April 01, 2015 // By Pravin Mirchandani

Back in July 2014, an Intel study indicated that 41% of IT managers and directors identified data protection as a key obstacle to overcome before the Internet of Things (IoT) could be fully embraced. 44% cited data encryption as the answer to this problem.

Page 1 of 2

Since then, despite IoT dialogue intensifying, relatively little attention has been given to how IoT data from fleets of connected devices will be secured. Perhaps 'devices' is the wrong word. For manufacturing plants, together with hotels, gas stations, retailers and a host of other enterprise beneficiaries, IoT is less about investing in new technologies and more about retrofitting sensors to existing machines and other physical assets.

This matters because IoT sensors have limited processing power and, as a result, are incapable of performing heavy duty computational functions, like encryption. So where does this leave us? We know that encryption is a deal breaker for IT decision makers but, at the same time, it seems beyond reach.

Happily, the solution is also a revenue opportunity for communication service providers (CSPs), and involves encryption being performed at a central point before the data is transmitted across the WAN. After all, the biggest risk to corporate data security does not come from the factory floor, the hotel staff, or the gas station attendant; it comes from the threat of that data being intercepted by a third party as it is being transmitted across the web.

By using a customer premises-based router as a managed service delivery platform, CSPs can centralise all of a customers IoT data from across their sites and provide encryption as a service, pre-transmission. This means that the CSP can hold both the encryption and the decryption keys centrally and securely, on behalf of the customer. Whats more, because the customer-premises equipments (CPEs) functions are also managed by the CSP, it is about as tamper-resistant a piece of hardware as the enterprise is likely to find.

Back in July 2014, an Intel study indicated that 41% of IT managers and directors identified data protection as a key obstacle to overcome before the Internet of Things (IoT) could be fully embraced. 44% cited data encryption as the answer to this problem.

Since then, despite IoT dialogue intensifying, relatively little attention has been given to how IoT data from fleets of connected devices will be secured. Perhaps 'devices' is the wrong word. For manufacturing plants, together with hotels, gas stations, retailers and a host of other enterprise beneficiaries, IoT is less about investing in new technologies and more about retrofitting sensors to existing machines and other physical assets.

This matters because IoT sensors have limited processing power and, as a result, are incapable of performing heavy duty computational functions, like encryption. So where does this leave us? We know that encryption is a deal breaker for IT decision makers but, at the same time, it seems beyond reach.

Read more from the original source:
IoT encryption: a revenue driver for CSPs

Basics of encryption part 2 for 25 subscribers

By: SuperBeavers16

Follow this link:
Basics of encryption part 2 for 25 subscribers - Video

Europol chief warns on computer encryption
Europol chief warns on computer encryption.

By: Shakil News

See the original post here:
Europol chief warns on computer encryption - Video

In January of this year, British Prime Prime Minister David Cameronlet it be known that he intended to dumb down encryption so that law enforcement could monitor all of the information streaming across the country. A direct attempt to capitalize on the Paris attacks. This was an unfortunate overture against encryption and privacy in general. Sure, he is stumping for votes with his electoral base but, this is by no means the first or the last time this sort of rhetoric has popped up.

Today news about a police chief with Europol was advocating against encryption as it gives criminals a leg up.

From BBC:

A European police chief says the sophisticated online communications are the biggest problem for security agencies tackling terrorism.

Hidden areas of the internet and encrypted communications make it harder to monitor terror suspects, warns Europols Rob Wainwright.

Tech firms should consider the impact sophisticated encryption software has on law enforcement, he said.

The irony being that the Europol website defaults to TLS 1.2. This is security technology designed to protect communications across a network. When I check the connection to the Europol website it presents this message, Your connection to http://www.europol.europa.eu is encrypted with modern cryptography. I cant help but chuckle.

The part of this that troubles me is that this comes on the heels of the Cameron statements about encryption. Now we hear about this from a law enforcement organization. The spectre of the terrorist boogeyman is getting trotted out more often. The difficulty is that this use of fear uncertainty and doubt will have unfortunate repercussions for perfectly innocent people.

Make no mistake, there is a need for law enforcement to have mechanisms in place to combat crime but, they have those. They are called laws. The problem here is that law enforcement and government have found that there are easier ways to get the information they want/need. The documents Edward Snowden leaked illustrated that this has become a serious problem.

Read more:
Surveillance And The Encryption Boogeyman

Wikimedia/YtoyodaEuropol director Rob Wainwright

A European police chief has spoken out against encryption, describing it as the "biggest problem" in tackling terrorism, the BBC reports.

Europol director Rob Wainwright said that the rise in use of secure messaging platforms that cannot be decrypted by law enforcement under any circumstances has "become perhaps the biggest problem for the police and the security service authorities in dealing with the threats from terrorism."

In the wake of multiple revelations about the extent of government surveillance of citizens' communications, there has been a surge in use of encrypted software that cannot be decrypted by companies or authorities if the user refuses to surrender their password. In particular, Google and Apple both promised to encrypt the data stored on Android and iOS devices by default (although Google has postponed implementation because the technical demands of encryption was crippling users' phones).

This hardened stance from technology companies has infuriated authorities, who see encryption as a significant challenge to monitoring potential criminal and terrorist threats. Previously, a senior US cop has said that introducing encryption by default will make the iPhone "the phone of choice for the paedophile."

British Prime Minister David Cameron has also spoken out against the spread of encryption technology, apparently promising to outlaw it if he is re-elected in May 2015. "[Do] we want to allow a means of communication between two people which even in extemis with a signed warrant from the home secretary personally that we cannot read?" he asked. "My answer to that question is no, we must not."

AP Photo/J. Scott ApplewhiteApple CEO Tim Cook has spoken out in favour of strong encryption tools.

However, security experts have condemned such suggestions. Strong encryption tools are already widely available they ensure online payments can be made securely, and journalists and activists use them to communicate with sources. It's unlikely that many other tech companies would even comply with a ban, if passed into law Apple CEO Tim Cook previously said that the company has "never worked with any government agency from any country to create a backdoor in any of our products or services... And we never will."

Nonetheless, Wainwright is critical of companies like Apple. "We are disappointed by the position of these tech firms and it only adds to our problems in getting to the communications of the most dangerous people hat are abusing the Internet." He told the BBC he believes the increase in encryption is "because of a greater commercial imperative driven by what they perceive to be consumer demand for greater privacy of their communications."

Wainwright adds that encryption has "changed the very nature of counter-terrorist work from one that has been traditionally reliant on having good monitoring capability of communications to one that essentially doesn't provide one any more."

See the rest here:
European police chief: Encryption is the 'biggest problem' in tackling terrorism

Synology America Disk Station 4 Bay Network Attached Storage With AES-NI Hardware Encryption Engine
http://amzn.to/1bB8vvu Synology America Disk Station 4-Bay Network Attached Storage With Quad Core CPU and AES-NI Hardware Encryption Engine. Physical Data Encryption Synology products ...

By: Ridwan Revanzya Reyza

Read the rest here:
Synology America Disk Station 4 Bay Network Attached Storage With AES-NI Hardware Encryption Engine - Video

FBI Director urges Congress to act on cell phone encryption
In yet another very public warning about advanced cell phone encryption techniques by Apple and Google, FBI Director James Comey says Congress may have to get involved to insure that police...

By: jamiedupreedc

View original post here:
FBI Director urges Congress to act on cell phone encryption - Video

Summary:The European agency says tracking and monitoring terrorist suspects is increasingly difficult in a world where encryption is becoming commonplace.

Monitoring threats to national security is becoming increasingly difficult as tech companies ramp up encryption efforts, Europol has warned.

The European Police Office's Director, Rob Wainwright, says sophisticated, encrypted online communication and hidden areas of the Internet -- known as the Dark web -- are creating problems in tracking and monitoring terrorist suspects.

Speaking to the BBC as part of 5 Live Investigates, the Europol executive said sophisticated online communication is "the biggest problem" law enforcement officers face in this duty.

"It's become perhaps the biggest problem for the police and the security service authorities in dealing with the threats from terrorism," Wainwright told the news agency. "It's changed the very nature of counter-terrorist work from one that has been traditionally reliant on having good monitoring capability of communications to one that essentially doesn't provide that anymore."

Europol says encrypted communications is often central to terrorist operations. As an example, Rodrigo Bijou from data solutions provider The Data Guild told attendees at Kaspersky's Annual Security Summit in February that groups such as ISIS and Al Qaeda are using online forums to spread propaganda, and are both developing their own communication tools and using encrypted offerings from the marketplace to communicate and organize activities.

In addition, the director says terrorists are using the Dark web more frequently in order to keep their activities away from spying eyes.

As a result, Wainwright believes technology companies should consider the effect encryption has on law enforcement.

While companies including Apple are using end-to-end encryption protocols to secure consumer devices and Google declared to do the same through the Android operating system -- although later had to backtrack because of old device compatibility issues -- the development of heavily encrypted instant messaging applications is also a cause for concern, according to Wainwright.

Read more here:
Encrypted communication 'biggest problem' in tackling terrorism, Europol warns

FBI Director James Comey doesnt want you to encrypt your phone...for your own safety, of course. Photograph: Susan Walsh/AP

The FBI wants to make us all less safe. At least thats the implication from FBI director Jim Comeys push to ban unbreakable encryption and deliberately weaken everyones security. And its past time that the White House makes its position clear once and for all.

Comey was back before Congress this week - this time in front of the House Appropriations Committee - imploring Congressmen to pass a law that would force tech companies to create a backdoor in any phone or communications tool that uses encryption.

He also revealed the Obama administration may be crafting such a law right now. One of the things that the administration is working on right now is what would a legislative response look like that would allow us with court process to get access to that evidence, he said.

The whole controversy stems from Apples decision to encrypt iPhones by default - so that only the user can unlock a phone with a pin or password and even Apple itself does not have the key. It was a huge step forward for security, and given that the US government considers cybersecurity attacks a more dire threat than terrorism, youd think theyd be encouraging everyone to use more encryption. But Comey essentially argued to Congress that because encryption sometimes makes FBI investigations harder, it should be outlawed.

The idea that all of a sudden the FBI is going dark and wont be able to investigate criminals anymore thanks to a tiny improvement of cell phone security is patently absurd. Even if the phone itself is protected by a passphrase that encrypts the device, the FBI can still go to telecom companies to get all the phone metadata they want. They can also still track anyone they choose by getting a cell phones location information 24 hours a day, and of course they can still wiretap the calls themselves. Lets not forget that with a four digit passcode - like iPhones come with by default - can easily broken into by the FBI without anyones help anyways. So a vast majority of this debate is already moot.

Beyond a few vague hypotheticals, Comey wouldnt give any specific examples at the hearing about where this has tripped up the FBI before, but the last time the FBI did, what they said was immediately debunked as nonsense.

If you want to understand why encryption is important for protecting your data, look no further than the FBIs own website. Well, at least you could until last week. For years, the FBI recommended people enable encryption on their phone to protect themselves against criminals, but at some point prior to Comeys testimony, the FBI scrubbed that information from public view. (On 27 March the FBI told the National Journal that the security tips were not intentionally deleted, but were because of the agencys ongoing website redesign.)

In other words, as security expert Jonathan Zdziarski remarked, the FBI has weakened their recommended standards [and] best practices to intentionally leave you vulnerable to security breaches. Computer science professor Matt Blaze put it another way: Basically, the FBI is saying that they think youre more likely to commit a crime than need to protect yourself against crime.

The only thing worse than Comeys position was the know-nothing members of the Appropriations Committee, who at various times were fawning all over Comeys proposal and displaying zero knowledge about basic technological precepts. The video of the back-and-forth is cringe worthy.

Follow this link:
The FBI used to recommend encryption. Now they want to ban it

You'd think that governments would be encouraging people to keep their computers and personal data safe. Until relatively recently, this has been exactly what the FBI has been pushing -- suggesting that phone users should enable encryption on their handsets. But it seems that there has been something of a change of heart. It's probably Snowden's fault.

Now, as part of an "ongoing website redesign", advice about using encryption and protective PINs has vanished from the FBI website. Forget the security-focused devices such as the Blackphone 2, it appears that the bureau wants your data, and you, to be insecure.

As noted by TechDirt, the FBI website previously included an advice section entitled "safety tips to protect your mobile device". This has now gone, although it can still be seen on the Internet Archive's oh-so-helpful backup. The FBI no longer suggests that phone users enable encryption on their handset to protect their data and their privacy. But this is far from the end of the story.

Speaking on Wednesday, FBI Director James Comey made a call for a ban on encryption. This is not something that came completely out of the blue, it's something he has been pursuing for some time now. Of course it would be a little crazy to just make such a call with no justification behind it, and Comey was ready to pull on heart strings with a doom and gloom vision of a world in which an individual's privacy is seen as being of the utmost importance.

Rather than welcoming a future in which privacy is seen as key, he calls on those who believe in such a vision to imagine something a little darker: a world in which "pedophiles can't be seen, kidnappers can't be seen, drug dealers can't be seen". But this is only one side of the story. The flipside of the coin is that a world in which pedophiles, kidnappers and drug dealers can be seen is a world in which everyone else can also be seen. Nothing to hide, nothing to fear is the common comeback, but that's really not the point.

People are very quick to question this likes of Google when the company tracks user data for targeted advertising and other purposes. But this is something that people, essentially, sign up for. You use Google and you know that your online activities are going to be monitored to some extent. It's a given. Being monitored by the government, however, is an entirely different matter. The very way in which NSA surveillance was carried out demonstrated perfectly that the people collecting data do not know what they're doing or what they're looking for.

With Comey and his ilk pushing for technology company to build backdoors (which we know can be problematic) into all of their products and services that offer encryption. He views encryption as a "huge problem" -- but it's also an incredibly valuable tool for individuals. Encryption with backdoors is as good as no encryption, which is precisely what Comey would like.

Edward Snowden has previously criticized Amazon for failing to encrypt user data (as have others), and with a rise in security attacks, it's little wonder that, on the whole, there is an increased interest in data encryption. The FBI and other organization should be encouraging people to be safer, not pushing for a drop in security simply because it makes surveillance easier.

Photo credit: spiber.de / Shutterstock

Read the original here:
The FBI wants your computer and mobile to be insecure