The hard truths about the encryption debate


In my latest piece in TechCrunch, I gave a full breakdown of the ongoing debate between government agencies and tech firms over whether consumer devices and software should be embedded with strong encryption technology, and if manufacturers should bake backdoors into their products to allow security agencies access to encrypted communications.

I had started work on the piece weeks ago, and by coincidence, the brutal Paris attacks came to pass just as I was about to submit the final draft. The tragic episode has added a new twist to this ongoing conflict, and now government officials blame secure apps and hardware – and their vendors – for providing terrorists with the right tools to keep their schemes hidden.

I’m not wont to give an opinion on such issues in my pieces, and what I detailed in the TechCrunch article was a pure analysis of the issue and a reiteration of the arguments that each of the parties involved put forth. In this blog post, I will give you the hard facts, which in my belief prove that blocking encrypted communications and installing backdoors on devices aren’t the way to stop such attacks from happening again. Continue reading


What else is hidden behind DDoS attacks?


This week, ProtonMail made headlines for being targeted by a massive DDoS attack after having caved-in to $6,000 ransom demand made by the group that was behind the attack. The two-stage attack, which eventually took down the ISP, and the hype that surrounded it seemed to confirm a theory that I read about not long ago: DDoS attacks are the perfect smoke screen for APTs and silent data breaches.

The new attack against ProtonMail seems to fit-in with the trend of growing DDoS attacks, both in diversity, complexity and quantity. DDoS attacks and are becoming a serious source of income for hackers, as time-critical businesses such as banks and financing companies usually prefer to pay the attackers rather than to risk the more heavy losses that the possible down-time of the attack can incur. Continue reading

5 domains where IoT security needs to be addressed


I’ve recently written an article in TechCrunch on the much-disputed issue of IoT security. Fact of the matter is IoT truly is a phenomenon that can change our lives – or destroy them. There are many things that are right with IoT but there are also many others that are wrong and need to be fixed.

With many thanks to Art Swift and Larry Loeb for their excellent thoughts on IoT security, following are five areas where IoT security issues need to be tackled. Continue reading