Police In Canada Used BlackBerry’s Key To Read Encrypted BBM Messages

When it comes to mobile phones Blackberry pride themselves on their security, with many companies taking up the device as their go-to model thanks to its support and security features. It now appears that those security features may not have been so secure after all with the Royal Canadian Mounted Police (RCMP) gaining the ability to read encrypted BBM messages.

When it comes to encryption, companies are having to be careful with the likes of Apple going to congress to discuss just how much they can be expected to help and support law enforcement without oversight or detailed rulings on how and when they can access private data. In this case, the RCMP gained access to BlackBerry’s BBM (BlackBerry messenger) services by using the encryption that came with your everyday BlackBerry, meaning the only ones that were safe from this interception are those connected to enterprise servers.

If you weren’t connected to an enterprise server, your BlackBerry would have used a peer-to-peer key that is loaded into your phone when it’s built, something that the RCMP managed to gain access to and in turn granted them access to people’s encrypted BBM messages and conversations.

As part of an operating, titled Project Clemenza, the RCMP intercepted and decrypted roughly one million messages as reported by Vice news in a joint investigation with Motherboard, who in turn revealed that the RCMP actually had a server in Ottawa that acted like a mobile phone by simulating “a mobile device that receives a message intended for [the rightful recipient]”.

With BlackBerry looking to step away from mobile devices and into security consulting, this news couldn’t come at any worse of a time given that if the server is still operational (key and all) then without a large update to its phones, the RCMP could still be reading people’s messages to this day even after the operation ended in 2012.

Hospital Pays Bitcoin Ransom to Fix Ransomware

Viruses and malware are issues for the best of us, from forgetting to scan your computer once to being baited in by that interesting link in an email, there are many ways for your system to get infected. Ransomware is one of the nastier pieces of malware, denying you access to your system until you pay the creator of the virus. While the FBI recommend you pay up, does this still apply when you are a hospital?

Earlier in the week, we reported that hackers had hit a Hollywood hospital with ransomware. Hollywood Presbyterian Memorial Medical Center was hit by the ransomware, with an initial request for 9000 bitcoins, coming close to 3.5 million dollars, to get the key required to unlock their systems. While it may not have been the 9000 bitcoins, the Hospital has now announced that they have paid 40 bitcoins to unlock the system.

President and CEO Allen Stefanek claims that the initial price tag of $3.6 million was false and that paying this fee was the “quickest and most efficient way to restore our systems and administrative functions”.

Even with backups and anti-virus software, there will always be some viruses that are able to get into systems, with ransomware benefiting the creators we don’t expect this to be the last time that we see it hitting public services.

Encrypted Communications May Make Discovering Aliens Impossible.

Well, it’s taken a bit longer than expected, but Edward Snowden has finally lost his sanity in Russia, this is rather a joke considering the headline sounds quite bizarre, but the cogent statement which Mr Snowden conveyed is, as expected a lot more sensible than that.

Snowden appeared on the astrophysicist and science communicator Neil deGrasse Tyson’s StarTalk Podcast from Moscow via a robot video link called a “beam remote presence system”. Basically this gadget is a virtual presence device which has been conveyed within the medical profession with the aim of allowing doctors to see patients without seeing them in person. The wide-ranging interview included the assertion by Edward Snowdon that “It took a very long time for me to develop any kind of scepticism at all even to the most over-extended claims of the extension of programs or policies [by the US security services],” he said.

This may sound slightly naïve, but when an individual is in an environment as in these case, scenarios and policies become normal, why you would question the day-to-day reality with which you have been accustomed to. Now for the alien bit, according to Snowden, “encrypted communication, if they are properly encrypted, there is no real way to tell that they are encrypted, “You can’t distinguish a properly encrypted communication from random behaviour.” 

What Edward Snowdon was surmising is that if a life form on a distant planet was attempting to identify new signs of life, or vice versa, it would be impossible to decipher where those signals were emanating from if communications were encrypted. Theoretically therefore, if both sides used encrypted communications, it would make it impossible to read them or even recognise them.

This view of a new civilisations communications skills are as good a one as the next person, considering there haven’t been any recent sightings of aliens, or at least proven beyond all doubt 100% bona fide beings and not a 1990s video camera with a blurry shot .

Thank you techworm and startalkradio for providing us with this information.

Popcorn Time Attempts a new P2P Approach to Slip Past Legal Action

‘Free’ movie sharing service, Popcorn Time, has gone through a number of lawsuits in the past for its attempt to provide its users with pirated movies. However, the service is attempting another comeback and by adopting peer-to-peer based services.

Popcorn Time believes that hosting data directly with its users and no longer relying on domains and centralised servers might slip past legal action that can be taken against them. Reports say that the approach is similar to what BitTorrent is currently using, allowing the service to work even if the main servers are down.

The application is said to also be getting a security update, more specifically, encrypted updates. This is said to prevent malicious code slipping into the community by using a series of cryptographic signatures for its software updates.

While P2P has been used by others in the past and proven to be unsuccessful, the service states that it will be its “sweetest revenge” and “biggest victory” yet.

Thank you TechSpot for providing us with this information

USB 3.0 DataTraveler Locker+ G3 For Personal Security Announced By Kingston

Kingston Digital Europe Co LLP, an affiliate of Kingston Technology Company Inc., announced the launch of the DataTraveler Locker+ G3 (DTLPG3) USB 3.0 Flash drive for personal security. The new, next generation DataTraveler Locker+ G3 offers USB 3.0 speeds and a sleek durable metal casing with a built-in key loop leaving photos, personal documents and other files safe and easy to access.

Kingston’s DataTraveler Locker+ G3 password protects and hardware encrypts data giving consumers the best in personal security with USB 3.0 speed. The DTLPG3 boasts higher speeds than the previous generation DataTraveler Locker+ G2, with read speeds up to 135MB/s and write speeds up to 40MB/s. All the security is built-in with no application installation required making this drive very secure and easy to use.

“We are excited to offer a USB 3.0 drive for personal security where consumers can keep their data safe.” said Nadine Frost, Business Manager Flash. “This is a great product for someone looking to store their sensitive personal documents on a safe, easy to use and nicely designed USB drive all at an affordable price.”

[youtube]https://www.youtube.com/watch?v=llGCiEQZ9kY#t=13[/youtube]

Kingston DataTraveler Locker+ G3 Features and Specifications:

  • Hardware encryption: the best in personal security to keep your data safe
  • Superior password protection: user sets a password to prevent unauthorized access
  • Easy to use: no application installation required
  • Versatile: works interchangeably between Mac OS X and Windows systems
  • Secure: drive locks down and reformats after 10 invalid login attempts
  • Stylish: durable metal casing with built-in key loop
  • Co-Logo Program available: customize DataTraveler Locker+ G3 by adding your logo and/or digital files and instantly increase your organization’s brand recognition. The Customization Program offers unique packaging, custom profiles, color adjustments, content loading and more, all with easy and convenient ordering.
  • Supports: Windows® 8, Windows® 7, Vista®, XP & Mac OS X
  • Guarantee: five-year warranty with free technical support
  • Capacities: 8GB, 16GB, 32GB, 64GB
  • Speed:
  • USB 3.0 speed:
  • 8GB: 80MB/s read, 10MB/s write
  • 16GB: 135MB/s read, 20MB/s write
  • 32GB–64GB: 135MB/s read, 40MB/s write
  • USB 2.0 speed:
  • 8GB: 30MB/s read, 10MB/s write
  • 16GB–64GB: 30MB/s read, 20MB/s write
  • Dimensions: 60.56mm x 18.6 mm x 9.75 mm
  • Minimum System Requirements:
  • USB 3.0 compliant and 2.0 compatible
  • Two (2) free consecutive drive letters required for use
  • Operating Temperature: 32°F to 140°F (0°C to 60°C)
  • Storage Temperature: -4°F to 185°F (-20°C to 85°C)

DataTraveler Locker+ G3 is available in 8GB, 16GB, 32GB and 64GB capacities and is backed by a five-year warranty, free live technical support and Kingston reliability.

Thank you Kingston for providing us with this information
Image and video courtesy of Kingston