Suspect In The UK Told To Decrypt His Devices For The US

Apple vs the FBI may be over but that doesn’t mean the question about decryption and the law is over. In the most recent case to catch our ears a suspect from the UK being asked to decrypt his devices for the US authorities.

Lauri Love is a British computer scientist, who is a suspect in the breach of US government networks, which are claimed to have caused “millions of dollars in damage”. After being initially arrested in 2013, and then released, Love was re-arrested back in 2015 and is facing extradition to the US for the suspected crime. While he has not been charged with any crimes, Love has been asked as part of a Section 49 RIPA notice (doesn’t sound that bad does it?) to decrypt his devices by providing them with the passwords and keys required to unlock his devices.

With his devices confiscated, something that Love is now fighting in a counter-sue in civil court, the authorities want to access the data on his devices which include, a Samsung Laptop, a Fujitsu Siemens laptop, a Compaq computer tower, an SD card and a Western Digital hard drive. Alongside this, the National Crime Authority, the UK branch that has demanded the devices be decrypted, are interested in files located on the SD card and external drive that are encrypted using TrueCrypt.

What is most worrying is that if Love was to provide the keys, and this evidence is used against him in the US, then it would breach his fifth amendment rights within the US. The fifth amendment can be described as allowing someone to present evidence against themselves, meaning that you can’t be forced to prove your guilt, by unlocking a computer for example.

In his argument, Love states that “the NCA are effectively arguing that any information that cannot be read and comprehended by the police has a presumption of guilt”. An argument that if extended to other circumstances, could be seen as worrying for any groups that share information and protect journalists, whistleblowers and anyone within the legal profession.

France to Punish Companies for Refusing to Decrypt Devices

France has been keen on getting ahead of technology when it comes to their laws. From their environmental stances of requiring solar panels on their roofs to making sure that large companies like Facebook protect people’s data sufficiently. In light of recent security concerns though they have moved to punish companies for refusing to decrypt devices.

France recently looked into banning the anonymous network Tor and blocking Wifi during special situations. The latest step in security was to accept an amendment to a bill that would make companies like Apple, who are activly fighting the FBI on modifying their software to break into an iPhone, either pay a fine or face five years in jail if they refused  to hand over encrypted data.

While this is only the bills first reading, if the amendment went ahead companies may feel uneasy doing business in France for fear of either giving out personal information or face a fine. It should be noted though that while Amendment 90 is being considered, it could be worse with amendment 221 going so far as to increase the fine by over 5 times and requesting “all relevant” information, that means more than just the message they are looking for.

Amendment 51 went so far as to state that companies who refused to help authorities would be considered “accomplices to terrorism”, a far stretch from the truth by any imagination. With public support seeming to increase for Apple’s case in the US and companies and figures alike coming out in support of them, accepting such a controversial bill couldn’t help the French government when trying to enlist technology companies help.

New Ransomware Does The Unforgivable – Forgets How To Unlock Your Files

Ransomware is a whole new level of problems for computer users. Previously malicious software, or malware for short, would spread causing chaos and destruction wherever it could, but ransomware is a little more targeted. Ransomware is designed to stop you from accessing your files and in order to gain access you are normally requested to pay an account a sum of money. With the kind of details you store on your computers these days, can you afford not to pay? Even the FBI say pay the ransom, but what happens when they don’t decrypt your files, granting you access which you’ve just paid a lot of money for. It’s a risk many take and many more will have to suffer thanks to the ransomware Power Worm, which forgets how to decrypt your files.

Encryption is the process in which using a key (similar to a password) you jumble up a file, making it extremely difficult to read or access without knowing the password that was used to encrypt it in the first place. Power worm does the usual, gets into the system and then encrypts your files but thanks to a NULL result in its code it forgets to store the key, meaning even if you pay its impossible to retrieve your files.

Please protect your files with regular backups on an external memory device and be careful when downloading or running any software.

Image courtesy of NSK Inc.

Russian Interior Ministry Offers £65.5k for Tor Crack

 

The Tor Network has been a huge thorn to most governments and anyone else trying to control the flow of information. We’ve read lot about both the US and UK governments and security agencies and their view on the Tor network. Now Russia has entered that list of governments seeking out ways to decrypt the Tor traffic they intercept.

The Russian Interior Ministry takes a different approach than the rest, offering up a tender to find a solution for decryption of the intercepted traffic. They are offering 3.9 million ruble, that’s around £65.5k or $111k. The tender only seems to be open to organisations that already do secret work for the government, so this isn’t for everyone.

The Tor network is a great tool for the citizens of countries like Russia where free speech is still seriously limited, but as so many great tools it can also be used for bad things. Criminals of all sorts hide behind it on the same level as those who just don’t want to get tracked and spied on.

There have also been huge botnets hiding within the Tor network sending out spam and malware to the rest of the world. Many of those are originating from Russia, so there might very well be genuine police and security concerns at hand too.

We will probably never know the real truth and full story on this and personally I think the reward offered is pretty low for what is asked of you.

Thank you Hexus for providing us with this information.

Image courtesy of Tor.