Cryptographers devote their careers to the science of securing your communications. Twenty-four-year-old Nadim Kobeissi has devoted his to the art of making that security as easy as possible. His software creations like Cryptocat and Minilock encrypt instant messages or shared files with three-letter-agency-level protection, with user interfaces that require Lincoln-Log-level skills. Now hes combiningelements of his dead-simple apps into what hes calling his biggest release yet, a single platform designed to encrypt everything you and any group of collaborators do on the desktop.

Today, Kobeissi plans to announce Peerio, an encrypted productivity suite meant to help individual users and businesses encrypt everything from IMs to online file storage. The software, initially launching as a Windows and Mac app as well as a Chrome plugin but coming to mobile platforms soon, resembles a simplified Gmail with IM and Google Drive features included. Unlike Gmail, all communication sent viaPeerio are end-to-end encrypted and cant be decrypted by anyone but the recipientnot even someone with access to the Peerio server itself.

With Peerio everything you share or communicate with your team is secured with state-of-the-art encryption, and its as easy as using Gmail. You dont need to learn to use it, says Kobeissi. Peerio brings crypto to where the people are.

Encrypted messages sent using Peerio can have a subject line and are organized in the recipients searchable inbox. But Peerio messages just as easily can be exchanged in rapid-fire one-liners with a press of the return keya hybrid of email and instant messaging. The app also lets you upload and share end-to-end encrypted files of up to 400 megabytes, a limit Kobeissi says will climb in future updates.

Kobeissi hopes Peerio will woo two groups of users. Those who use Gmail, Dropbox, and collaboration software like Slack and Hipchat ought to see it as a significantly more secure alternative designed to foil eavesdroppers. For security-minded people already using venerable but clunky encryption tools like the 20-plus-year-old PGP, its a far simpler option thats not limited to communicating exclusively with fellow crypto-nerds. We wanted to take every possible use case of PGP and put it in a single app and make it better, Kobeissi says.

Read the original:
The Free Encryption App That Wants to Replace Gmail, Dropbox, and HipChat

The world has declared open season on encryption and civil liberties. In one week Thailand announced its draft Cyber Security bill, Irans highest court banned encrypted messaging apps and now the United Kingdom has announced its own war on privacy in the wake of the French terror attacks.

UK Prime Minister David Cameron said that he will not allow terrorists to have a safe place to communicate. This is understood to mean that encrypted communications apps are to be banned or backdoored to allow access by the security services.

The idea of eavesdropping on communications to protect the monarchy is genuinely popular in Thailand, as is the idea of empowering the state to get rid of terrorists in the west.

The only problem is banning encryption simply cannot work. The genie is already out of the bottle.

I asked Caspar Bowden, former Chief Privacy Officer at Microsoft and now an independent privacy advocate, for his comments on Camerons pledge. Bowden pointed out that the exact same arguments and counter-arguments had been made in the wake of 9-11.

In October 2001, Bowden wrote a piece for the BBC website that still is valid today as it was over 13 years ago.

Bowden said that the politicians argument that there must be a balance between civil liberties and public safety is a false dichotomy.

Those who want a nostalgic return to the era of phone-tapping are either nave or impervious to reason. The only way to stop terrorist cells communicating via the internet is to disinvent it. Encryption is irrelevant, he said.

There are four ways in which encryption can be compromised in a way that would allow the state to access messages with warrant, but all are fundamentally flawed, as Bowden argued back in 2001.

The 'back-door'

Excerpt from:
The encryption genie is already out of the bottle

Are you willing to give up your security from hacking in exchange for physical security? Thats what Cameron is really proposing. Photograph: REX

Prime Minister David Cameron has quite literally called for the end of privacy on the Internet as we know it: in a radical speech on Monday he said that, since threats of terrorism existed in the world, there should be no means of communications that the UK cannot read. He appears to be suggesting that hes in favour of outlawing the use of end-to-end encryption which, in turn, could ban some of the most popular texting messaging apps in the world, including WhatsApp and iMessage.

We all knew it was only a matter of time before the worlds governments started using the tragedy at Charlie Hebdo, a rallying cry for free speech rights, to justify more censorship and speech-chilling surveillance. Its particularly galling, though, that Cameron and other world leaders are leading the charge so swiftly after the historic unity rally in Paris over the weekend. You remember it: the one that was supposed to show solidarity with the murdered cartoonists devotion to press freedom.

Even Cameron acknowledged yesterday that his proposed powers were very intrusive. What he didnt acknowledge, however, was theres absolutely no public evidence Charlie Hebdo murderers used encryption to communicate at all. Even if they did, we know from the Snowden documents that the GCHQ or NSA still have ways to access their messages. But neither of these facts stopped Cameron from cravenly capitalizing on the tragedy in an attempt to push for powers his government has been from demanding for years.

Just as happened when the FBI director proposed forcing companies like Apple and Google to build a backdoor into their products so American authorities could conduct more surveillance, Camerons proposal will be ridiculed by security experts. Encryption is used to protect banking credentials, private medical information, and private communications of hundreds of millions of people who have nothing to do with terrorism. Given the rash of headline criminal hacks, like the recent Sony scandal, one would think leaders would be encouraging the use of encryption to protect data, rather than make it illegal.

As for the potential ban on messaging apps, Cameron is in fine company there. In fact, just a few days ago, a court in Iran ordered three text messaging apps, including WhatsApp, blocked across the entire country. Iranian President Hassan Rouhani reportedly opposed the move. So actually, the Prime Minister of UK is to the right of the President of Iran on this issue.

While Camerons proposal was first out of the gate, you can be sure other world leaders will soon join him. In fact, just before the unity march on Sunday, a group of EU foreign ministers got together and not only vowed to pursue more surveillance authorities, but pledged to pressure Internet companies to start censoring more content online.

Back in the US, President Obama was heavily criticized for not attending the rally in Paris, but his understated response was actually a welcome respite from the grandstanding by many of the other world leaders who marched arm in arm. Daniel Wickman brilliantly documented on Twitter how the list dignitaries attending was something of a Whos Who of free speech oppressors of the world.

Lost in all this is the fact that Charlie Hebdo has spent much of its life as a publication fending off French anti-speech laws. As law professor Jonathan Turley wrote in the Washington Post this weekend, the biggest threat to French free speech isnt terrorism. Its the government. He recounted how Charlie Hebdo had repeatedly been been threatened with prosecution in the past and has been sued countless times more. Turley then described how a variety of French anti-speech laws have other landed non-violent offenders in jail.

As if on cue, as the Guardian reported Monday, a prosecutors office in France opened an investigation into controversial comedian Dieudonn Mbala Mbala over an allegedly offensive Facebook post.

See the rest here:
Banning all encryption won't make us safer, no matter what David Cameron says

U.K. Prime Minister David Cameron has been weatheringa Twitter storm of mockery for comments he made yesterday in which he appeared to suggestitwould be the intention of a future Conservative government to ban strong encryption.

Are we going to allow a means of communication between people which even in extremis, with a signed warrant from the Home Secretary personally, that we cannot read? he said in a public speech. No we must not. The first duty of any government is to keep our country and our people safe.

Internet security experts chipped in en masse on social media to point out thepyrrhic folly of Cameronthinking hecan banencryption, while others noted the heightened hypocrisy of a politician using last weeks terrorattacks in Paris as a foil to attempt to undermine citizens digital privacy rights at home.

TechCrunch understands alarm at the potential implications of Cameronscomments evenextended to the U.K.s VC investment community which makes sense, given that Internetbusinesseswouldnt be able to function without encryption. So in a move that will shock precisely no one, theback channel back-peddling has begun.

Downing Street sources saidthe PMs words had been misinterpreted, and that he was not, in fact, singling outencryption, or any particular Internet companies, for a ban.Although another governmentsourcedeclined to confirm to TechCrunch that a future Conservative government would not be seeking to ban encryption when we asked directly.So the Tories are evidently not committing to endingall encryption-banning rhetorical outbursts in future.

The game being played here is not just with popular opinion on the election campaign trail ahead of the U.K.s General Election thisMay, as the Toriescack-handedlytry to capitalize on fear of terrorism by tilting at digital windmills. Its also an attempt to apply politicalpressure on foreign ownedInternet companies to provideU.K. security services with backdoors intotheir services.

Last Novemberthe incominghead of the U.K.s GCHQ spy agency madea direct public appeal to U.S. Internet companies to co-operate with government counter terrorism efforts and hand over data on users when asked.

Yesterday Cameron was evidently trying to speed that same plough. However if, as government sources are (sort of)suggesting, he does not in fact have an intention to ban encryption, but is hoping that Internet companies will agree to put backdoors into services themselves, there are undoubtedly some digital services that U.K. spookswill not be able to peek into i.e. those that use end-to-end encryption or companies thatrefuse to co-operate with requests to installbackdoors and, really, there is not a whole lotU.K. politicianswillbe able to do about that.

That said,the Prime Ministerhas previously committed a future Tory government to re-introducemore comprehensivepowers of digital comms data capture, and to extend the emergency surveillancelegislation (DRIPA)that was rushed through the U.K. parliament last year. Under DRIPA,companies providing a service to the U.K. are technically required to provide access to data.

The difficulty(for government) comes in trying to enforce such a legal requirement if a company does not have a physical presence in the U.K.And even where a company does have a presence, no U.K. government is going to wantto be seen banning mainstream apps. Thats nevera good look unless youre heading upa totalitarian regime.

Continued here:
U.K. PM Backpedals On ‘Encryption Ban’, Sort Of

The Governments plan to go to war on encryption is not the answer to terrorist threats, says our management consultancy columnist Mick James, but it will have serious repercussions for business.

Oh dear. Though I have the greatest respect for our current Prime Minister, I have to say my heart sank when I heard his latest pronouncement on what I suppose we must think of as the cyberfrontier in the war against terrorism.

Id always thought of the current Coalition as a relatively business-friendly operation, and how refreshing that our Prime Minister has demonstrated that he is aware of the more modern forms of communication made possible through the internet (currently celebrating its 25th birthday).

Camerons thesis is this: we can in extremis open peoples letters and listen to their phone calls, but theres a problem with email: it might be encrypted.

In our country do we want to allow a means of communication between people which even in extremis with a warrant personally signed by the Home Secretary that we cannot read? My answer is no we must notthe first duty of a government is to keep our people safe.

I can remember when safe would have included safe from the sort of people who might read your letters but no matter. Nor should we overlook the logical absurdity that letters and phone calls can themselves be encoded: have you got those eggs I asked you for? Yes and theyre just about to go off.

For surely the answer to the question do we want a means of communication between peoplewhich we cannot read is a fairly emphatic yes. We already have some startlingly draconian laws which make it an imprisonable offence not to disclose encryption keys or passwords (worth thinking about if you have old files or archives dating from some previous password regime you have long forgotten about).

Now one would presumably be barred from using messaging services which encrypt communications for you and keep them secure even from the carrier. Or they would have to somehow break their own security and let the government have a peek.

Have the Government really thought this through? Its not the first time theyve gone to war on encryption rather than take on the men in balaclavas with guns. Does anyone remember Pretty Good Privacy, an encryption programme so good that the US government classified it as munitions and made its export an offence, like exporting weapons grade plutonium. We entered a situation where higher mathematics, on which so many encryption programmes depend, was in danger of becoming a state secret. Then they came up with the idea of the Clipper chip. This would encode things for you but also give the government a secret backdoor code which they would of course keep securely and never put on a USB stick with loads of other codes and leave on a bus.

We stand on the brink of a digital revolution: as exciting as the internet has been for the last 25 years, my feeling is increasingly that we have only scratched the surface. Ive already written about how in many ways the only limits these days are our imaginations, but there are countervailing forces and the need for online security is one of them. Transacting online is becoming more and more of a chore and one of the few forms of exercise I get these days is running round the house trying to find codes and registration numbers or hunting for the one-time activation code before it expires.

Read the original post:
Consultant-News.com – Latest News from the World of Consultancy