Well, we all remember the inglorious end of the technology. It was designed to restrict access to DVD content for other regions. In late 20th century DVDs employed crypto protection based on the infamous CSS algorithm. Let’s dive deeper into the history of tech and recall a once widely publicized DVD crypto protection technology. The issue was not discovered by Apple security engineers in time, so App Store, once unassailable digital fortress, was flooded by dozens of malicious applications, including one particularly popular messenger.Īllegedly 40 apps on App Store are infected #apple /moLosQwB9V Some developers were fooled by cyber-criminals and inadvertently used the modified Xcode development framework, which injected an masked malicious code into apps. Obviously, Apple has not had its keys compromised, but adversaries found another way to bypass strict security checks. The entire security paradigm in their case is based on the principle that only employees can publish the app: first they check it for malware and then sign with their digital certificate. There is another example of such systems – app stores, the likes of Apple App Store. What could be done to remedy the situation? Alas, nothing in particular – one cannot replace all the luggage locks in the world.ĬOMFIRMED: I now have the CORRECT scale for the TSA keys. Now a number of Chinese marketplaces offer a complete set of TSA’s golden keys, available to anyone. However, recently the pictures of all TSA keys leaked online, followed by their 3D models. The idea is based on the assumption that only TSA has access to master keys, whereas petty criminals raiding the luggage trunks have to use some other means to crack the padlock. There are ten master (‘golden’) keys to be used on most types of luggage locks. The concept is simple: travelers use TSA-approved luggage locks with a keyhole for the authorities to use (so they don’t smash open the padlock if they think the luggage needs to be searched). Take the most obvious use case: TSA locks, created by Transportation of Security Administration. There are quite a few examples of the ‘golden key’ idea being brought to life. Leaving ethics aside for now (otherwise this discussion would last for ages), in a situation where noble policemen do possess the said key, there is a solid probability of bad guys gaining access to the keys as well. The Washington Post Urges That A Compromise Is Needed On Smartphone Encryption The writers state that all tech companies, including the likes of Google, Apple, Facebook and Telegram, should grant these ‘golden keys’ to governments. The authors cite various cases of kidnapping and other criminal deeds when the investigators could not progress with their search, because the ‘golden key’ system was not deployed. In a recent article Washington Post created a rather poetic term for this approach – the Golden Key. Solutions purposed by governments essentially presuppose that the existing encryption systems should contain certain vulnerabilities, so national agencies would have an opportunity to intercept the correspondence as they see fit. It’s said to be the main reason why the police cannot efficiently investigate cases involving pedophiles or terrorists, so ‘something has to be done about it.’ Governments around the world – from Russia to US and from China to UK – seem to preach the same mantra: people’s communications are encrypted so strongly that governments cannot access it when there is a need. However the proposed solutions could create even more problems. Following recent terrorist attacks accusations against encrypted means of online communications once again became louder.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |