Sen. Richard Blumenthal (D-CT) announces a bipartisan agreement on Turkey sanctions during a news conference on Capitol Hill in Washington, October 17, 2019.

Erin Scott | Reuters

Senators disputed the tech industry's claims that a bipartisan bill targeting tech's long-standing legal shield would prohibit encryption by necessity.

"This bill says nothing about encryption," Sen. Richard Blumenthal, D-Conn., said at a hearing Wednesday to discuss the legislation. Blumenthal introduced the EARN IT Act last week with Senate Judiciary Committee Chairman Lindsey Graham, R-S.C., ranking member Dianne Feinstein, D-Calif., and Sen. Josh Hawley, R-Mo.

As the name suggests, the bill aims to make tech platforms "earn" a the legal immunity they've long enjoyed for third-party content posted to their services under Section 230 of the Communications Decency Act. If enacted, online platforms would no longer be automatically protected, but would be able to win back immunity by certifying compliance with a set of best practices for detecting and reporting child sexual exploitation materials to law enforcement.

Industry groups slammed the legislation when it was announced, warning the bill "would erodeboth security andtrustby potentially forbidding the use of end-to-end encryption in order to comply with the law," as Information Technology Industry Council President and CEO Jason Oxman put it in a statement. The group represents members including Amazon, Apple, Facebook, Google, Microsoft and Twitter.

"Weakeningencryption andthe security of technology products, including through the EARN IT Act, does nothing to advanceonline safety," Oxman said.

While the bill does not explicitly address encryption, ITI argued it would allow the Department of Justice to require "back doors" to encrypted products, which scramble messages so that they are not readable to anyone outside of the sender and recipient. Tech companies like Apple have previously told government officials that creating such an entry point or key would weaken privacy standards for all users.

The DOJ has recently stepped up its critique of tech companies implementing encryption, including Facebook, which has announced plans to integrate and encrypt its three messaging services, Messenger, Instagram and WhatsApp. Attorney General William Barr previously said he feared that encryption of the apps would greatly hurt law enforcement's ability to detect instances of child sexual exploitation given Facebook comprises the vast majority of reports to the U.S. National Center for Missing and Exploited Children (NCMEC).

The Department also recently hosted experts to discuss Section 230 where Attorney General William Barr said tech's scale and power raises "valid questions" about whether the industry still needs the immunity.

Wednesday's hearing demonstrated that broad support exists in Congress for revising Section 230 alongside support for encryption.

"End-to-end encryption must be able to exist with robust law enforcement and I'm not going to support anything that does not protect the integrity of encryption for users, I can promise you that," said Hawley.

Blumenthal referenced a letter Facebook sent in response to questions from a group of Senators saying it is "committed to designing strong prevention, detection, and reporting systems to ensure that private and secure messaging services provide users with industry-leading privacy and security while safeguarding them and others from online abuse."

Blumenthal said the response showed encryption and enforcement could be compatible.

"Strong law enforcement is compatible with strong encryption," Blumenthal said. "I believe it, Big Tech knows it and either is Facebook is lying and I think they're telling us the truth when they say that law enforcement is consistent with strong encryption or Big Tech is using encryption as a subterfuge to oppose this bill."

Subscribe to CNBC on YouTube.

WATCH: Why the U.S. government is questioning your online privacy

Read the original:
Senators dispute industry claims that a bill targeting tech's legal shield would prohibit encryption - CNBC

A vulnerability in Broadcom and Cypress WiFi chips makes it possible for attackers on your local WiFi network to decrypt your WPA2 encrypted internet traffic. The vuln, known as the Krk (kr00k) vulnerability, has the designation CVE-2019-15126, ESET, the discoverer of the kr00k vulnerability, estimated that over a billion devices were affected. Apple products such as iPhone, iPad, and Macs were all affected; however, Apple has since patched the issue for iOS and MacOS so make sure that you are up to date on your updates. Even with quick action to correct the vulnerability by affected parties, there will still be millions of devices that wont be patched and will remain vulnerable. What Krk really does is remind us as internet users why properly implemented encryption is important.

Apple described the impact of the kr00k vulnerability as such when they patched this vulnerability in October 2019:

An attacker in Wi-Fi range may be able to view a small amount of network traffic.

The Broadcom and Cypress WiFi chips have a built in feature that resets the encryption key to all zeroes in the event of a connection break between the access point and the target device. The thing is, some WPA2 encrypted packets from the target device would still continue to be sent during that time and an attacker could intercept and decrypt those by using an all-zeroes encryption key. Since the disconnection can be triggered at will by the attacker, this attack can be extremely targeted to decrypt a WiFi users internet activity at will.

While the attacker might not be able to decrypt HTTPS encrypted data and information that is sent to HTTPS sites that youre visiting like your banking website they still would be able to intercept domain name system (DNS) or server name indication (SNI) requests and know what websites youre visiting even if theyre otherwise secured through HTTPS.

While the CVE worked as intended and the main companies with affected chips were able to push out patches to fix the vuln, its still possible that there are unpatched devices out there for whatever reason. The researchers at ESET emphasized in their reporting:

Krk affects devices with Wi-Fi chips by Broadcom and Cypress that havent yet been patched. These are the most common Wi-Fi chips used in contemporary Wi-Fi capable devices such as smartphones, tablets, laptops, and IoT gadgets.

Its best to assume that WiFi encryption is incomplete and that WPA2 is not enough encryption to protect your internet traffic when youre on WiFi. Before kr00k, there was also the KRACK WPA2 WiFi vulnerability which affected even more devices. Even when youre on 4G networks, there are 4G vulnerabilities that allow decryption, tracking, spoofing, and spamming and some of them even remain unpatched. This isnt the first and it wont be the last vulnerability affecting WiFi encryption.

Caleb Chen is a digital currency and privacy advocate who believes we must #KeepOurNetFree, preferably through decentralization. Caleb holds a Master's in Digital Currency from the University of Nicosia as well as a Bachelor's from the University of Virginia. He feels that the world is moving towards a better tomorrow, bit by bit by Bitcoin.

Read the rest here:
Krk WiFi vulnerability affected WiFi encryption on over a billion devices - Privacy News Online

A bipartisan pair of US senators today introduced long-rumored legislation known as the EARN IT Act. Meant to combat child sexual exploitation online, the bill threatens to erode established protections against holding tech companies responsible for what people do and say on their platforms. It also poses the most serious threat in years to strong end-to-end encryption.

As the final text of the bill circulated, the Department of Justice held a press conference about its own effort to curb online child predation: a set of 11 "voluntary principles" that a growing number of tech companiesincluding Facebook, Google, Microsoft, Roblox, Snap, and Twitterhave pledged to follow. Though the principles the companies are pledging to adopt don't specifically impact encryption themselves, the event had an explicit anti-encryption message. The cumulative effect of this morning's announcements could define the geography of the next crypto wars.

Child predators "communicate using virtually unbreakable encryption," US attorney general William Barr said during the press conference. "The department for one is prioritizing combatting child sexual exploitation and abuse in our prosecution efforts. And we are also addressing child exploitation in our efforts on retaining lawful access and in analyzing the impact of Section 230 of the Communications Decency Act on incentives for platforms to address these crimes."

EARN IT focuses specifically on Section 230, which has historically given tech companies freedom to expand with minimal liability for how people use their platforms. Under EARN IT, those companies wouldn't automatically have a liability exemption for activity and content related to child sexual exploitation. Instead, companies would have to "earn" the protection by showing that they are following recommendations for combatting child sexual exploitation laid out by a 16-person commission.

"This is a profoundly awful proposal on multiple levels."

Julian Sanchez, Cato Institute

The bill, written by South Carolina Republican senator Lindsey Graham and Connecticut Democrat Richard Blumenthal, would create a way for law enforcement officials, attorneys general, online child sexual exploitation survivors and advocates, constitutional law scholars, consumer protection and privacy specialists, cryptographers, and other tech experts to collectively decide what digital companies should do to identify and reduce child predation on their platformsand then require companies to actually do it. The safeguards the committee might recommend would likely include things like proactive, dynamic content scanning to identify abusive photos and videos, but also communication surveillance to watch for predators who could be forming relationships with potential victims and "grooming" them for exploitation.

Though it seems wholly focused on reducing child exploitation, the EARN IT Act has definite implications for encryption. If it became law, companies might not be able to earn their liability exemption while offering end-to-end encrypted services. This would put them in the position of either having to accept liability, undermine the protection of end-to-end encryption by adding a backdoor for law enforcement access, or avoid end-to-end encryption altogether.

Facebook has most prominently made the argument in recent months that it can adequately identify child predation threats without eliminating or undermining user data protections like end-to-end encryption. The safeguard only makes data readable on the sender's and receiver's devices, boxing companies out of accessing user data directly.

Law enforcement officials and members of Congress have countered, though, that tech companies can't do enough to stop child predation and distribution of illegal content on their platforms if they can't access their users' data.

"We share the EARN IT Act sponsors commitment to child safety and have made keeping children safe online a top priority by developing and deploying technology to thwart the sharing of child abuse material," Thomas Richards, a Facebook spokesperson, said in a statement. "Were concerned the EARN IT Act may be used to roll back encryption, which protects everyones safety from hackers and criminals, and may limit the ability of American companies to provide the private and secure services that people expect."

Read more here:
The EARN IT Act Is a Sneak Attack on Encryption - WIRED

Encryption technology has allowed consumers to keep their data and communication private, but it has also allowed criminals to evade surveillance. Policymakers are once again considering whether law enforcement agencies need new tools to handle this technology, such as a backdoor or built-in access to encrypted data into their apps. Yet the federal government and law enforcement often already have the ability to access needed digital evidence, and reforms should not endanger the benefits of encryption technology that consumers and businesses enjoy, argues AAFs Director of Technology and Innovation Policy Jennifer Huddleston.

An excerpt:

Law enforcement should have the resources to address concerns about illegal activity, including those conducted via encrypted technologies. In providing these tools, however, policies should not create greater risk that undermine security and civil liberties. Rather than creating a risky and expansive policy by requiring a backdoor, policymakers and law enforcement should seek to better use existing tools and to focus on the underlying problematic behavior.

Read the analysis.

View post:
The Benefits of Encryption and the Implications of Creating Backdoors - American Action Forum

(MENAFN - GetNews) Encryption Software Comprehensive Study by Type (Encryption for Data-at-rest, Full Disc Encryption (FDE), File Level Encryption, Others), Application (Disk Encryption, File/Folder Encryption, Data Base Encryption, Web Communication Encryption, Network Traffic Encryption, Cloud Encryption, Others), Deployment Mode (On-premises, Cloud), Enterprise Size (Small and Medium-sized Enterprises (SMEs), Large Enterprises), Industry Vertical (BFSI, IT & Telecom, Retail, G&PA, Healthcare, Defense & Aerospace, Education, Manu

Encryption software is a cryptographic program that avoids unauthorized access to digital data. Cryptography is used primarily to protect data digital information. This digital information is sent over the Internet to other computers. Portable document format is one of the world's most widely used file formats and to maintain the privacy of records, this file format supports the encryption of files. Portable document format encryption is an important desktop tool that allows the user to change the security of existing acrobat portable document format files by password. This ensures that with 128-bit encryption users can secure portable document format files and also users can easily remove existing password protection. According to AMA, the Global Encryption Software market is expected to see growth rate of 18.1% and may see market size of USD11.2 Billion by 2024.

Advance Market Analytics released a new market study on Global Encryption Software Market with 100+ market data Tables, Pie Chat, Graphs & Figures spread through Pages and easy to understand detailed analysis. At present, the market is developing its presence. The Research report presents a complete assessment of the Market and contains a future trend, current growth factors, attentive opinions, facts, and industry validated market data. The research study provides estimates for Global Encryption Software Forecast till 2025*. Some are the key players taken under coverage for this study are IBM (United States), Microsoft (United States), Symantec (United States), Thales e-Security (France), Trend Micro (Japan), Sophos (United Kingdom), Check Point (Israel), Micro Focus (United Kingdom), McAfee (United States) and Dell (United States).

Click to get Global Encryption Software Market Research Sample PDF Copy Here @: https://www.advancemarketanalytics.com/sample-report/9364-global-encryption-software-market

Market Leaders and their expansionary development strategies

In December 2018, the Symantec (United States) Company has partnered with Fortinet (United States) Company, which provider of integrated and automated cybersecurity solutions. Hence, this partnership will affect the growth of the market.In June 2018, the Sophos Company has launched Sophos Email Advanced, which is an email protection solution. Therefore, this launch will increase the product portfolio of the company.

Market Trend

Market Drivers

Opportunities

Restraints

Challenges

Important Features that are under offering & key highlights of the report:

1) what all companies are currently profiled in the report? Following are list of players that are currently profiled in the the report 'IBM (United States), Microsoft (United States), Symantec (United States), Thales e-Security (France), Trend Micro (Japan), Sophos (United Kingdom), Check Point (Israel), Micro Focus (United Kingdom), McAfee (United States) and Dell (United States)

** List of companies mentioned may vary in the final report subject to Name Change / Merger etc.

2) Can we add or profiled new company as per our need? Yes, we can add or profile new company as per client need in the report. Final confirmation to be provided by research team depending upon the difficulty of survey.** Data availability will be confirmed by research in case of privately held company. Upto 3 players can be added at no added cost.

3) Can inclusion of additional Segmentation / Market breakdown is possible? Yes, inclusion of additional segmentation / Market breakdown is possible subject to data availability and difficulty of survey. However a detailed requirement needs to be shared with our research before giving final confirmation to client.

** Depending upon the requirement the deliverable time and quote will vary.

Enquire for customization in Report @ https://www.advancemarketanalytics.com/enquiry-before-buy/9364-global-encryption-software-market

The Global Encryption Software Market segments and Market Data Break Down are illuminated below:

by Type (Encryption for Data-at-rest, Full Disc Encryption (FDE), File Level Encryption, Others), Application (Disk Encryption, File/Folder Encryption, Data Base Encryption, Web Communication Encryption, Network Traffic Encryption, Cloud Encryption, Others), Deployment Mode (On-premises, Cloud), Enterprise Size (Small and Medium-sized Enterprises (SMEs), Large Enterprises), Industry Vertical (BFSI, IT & Telecom, Retail, G & PA, Healthcare, Defense & Aerospace, Education, Manufacturing), Component (Software, Services {Consulting Services, Training and Education Services, Support and Maintenance Services, Managed Services})

To comprehend Global Encryption Software market dynamics in the world mainly, the worldwide Encryption Software market is analyzed across major global regions. AMA also provides customized specific regional and country-level reports for the following areas.

North America: United States, Canada, and Mexico. South & Central America: Argentina, Chile, and Brazil. Middle East & Africa: Saudi Arabia, UAE, Turkey, Egypt and South Africa. Europe: UK, France, Italy, Germany, Spain, and Russia. Asia-Pacific: India, China, Japan, South Korea, Indonesia, Singapore, and Australia.

Buy Full Copy Global Encryption Software Report 2018 @ https://www.advancemarketanalytics.com/buy-now?format=1 & report=9364 Try a limited scope research document specific to Country or Regional matching your objective. GET FULL COPY OF United States Encryption Software market study @ USD 2000

And, Europe Encryption Software market study @ USD 2500

Strategic Points Covered in Table of Content of Global Encryption Software Market:

Chapter 1: Introduction, market driving force product Objective of Study and Research Scope the Encryption Software market

Chapter 2: Exclusive Summary the basic information of the Encryption Software Market.

Chapter 3: Displayingthe Market Dynamics- Drivers, Trends and Challenges of the Encryption Software

Chapter 4: Presenting the Encryption Software Market Factor Analysis Porters Five Forces, Supply/Value Chain, PESTEL analysis, Market Entropy, Patent/Trademark Analysis.

Chapter 5: Displaying the by Type, End User and Region 2013-2018

Chapter 6: Evaluating the leading manufacturers of the Encryption Software market which consists of its Competitive Landscape, Peer Group Analysis, BCG Matrix & Company Profile

Chapter 7: To evaluate the market by segments, by countries and by manufacturers with revenue share and sales by key countries in these various regions.

Chapter 8 & 9: Displaying the Appendix, Methodology and Data Source

finally, Encryption Software Market is a valuable source of guidance for individuals and companies.

Browse for Full Report at @: https://www.advancemarketanalytics.com/reports/9364-global-encryption-software-market

Key highlights of the Study:

Actual Numbers & In-Depth Analysis, Business opportunities, Market Size Estimation Available in Full Report.

Thanks for reading this article, you can also get individual chapter wise section or region wise report version like North America, Europe or Asia.

About Author:

Advance Market Analytics is Global leaders of Market Research Industry provides the quantified B2B research to Fortune 500 companies on high growth emerging opportunities which will impact more than 80% of worldwide companies' revenues.

Our Analyst is tracking high growth study with detailed statistical and in-depth analysis of market trends & dynamics that provide a complete overview of the industry. We follow an extensive research methodology coupled with critical insights related industry factors and market forces to generate the best value for our clients. We Provides reliable primary and secondary data sources, our analysts and consultants derive informative and usable data suited for our clients business needs. The research study enable clients to meet varied market objectives a from global footprint expansion to supply chain optimization and from competitor profiling to M & As.

Media Contact Company Name: AMA Research & Media LLP Contact Person: Craig Francis Email: Send Email Phone: +1 (206) 317 1218 Address: Unit No. 429, Parsonage Road Edison, NJ New Jersey USA - 08837 City: New Jersey State: New Jersey Country: United States Website: https://www.advancemarketanalytics.com

MENAFN1103202000703268ID1099830955

Originally posted here:
Encryption Software Market is expected to see growth rate of 18.1% and may see market size of USD11.2 Billion by 2024 - MENAFN.COM

Encryption key management software is used to handle the administration, distribution, and storage of encryption keys. Proper management will ensure encryption keys, and therefore the encryption and decryption of their sensitive information, are only accessible for approved parties. Increasing implementation of enterprise mobility and IoT across industry verticals has led to a surge in demand for encryption software. The Encryption Key Management Software Market is expected to reach +17% CAGR during forecast period 2019-2027.

Get Sample copy of this Report @:

https://www.marketresearchinc.com/request-sample.php?id=39541

Key Players in this Encryption Key Management Software Market are:

Netlib Security, Fortanix, Avery Oden, AWS, Microsoft, OpenBSD, HyTrust, GnuPG, Hashicorp, Gemalto

The report collates data from a number of surveys, interviews, and many other primary and secondary research methodologies. The vast amount of data thus gathered from these sources is narrowed down with the help of industry-best analytical methods to present before the reader only the most crucial sets of data essential to understand the factors that will have the most profound impact on the overall development of the market. The global market for the Encryption Key Management Software and the underlying industry are discussed in great depth in a market intelligence for the readers to understand better and get the clear picture about this market.

Early Buyers will Get up to 40% Discount on This Premium Research now @:

https://www.marketresearchinc.com/ask-for-discount.php?id=39541

Across the globe, several regions have been considered to study some significant parameters of the businesses. North America, Latin America, Asia-Pacific, Africa, and Europe have been analyzed on the basis of various parameters of businesses such as type, size, application, and end-users. The global Encryption Key Management Software market is presented to various readers as a snapshot of different business strategies. To increase the outcome of the industries some applicable sales methodologies have been included in this research report.

The Encryption Key Management Software study covers extensive analysis of product type:

Global Encryption Key Management Software market applications

Access complete Report @:

https://www.marketresearchinc.com/enquiry-before-buying.php?id=39541

In this study, the years considered to estimate the size of Encryption Key Management Software are as follows:

History Year: 2013-2018

Base Year: 2018

Estimated Year: 2019

Forecast Year 2020 to 2027.

Table of Contents

Global Encryption Key Management Software Market Research Report

Chapter 1 Encryption Key Management Software Market Overview

Chapter 2 Global Economic Impact on Industry

Chapter 3 Global Market Competition by Manufacturers

Chapter 4 Global Production, Revenue (Value) by Region

Chapter 5 Global Supply (Production), Consumption, Export, Import by Regions

Chapter 6 Global Production, Revenue (Value), Price Trend by Type

Chapter 7 Global Market Analysis by Application

Chapter 8 Manufacturing Cost Analysis

Chapter 9 Industrial Chain, Sourcing Strategy and Downstream Buyers

Chapter 10 Marketing Strategy Analysis, Distributors/Traders

Chapter 11 Market Effect Factors Analysis

Chapter 12 Global Market Forecast

About Us

Market Research Inc is farsighted in its view and covers massive ground in global research. Local or global, we keep a close check on both markets. Trends and concurrent assessments sometimes overlap and influence the other. When we say market intelligence, we mean a deep and well-informed insight into your products, market, marketing, competitors, and customers. Market research companies are leading the way in nurturing global thought leadership. We help your product/service become the best they can with our informed approach.

Contact:

Market Research Inc

Kevin

51 Yerba Buena Lane, Ground Suite,

Inner Sunset San Francisco, CA 94103, USA

Call Us:+1 (628) 225-1818

Write Us@sales@marketresearchinc.com

See the article here:
Big Boom in Encryption Key Management Software Market that is Significantly Growing with Top Key Players Netlib Security, Fortanix, Avery Oden, AWS -...