Year 2014 will be a year of cybersecurity after the NSA revelations made in 2013: The headline news is that the NSA has surreptitiously “burrowed its way into nearly all the security architecture” sold by the world’s largest computer networking companies. A lot of people were shocked how NSA monitored and hacked almost everything in Internet. There will still be NSA aftershocks after new material comes out and different parties react to them (and news sources write about them). U.S. cloud services have been put into question for good reason. There will be a lot of NSA spying litigation. Those spying issues will also fuel some haktivism (it has already started to happen).
Security Professionals: Top Cyber Threat Predictions for 2014 article lists the following predictions that seem to pretty propable: Cybersecurity Regulatory Efforts Will Spark Greater Need for Harmonization, Service-Impacting Interruptions for Online Services Will Persist, We Will See an Increase in Cybercrime Activity Related to the World Cup, Rise of Regional Cloud Services, Dev-Ops Security Integration Fast Becoming Critical, Cybercrime that Leverages Unsupported Software will Increase, Increase in Social Engineering and Ransomware will Impact More People.
Ubiquitous mobile computing is all around us, which will lead to increased risks and concerns about social network privacy. Social networks have quickly become the key organizing principle of Internet communication and collaboration. Android anti-virus apps CAN’T kill nasties on sight like normal AV.
2013 was a very hacked year when there was many cases where information on millions or tens of millions of users were stolen from companies. It’s likely that we will see much more of the same in 2014, the way people use passwords and how the on-line services are built have not changed much in one year.
Gartner predicts that through 2014, improved JavaScript performance will begin to push HTML5 and the browser as a mainstream enterprise application development environment. I expect that HTML5 related security issues are increased due the fact that the technology being used more in 2014.
Over 50% of net traffic to web sited made by bots! More Than Half of Internet Traffic Is Just Bots article says that security and cloud service provider Incapsula analyzed and found out that more than 60 percent of internet traffic is computer generated, compared to less than 40 percent of traffic that is driven by human clicks. 31% of Bots Are Still Malicious. SEO link building has always a major motivation for automated link spamming, but it is decreasing due the fact that Google was able to discourage it. There are more advanced hacking and automatic vulnerability searching.
DDoS attacks are evolving from volumetric Layer 3-4 attacks to much more sophisticated and dangerous Layer 7 multi-vector threats.
There will be still many SCADA security issues in 2014. Even though traditional SCADA vulnerabilities have become easier to find, the increased connectivity brought with IoT will cause new issues. And there will still be very many controls systems openly accessible from the Internet for practically everybody who knows how to do that. There was a large number of SCADA systems found open in Internet in the beginning of 2013, and the numbers have not considerably dropped during the year. I expect that very many of those systems are still too open in the end of 2014.
The Internet is expanding into enterprise assets and consumer items such as cars and televisions. The Internet of Things (IoT) will evolve into the Web of Things, increasing the coordination between things in the real world and their counterparts on the Web. There will be many security issues to solve and as the system become more widely used more security issues on them will be found in them.
Cloud security will be talked about. Hopefully there will be some clear-up on the terminology on that area, because cloud security can mean a lot of things like the term cloud computing. Cloud security could mean how secure your cloud provider is, a service that runs on cloud filtering what comes through it (for example e-mails, web traffic), it could mean to product protecting some service running on cloud, or it could be a traditional anti-virus service that connects to cloud to advance it’s operation (for example update in real-time, verify unknown programs based on data on cloud). Research firm Gartner forecasts that cloud security sales will increase dramatically in the next few years. Cloud Security sales have increased over the past year by 2.1 billion to $ 3.1 billion in 2015.
Marketers try to put “cloud” term to security product brochures as much as they can. Cloud made from the traditional information security sound old-fashioned because companies are under pressure to move services to the cloud. Also, mobile devices and information security dispersed users to set new standards. OpenDNS ‘s CTO Dan Hubbard says that “Because of the data and equipment run in the cloud users with the cloud is the best way to protect them.” The Snowden Effect will also bring this year of PRIVATE cloud talk on table for security reasons because U.S. cloud services have been put into question for good reason.
In Finland a new Cyber Security Center started in the beginning of 2014. Security articles and warnings from it will be published at kyberturvallisuuskeskus.fi.
Late addition: Crypto-currencies like Bitcoin and similar are on the rise. Early adopters already use them already actively. Those crypto-currencies have many security related issues related to them. The values of the crypto-currencies vary quite much, and easily the value drops considerably when they get so used that different governments try to limit using them. Bitcoin is increasingly used as ramsonware payment method. Bitcoins have been stolen lately quite much (and I expect that to increase when usage increases), and those are stolen from users, on-line wallets and from exchanges. When more money is involved, more bad guys try to get into to get some of it. Sometimes bad guys do not try to steal your money, bit use resources you pay (your own PC, your server capacity, etc.) to generate money for them without you knowing about it. If you plan to use those crypto-currencies be careful to understand what you are doing with them, there is a real possibility that you can loose your money and there is no way that lost money can be recovered.
3,382 Comments
Tomi Engdahl says:
Encrypted Internet Traffic Surges in a Year, Research Shows
By Ernesto
on May 14, 2014
http://torrentfreak.com/encrypted-internet-traffic-surges-140514/
Encrypted Internet traffic is surging worldwide according to data published by Canadian broadband management company Sandvine. After the Snowden revelations the bandwidth consumed by encrypted traffic doubled in North America, and in Europe and Latin America the share of encrypted traffic quadrupled.
Comparing this year’s data to that of last year reveals that encrypted Internet traffic is booming.
The change is most pronounced in Europe where the percentage of encrypted Internet traffic during peak hours quadrupled from a measly 1.47% to 6.10% in a year. Since overall Internet traffic increased as well, the increase is even greater for the absolute bandwidth that’s consumed.
The increase in encrypted traffic is a global phenomenon. In Latin America the share of bandwidth consumed by SSL shot up from 1.80% to 10.37% in a year. Also, a similar pattern emerges on mobile networks, where encrypted traffic is also booming.
The changes in encrypted traffic can be directly linked to the surveillance revelations of Edward Snowden. As a result, the number of users of VPN services and other anonymizers increased sharply. In addition, Google and other web services turned on SSL by default.
A survey among Pirate Bay users, for example, revealed that 70% utilize a VPN or proxy, or are interested in doing so in the future.
Tomi Engdahl says:
In Letter to Obama, Cisco CEO Complains About NSA Allegations
http://recode.net/2014/05/18/in-letter-to-obama-cisco-ceo-complains-about-nsa-allegations/
Warning of an erosion of confidence in the products of the U.S. technology industry, John Chambers, the CEO of networking giant Cisco Systems, has asked President Obama to intervene to curtail the surveillance activities of the National Security Agency.
In a letter dated May 15 (obtained by Re/code and reprinted in full below), Chambers asked Obama to create “new standards of conduct” regarding how the NSA carries out its spying operations around the world. The letter was first reported by The Financial Times.
Tomi Engdahl says:
Cops crimp global perve-cam attacks
BlackShades-wielding script kids cuffed on three continents
http://www.theregister.co.uk/2014/05/19/cops_crimp_global_pervecam_attacks/
Webcam voyeurs around the world are on edge after authorities in several nations began raiding buyers of the BlackShades remote access trojan (RAT).
Reports of the raids surfaced on hacker denizen hangout HackForums after authorities pounced on users across the US, Europe, and reportedly Australia this month.
US-based BlackShades users posted accounts and photos of police seizing computers and harddrives under an FBI-led operation that came as the agency’s new cyber brass indulged in some heavy chest-beating to the effect that criminals targeting US citizens would be dealt with by agency choosing to use its “much more offensive side”.
The BlackShades remote access trojan (RAT) can grant full control of computers but is best known as a webcam spy tool.
Tomi Engdahl says:
Mozilla Launches Student Coding Program “Winter of Security”
http://tech.slashdot.org/story/14/05/18/1224257/mozilla-launches-student-coding-program-winter-of-security
“Mozilla has introduced a new program called MWoS, or ‘Mozilla Winter of Security,’ to involve university students in security projects. The attending students will write code for a Mozilla security tool during (northern hemisphere) winter.”
Tomi Engdahl says:
More Google ‘forget’ requests emerge after EU ruling
http://www.bbc.com/news/technology-27439194
A European court this week ruled that an individual could force the removal of some search results.
The BBC has learned that more than half of requests sent to Google from UK individuals involved convicted criminals.
A business has also sought for links to negative reviews on a forum to be removed.
As the European Court of Justice made its ruling on Tuesday, many speculated that a flurry of similar requests would come Google’s way.
‘Slow and cumbersome’
Getting that balance right is a delicate issue, said Michael Sandys from Liverpool-based Jackson & Canter Solicitors.
“Lawmakers will need to ensure they find a way to allow some information to be removed in a timely fashion while at the same time not allowing history to be rewritten,” he said.
Google’s official statement on the matter, unchanged since Tuesday, described the EU’s ruling as “disappointing”.
Tomi Engdahl says:
Malvertising up by over 200%
http://www.net-security.org/malware_news.php?id=2767
Online Trust Alliance (OTA) Executive Director and President Craig Spiezle testified today before the U.S. Senate’s Homeland Security and Governmental Affairs Permanent Subcommittee on Investigations, outlining the risks of malicious advertising, and possible solutions to stem the rising tide.
According to OTA research, malvertising increased by over 200% in 2013 to over 209,000 incidents, generating over 12.4 billion malicious ad impressions. The threats are significant, warns the Seattle-based non-profit—with the majority of malicious ads infecting users’ computers via “drive by downloads,” which occur when a user innocently visits a web site, with no interaction or clicking required.
The consequences of malvertising include cybercriminals capturing users’ personal information or turning devices into a bot for the purpose of taking over that device and using it in many cases to execute DDoS attacks against a bank, government agency or other organization.
Just as damaging is the deployment of ransomware, which encrypts a user’s hard drive, demanding an extortion payment to be unlocked. Users’ personal data, family photos and health records can be destroyed and stolen in seconds.
code of conduct or possible legislation addressing five key areas:
Prevention
Detection
Notification
Data Sharing
Remediation.
Tomi Engdahl says:
The open source criticism was heavily criticized – ‘ Closed- code gap would not be noticed perhaps ever, ”
Mysql database developer and open source as a defender Michael Widenius well-known , better- known nicknamed Monty does not accept openssl security hole because of the open -source security criticism.
“If this would have been a closed-source , the aperture could not be found , perhaps never. Defect was found just because the code is open ,” explains Monty .
He says that we do not even know how the errors have been closed in the code and hacker use.
” Quite a few commercial program investigates the development of open-source applications, security. Such is not the case closed with the code . ”
Monty , the tests have shown that the code is open from 20 to 30 per cent less bugs , or bugs as a closed code.
” Bug was only there for a couple of months . Problem is that not all upgrade their systems. ”
The vulnerability was HeartBug property of openssl versions of 1.0.1 , 1.0.1f , and fixed in version 1.0.1g .
“Open source is usually so good that programs need to be updated frequently. ”
Monty says that the open application code is seen always at least two people, and usually a lot more later checked it out .
” Closed- code from an external inspection there are no guarantees . ”
Monty admits that in many systems the problem is that driving is up to ten years old buggy programs .
He says that many of the open source project would benefit from more funding to the development community to do what it is supposed to do. Today, for example, well-known Linux distributions are well supported, but smaller projects are more difficult position .
Vulnerability discovery, openssl encryption application has become the new financial backers . The biggest contributor so far has been Nokia’s NSN network unit , which donated the development of 72 000 euros
Source: http://www.tietoviikko.fi/uutisia/avoimen+lahdekoodin+kritiikki+tyrmattiin++quotsuljetun+koodin+aukkoa+ei+olisi+huomattu+ehka+koskaanquot/a988403
Tomi Engdahl says:
LifeLock snaps shut Wallet mobile app over credit card leak fears
Wipes servers clean of user data after PCI DSS issues
http://www.theregister.co.uk/2014/05/19/lifelock_yanks_mobile_app/
LifeLock has withdrawn its Wallet App and deleted user data over concerns the technology falls short of user data protection rules under the payment card industry’s Data Security Standard (PCI DSS).
In a statement Todd Davis, chairman and chief exec of LifeLock, said it was suspending the app as a precaution – not in response to a security breach.
Yanking the mobile app will not affect the LifeLock ID theft protection service
taking the drastic step of pulling its mobile technology is bound to raise concerns
Cluley added: “In my view, the withdrawal of the apps was the right thing to do. And, if it’s possible that sensitive information was being stored insecurely on its servers, then it’s good to hear that they’ve taken steps to ensure that it cannot be exposed.”
Tomi Engdahl says:
Chip and SKIM: How dodgy crypto can leave shoppers open to fraud
Cambridge uni gurus to present debit, credit PIN card findings today in San Jose
http://www.theregister.co.uk/2014/05/19/chip_and_skim/
UK academics today describe how criminals can forge chip-and-PIN cards transactions and spend other people’s money for free.
The team of University of Cambridge experts say their technique exploits a cryptographic weakness in some devices implementing the EMV (aka chip’n’PIN) standard. And they’re confident they’ve found a separate flaw in the EMV design, too.
“Because the transactions look legitimate, banks may refuse to refund victims of fraud,” warned team member Steven J. Murdoch.
As per the EMV standard, cash machines (ATMs) generate for each transaction a nonce – a supposedly unpredictable 32-bit number. This is supposed to add freshness to ensure transactions can’t be replayed by fraudsters.
But it turns out some EMV terminals use counters, timestamps or crap homegrown algorithms to generate the nonces. These values are not particularly random, so this exposes victims’ to a “pre-play” attack that is indistinguishable in the bank’s records from using a perfect physical copy of the card.
Tomi Engdahl says:
Germany does not buy IT from companies that have the NSA- captive
No- Spy warranty as business condition
The federal government draws conclusions from the affair of the U.S. spy service provider CSC : Companies who want to have IT jobs that have to prove that they are not working for foreign intelligence services. That might make some companies hard.
This means that a number of U.S. companies will have hard time making business with Germany. Companies may not be in U.S. law because no choice but to hand over the data. Among other things, the Patriot Act and the Protect America Act , the laws are binding on firms hands .
NSA cooperation in the country rose to fuss when the Süddeutsche Zeitung NDR and made news in the Computer Sciences Corporation has forwarded to the United States of sensitive data . The company has contracts in Germany of EUR 300 million , and CSC has brought a arms registering system for authorities and has been involved in implementing the new identity cards. CSC has also had access to German authorities’ own spyware that is to be used to hunt criminals.
In addition to the Ministry of the Interior are currently examining the states of Bremen , Hamburg, Schleswig -Holstein and Saxony- Anhalt sharper IT procurement directives . It is discussed in the future will exclude companies from IT jobs that directly or indirectly work for foreign secret services.
Sources:
http://www.tietoviikko.fi/uutisia/saksa+ei+enaa+osta+ityrityksilta+joilla+on+nsakytkos/a988741
http://www.tagesschau.de/inland/csc106.html
Tomi Engdahl says:
Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas
https://firstlook.org/theintercept/article/2014/05/19/data-pirates-caribbean-nsa-recording-every-cell-phone-call-bahamas/
The National Security Agency is secretly intercepting, recording, and archiving the audio of virtually every cell phone conversation on the island nation of the Bahamas.
According to documents provided by NSA whistleblower Edward Snowden, the surveillance is part of a top-secret system – code-named SOMALGET – that was implemented without the knowledge or consent of the Bahamian government. Instead, the agency appears to have used access legally obtained in cooperation with the U.S. Drug Enforcement Administration to open a backdoor to the country’s cellular telephone network, enabling it to covertly record and store the “full-take audio” of every mobile call made to, from and within the Bahamas – and to replay those calls for up to a month.
SOMALGET is part of a broader NSA program called MYSTIC
All told, the NSA is using MYSTIC to gather personal data on mobile calls placed in countries with a combined population of more than 250 million people. And according to classified documents, the agency is seeking funding to export the sweeping surveillance capability elsewhere.
In addition, the program is a serious – and perhaps illegal – abuse of the access to international phone networks that other countries willingly grant the United States for legitimate law-enforcement surveillance.
In March, The Washington Post revealed that the NSA had developed the capability to record and store an entire nation’s phone traffic for 30 days.
When U.S. drug agents need to tap a phone of a suspected drug kingpin in another country, they call up their counterparts and ask them set up an intercept. To facilitate those taps, many nations – including the Bahamas – have hired contractors who install and maintain so-called lawful intercept equipment on their telecommunications. With SOMALGET, it appears that the NSA has used the access those contractors developed to secretly mine the country’s entire phone system for “signals intelligence” –recording every mobile call in the country. “Host countries,” the document notes, “are not aware of NSA’s SIGINT collection.”
Tomi Engdahl says:
US v Europe – a cultural gap on the right to be forgotten
http://www.bbc.com/news/technology-27421969
The reverberations from this week’s landmark European Court of Justice ruling on the right to be forgotten continue to be felt.
Legions of lawyers are still trying to work out what it will mean for the search engines, and for millions of EU citizens who may want to force them to remove links to their past online lives. And the cultural divide between Europe and the US appears wider than ever, with two very different views of how we should live our lives online.
On the one hand there is what you might call the web utopian view, held by the US internet giants and some in Europe who look to Silicon Valley for inspiration. This sees the ECJ ruling as unworkable, illiberal and just out of touch.
“This is not a debate the United States is even capable of entering into. You’d have to repeal the First Amendment – and that’s like a religious artefact – so that’s never going to happen.”
But in Europe many politicians and regulators and some – though by no means all – privacy campaigners have welcomed the ruling. Mr Wales’ point about local laws – which used to mean old convictions simply disappeared from the record after a certain time – is one of the reasons for that support.
Europeans who have been told that the internet is basically ungovernable – and if it does have guiding principles then they come from the land of the free – are expressing some satisfaction that court has refused to believe that.
Tomi Engdahl says:
Inside the US government’s war on tech support scammers
PCCare247 allegedly collected millions in ill-gotten fees. But the FTC fought back.
http://arstechnica.com/tech-policy/2014/05/stains-of-deceitfulness-inside-the-us-governments-war-on-tech-support-scammers/
Sitting in front of her PC, the phone in her hand connected to a tech support company half a world away, Sheryl Novick was about to get scammed.
The company she had reached, PCCare247, was based in India but had built a lucrative business advertising over the Internet to Americans, encouraging them to call for tech support. After glimpsing something odd on her computer, Novick did so.
She agreed, downloading and installing a remote access tool. When it was in place, Yakeen reached out through the Internet, took control of Novick’s mouse cursor, and opened a program called Event Viewer. The scam was about to begin.
Event Viewer is a built-in Windows tool designed to make visible the millions of mostly unimportant background activities running beneath the hood of a modern computer.
in a system as complex as Windows, Event Viewer will always display errors, most of them trivial. Thus, should someone want to convince mainstream users that their computers are riddled with problems, Event Viewer is a reliable combination of the inscrutable and the terrifying.
“Your computer is hacked by someone,” he said. “They are using your name and your ID, your computer to do some cyber fraud and cyber terrorism.”
Yakeen opened a command prompt on Novick’s machine and ran a text-based tool called “netstat.” Netstat shows all of a computer’s network connections, both inbound and outgoing, and in this case it showed a single established link—one that pointed outside the US.
“I’m 100 percent sure and I strongly believe that you have some hacking issue working in your computer,”
This was a brazen lie; forensic examination would later conclude that the single connection displayed by netstat was in fact the remote access tool that Yakeen was using at that moment to control Novick’s machine.
All Novick needed was $400.
Yakeen transferred her to the floor “accounts manager,” who offered a $300 plan that included two years of future tech support. Novick agreed and provided her credit card. She thanked PCCare247 for helping her out.
Tomi Engdahl says:
Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas
https://firstlook.org/theintercept/article/2014/05/19/data-pirates-caribbean-nsa-recording-every-cell-phone-call-bahamas/
The National Security Agency is secretly intercepting, recording, and archiving the audio of virtually every cell phone conversation on the island nation of the Bahamas.
By targeting the Bahamas’ entire mobile network, the NSA is intentionally collecting and retaining intelligence on millions of people who have not been accused of any crime or terrorist activity. Nearly five million Americans visit the country each year, and many prominent U.S. citizens keep homes there, including Sen. Tom Harkin (D-Iowa), Bill Gates, and Oprah Winfrey.
For nearly two decades, telecom providers in the United States have been legally obligated under the 1994 Communications Assistance for Law Enforcement Act to build their networks with wiretapping capabilities, providing law enforcement agencies with access to more efficient, centrally managed surveillance.
Since CALEA’s passage, many countries have adopted similar measures, making it easier to gather telecommunications intelligence for international investigations.
Countries like the Bahamas don’t install lawful intercepts on their own. With the adoption of international standards, a thriving market has emerged for private firms that are contracted by foreign governments to install and maintain lawful intercept equipment. Currently valued at more than $128 million, the global market for private interception services is expected to skyrocket to more than $970 million within the next four years, according to a 2013 report from the research firm Markets and Markets.
“Most telecom hardware vendors will have some solutions for legal interception,” says a former mobile telecommunications engineer who asked not to be named because he is currently working for the British government. “That’s pretty much because legal interception is a requirement if you’re going to operate a mobile phone network.”
One NSA document spells out that “the overt purpose” given for accessing foreign telecommunications systems is “for legitimate commercial service for the Telco’s themselves.” But the same document adds: “Our covert mission is the provision of SIGINT,” or signals intelligence.
According to the NSA documents, MYSTIC targets calls and other data transmitted on Global System for Mobile Communications networks – the primary framework used for cell phone calls worldwide. In the Philippines, MYSTIC collects “GSM, Short Message Service (SMS) and Call Detail Records” via access provided by a “DSD asset in a Philippine provider site.”
In the Bahamas, the documents say, the NSA intercepts GSM data that is transmitted over what is known as the “A link”–or “A interface”–a core component of many mobile networks.
“From an engineering point of view it makes perfect sense,” says the former engineer. “Absolutely.”
Mexico, another country targeted by MYSTIC, has received billions of dollars in police, military, and intelligence aid from the U.S. government over the past seven years to fight the war on drugs, a conflict that has left more than 70,000 Mexicans dead by some estimates.
The legality of the NSA’s sweeping surveillance in the Bahamas is unclear
Legal or not, the NSA’s covert surveillance of an entire nation suggests that it will take more than the president’s tepid “limits” to rein in the ambitions of the intelligence community. “It’s almost like they have this mentality – if we can, we will,” says German. “There’s no analysis of the long-term risks of doing it, no analysis of whether it’s actually worth the effort, no analysis of whether we couldn’t take those resources and actually put them on real threats and do more good.”
Tomi Engdahl says:
U.S. Charges China With Cyber-Spying on American Firms
http://www.nbcnews.com/news/us-news/u-s-charges-china-cyber-spying-american-firms-n108706
The Justice Department filed criminal charges against five hackers in the Chinese military Monday, accusing them of stealing American trade secrets through cyber-espionage.
The efforts were directed at six American victim companies: Westinghouse Electric, U.S. subsidiaries of SolarWorld AG, U.S. Steel, Allegheny Technologies and Alcoa. The United Steel Workers union was also targeted.
Tomi Engdahl says:
China bans use of Microsoft’s Windows 8 on government computers
http://www.reuters.com/article/2014/05/20/us-microsoft-china-idUSBREA4J07Q20140520
The Central Government Procurement Center issued the ban on installing Windows 8 on government computers as part of a notice on the use of energy-saving products, posted on its website last week.
The official Xinhua news agency said the ban was to ensure computer security after Microsoft ended support for its Windows XP operating system, which was widely used in China.
“China’s decision to ban Windows 8 from public procurement hampers Microsoft’s push of the OS to replace XP, which makes up 50 percent of China’s desktop market,”
Tomi Engdahl says:
Guess where TSA’s invasive scanners are now?
http://www.federaltimes.com/article/20140516/DHS/305160012/Guess-where-TSA-s-invasive-scanners-now-
The controversial airport screening machines that angered privacy advocates and members of Congress for its revealing images are finding new homes in state and local prisons across the country, according to the Transportation Security Administration.
TSA owned about 250 of the screening machines at its peak — valued at about $40 million — before removing them from airports in the first half of 2013 in response to pressure over the images it created of passengers.
Tomi Engdahl says:
XMPP Operators Begin Requiring Encryption, Google Still Not Allowing TLS
http://tech.slashdot.org/story/14/05/20/0337214/xmpp-operators-begin-requiring-encryption-google-still-not-allowing-tls
Via El Reg comes news that major XMPP (formerly known as Jabber, likely the only widely used distributed instant messaging protocol other than IRC) operators have all begun requiring encryption for client-to-server and server-to-server connections.
Tomi Engdahl says:
Making malware cleanup easier
https://www.facebook.com/notes/facebook-security/making-malware-cleanup-easier/10152050305685766
Our goal is to make it easier for people to find and use the right technology to better protect their devices. We’ve worked with F-Secure and Trend Micro to incorporate free anti-malware software downloads directly into our existing abuse detection and prevention systems. These are the same systems that help us block malicious links and bad sites from among the trillions of clicks that take place every day on Facebook.
We expect to offer additional software options in the future.
Tomi Engdahl says:
Marc Andreessen: Tech companies are still fuming over the NSA
http://www.washingtonpost.com/blogs/the-switch/wp/2014/05/19/marc-andreessen-tech-companies-are-still-fuming-over-the-nsa/
Almost a year after he released a flurry of documents showing the National Security Agency was collecting data on everyone from foreign leaders to U.S. citizens, Edward Snowden is still the predominant Washington story in the minds of tech executives who believe the controversy has caused damage to their businesses.
That’s according to the venture capitalist Marc Andreessen, who said in a wide-ranging interview Monday that Silicon Valley’s repeated meetings with the Obama administration were mostly for show and have produced “not even a little” progress on privacy and surveillance issues.
Tomi Engdahl says:
Privacy advocates angry as NSA reforms ‘watered down’
Read more: http://thehill.com/policy/technology/206686-privacy-advocates-pull-support-for-watered-down-usa-freedom#ixzz32KcVQlNF
Tomi Engdahl says:
Schneider Electric asks users to patch Heartbleed again
We’d have gotten away with it if it weren’t for those meddling kids and their plug-ins
http://www.theregister.co.uk/2014/05/21/schneider_to_users_patch_heartbeed/
Industrial controller vendor Schneider Electric has found that while its own kit wasn’t affected by the Heartbleed OpenSSL bug, there are some third party components that need work.
Tableau is an analytical data visualisation suite. The vulnerable server component has now been upgraded by Tableau Software, but users that applied a recent update from Schneider may have reverted to an older version of the server.
Tomi Engdahl says:
Two-Factor Authentication System for Apache and SSH
http://www.linuxjournal.com/content/two-factor-authentication-system-apache-and-ssh
If you run a publicly accessible Web server for your own use (and let’s face it, if you’re reading Linux Journal, there’s a very good chance you do), how do you go about limiting the risk of someone accessing your site and doing bad things? How about SSH, an even bigger concern? In today’s world, it’s imperative to think about your exposure and take steps to limit as much risk as possible.
In this tutorial, I walk through the steps necessary to implement a home-grown two-factor authentication system for accessing your Web sites and for SSH access.
Tomi Engdahl says:
DON’T PANIC, web firms: The Euro Google ‘right to be forgotten’ isn’t a problem
Not for you, anyway … but yes, it’s a problem for Big Scrape
http://www.theregister.co.uk/2014/05/21/startups_beware_the_googleeu_scaremongers_could_cost_you_money/
Are you an internet company? Beware of companies and organisations purporting to “help” European firms interpret the new Google privacy ruling. you may find yourself taking unnecessary mitigation measures – and fuelling the trolls.
The problem is, as with the media reporting, that much of the interpretation of the ECJ ruling on offer this week is misleading. The ruling only applies to companies with enormous societal impact – like Google, and possibly Facebook. A startup with few users is not considered to have huge reputational impact.
“There are normal rules that apply to being a publisher, and to being a platform that allows others to publish.”
So advice spent on legal fees to mitigate against the ECJ will be money wasted. So, too, is money allocated to hiring “takedown teams”.
Tomi Engdahl says:
ICO says that the right to be forgotten will be a tricky thing to manage
What the watchdog has learned from the European ruling
http://www.theinquirer.net/inquirer/news/2345912/ico-says-that-the-right-to-be-forgotten-will-be-a-tricky-thing-to-manage
Search engines will be expected to remove search results if an individual complains, and if there is no “overriding interest”, he said. The individual will have to contact the provider direct and currently, should a problem arise, the ICO will consider this and consider a response.
“He’ll need to contact the search company to remove links from search results, and if the search provider refuses the request, he can contact the ICO,” said Smith.
Google is already dealing with hundreds of takedown requests, and Google chairman Eric Schmidt has complained about the load that the decision has placed on his firm.
Smith said that search companies should consider how they respond to requests
Tomi Engdahl says:
Researchers: Silverlight now more vulnerable than Java, Flash
updated 10:22 pm EDT, Tue May 20, 2014
Microsoft’s browser extension has less public awareness of malware attacks
Cisco’s researchers say that “Silverlight exploits are also ideal because Silverlight continues to gain rich Internet application market share, perhaps surpassing Java, and Microsoft’s life cycle schedule suggests Silverlight 5 will be supported through October, 2021,” making users of the plugin numerous, and vulnerable.
Microsoft has bug mitigation programs in place, however, Silverlight does not self-update.
Read more: http://www.electronista.com/articles/14/05/20/microsofts.browser.extension.has.less.public.awareness.of.malware.attacks/#ixzz32M6oIFeX
Tomi Engdahl says:
Snowden’s First Move Against the NSA Was a Party in Hawaii
http://www.wired.com/2014/05/snowden-cryptoparty
It was December 11, 2012, and in a small art space behind a furniture store in Honolulu, NSA contractor Edward Snowden was working to subvert the machinery of global surveillance.
Snowden was not yet famous. His blockbuster leaks were still six months away, but the man destined to confront world leaders on a global stage was addressing a much smaller audience that Sunday evening. He was leading a local “Crypto Party,” teaching less than two dozen Hawaii residents how to encrypt their hard drives and use the internet anonymously.
The grassroots crypto party movement began in 2011 with a Melbourne, Australia-based activist who goes by Asher Wolf. The idea was for technologists versed in software like Tor and PGP to get together with activists, journalists, and anyone else with a real-life need for those tools and show them the ropes. By the end of 2012, there’d been more than 1,000 such parties in countries around the world, by Wolf’s count. They were non-political and open to anyone.
“Don’t exclude anybody,” Wolf says. “Invite politicians. Invite people you wouldn’t necessarily expect. It was about being practical. By the end of the session, they should have Tor installed and be able to use OTR and PGP.”
That Snowden organized such an event himself while still an NSA contract worker speaks volumes about his motives.
But regardless of what you think of his actions, Snowden’s intentions are harder to doubt when you know that even before he leaked hundreds of thousands of documents to expose the surveillance world, he spent two hours calmly teaching 20 of his neighbors how to protect themselves from it. Even as he was thinking globally, he was acting locally. It’s like coming home to find the director of Greenpeace starting a mulch pit in your backyard.
Sandvik began by giving her usual Tor presentation, then Snowden stood in front of the white board and gave a 30- to 40-minute introduction to TrueCrypt, an open-source full disk encryption tool.
Tomi Engdahl says:
IT pro gets prison time for sabotaging ex-employer’s system
Ricky Joe Mitchell must also pay more than $500,000 in restitution and fines
http://www.itworld.com/legal/419881/it-pro-gets-prison-time-sabotaging-ex-employers-system
A former network engineer for oil and gas company EnerVest has been sentenced to four years in federal prison after pleading guilty in January to sabotaging the company’s systems badly enough to disrupt its business operations for a month.
Ricky Joe Mitchell of Charleston, West Virginia, must also pay $428,000 in restitution and a $100,000 fine, according to an announcement this week from U.S. Attorney Booth Goodwin’s office.
Mitchell’s actions left EnerVest unable to “fully communicate or conduct business operations” for about 30 days, according to Booth’s office. The company also had to spend hundreds of thousands of dollars on data-recovery efforts, and part of the information could not be retrieved.
“Imagine having your company’s computer network knocked out for a month,” Goodwin said in a statement. “In this day and age, that kind of attack is devastating.”
Tomi Engdahl says:
eBay Advises Users To Change Passwords Following Cyberattack, “Large Number” Of Users Affected
http://techcrunch.com/2014/05/21/ebay-alerts-users-to-change-passwords-following-cyberattack/
Following an odd blog post which appeared overnight and then was quickly taken down advising eBay users to reset their passwords, eBay has now published its official statement informing its users about a cyberattack that compromised a database containing encrypted passwords and other non-financial data.
The company suggests that users still change their passwords as a precaution.
More worryingly, the company said the attack compromised a “small number of employee log-in credentials,” as well, allowing the attackers unauthorized access to eBay’s corporate network.
Tomi Engdahl says:
Cisco To Acquire ThreatGRID For Malware Analysis, Threat Intelligence
http://www.crn.com/news/security/300072900/cisco-to-acquire-threatgrid-for-malware-analysis-threat-intelligence.htm
Cisco Wednesday revealed plans to acquire ThreatGRID, a provider of malware analysis and sandboxing technology, in a move it said will strengthen the FireAMP malware detection platform it gained through its Sourcefire buy last year.
New York-based ThreatGRID, which has some 25 employees, makes both on-premises and cloud-based malware protection, and threat intelligence software. The company uses its malware sandboxing technology to analyze suspicious files and sells threat intelligence information to a variety of security vendors. Cisco specifically pointed out it was filling a gap in its security strategy with the acquisition and integration into its Sourcefire FireAMP portfolio.
Tomi Engdahl says:
U.S. utility’s control system was hacked, says Homeland Security
http://www.reuters.com/article/2014/05/21/us-usa-cybercrime-infrastructure-idUSBREA4J10D20140521
A sophisticated hacking group recently attacked a U.S. public utility and compromised its control system network, but there was no evidence that the utility’s operations were affected, according to the Department of Homeland Security.
DHS did not identify the utility in a report that was issued this week by the agency’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT.
Such cyber attacks are rarely disclosed by ICS-CERT, which typically keeps details about its investigations secret to encourage businesses to share information with the government. Companies are often reluctant to go public about attacks to avoid potentially negative publicity.
“In most cases, systems that are so antiquated to be susceptible to such brute forcing technologies would not have the detailed logging required to aid in an investigation like this,” Clarke said.
“Internet facing devices have become a serious concern over the past few years,” the agency said in the report.
Tomi Engdahl says:
EBay asks 145 million users to change passwords after cyber attack
http://www.reuters.com/article/2014/05/21/us-ebay-password-idUSBREA4K0B420140521
EBay Inc said on Wednesday that a cyber attack carried out three months ago has compromised customer data, and the company urged 145 million users of its online commerce platform to change their passwords.
The company said unknown hackers stole email addresses, encrypted passwords, birth dates, mailing addresses and other information in an attack carried out between late February and early March. The files did not contain financial information.
Tomi Engdahl says:
Comey: FBI ‘Grappling’ With Hiring Policy Concerning Marijuana
http://blogs.wsj.com/law/2014/05/20/director-comey-fbi-grappling-with-hiring-policy-concerning-marijuana/
Monday was a big day for the nation’s cyber police. The Justice Department charged five Chinese military officials with hacking, and brought charges against the creators of powerful hacking software.
But FBI Director James B. Comey said Monday that if the FBI hopes to continue to keep pace with cyber criminals, the organization may have to loosen up its no-tolerance policy for hiring those who like to smoke marijuana.
Congress has authorized the FBI to add 2,000 personnel to its rolls this year, and many of those new recruits will be assigned to tackle cyber crimes, a growing priority for the agency.
Tomi Engdahl says:
CERN and MIT chaps’ secure webmail stalled by stampede of users
Proton Mail encrypts text in the browser and doesn’t collect metadata
http://www.theregister.co.uk/2014/05/22/proton_mails_cryptoformugs_stalled_by_success/
A bunch of CERN alumni has taken time out of the weighty world of particle physics to take another shot at cracking the e-mail encryption nut.
Their offering, Proton Mail, has gone into public beta, and proved so popular the group has had to suspend new registrations while it upgrades its servers.
As a concept, encrypting e-mail goes back at least to the earliest days of PGP – Pretty Good Privacy – that got Phil Zimmerman in so much trouble back in the day
PGP, which lives on in various open-source tools today, ran encryption alongside users’ e-mail clients and was widely seen as too difficult for the average user. In the world of Webmail, encryption happens at the server end, and as Lavabit found to its cost, that leaves user data subject to the demands of law enforcement.
Proton Mail is a Webmail that encrypts messages at the client-side – within the user’s browser – so that the user doesn’t have to delegate encryption and trust to the provider. The organisation doesn’t log user activity, so information like IP addresses and other metadata aren’t available.
It runs AES, RSA and OpenPGP implementations on open source cryptographic libraries, while at the server end, Proton Mail runs full disk encryption in its Swiss data centres (Switzerland was chosen as offering the best available privacy legislation).
Tomi Engdahl says:
Bitcoin blockchain allegedly infected by ancient ‘Stoned’ virus
Chap alleges Microsoft Security Essentials has spotted a suss string
http://www.theregister.co.uk/2014/05/18/bitcoin_user_stoned_on_virus_warnings/
A curious and probably accidental artefact has popped up in the Bitcoin blockchain, with a user reporting that it’s identified as containing a virus by Microsoft’s Security Essentials.
Since STONED is a 27-year-old relic from the DOS days – all it did was pop up a boot message telling users “Your PC is now STONED”. It’s believed to hail from New Zealand in 1987.
Given that, it seems unlikely that STONED has been inserted into the blockchain, and far more plausible that a string of bits in the blockchain has managed to reproduce enough of the virus’ hexcode to trigger the signature warning.
Tomi Engdahl says:
Policy
California Urges Websites to Disclose Online Tracking
http://bits.blogs.nytimes.com/2014/05/21/california-urges-websites-to-disclose-online-tracking/?_php=true&_type=blogs&_r=0
Every major Internet browser has a feature that lets you tell a website that you don’t want it to collect personal information about you when you visit.
And virtually every website ignores those requests. Tracking your online activities — and using that data to tailor marketing pitches — is central to how Internet companies make money.
Now California’s attorney general, Kamala D. Harris, wants every site to tell you — in clear language — if and how it is respecting your privacy preferences. The guidelines, published on Wednesday, are intended to help companies comply with a new state privacy law that went into effect on Jan. 1. That law requires sites to prominently disclose all their privacy practices, including how they respond to “do not track” requests.
Tomi Engdahl says:
House of Representatives passes ‘gutted’ NSA surveillance reform
Privacy watchdogs hope Senate will roll back amendments to USA Freedom Act
http://www.theverge.com/2014/5/22/5741084/house-of-representatives-passes-gutted-usa-freedom-act
The USA Freedom Act, a bill meant to end NSA surveillance of phone records, has passed the House of Representatives. After several rounds of amendment and debate over the past weeks, the House passed it by a margin of 303 to 121, putting the ball in the Senate’s court. The first anti-NSA surveillance bill to be passed since the first classified documents leaked last year, the USA Freedom Act requires the NSA to leave phone records in the hands of telephone companies for 18 months, making searches for specific terms only after getting court approval, instead of collecting them in bulk and storing them for years. It’s also meant to limit how the agency collects online communications and make it easier for companies to report the orders they receive. Many former supporters, however, now see it as more of a paper tiger than a real solution.
Tomi Engdahl says:
Internet Explorer zero-day vulnerability found – no fix
Internet Explorer Version 8 has been around for seven months unpatched hole. This is a memory handling error Mshtml cmarkup component. Wrong with an attacker can use to acquire the same user rights as the currently logged-in user.
The vulnerability of the information published on HP’s Zero Day Initiative website.
The discovery was made by Belgian security researcher Peter Van Eeckhout and it was reported to Microsoft in October 2013.
Source: http://www.tietoviikko.fi/uutisia/internet+explorerista+loytyi+nollapaivahaavoittuvuus++ei+paikkaa/a989523
Tomi Engdahl says:
Shockwave shocker: Plugin includes un-patched version of Flash
Year-old bugs patched in Flash remain present in Shockwave
http://www.theregister.co.uk/2014/05/23/shockwave_shocker_movie_box_riddled_with_0day_archive_of_antiquity/
Adobe’s latest Shockwave Player is riddled with 18 unpatched ageing Flash vulnerabilities raising concern and befuddlement in the US Computer Emergency Response Team.
The video platform used by 450 million people contained a standalone Flash player that had not been updated since January last year.
Krebs on Security reports that Adobe plans to squash the bugged Flash version (11.5.502.146) in the next Shockwave release, but there’s no word on when that’s due.
Until then there’s not much users can do other than uninstall Shockwave.
“By convincing a user to view a specially crafted Shockwave content an attacker may be able to execute arbitrary code with the privileges of the user,” US CERT engineer Will Dormann said in a vulnerability note.
Tomi Engdahl says:
New success in protecting customer rights unsealed today
http://blogs.technet.com/b/microsoft_on_the_issues/archive/2014/05/22/new-success-in-protecting-customer-rights-unsealed-today.aspx
Successful challenge of National Security Letter protects longstanding policy of notifying enterprise customers if a government requests their data
The FBI’s letter in this case sought information about an account belonging to one of our enterprise customers.
Like all National Security Letters, this one sought only basic subscriber information.
In this case, the Letter included a nondisclosure provision and we moved forward to challenge it in court. We concluded that the nondisclosure provision was unlawful and violated our Constitutional right to free expression. It did so by hindering our practice of notifying enterprise customers when we receive legal orders related to their data.
After we filed this challenge in Federal Court in Seattle, the FBI withdrew its Letter.
Fortunately, government requests for customer data belonging to enterprise customers are extremely rare.
Tomi Engdahl says:
Redmond reversal pops IE8 patch in pipeline
Bug not so bad, Microsoft says, but if you won’t upgrade we’ll get around to it eventually
http://www.theregister.co.uk/2014/05/23/redmond_reversal_sees_ie8_patch_in_the_pipeline/
Microsoft has announced it will now patch a zero day Internet Explorer 8 vulnerability seven months after it was reported.
“Public disclosure was limited and does not currently represent risk to Internet Explorer users,” a spokesperson said in a statement.
“We are not aware of any exploits resulting from a privately disclosed issue involving Internet Explorer 8 and have not identified any impact to our customers.”
The patch would be issued “when it is ready”, following thorough testing against a large number of applications and configurations.
Tomi Engdahl says:
EBay, you keep using that word ‘SECURITY’. I do not think it means what you think it means
Change your passwords – tat bazaar ransacked by hackers
http://www.theregister.co.uk/2014/05/21/ebay_breach/
The exposure of encrypted passwords is bad news because it’s now easy to create convincing phishing emails urging people to change their eBay passwords – although said scam emails will instead take victims to a site masquerading as eBay.com to swipe their details.
Weak passwords could also be easily cracked if the website’s hashing algorithm isn’t up to scratch, and woe betide anyone using the same crap password across multiple sites with the same email address. The habit of many users of using the same password on multiple sites makes this type of attack all too possible.
And the leaking of phone numbers, dates of birth, names and addresses puts many at risk of identity theft by fraudsters. The personal information could also be used to make phishing emails appear more convincing.
Tomi Engdahl says:
Researchers: Silverlight now more vulnerable than Java, Flash
http://www.electronista.com/articles/14/05/20/microsofts.browser.extension.has.less.public.awareness.of.malware.attacks/
Microsoft’s browser extension has less public awareness of malware attacks
Tomi Engdahl says:
Pirate Bay’s Anti-Censorship Browser Clocks 5,000,000 Downloads
http://torrentfreak.com/pirate-bays-anti-censorship-browser-clocks-5000000-downloads-140516/
The Pirate Bay’s anti-censorship browser continues to rapidly expand its user base. The Tor-based PirateBrowser, which allows people to bypass ISP filtering and access blocked websites, has already been downloaded more than five million times since its launch
Since The Pirate Bay is censored in countries all around the world, many users have to jump through hoops to access it. The PirateBrowser software allows people to bypass these restrictions, without having to use a proxy site or other circumvention tool.
The browser is based on Firefox and utilizes the Tor network to obfuscate people’s locations. It is meant purely as a tool to circumvent censorship and unlike the Tor browser it doesn’t provide any anonymity for its users.
Tomi Engdahl says:
Privacy International probes GCHQ’s mouse fetish
Asks Dell, Apple et al why Grauniad’s Snowden-sodden peripherals deserved drilling
http://www.theregister.co.uk/2014/05/23/grauniad_peripherals_trashed_in_gchq_snowden_raid/
Privacy International is probing hardware manufacturers about what data can be stored on peripherals after it was revealed the GCHQ specifically targeted trackpads, keyboards and monitors in its destruction of Snowden files held by the Guardian’s UK office.
G-Men specifically ordered that keyboard, trackpad and inverting converter chips be destroyed.
Privacy International, after prompting from technically-minded folks, has asked Apple; Microsoft; Dell; HP; Logitech and Synaptics about what data can be stored on the chips and for how long.
“For instance, people and organisations may need to re-evaluate how they dispose of their computing devices, given the very specific hardware components destroyed by GCHQ.”
Government devices containing sensitive data such as the Snowden documents were required to be encrypted to defence security standards
Tomi Engdahl says:
The world’s largest online auction systems of a data breach raises concerns , and outright rage. eBay discovered a burglary rather slowly , and the ” fire extinguishing all” was not going to be as fast as it should be.
The attack took place sometime in February and March , and found it on eBay in early May. Public information , however, was told only this week .
More than a hundred million customers to change their user passwords , but eBay has done very little to promote this . Its home page is an invitation to exchange the password , but it is not forced .
Tietomurtajat received personal information , but the passwords are encrypted , such as a good way of calling . However, this does not adequately protect them .
The BBC’s heard by a security expert Illia Kolochenko considers it highly probable that the password protection has been compromised , ” More than 80 percent of passwords can be set aside checksums to brute-force means in 48 hours. ”
American NBC tells us that at least three states, authorities started investigations
Source: http://www.tietoviikko.fi/uutisia/ebay+vitkastelee+tietomurron+kanssa+quotsalasanat+jo+luultavasti+murrettuquot/a989798
Tomi Engdahl says:
Alleged Chinese Hacking: Alcoa Breach Relied on Simple Phishing Scam
http://online.wsj.com/news/article_email/SB10001424052702303468704579572423369998070-lMyQjAxMTA0MDIwNDEyNDQyWj
Email That Purported to Be From Carlos Ghosn Held a Virus That Let Hackers Allegedly Steal Nearly 3,000 Messages, According to Indictment
“It makes it unfair: It only takes one end-user to open the attachment and these guys are in your network,” said Kevin Mandia, head of the Mandiant unit of FireEye Inc., a California cybersecurity company. “It’s really complicated to stay in front of that.”
More sophisticated hackers sometimes have more advanced pieces of software, but the tactic to break in still largely relies on impersonation.
Government and corporate investigators say the Chinese army unit has targeted countless U.S. companies using similar tactics. In Monday’s indictment, federal officials detailed how hackers broke into U.S. Steel Corp. machines by posing as the company’s CEO in an email to 20 employees. That email contained a link to malicious software that let hackers break in over the Internet. The subject line: “Meeting Invitation.”
Tomi Engdahl says:
U.S. Companies Hacked by Chinese Didn’t Tell Investors
http://www.bloomberg.com/news/2014-05-21/u-s-companies-hacked-by-chinese-didn-t-tell-investors.html
Three U.S. public companies identified as Chinese hacking victims didn’t report the theft of trade secrets and other data to investors, despite rules designed to disclose significant events.
Two of the companies — aluminum maker Alcoa Inc. (AA) and metals supplier Allegheny Technologies Inc. (ATI) — said the thefts weren’t “material” to their businesses and therefore don’t have to be disclosed under Securities and Exchange Commission rules designed to give investors information that may affect share prices.
“Modern issues such as cyber-attacks are assessed to a large degree under the lens of laws and rules that have predated computers,” Bondi said in an interview.
“Corporate value is closely tied to intellectual property and trade secrets,” Olcott said. “If companies aren’t protecting it, shareholders should know.”
In announcing the indictment, Attorney General Holder said “the range of trade secrets and other sensitive business information stolen in this case is significant and demands an aggressive response.”
Tomi Engdahl says:
U.S. may act to keep Chinese hackers out of Def Con hacker event
http://www.reuters.com/article/2014/05/24/us-cybercrime-usa-china-idUSBREA4N07D20140524
Washington is considering using visa restrictions to prevent Chinese nationals from attending popular summer hacking conferences in Las Vegas as part of a broader effort to curb Chinese cyber espionage, a senior administration official said Saturday.
Tomi Engdahl says:
The Only Email System The NSA Can’t Access
http://www.forbes.com/sites/hollieslade/2014/05/19/the-only-email-system-the-nsa-cant-access/
When the NSA surveillance news broke last year it sent shockwaves through CERN, the particle physics laboratory in Switzerland. Andy Yen, a PhD student, took to the Young at CERN Facebook group with a simple message: “I am very concerned about the privacy issue, and I was wondering what I could do about it.”
Encrypted emails have actually been around since the 1980s, but they are extremely difficult to use. When Edward Snowden asked a reporter to use an end-to-end encrypted email to share details of the NSA surveillance program the reporter couldn’t get the system to work, says Yen.
physics to found ProtonMail, a gmail-like email system which uses end-to-end encryption, making it impossible for outside parties to monitor.
“We encrypt the data on the browser before it comes to the server,” he explains. “By the time the data comes to the server it’s already encrypted
While half the team is now at MIT, some are still in Switzerland where the ProtonMail’s servers are housed for extra protection.
Yen has turned down venture capital firms looking to invest in ProtonMail.
ProtonMail’s revenue model is similar to something like Dropbox – charging only for extra storage.
“One of our motivations was human rights,” says Yen. “Having privacy is very important from a freedom of speech standpoint.”
The paid accounts will be $5/month and will provide 1GB of storage.