Er…That’s what the .sig file is for.
‘Snowden spying leaks prompt millions to protect data’:
Recent revelations about government-backed surveillance have prompted millions of people to do more to keep their data private, suggests a survey.
Many people now regularly change passwords or avoid certain websites or apps, said the Centre for International Governance Innovation (CIGI).
It also found that 64% of the 23,000 people questioned are more worried about their privacy than a year ago.
About 83% said affordable access to the internet should be a human right.
The survey asked people in 24 countries including the US, UK, Australia and China, about their attitudes to personal data privacy and whether the information released by Edward Snowden had led them to change their habits.
The survey revealed that Mr Snowden’s name was known to 60% of respondents and of that group, 39% had done more to protect their privacy in response to the information his leaks have revealed.
Of those, compared with a year ago, more than one-third were updating their passwords more frequently and 43% were taking greater steps to avoid websites and software that might put their data at risk.
It would be more interesting if they had detailed whether people were making those changes because they were more worried about the government collecting their data or businesses and hackers.
And if insurance companies are demanding that better data security be put in place, for that matter, since that would be a major driver for business and that has knock-on effects for i.e. home workers.
People don’t know how to make things secure. “Experts” don’t know. Experts may know, but they may not know or respect the balance between safety and usability.
At this point, I think nobody is ready to offer useful ideas about this, yet.
Security is not a product, or the length of your passwords. Neither is having your 8 years old behind a door that can’t open (at all) if you lose the key.
So I have to laught about the idea of the average person securing they data. They have no idea how!.
I keep mine in a sock under the bed :)
Dammit, and now I have to move MINE. sigh
if one has your data, the other will get it.
USA kill list
If you are on this list, you have a big problem. “Kinetic actions” may happen to you.
Source:
https://www.schneier.com/blog/archives/2014/12/new_documents_o.html
Meh. It’s flashy and interesting in regards to how much of a reward is out there for certain individuals, but it’s not exactly revelatory that sides involved in warfare with each other have target lists.
I posted it for fun. Why are the month names in german? “oktover” / octover.
np - it fits the bill, lol.
Januahr
Februahr
März
April
Mai
Juni
Juli
August
September
Oktober
November
Dezember
Oktoverfest, best month.
Agreed, wholeheartedly
Well i’m not surprised to find myself on the list…whatever.
‘US and UK accused of hacking Sim card firm to steal codes’:
US and British intelligence agencies illegally hacked into a major manufacturer of Sim cards to steal codes and facilitate eavesdropping on mobiles, a US news website says.
The Intercept website said that the information came from former American intelligence contractor Edward Snowden.
The company allegedly targeted - Gemalto - says it is taking the allegations “very seriously”.
It operates in 85 countries and has more than 40 manufacturing facilities.
The Intercept says that “the great Sim heist” gave US and British surveillance agencies “the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data”.
It says that among the clients of the Netherlands-based company are AT&T, T-Mobile, Verizon, Sprint and “some 450 wireless network providers around the world”.
The Intercept claims that the hack organised by Britain’s GCHQ and America’s National Security Agency took place in 2010. Neither agency has commented on the allegations.
The stolen encryption allowed the agencies to decode data that passes between mobile phones and cell towers. They were able to un-garble calls, texts or emails intercepted out of the air.
A Gemalto spokeswoman told the Reuters news agency that while the company was not targeted “per se”, there was “an attempt to try and cast the widest net possible to reach as many mobile phones as possible”.
“We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated techniques to try to obtain Sim card data,” she said.
Correspondents say that the revelations are highly embarrassing for the agencies, because they give the impression that they will do whatever is required to improve their surveillance powers, even if that means stealing data from law-abiding Western firms.
And keep this story in mind with the info i’ve posted in the windows 10 thread, about dropping passwords for biometrics in some cases etc (in fact keep this in mind in relation to pretty much all tech ‘advancements’ in general!).
A rather weird announcement from Gemalto this morning:
Amsterdam, February 23, 2015 - Gemalto (Euronext NL0000400653 - GTO) pursues its investigations following the article mentioning that in 2010 and 2011, a joint unit composed of operatives from the British GCHQ (Government Communications HeadQuarters) and the American NSA (National Security Agency) reportedly hacked SIM card encryption keys engraved in Gemalto and possibly other SIM vendors` cards.
The Company will communicate on the results of its investigations on Wednesday, February 25, through a press release and a press conference that will be held in Paris at 10:30 am. The details of this press conference will be available on the Gemalto web site at Gemalto's web site has moved (May 2020) as of Tuesday, February 24, 2:00 pm.
Gemalto, the world leader in digital security, is devoting the necessary resources to investigate and understand the scope of such sophisticated techniques. Initial conclusions already indicate that Gemalto SIM products (as well as banking cards, passports and other products and platforms) are secure and the Company doesn`t expect to endure a significant financial prejudice.
So on the one hand these are sophisticated techniques, on the other hand the SIMs are secure.
I guest when you are on that type of business even rumors can kill you.
It probably hurts for them to announce that, it may be the announcement that kill the company (or that put the company in that track).
Well it is the kind of accusation that is really hard to refute, and really damaging if true. I’m not that familiar with the SIM card market, how many companies compete in that space, but I know I’d not knowingly buy from a company that had a high probability of being compromised like that.
Granted the idea that any of our devices are truly secure is a bit of a collective fiction. We pretend it is the case since it makes doing things easier. In reality there are probably a dozen ways that any spy agency, criminal organization, or corporate attacker could ‘own’ any of your devices. So this news isn’t really shocking. Disappointing as hell, but not shocking.
Gemalto’s statement. Excerpt here:
If we look back at the period covered by the documents from the NSA and GCHQ, we can confirm that we experiencedmany attacks. In particular, in 2010 and 2011, we detected two particularly sophisticated intrusions which could be related to the operation.
In June 2010, we noticed suspicious activity in one of our French sites where a third party was trying to spy on the office network. By office network we mean the one used by employees to communicate with each other and the outside world. Action was immediately taken to counter the threat.
In July 2010, a second incident was identified by our Security Team. This involved fake emails sent to one of our mobile operator customers spoofing legitimate Gemalto email addresses. The fake emails contained an attachment that could download malicious code. We immediately informed the customer and also notified the relevant authorities both of the incident itself and the type of malware used.
During the same period, we also detected several attempts to access the PCs of Gemalto employees who had regular contact with customers.
At the time we were unable to identify the perpetrators but we now think that they could be related to the NSA and GCHQ operation. These intrusions only affected the outer parts of our networks – our office networks - which are in contact with the outside world. The SIM encryption keys and other customer data in general, are not stored on these networks. It is important to understand that our network architecture is designed like a cross between an onion and an orange; it has multiple layers and segments which help to cluster and isolate data.
While the intrusions described above were serious, sophisticated attacks, nothing was detected in other parts of our network. No breaches were found in the infrastructure running our SIM activity or in other parts of the secure network which manage our other products such as banking cards, ID cards or electronic passports. Each of these networks is isolated from one another and they are not connected to external networks.