After the CIA leaks, cybersecurity should be everyone’s business

Last week, WikiLeaks dropped a bombshell on intelligence agencies by publishing a trove of classified documents dubbed “Vault 7.” The revelations gave a damning account of government surveillance powers and hacking capabilities.

It was also a testament to how vulnerable the increasing number of Internet-connected devices we own can make us. And if you think you shouldn’t worry about what hacking capabilities the feds have, think again. Three-letter-agencies aren’t the only ones who are looking for security holes in hardware and software.

As with every hack that makes noise, the Vault 7 leak is associated with new facts, old misunderstandings and some very important lessons. Here’s what you need to know about the latest batch of information that WikiLeaks has spilled into cyberspace. Continue reading

Advertisements

This is how you encrypt your entire life

encryption

Man in the middle attacks. Social engineering. Large scale data breaches. Government surveillance. Device theft. Those are just some of the threats standing in your way as you try to carry on a safe digital life.

APTs. Three letter agencies. Script kiddies. State-sponsored hackers. Cybercrime rings. Data-hungry corporations. Jealous coworkers. Disgruntled employees.

And those are just some of the sources that those threats might come from.

The point is, as more of our lives become digitized and stored on computers and online servers, our data becomes more valuable and makes us more vulnerable to cyberattacks. Continue reading

What is Full-Disk Encryption (FDE)?

Full-Disk Encryption

If you think someone without your desktop login won’t be able to access your computer’s files, think again. Anyone with mediocre IT skills can take your your hard disk, plug it as a secondary drive to another computer, and extract your files.

So how can you protect your files from hackers?

One option would be to encrypt your sensitive files manually or avoid storing them on your computer altogether and lock them away in a safe cloud. An alternative is to use Full-Disk Encryption (FDE), a technique that scrambles everything stored on your computer and makes it only accessible to the person with the decryption key. Continue reading

How to protect yourself against WhatsApp’s non-present backdoor

Secure messaging app

In a controversial Friday 13th scoop, The Guardian unveiled a backdoor in WhatsApp, the popular messaging app owned by Facebook that has over 1 billion users and touts having unbreakable security.

Within a few hours of the Guardian report, the claim was debunked by other outlets, including this detailed piece in Gizmodo. While it is now clear that the backdoor is actually not a backdoor but a natural functionality of the messaging app, here’s what you need to know and what you can do to protect yourself from potential security mishaps. Continue reading

What is secure messaging?

Secure messaging app

We rely increasingly on messaging apps to carry out our daily communications, whether for personal use or to do business. And there are literally tons of them on the internet and app stores, each sporting different features and social reach.

Having messaging apps have become an inherent part of our lives, we often use them to exchange sensitive information without regard to how capable they are of keeping that information secure. With messaging apps, we share personal information and photos, or report on sensitive issues in countries where the internet is strictly controlled and monitored by autocratic regimes.

So just how secure and trustworthy is your favorite messaging app? Here are four criteria that will help you decide. Continue reading

How PGP can protect you against email surveillance

5383764072_ab6784e586_o

News broke last week that Yahoo has allowed intelligence agencies to scan user emails. This comes at a very bad time for Yahoo, right on the heels of its 500 million user account data breach—made public earlier this month—and while the company is trying to be acquired Verizon for the meager price of $4.8 billion.

Other tech giants immediately denied having had similar cooperation with government agencies in the wake of the Yahoo leak, though they all have a track record of wholesaling their data to government agencies under the NSA’s PRISM program. Continue reading

How two students wish to improve consumer privacy

Enigma machine - encryption

Despite the fact that the latest round of the decades-old Crypto Wars has been relatively silent for a few months, there’s still much doubt over how the future of data privacy will unfold. Government agencies continue to push for more “transparency” on the part of tech firms, which boils down to baking backdoors into their products that would allow the feds to pry into encrypted communication. Continue reading