Connect with us

News

Bypassing encryption: ‘Lawful hacking’ is the next frontier of law enforcement technology

Published

on

The discussion about how law enforcement or government intelligence agencies might rapidly decode information someone else wants to keep secret is – or should be – shifting. One commonly proposed approach, introducing what is called a “backdoor” to the encryption algorithm itself, is now widely recognized as too risky to be worth pursuing any further.

The scholarly and research community, the technology industry and Congress appear to be in agreement that weakening the encryption that in part enables information security – even if done in the name of public safety or national security – is a bad idea. Backdoors could be catastrophic, jeopardizing the security of billions of devices and critical communications.

What comes next? Surely police and spy agencies will still want, or even need, information stored by criminals in encrypted forms. Without a backdoor, how might they get access to data that may help them solve – or even prevent – a crime?

The future of law enforcement and intelligence gathering efforts involving digital information is an emerging field that I and others who are exploring it sometimes call “lawful hacking.” Rather than employing a skeleton key that grants immediate access to encrypted information, government agents will have to find other technical ways – often involving malicious code – and other legal frameworks.

Decades of history

In the mid-1990s, the Clinton administration advanced a proposal called the Clipper Chip. The chip, which ultimately was doomed by its technical shortcomings, was an attempt to ensure government access to encrypted communications. After the chip’s introduction and failure, a group of cryptographers formally studied various mechanisms that might allow a trusted third party (in this case, the government) to read encrypted data in emergencies. They concluded that each approach had significant security risks.

Overall, the cryptographers’ view was that introducing this new capability into an encryption system made an already complicated process even more complex. This increased complexity made it more likely that there would be an unintentional vulnerability hidden in the encryption protocol that malicious hackers could find, gaining access to the trusted third party’s emergency system or otherwise breaking the code. The hackers could then read secret messages for their own purposes – a huge risk.

When the Clipper Chip project died and when the cryptographers’ major study came out, the idea of exceptional access for government seemed to die as well. In an environment in which cybersecurity was an increasing priority, and in which encryption was a partial defense against many data breaches and hackers, it seemed unwise to do anything that might weaken cryptographic standards.

Snowden reveals more

While the Clipper Chip effort to use public processes to create weaknesses in cybersecurity had failed, the National Security Agency had, in secret, worked to undermine certain popular encryption algorithms. In addition to direct attempts to break encryption with mathematical methods, an NSA project code-named Bullrun included efforts to influence or control international cryptography standards, and even to collaborate with private companies to ensure the NSA could decode their encryption.

This came to light when former NSA contractor Edward Snowden revealed a massive trove of files about U.S. government spying in 2013 and reignited the debate about what abilities and powers the government should have to read encrypted material.

Once again, a group of the world’s leading cryptographers studied the issue, and in 2015 came to the same conclusion: The risk of backdooring encryption to enable government access was too high. Doing so would weaken overall security too much to make up for any brief improvements in public safety or national security.

The FBI pushes back

Then came the San Bernardino attack. On Dec. 2, 2015, Rizwan Farook and his wife, Tashfeen Malik, opened fire at a social services center in San Bernardino, California. Inspired – but not directed – by foreign terrorist groups, they killed 14 people and wounded 22 more during their violent rampage.

Before the attack, Farook had physically smashed up two personal cellphones, rendering their data unrecoverable. He left untouched his work phone, an iPhone 5c issued by San Bernardino County. Investigators found the phone, but the FBI was unable to examine its data due to Apple’s encryption and security mechanisms on the device.

To get around this, the United States government used a law from the earliest days of the republic, the 1789 All Writs Act, to try to compel Apple to write software that would break the encryption and grant the FBI access. Apple refused, saying that doing so would weaken the security of every iPhone on the market, and a court showdown began.

The conflict in a nutshell

The Apple-FBI case nicely encapsulates much of the debate around encryption: a horrible incident that everyone wants investigated, the government’s stated need for access to aid the investigation, strong encryption that prevents that access and a company unwilling to risk the broader security of its products by attacking its own software.

And yet, even when the stakes were as high as the government said they were in the San Bernardino case, encryption would remain secure.

Faced with Apple’s refusal to comply and criticism from the technology and privacy industries, the FBI found another way. The bureau hired an outside firm that was able to exploit a vulnerability in the iPhone’s software and gain access. It wasn’t the first time the bureau had done such a thing.

As this all unfolded, and in the face of a wide range of significant opposition, a bill to mandate backdoors was introduced and failed in the United States Congress.

Encryption backdoors remain largely viewed as weakening everyone’s protections all the time for the sake of some people’s protections on rare occasions. As a result, workarounds like the FBI found are likely to be the most common approach going forward. Indeed, in recent years, law enforcement agencies have greatly expanded their hacking capabilities.

A look to the future

The details matter, though, and how this fledgling field develops remains to be seen. Technologists and lawyers studying the issue have identified several key questions, but not their answers. These include:

  • What kinds of vulnerabilities can law enforcement use to gain access, technologically, legally and ethically?
  • Should they report those vulnerabilities to the software vendors for fixing, even if it means it is less likely that either police or hackers will be able use the weaknesses in the future?
  • What do they need to tell a judge in order to get permission to hack a device?
  • Can they hack devices outside of their jurisdiction, and what happens if they hack computers in other countries?
  • Do they need to tell a defendant at trial how they hacked his or her device?

While some details depend on specific certain answers to these legal and technical questions, a lawful hacking approach offers a solution that appears to gain greater favor with experts than encryption backdoors. A group of scholars proposed some ways we should begin thinking about how law enforcement could hack. Agencies are already doing it, so it’s time to turn from the now-ended debate about encryption backdoors and engage in this new discussion instead.

News

Owner of iPhonix mobile Abhishek Balsara offers iPhones at the best rates

Published

on

Owner of iPhonix mobile Abhishek Balsara offers iPhones at the best rates

iPhonix mobile

The iPhone can be an expensive option for some, but its price covers all the requirements of a person’s life and it is completely reliable. With an iPhone, you probably don’t need any other external devices.
These days, people are very careful about what they buy and what they wear, and depending on the trend, they also pay attention to the type of purchase. As the world of technology evolves, so does the demand for more functionality. This is the reason why the iPhone has become so popular in India and is currently the longest running phone that competes with Android.

Abhishek Balsara

To be precise, the iPhone is admired by almost everyone because it not only looks good but also has essential features that are really useful for the people who use it. Also, there have been a lot of updates as the company has been waiting for what people actually find useful and necessary in a phone. The iPhone may be an expensive option for some, but its price is completely reliable as it covers all the requirements of a person’s life. . With an iPhone, you probably don’t need any other external devices. You can trust him and his tasks so you never have to worry again.

The price range is usually a big problem for people, but today we will talk about the people and their institutions that make these smartphones very cheap and affordable. This is the only store that offers the latest genuine iPhones at the lowest prices and no other store offers similar products and services. It has been around for a long time and can be completely trusted due to its solid reputation and the great reviews it has collected over the years.

iPhonix Mobile is completely customer focused and has provided unmatched customer service for a long time, earning people’s trust and admiration. So come on, if you want the perfect smartphone, you know where to go. Not only is it the latest trend in the market, but it is also very affordable.

Please visit iPhonix Mobile at the link below for the latest product information. Be the first to get it!

Continue Reading

News

How to Find an Obituary for a Specific Person

Published

on

How to Find an Obituary for a Specific Person

As part of your family tree or ancestry research, you may need to find the obituary of a particular person. This article provides a list of resources to help find the obituary of a particular person.

Obituaries are one of the most important sources of information genealogists look for when looking for clues related to the life of their ancestors. What many may not know is that the practice of announcing death in this way dates back to 59 BC.

Roman newspapers inscribed in metal or stone, known as the Acta Diurna (Daily Events), are published in important places in Rome. It features celebrity births and deaths, as well as general gossip about important people in the city.

In 1439, the printing press was invented, and with the advent of newspapers, the practice of announcing prominent deaths continued.This has survived and is still a common practice.

So why do genealogies need obituaries, and more importantly

, how do you find the obituaries you need for your research?

Importance of obituaries


relatives and friends
Those with aging parents or who lived with grandparents may have sat and read the local newspaper to see if anyone they knew had died. As we grow older, we feel a morbid fascination with our own mortality, and as a result, we become fascinated by the people we meet and those who are close to our own age.

An obituary is an opportunity for families to let people they don’t know know that a loved one has died. In many cases, this allows family members to let people know when the funeral will be held, and old friends to attend and offer their condolences.

Obituaries serve an important social function. Because bereaved families don’t have to spend time grieving connecting with everyone the deceased loved one may have known.

genealogist
Although obituaries are very important to genealogists, they are technically not considered definitive documentary evidence. Searching for ancestors in obituaries can help you find important information such as:

close relatives
Religion and Church Affiliation
date of birth and place of birth
place of death and date of death
former job


important biographical information


The family information provided in the obituary helps distinguish between the two of her namesakes in official documents. Knowing the names of siblings and parents makes it easier to determine a person’s accurate census record.
As with any mystery, there may be many small clues here to help you find the truth and the documents that support it. should always be taken as clues until further evidence is documented.

Continue Reading

News

Cost increases faced with end of Adjusted Right to Rent checks

Published

on

Cost increases faced with end of Adjusted Right to Rent checks

Rental agents are taking significant steps to comply with rental eligibility checks as the system allowing for coordinated checks (for example via Zoom calls and copies of documents) will end in the UK on 30 September of 2022. We are facing increasing costs.

From October 1, 2022, agents responsible for reapplying for tenants and rent checks will need to review their processes to be ready to return to manual in-person checks (this may be because someone who qualifies as a UK resident you will still be admitted if you present a valid ID). and Irish citizens), or register with one of the proptech service providers accredited by the UK government as a Digital Identity Service Provider (IDSP). Foreign checks must be processed through the Ministry of the Interior’s Sharecode system, to which agents have free access.

The change comes at the same time that agencies will have to deal with rising energy bills and rising staff retention costs by maintaining competitive compensation packages.

IDSP cost for British and Irish citizens
With the announcement of the first IDSP under the UK’s digital identity and attribute trust framework, agents need to be aware of and prepare for the upcoming changes. With the promulgation of the Tenant Fees Act 2019, the costs associated with the delivery of checks for the right to rent have not changed and cannot be passed on to applicants.

Coordinated checks were introduced as part of COVID-19 measures to reduce face-to-face contact and have been expanded as the Home Office works to implement a robust digital solution for national checks in the UK and Ireland. If an agent wishes to provide digital checks to people with ID cards in the UK and Ireland, once adjusted rental eligibility verification is complete, the agent will need to register with an ID service provider who will incur a fee for the service. Alternatively, agents can provide a manual verification in person if the applicant provides a suitable British or Irish ID. If an agent chooses to use IDSPs, they must take into account UK and Irish citizens who choose to verify their identity offline and must not discriminate on that basis.

Digital verifications for foreigners can be done easily and at no external cost by verifying through the home office system in real time using the common digital code and date of birth provided by the applicant.

If the agency’s system relies primarily on in-person reviews, consider the need for additional time and resources to schedule appointments for applicant reviews (and follow-up reviews of submitters, subject to time constraints). status) and the associated time change.

Keeping track of rent checks is more important than ever
Propertymark members notify the Home Office to establish a “legal excuse” for agents to provide statutory audit information if they are unable to obtain a foreign rent check again during the rental period. against late and/or civil penalties.

The Rental Law Code of Practice is ambiguous about liability for civil penalties when agents use IDSPs. The ultimate responsibility for verification rests with the landlord or designated rental agent. Therefore, the use of a UK government accredited IDSP does not eliminate all risks of civil penalties for landlords or designated rental agents when investigated by immigration authorities.

The reintroduction of personal checks coincided with seasonal changes in the incidence of COVID, the impact of which is unknown.

Since it was first introduced under immigration law in 2014, the work required for agents to complete rent checks in the UK has increased dramatically and there are now over 100 pages of instructions for agents to understand. years. The Rent Payments Act of 2019 forced agents to incur higher costs in this area.

A period of additional requirements is coming, whether agents continue to conduct in-person rental checks during application and follow-up or use one of our approved IDSP providers. This is a particular problem given the heightened scrutiny of students who are British citizens from the academic year onwards.

Continue Reading

Trending