to create encryption backdoors, despite ample evidence that hacking tools can break into the latest, most privacy conscious phones, like the iPhone 11 Pro Max.

This whole thing with the new terrorists and [the FBI] cant get into their phones, thats complete BS, Jerry Grant, a private New York digital forensic examiner who uses Cellebrite tools, told Motherboard.

Go here to read the rest:
US Government Report Reveals Its Favourite Way to Hack iPhones, Without Backdoors - VICE

This report focuses on the global Encryption Software status, future forecast, growth opportunity, key market and key players. The study objectives are to present the Encryption Software development in United States, Europe and China.

In 2017, the global Encryption Software market size was million US$ and it is expected to reach million US$ by the end of 2025, with a CAGR of during 2018-2025.

The key players covered in this study

IBM

Microsoft

Sophos Ltd

Gemalto

Net App Inc

Hewlett- Packard

Vormetric

Oracle

Intel

Symantec

Market segment by Type, the product can be split into

Encryption for Data-at-rest

Full Disc Encryption (FDE)

File Level Encryption

Others

Market segment by Application, split into

IT & Telecom

BFSI

Government & Public Utilities

Manufacturing Enterprise

Others

Market segment by Regions/Countries, this report covers

United States

Europe

China

Japan

Southeast Asia

India

Central & South America

The study objectives of this report are:

To analyze global Encryption Software status, future forecast, growth opportunity, key market and key players.

To present the Encryption Software development in United States, Europe and China.

To strategically profile the key players and comprehensively analyze their development plan and strategies.

To define, describe and forecast the market by product type, market and key regions.

In this study, the years considered to estimate the market size of Encryption Software are as follows:

History Year: 2013-2017

Base Year: 2017

Estimated Year: 2018

Forecast Year 2018 to 2025

For the data information by region, company, type and application, 2017 is considered as the base year. Whenever data information was unavailable for the base year, the prior year has been considered.

Table of Contents

Chapter One: Report Overview

1.1 Study Scope

1.2 Key Market Segments

1.3 Players Covered

1.4 Market Analysis by Type

1.4.1 Global Encryption Software Market Size Growth Rate by Type (2013-2025)

1.4.2 Encryption for Data-at-rest

1.4.3 Full Disc Encryption (FDE)

1.4.4 File Level Encryption

1.4.5 Others

1.5 Market by Application

1.5.1 Global Encryption Software Market Share by Application (2013-2025)

1.5.2 IT & Telecom

1.5.3 BFSI

1.5.4 Government & Public Utilities

1.5.5 Manufacturing Enterprise

1.5.6 Others

1.6 Study Objectives

1.7 Years Considered

Chapter Two: Global Growth Trends

2.1 Encryption Software Market Size

2.2 Encryption Software Growth Trends by Regions

2.2.1 Encryption Software Market Size by Regions (2013-2025)

2.2.2 Encryption Software Market Share by Regions (2013-2018)

2.3 Industry Trends

2.3.1 Market Top Trends

2.3.2 Market Drivers

2.3.3 Market Opportunities

Chapter Three: Market Share by Key Players

3.1 Encryption Software Market Size by Manufacturers

3.1.1 Global Encryption Software Revenue by Manufacturers (2013-2018)

3.1.2 Global Encryption Software Revenue Market Share by Manufacturers (2013-2018)

3.1.3 Global Encryption Software Market Concentration Ratio (CRChapter Five: and HHI)

3.2 Encryption Software Key Players Head office and Area Served

3.3 Key Players Encryption Software Product/Solution/Service

3.4 Date of Enter into Encryption Software Market

3.5 Mergers & Acquisitions, Expansion Plans

Chapter Four: Breakdown Data by Type and Application

4.1 Global Encryption Software Market Size by Type (2013-2018)

4.2 Global Encryption Software Market Size by Application (2013-2018)

Chapter Five: United States

5.1 United States Encryption Software Market Size (2013-2018)

5.2 Encryption Software Key Players in United States

5.3 United States Encryption Software Market Size by Type

5.4 United States Encryption Software Market Size by Application

Chapter Six: Europe

6.1 Europe Encryption Software Market Size (2013-2018)

6.2 Encryption Software Key Players in Europe

6.3 Europe Encryption Software Market Size by Type

6.4 Europe Encryption Software Market Size by Application

Chapter Seven: China

7.1 China Encryption Software Market Size (2013-2018)

7.2 Encryption Software Key Players in China

7.3 China Encryption Software Market Size by Type

7.4 China Encryption Software Market Size by Application

Chapter Eight: Japan

Original post:
Encryption Software Market: Global Industry Analysis, Size, Share, Growth, Trends and Forecast 2020 - 2025 - Expedition 99

Feature

By Lester Victor MarksFriday, January 24, 2020, 05:49 am PT (08:49 am ET)

AppleInsider editor Victor Marks and writer William Gallagher discuss:

We like reader email send us your comments and concerns!

The show is available on iTunes and your favorite podcast apps by searching for "AppleInsider." Click here to listen, subscribe, and don't forget to rate our show.

Listen to the embedded SoundCloud feed below:

Sponsors:

Masterclass - Get unlimited access to EVERY MasterClass, and as an AppleInsider listener, you get 15% off the Annual All-Access Pass! Go to masterclass.com/appleinsider.

CLEAR is the absolute best way to get through airport security. It works great with Pre-Check too! Right now, listeners of our show can get their first two months of CLEAR for FREE. Go to clearme.com/appleinsider and use code appleinsider.

Show notes:

Follow our hosts on Twitter: @vmarks and @wgallagher

Feedback and comments are always appreciated. Please contact the AppleInsider podcast at [emailprotected] and follow us on Twitter @appleinsider, plus Facebook and Instagram.

Those interested in sponsoring the show can reach out to us at [emailprotected].

See the article here:
Apple Watch rewards, iCloud encryption, and WhatsApp hacks on the AppleInsider Podcast - AppleInsider