Apple vs the FBI may be over but that doesn’t mean the question about decryption and the law is over. In the most recent case to catch our ears a suspect from the UK being asked to decrypt his devices for the US authorities.
Lauri Love is a British computer scientist, who is a suspect in the breach of US government networks, which are claimed to have caused “millions of dollars in damage”. After being initially arrested in 2013, and then released, Love was re-arrested back in 2015 and is facing extradition to the US for the suspected crime. While he has not been charged with any crimes, Love has been asked as part of a Section 49 RIPA notice (doesn’t sound that bad does it?) to decrypt his devices by providing them with the passwords and keys required to unlock his devices.
With his devices confiscated, something that Love is now fighting in a counter-sue in civil court, the authorities want to access the data on his devices which include, a Samsung Laptop, a Fujitsu Siemens laptop, a Compaq computer tower, an SD card and a Western Digital hard drive. Alongside this, the National Crime Authority, the UK branch that has demanded the devices be decrypted, are interested in files located on the SD card and external drive that are encrypted using TrueCrypt.
What is most worrying is that if Love was to provide the keys, and this evidence is used against him in the US, then it would breach his fifth amendment rights within the US. The fifth amendment can be described as allowing someone to present evidence against themselves, meaning that you can’t be forced to prove your guilt, by unlocking a computer for example.
In his argument, Love states that “the NCA are effectively arguing that any information that cannot be read and comprehended by the police has a presumption of guilt”. An argument that if extended to other circumstances, could be seen as worrying for any groups that share information and protect journalists, whistleblowers and anyone within the legal profession.
While this is only the bills first reading, if the amendment went ahead companies may feel uneasy doing business in France for fear of either giving out personal information or face a fine. It should be noted though that while Amendment 90 is being considered, it could be worse with amendment 221 going so far as to increase the fine by over 5 times and requesting “all relevant” information, that means more than just the message they are looking for.
Amendment 51 went so far as to state that companies who refused to help authorities would be considered “accomplices to terrorism”, a far stretch from the truth by any imagination. With public support seeming to increase for Apple’s case in the US and companies and figures alike coming out in support of them, accepting such a controversial bill couldn’t help the French government when trying to enlist technology companies help.
Ransomware is a term we’ve heard a lot in recent years, no thanks to the starter of the craze, Cryptolocker. Previously viruses and malware infected a system and caused damage either for a strategic purpose or because someone thought it would be fun. Ransomware is a little mix of the two, by encrypting people’s files and then selling them the key to unlocking the files people are charged hundreds of pounds just to retrieve those family photos and essays that you’ve spent months working on. Sometimes people get paid, sometimes people reuse a backup and sometimes people miscode the malware and ruin lives. The latest ransomware though combines several pieces of malware together to create a rather nasty conclusion.
First your system is infected with Pony, a nasty piece of malware that harvests usernames and passwords from your system, effectively giving the creator access to your online accounts. Paypal, eBay, that blog site you write for occasionally, all gone in a matter of seconds.
The second part of the plan uses those log in details to access servers and systems to inject the malware into their systems, meaning your log in details could be spreading the very same software you’re a victim of.
The next part of the plan is a redirect, going to google? Not anymore, you find yourself going to this search page we’ve created that involves some rather nasty code called the Angler exploit kit.
As with most things with the word exploit in their name, this is not a good thing. By scanning for security flaws in your software and even your built-in Microsoft processes, you quickly find CryptoWall 4.0 injected into your system. Cryptowall then avoids your antivirus software and quickly decimates your system by encrypting your files and even goes so far as to rename files and move them around, making it difficult to even understand what you’ve lost.
We recommend updating your system on a regular business, including the software you use and making sure that you complete regular virus scans. Remember to keep a back-up of important files, both offline and online so if something happens you’ve never truly lost it.
Ransomware is a whole new level of problems for computer users. Previously malicious software, or malware for short, would spread causing chaos and destruction wherever it could, but ransomware is a little more targeted. Ransomware is designed to stop you from accessing your files and in order to gain access you are normally requested to pay an account a sum of money. With the kind of details you store on your computers these days, can you afford not to pay? Even the FBI say pay the ransom, but what happens when they don’t decrypt your files, granting you access which you’ve just paid a lot of money for. It’s a risk many take and many more will have to suffer thanks to the ransomware Power Worm, which forgets how to decrypt your files.
Encryption is the process in which using a key (similar to a password) you jumble up a file, making it extremely difficult to read or access without knowing the password that was used to encrypt it in the first place. Power worm does the usual, gets into the system and then encrypts your files but thanks to a NULL result in its code it forgets to store the key, meaning even if you pay its impossible to retrieve your files.
Please protect your files with regular backups on an external memory device and be careful when downloading or running any software.
The Tor Network has been a huge thorn to most governments and anyone else trying to control the flow of information. We’ve read lot about both the US and UK governments and security agencies and their view on the Tor network. Now Russia has entered that list of governments seeking out ways to decrypt the Tor traffic they intercept.
The Russian Interior Ministry takes a different approach than the rest, offering up a tender to find a solution for decryption of the intercepted traffic. They are offering 3.9 million ruble, that’s around £65.5k or $111k. The tender only seems to be open to organisations that already do secret work for the government, so this isn’t for everyone.
The Tor network is a great tool for the citizens of countries like Russia where free speech is still seriously limited, but as so many great tools it can also be used for bad things. Criminals of all sorts hide behind it on the same level as those who just don’t want to get tracked and spied on.
There have also been huge botnets hiding within the Tor network sending out spam and malware to the rest of the world. Many of those are originating from Russia, so there might very well be genuine police and security concerns at hand too.
We will probably never know the real truth and full story on this and personally I think the reward offered is pretty low for what is asked of you.
Thank you Hexus for providing us with this information.