Long-time Slashdot reader DesertNomad summarizes a report from EE Times: It's been known for a long time that the various Global Navigation Satellite System (GNSS) systems are easily jammed; the more "interesting" problem is the potential to spoof a GNSS signal and by spoofing use that to cause GNSS receivers to determine incorrect positions. The challenge lies in the observation that the navigation messages can be constructed by bad actors on the ground. Work going on for several years now has been to provide crypto signatures that have the potential to authenticate valid transmissions. Current commercial receivers can't take advantage of that, so there may be industry-wide needs to update the receiver devices.
"The vulnerability of the global positioning system, or GPS, is widely acknowledged..." reports EE Times: Spoofing creates all kinds of havoc. For example, it can be used to hijack autonomous vehicles and send them on alternate routes. Spoofing can alter the routes recorded by vehicle monitors, or break geofences used to guard operational areas. It also poses a risk to critical infrastructure, including power, telecommunication and transportation systems. Jan van Hees, business development and marketing director for GNSS receiver maker Septentrio, provided these analogies: "Jamming involves making so much noise that the [satellite signal] disappears. Spoofing is like a phishing attack on the signal."

The U.S. Coast Guard has recently tracked a growing number of high-profile incidents involving GPS interference. For example, the loss of GPS reception in Israeli ports in 2019 left GPS-guided autonomous cranes inoperable, collateral damage from the Syrian civil war. In 2016, more than 20 ships off the Crimean peninsula were thought to be the victim of a GPS spoofing attack which shifted the ships' positions on electronic chart displays to land.
The article recommends real-world auditing, testing, and risk assessment, adding that one pending fix is signal encryption "including a framework called open service navigation message authentication (OSNMA)." The OSNMA anti-spoofing service developed for the European GNSS system, enables secure transmissions from Galileo satellites to encryption-enabled GNSS receivers. In the midst of final testing, OSNMA will soon be available free to users... A secret key on the satellite is used to generate a digital signature. Both the signature and key are appended to navigation data and transmitted to the receiver. OSNMA is designed to be backward-compatible, so that positioning without OSNMA still works.

FlatEric521 shares a report: Moxie Marlinspike, the founder of the popular encrypted chat app Signal claims to have hacked devices made by the infamous phone unlocking company Cellebrite, which has famously worked with cops to circumvent encryption such as Signal's. In a blog post Wednesday, Marlinspike not only published details about the new exploits for Cellebrite devices but seemed to suggest that Signal's code could be theoretically altered to hack Cellebrite devices en masse. "We were surprised to find that very little care seems to have been given to Cellebrite's own software security. Industry-standard exploit mitigation defenses are missing, and many opportunities for exploitation are present," Marlinspike wrote in the post. "Any app could contain such a file, and until Cellebrite is able to accurately repair all vulnerabilities in its software with extremely high confidence, the only remedy a Cellebrite user has is to not scan devices."

Marlinspike claims (whether you believe this portion of the post or not is up to you) that while he was on a walk he happened to find a Cellebrite phone unlocking device: "By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me. As I got closer, the dull enterprise typeface slowly came into focus: Cellebrite. Inside, we found the latest versions of the Cellebrite software, a hardware dongle designed to prevent piracy (tells you something about their customers I guess!), and a bizarrely large number of cable adapters." Along with his colleagues, Marlinspike analyzed the device and found that it included several vulnerabilities that could allow an attacker to include an "otherwise innocuous file in an app" that when it gets scanned by a Cellebrite device exploits it and tampers with the device and the data it can access.

The Electronic Frontier Foundation (EFF) today announced it has enhanced its groundbreaking HTTPS Everywhere browser extension by incorporating rulesets from DuckDuckGo Smarter Encryption. According to the digital rights group's press release, HTTPS Everywhere is "a collaboration with The Tor Project and a key component of EFF's effort to encrypt the web and make the Internet ecosystem safe for users and website owners." From the press release: "DuckDuckGo Smarter Encryption has a list of millions of HTTPS-encrypted websites, generated by continually crawling the web instead of through crowdsourcing, which will give HTTPS Everywhere users more coverage for secure browsing," said Alexis Hancock, EFF Director of Engineering and manager of HTTPS Everywhere and Certbot web encrypting projects. "We're thrilled to be partnering with DuckDuckGo as we see HTTPS become the default protocol on the net and contemplate HTTPS Everywhere's future."

EFF began building and maintaining a crowd-sourced list of encrypted HTTPS versions of websites for a free browser extension -- HTTPS Everywhere -- which automatically takes users to them. That keeps users' web searching, pages visited, and other private information encrypted and safe from trackers and data thieves that try to intercept and steal personal information in transit from their browser. [...] DuckDuckGo, a privacy-focused search engine, also joined the effort with Smarter Encryption to help users browse securely by detecting unencrypted, non-secure HTTP connections to websites and automatically upgrading them to encrypted connections. With more domain coverage in Smarter Encryption, HTTPS Everywhere users are provided even more protection. HTTPS Everywhere rulesets will continue to be hosted through this year, giving our partners who use them time to adjust. We will stop taking new requests for domains to be added at the end of May.

An anonymous reader quotes a report from Motherboard: U.S. Customs and Border Protection (CBP), part of the Department of Homeland Security, recently paid encrypted messaging platform Wickr over $700,000, Motherboard has found. The news highlights the value of end-to-end encryption to law enforcement, while other federal law enforcement agencies routinely lambast the technology for what they say results in visibility on criminals' activities "going dark."

The contract is related to "Wickr licenses and support," dates from September 2020, and totals at $714,600, according to public procurement records. Wickr is likely most well known for its free consumer app, which lets users send encrypted messages to one another, as well as make encrypted video and audio calls. The app also offers an auto-burn feature, where messages are deleted from a users' device after a certain period of time, with the company claiming these messages "can never be uncovered," according to its website. Wickr also offers various paid products to private companies and government agencies. Wickr Pro and Wickr Enterprise are marketed towards businesses; Wickr RAM is geared specifically for the military. [...] It is not clear which specific Wickr product CBP paid for. A CBP spokesperson told Motherboard in a statement that "The Federal Acquisition Regulations (FAR) and other laws prohibit the unauthorized use and disclosure of proprietary information from federal government contract actions. All publicly available information on this contract has been made available at the link you have provided. Any other information is considered proprietary to the awardee (WICKR) and shall not be divulged outside of the Government."

VentureBeat reports on a "next-generation security" technique that allows data to remain encrypted while it's being processed.

"A security process known as fully homomorphic encryption is now on the verge of making its way out of the labs and into the hands of early adopters after a long gestation period." Companies such as Microsoft and Intel have been big proponents of homomorphic encryption. Last December, IBM made a splash when it released its first homomorphic encryption services. That package included educational material, support, and prototyping environments for companies that want to experiment. In a recent media presentation on the future of cryptography, IBM director of strategy and emerging technology Eric Maass explained why the company is so bullish on "fully homomorphic encryption" (FHE)...

"IBM has been working on FHE for more than a decade, and we're finally reaching an apex where we believe this is ready for clients to begin adopting in a more widespread manner," Maass said. "And that becomes the next challenge: widespread adoption. There are currently very few organizations here that have the skills and expertise to use FHE." To accelerate that development, IBM Research has released open source toolkits, while IBM Security launched its first commercial FHE service in December...

Maass said in the near term, IBM envisions FHE being attractive to highly regulated industries, such as financial services and health care. "They have both the need to unlock the value of that data, but also face extreme pressures to secure and preserve the privacy of the data that they're computing upon," he said.
The Wikipedia entry for homomorphic encryption calls it "an extension of either symmetric-key or public-key cryptography."

"OpenSSL, the most widely used software library for implementing website and email encryption, has patched a high-severity vulnerability that makes it easy for hackers to completely shut down huge numbers of servers," reports Ars Technica: On Thursday, OpenSSL maintainers disclosed and patched a vulnerability that causes servers to crash when they receive a maliciously crafted request from an unauthenticated end user. CVE-2021-3449, as the denial-of-server vulnerability is tracked, is the result of a null pointer dereference bug. Cryptographic engineer Filippo Valsorda said on Twitter that the flaw could probably have been discovered earlier than now.

"Anyway, sounds like you can crash most OpenSSL servers on the Internet today," he added.

Hackers can exploit the vulnerability by sending a server a maliciously formed renegotiating request during the initial handshake that establishes a secure connection between an end user and a server... The maintainers have rated the severity high. Researchers reported the vulnerability to OpenSSL on March 17. Nokia developers Peter Kästle and Samuel Sapalski provided the fix.
Ars Technica also reports that OpenSSL "fixed a separate vulnerability that, in edge cases, prevented apps from detecting and rejecting TLS certificates that aren't digitally signed by a browser-trusted certificate authority."

Facebook CEO Mark Zuckerberg will tell lawmakers his plan for "thoughtful reform" of a key tech liability shield rests on requiring best practices for treating illegal content online. From a report: Tech giants are starting to embrace changes to the foundational law that shields platforms from liability from content users post as lawmakers from both parties threaten it. In written testimony ahead of the House hearing Thursday with Google, Twitter and Facebook CEOs, Zuckerberg suggested making Section 230 protections for certain types of unlawful content conditional on platforms' ability to meet best practices to fight the spread of the content. "Instead of being granted immunity, platforms should be required to demonstrate that they have systems in place for identifying unlawful content and removing it," Zuckerberg wrote in the testimony. "Platforms should not be held liable if a particular piece of content evades its detection -- that would be impractical for platforms with billions of posts per day -- but they should be required to have adequate systems in place to address unlawful content." The detection system would be proportionate to platform size, with practices defined by a third party. The best practices would not include "unrelated issues" like encryption or privacy changes, he notes. He also suggested Congress bring more transparency and oversight on how companies make and enforce rules about content that is harmful but still legal.

A company that makes an email app that helps users encrypt their emails paid for fake reviews in an attempt to get more people to download its products, according to leaked emails obtained by Motherboard. An anonymous reader shares a report: The CEO of pEp, a Luxembourg-based company that makes the pEp email encryption apps for Android and iOS, commissioned a marketing company to write fake reviews that he himself wrote in the summer of last year. Leon Schumacher asked the marketing company Mobiaso to post 40 five-star reviews in English, French, and German to the Google Play Store. Schumacher included an Excel spreadsheet that contained the specific text that he wanted Mobiaso to use. "Super easy privacy," one fake review said. "One of the best mail applications. I have never had problems and I suggest it all the time to friends," another said.

"Can we speed up today and do 12 ratings per day do 7 reviews per day (Please use the Texts below for the right countries (that I forwarded already per earlier e-mail)," Schumacher wrote in an email to Mobiaso. pEp, short for Pretty Easy Privacy, develops email encryption apps for both iOS and Android, where it has more than 10,000 installs, according to the stats on the Google Play Store. The company, through its foundation, also funded a new library to encrypt emails using PGP, the decades old technology that allows users to encrypt emails and other files. Mobiaso advertises "iOS reviews" and "Android installs" on its website. One of the services the company offers is App Store Optimization, or ASO, which includes fake reviews. The service has several price tiers, ranging from $160 to $450. Only the two most expensive tiers include fake reviews. "Each app developer/advertiser should remember that without a good ASO search optimization, your target audience wouldn't even find or open your app page," Mobiaso says.

The Bulletin of the Atomic Scientists published a discussion between a 77-year-old "father of the internet" and a 75-year-old "father of public key cryptography". Long before Vinton Cerf and Martin Hellman changed the world with their inventions, they were young assistant professors at Stanford University who became fast friends... More than 50 years and two technological revolutions later, the friendship between Vint and Marty — as they know each other — endures. This is despite, or perhaps because of, their sometimes different views. You see, while they do not always agree, they both enjoy a good intellectual debate, especially when the humans they sought to bring together with their inventions face existential threats.

Not long after giving the world public key cryptography, Hellman switched his focus from encryption to efforts that might avoid nuclear war. "What's the point of developing new algorithms if there's not likely to be anybody around in 50-100 years?" Hellman recalls thinking at the time... On a recent private phone call with each other, the two friends discussed the National Academies of Sciences, Engineering, and Medicine's project seeking to answer the question, "Should the U.S. use quantitative methods to assess the risks of nuclear war and nuclear terrorism?"

While both agree that the US needs to understand the risk of nuclear war, they disagree about whether a quantitative analysis is necessary.
"Quantitative estimates run either the real or perceived risk of being twisted to support whatever conclusion is desired," Cerf argues — while sharing instead an analogy he believes illustrates the risks of the 13,410 nuclear weapons currently in the world (91% divided between Russia and the U.S.)

But Hellman counters that "When the risk is highly uncertain, how do you determine who's right?" He ultimately suggests quantifying the risks would make society more fully aware of the stakes.

"I hope you will agree with either my quantitative approach or Vint's qualitative approach," Hellman concludes, "both of which conclude that the risk of a nuclear war is unacceptably high and risk reduction measures are urgently needed." But for those who accept neither approach, Hellman adds two questions:

• What evidence supports the belief that the risk of nuclear deterrence failing is currently at an acceptable level?
• Can we responsibly bet humanity's existence on a strategy for which the risk of failure is totally unknown?

If you were on the call — what would you say?

An anonymous reader quotes a report from IEEE Spectrum, written by Stacey Higginbotham: The IoT Cybersecurity Improvement Act of 2020 has given the nation an excellent framework that will influence IoT security across the world. So, what's to like about the law? Two things, as it turns out. First, the law isn't focused on securing individual devices by dictating password requirements or encryption standards, both of which will need to evolve. Instead, it relies on the National Institute of Standards and Technology (NIST) to set many of the requirements that government agencies have to follow when purchasing connected devices. These policies see overall security as the sum of several parts, requiring specific prescriptions for device, cloud, and communication security.

NIST's initial rules include today's best practices, such as having an over-the-air device update program, unique IDs for each device so it can be identified on a network, and a way for authorized users to change features related to access and security. The recommendations also include logging the actions taken by an IoT device or its related app, and clearly communicating the specifics of a device's security to the user. The other reason to like the law is that it remains adaptive and flexible by requiring NIST to assess the best practices for cybersecurity for connected devices every five years. Hacks, by their nature, are also adaptive and flexible, and so preventing them needs equally adaptable legislation. That means buying IoT devices that can receive over-the-air software updates, for example, to patch up any newly discovered exploits."Unfortunately, the law isn't airtight," writes Higginbotham. She worries that the waiver process for devices needed for national security or research could be abused. There's also a loophole that exempts devices that are secured using "alternative and effective methods." The law doesn't clarify what agency evaluates the efficacy of these alternative methods or how that evaluation is made.

"The cracking of a previously-unbreakable encrypted messaging service popular with criminals involved in drug trafficking and organised crime delivered a major victory for the justice system on Tuesday," writes the Brussels Times, in a story shared by DI4BL0S: The cracking of the expensive messaging app, called "Sky ECC," was what allowed over 1,500 police officers across Belgium to be simultaneously deployed in at least 200 raids, many of which were centred around Antwerp and involved special forces. Investigators succeeded in cracking Sky ECC at the end of last year, according to reporting by De Standaard, and as a result were able to sort through thousands of messages major criminals were sending each other over the course of a month. Information gained from those conversations is what led to Tuesday's historic operation, two years in the making.

Sky ECC became popular with drug criminals after its successor Encrochat was cracked in 2020 by French and Dutch investigators, who were able to intercept over 100 million messages sent via the app. That led to over a hundred suspects being arrested in the Netherlands, uncovering a network of laboratories where crystal meth and other drugs were being produced and allowing police to seize 8,000 kilos of cocaine and almost €20 million....

In a press conference by Belgium's federal public prosector's office on Tuesday afternoon, authorities stated that 17 tonnes of cocaine and €1.2 million were seized, and that 48 suspects were arrested.
Critics of Sky ECC "say more than 90% of its customers are criminals," according to the Brussels Times. Days later America's Justice Department indicted the CEO of Sky Global "for allegedly selling their devices to help international drug traffickers avoid law enforcement," reports Vice. They call it "only the second time the DOJ has filed charges against an encrypted phone company, and signals that the DOJ will continue to prosecute the heads and associates of companies that they say cater deliberately to facilitating criminal acts."

Earlier the Brussels Times had quoted the app's makers statement that they "strongly believe that privacy is a fundamental human right."

The newspaper also reported that Sky ECC calls itself "the world's most secure messaging app" — and "had previously said 'hacking is impossible'" — though in fact investigators have already decrypted almost half a billion messages.

Kelerei writes: A major fire has destroyed a data center of European cloud provider OVH in Strasbourg, France. The SBG2 data center is completely destroyed, while the blaze caused some damage to SBG1 before being contained. SBG3 and SBG4 were also taken offline, but a plan is underway to restart them once the firefighters give the all-clear.

All OVH staff at the site are accounted for and unhurt, but it is unlikely that the data in SBG2 is recoverable. On OVH's status page, an ominous note states "if your production is in Strasbourg, we recommend to activate your Disaster Recovery Plan." Among the sites affected is the WordPress image optimization site Imagify and the encryption utility VeraCrypt.

(Submitter's note: this is why any disaster recovery plan should include offsite backups...)

The Defense Advanced Research Projects Agency, or DARPA, has signed an agreement with Intel to add it to its Data Protection in Virtual Environments project, which aims to create a practically useful form of fully homomorphic encryption. From a report: Fully homomorphic encryption has been described as the "holy grail" of encryption because it allows encrypted data to be used without ever having to decrypt it. Fully homomorphic encryption isn't fantasy -- it already exists and is usable, but it is incredibly impractical. "FHE adoption in the industry has been slow because processing data using fully homomorphic encryption methods on cryptograms is data intensive and incurs a huge 'performance tax' even for simple operations," Intel said in a press release.

The potential benefits of fully homomorphic encryption make creating a practical way to use it a cybersecurity imperative. Intel succinctly describes the biggest problem in data security as being caused by "encryption techniques [that] require that data be decrypted for processing. It is during this decrypted state that data can become more vulnerable for misuse." The goal of the Data Protection in Virtual Environments program is to develop an accelerator for fully homomorphic encryption that will make it more practical and scalable, which is where Intel comes in. The chip manufacturer's role in the project will be academic research and the development of an application-specific integrated circuit that will accelerate fully homomorphic encryption processing. Intel said that, when fully realized, its accelerator chip could reduce processing times by five orders of magnitude over existing CPU-driven fully homomorphic encryption systems.

"WhatsApp, the Facebook-owned messaging platform used by 2 billion people largely in the global south, has become a particularly troublesome vector for misinformation," writes Quartz — though it's not clear what the answer is: The core of the problem is its use of end-to-end encryption, a security measure that garbles users' messages while they travel from one phone to another so that no one other than the sender and the recipient can read them. Encryption is a crucial privacy protection, but it also prevents WhatsApp from going as far as many of its peers to moderate misinformation. The app has taken some steps to limit the spread of viral messages, but some researchers and fact-checkers argue it should do more, while privacy purists worry the solutions will compromise users' private conversations...

In April 2020, WhatsApp began slowing the spread of "highly forwarded messages," the smartphone equivalent of 1990s chain emails. If a message has already been forwarded five times, you can only forward it to one person or group at a time. WhatsApp claims that simple design tweak cut the spread of viral messages by 70%, and fact-checkers have cautiously cheered the change. But considering that all messages are encrypted, it's impossible to know how much of an impact the cut had on misinformation, as opposed to more benign content like activist organizing or memes. Researchers who joined and monitored several hundred WhatsApp groups in Brazil, India, and Indonesia found that limiting message forwarding slows down viral misinformation, but doesn't necessarily limit how far the messages eventually spread....

This isn't just a semantic argument, says EFF strategy director Danny O'Brien. Even the smallest erosion of encryption protections gives Facebook a toehold to begin scanning messages in a way that could later be abused, and protecting the sanctity of encryption is worth giving up a potential tool for curbing misinformation. "This is a consequence of a secure internet," O'Brien says. "Dealing with the consequences of that is going to be a much more positive step than dealing with the consequences of an internet where no one is secure and no one is private...."

No matter what WhatsApp does, it will have to contend with dueling constituencies: the privacy hawks who see the app's encryption as its most important feature, and the fact-checkers who are desperate for more tools to curb the spread of misinformation on a platform that counts a quarter of the globe among its users.

Whatever Facebook decides will have widespread consequences in a world witnessing the simultaneous rise of fatal lies and techno-authoritarianism.

tsu doh nimh shares a report: Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. In two of the intrusions, the attackers made off with the forums' user databases, including email and Internet addresses and hashed passwords. Members of all three forums are worried the incidents could serve as a virtual Rosetta Stone for connecting the real-life identities of the same users across multiple crime forums. On Tuesday, someone dumped thousands of usernames, email addresses and obfuscated passwords on the dark web apparently pilfered from Mazafaka (a.k.a. "Maza," "MFclub"), an exclusive crime forum that has for more than a decade played host to some of the most experienced and infamous Russian cyberthieves.

At the top of a 35-page PDF leaked online is a private encryption key allegedly used by Maza administrators. The database also includes ICQ numbers for many users. ICQ, also known as "I seek you," was an instant message platform trusted by countless early denizens of these older crime forums before its use fell out of fashion in favor of more private networks, such as Jabber and Telegram. This is notable because ICQ numbers tied to specific accounts often are a reliable data point that security researchers can use to connect multiple accounts to the same user across many forums and different nicknames over time. Cyber intelligence firm Intel 471 assesses that the leaked Maza database is legitimate.

M.I.T. researchers have devised a virtual-reality technique that lets them read old letters that were mailed not in envelopes but in the writing paper itself after being folded into elaborate enclosures. From a report: In 1587, hours before her beheading, Mary, Queen of Scots, sent a letter to her brother-in-law Henry III, King of France. But she didn't just sign it and send it off. She folded the paper repeatedly, cut out a piece of the page and left it dangling. She used that strand of paper to sew the letter tight with locking stitches. In an era before sealed envelopes, this technique, now called letterlocking, was as important for deterring snoops as encryption is to your email inbox today. Although this art form faded in the 1830s with the advent of mass-produced envelopes, it has recently attracted renewed attention from scholars. But they have faced a problem: How do you look at the contents of such locked letters without permanently damaging priceless bits of history?

On Tuesday, a team of 11 scientists and scholars at the Massachusetts Institute of Technology and other institutions disclosed their development of a virtual-reality technique that lets them perform this delicate task without tearing up the contents of historical archives. In the journal Nature Communications, the team tells of virtually opening four undelivered letters written from 1680 and 1706. The dispatches had ended up in a wooden postal trunk in The Hague. Known as the Brienne Collection, the box contains 3,148 items, including 577 letters that were never unlocked. The new technique could open a window into the long history of communications security. And by unlocking private intimacies, it could aid researchers studying stories concealed in fragile pages found in archives all over the world.

ZDNet reports: Scientists from quantum computing company D-Wave have demonstrated that, using a method called quantum annealing, they could simulate some materials up to three million times faster than it would take with corresponding classical methods.

Together with researchers from Google, the scientists set out to measure the speed of simulation in one of D-Wave's quantum annealing processors, and found that performance increased with both simulation size and problem difficulty, to reach a million-fold speedup over what could be achieved with a classical CPU... The calculation that D-Wave and Google's teams tackled is a real-world problem; in fact, it has already been resolved by the 2016 winners of the Nobel Prize in Physics, Vadim Berezinskii, J. Michael Kosterlitz and David Thouless, who studied the behavior of so-called "exotic magnetism", which occurs in quantum magnetic systems....

Instead of proving quantum supremacy, which happens when a quantum computer runs a calculation that is impossible to resolve with classical means, D-Wave's latest research demonstrates that the company's quantum annealing processors can lead to a computational performance advantage... "What we see is a huge benefit in absolute terms," said Andrew King, director of performance research at D-Wave. "This simulation is a real problem that scientists have already attacked using the algorithms we compared against, marking a significant milestone and an important foundation for future development. This wouldn't have been possible today without D-Wave's lower noise processor."

Equally as significant as the performance milestone, said D-Wave's team, is the fact that the quantum annealing processors were used to run a practical application, instead of a proof-of-concept or an engineered, synthetic problem with little real-world relevance. Until now, quantum methods have mostly been leveraged to prove that the technology has the potential to solve practical problems, and is yet to make tangible marks in the real world.
Looking ahead to the future, long-time Slashdot reader schwit1 asks, "Is this is bad news for encryption that depends on brute-force calculations being prohibitively difficult?"

"The developers of audio chat room app Clubhouse plan to add additional encryption to prevent it from transmitting pings to servers in China," reports The Verge, "after Stanford researchers said they found vulnerabilities in its infrastructure." In a new report, the Stanford Internet Observatory (SIO) said it confirmed that Shanghai-based company Agora Inc., which makes real-time engagement software, "supplies back-end infrastructure to the Clubhouse App." The SIO further discovered that users' unique Clubhouse ID numbers — not usernames — and chatroom IDs are transmitted in plaintext, which would likely give Agora access to raw Clubhouse audio. So anyone observing internet traffic could match the IDs on shared chatrooms to see who's talking to each other, the SIO tweeted, noting "For mainland Chinese users, this is troubling."

The SIO researchers said they found metadata from a Clubhouse room "being relayed to servers we believe to be hosted in" the People's Republic of China, and found that audio was being sent to "to servers managed by Chinese entities and distributed around the world." Since Agora is a Chinese company, it would be legally required to assist the Chinese government locate and store audio messages if authorities there said the messages posed a national security threat, the researchers surmised...

The company told SIO that it was going to roll out changes "to add additional encryption and blocks to prevent Clubhouse clients from ever transmitting pings to Chinese servers" and said it would hire an external security firm to review and validate the updates.

"A Swiss technology company says it has made a breakthrough by using quantum computers to uncover vulnerabilities in commonly used encryption," reports Bloomberg: Terra Quantum AG said its discovery "upends the current understanding of what constitutes unbreakable" encryption... Terra Quantum AG has a team of about 80 quantum physicists, cryptographers and mathematicians, who are based in Switzerland, Russia, Finland and the U.S. "What currently is viewed as being post-quantum secure is not post-quantum secure," said Markus Pflitsch, chief executive officer and founder of Terra Quantum, in an interview. "We can show and have proven that it isn't secure and is hackable..."

The company said that its research found vulnerabilities that affect symmetric encryption ciphers, including the Advanced Encryption Standard, or AES, which is widely used to secure data transmitted over the internet and to encrypt files. Using a method known as quantum annealing, the company said its research found that even the strongest versions of AES encryption may be decipherable by quantum computers that could be available in a few years from now. Vinokur said in an interview that Terra Quantum's team made the discovery after figuring out how to invert what's called a "hash function," a mathematical algorithm that converts a message or portion of data into a numerical value. The research will show that "what was once believed unbreakable doesn't exist anymore," Vinokur said, adding that the finding "means a thousand other ways can be found soon."

The company, which is backed by the Zurich-based venture capital firm Lakestar LP, has developed a new encryption protocol that it says can't be broken by quantum computers. Vinokur said the new protocol utilizes a method known as quantum key distribution. Terra Quantum is currently pursuing a patent for the new protocol. But the company will make it available for free, according to Pflitsch. "We will open up access to our protocol to make sure we have a safe and secure environment," said Pflitsch. "We feel obliged to share it with the world and the quantum community."

Early Friday the principal author of GNU Privacy Guard (the free encryption software) warned that version 1.9.0 of its cryptographic library Libgcrypt, released January 19, had a "severe" security vulnerability and should not be used.

A new version 1.9.1, which fixes the flaw, is available for download, Help Net Security reports: He also noted that Fedora 34 (scheduled to be released in April 2021) and Gentoo Linux are already using the vulnerable version... [I]t's a heap buffer overflow due to an incorrect assumption in the block buffer management code. Just decrypting some data can overflow a heap buffer with attacker controlled data, no verification or signature is validated before the vulnerability occurs.

It was discovered and flagged by Google Project Zero researcher Tavis Ormandy and affects only Libgcrypt v1.9.0.
"Exploiting this bug is simple and thus immediate action for 1.9.0 users is required..." Koch posted on the GnuPG mailing list. "The 1.9.0 tarballs on our FTP server have been renamed so that scripts won't be able to get this version anymore."