The associate director of research at the Electronic Frontier Foundation published a new warning in the Opinion section of the New York Times this week, calling Slack the only unicorn going public this year "that has admitted it is at risk for nation-state attacks" and saying there's a simple way to minimize risk -- that Slack has so far refused to take:

Right now, Slack stores everything you do on its platform by default -- your username and password, every message you've sent, every lunch you've planned and every confidential decision you've made. That data is not end-to-end encrypted, which means Slack can read it, law enforcement can request it, and hackers -- including the nation-state actors highlighted in Slack's S-1 -- can break in and steal it...

Slack's paying enterprise customers do have a way to mitigate their security risk -- they can change their settings to set shorter retention periods and automatically delete old messages -- but it's not just big companies that are at risk... Free customer accounts don't allow for any changes to data retention. Instead, Slack retains all of your messages but makes only the most recent 10,000 visible to you. Everything beyond that 10,000-message limit remains on Slack's servers. So while those messages might seem out of sight and out of mind, they are all still indefinitely available to Slack, law enforcement and third-party hackers...

Slack should give everyone the same privacy protections available to its paying enterprise customers and let all of its users decide for themselves which messages they want to keep and which messages they want to delete. It's undeniably Slack's prerogative to charge for a more advanced product, but making users pay for basic privacy and security protections is the wrong call. It's time for Slack to step up, minimize the amount of sensitive data hanging around on its servers and give all its users retention controls.
The article notes that Slack's stock filings acknowledge that it faces threats from "sophisticated organized crime, nation-state, and nation-state supported actors."

The filings even specifically add that Slack's security measures "may not be sufficient to protect Slack and our internal systems and networks against certain attacks," and that completely eliminating the threat of a nation-state attack would be "virtually impossible."

A new wave of spamming attacks on a core component of PGP's ecosystem has highlighted a fundamental weakness in the whole ecosystem. From a report: Unknown attackers are spamming a core component of the ecosystem of the well-known encryption software PGP, breaking users' PGP installations and clients. What's worse, there may be no way to stop them. Last week, contributors to the PGP protocol GnuPG noticed that someone was "poisoning" or "flooding" their certificates. In this case, poisoning refers to an attack where someone spams a certificate with a large number of signatures or certifications. This makes it impossible for the the PGP software that people use to verify its authenticity, which can make the software unusable or break. In practice, according to one of the GnuPG developers targeted by this attack, the hackers could make it impossible for people using Linux to download updates, which are verified via PGP.

"ProPublica recently reported that two U.S. firms, which professed to use their own data recovery methods to help ransomware victims regain access to infected files, instead paid the hackers. Now there's new evidence that a U.K. firm takes a similar approach."

An anonymous reader quotes their report: Fabian Wosar, a cyber security researcher, told ProPublica this month that, in a sting operation he conducted in April, Scotland-based Red Mosquito Data Recovery said it was "running tests" to unlock files while actually negotiating a ransom payment. Wosar, the head of research at anti-virus provider Emsisoft, said he posed as both hacker and victim so he could review the company's communications to both sides. Red Mosquito Data Recovery "made no effort to not pay the ransom" and instead went "straight to the ransomware author literally within minutes," Wosar said. "Behavior like this is what keeps ransomware running."

Since 2016, more than 4,000 ransomware attacks have taken place daily, or about 1.5 million per year, according to statistics posted by the U.S. Department of Homeland Security. Law enforcement has failed to stem ransomware's spread, and culprits are rarely caught... But clients who don't want to give in to extortion are susceptible to firms that claim to have their own methods of decrypting files. Often, victims are willing to pay more than the ransom amount to regain access to their files if they believe the money is going to a data recovery firm rather than a hacker, Wosar said.
Red Mosquito charged their client four times the actual ransom amount, according to the report -- though after ProPublica followed up, the company "did not respond to emailed questions, and hung up when we called the number listed on its website."

The company then also "removed the statement from its website that it provides an alternative to paying hackers. It also changed 'honest, free advice' to 'simple free advice,' and the 'hundreds' of ransomware cases it has handled to 'many.'"

According to a report in Politico, the Trump administration held a National Security Council meeting on Wednesday that weighed the challenges and benefits of encryption. "One of Politico's sources said that the meeting was split into two camps: Decide, create and publicize the administration's position on encryption or go so far as to ask Congress for legislation to ban end-to-end encryption," reports Gizmodo. From the report: That would be a huge escalation in the encryption fight and, moreover, would probably be unsuccessful due to a lack of willpower in Congress. No decision was made by the Trump administration officials, Politico reported. The White House did not respond to a request for comment. The fact that these discussions are ongoing both within the White House and with Silicon Valley shows that the issue is still very much alive within the corridors of power.

Federal workers and the public in general might be mistaken about the security of .zip files, Sen. Ron Wyden said on Wednesday [PDF], and he's asking the National Institute of Standards and Technology to issue guidance on the best way to send sensitive files over the internet. Wyden wrote: Government agencies routinely share and receive sensitive data through insecure methods -- such as emailing .zip files -- because employees are not provided the tools and training to do so safely. As you know, it is a routine practice in the government, and indeed the private sector, to send by email-protected .zip files containing sensitive documents. Many people incorrectly believe that password-protected .zip files can protect sensitive data.

Indeed, many password-protected .zip files can be easily broken with off-the-shelf hacking tools. This is because many of the software programs that create .zip files use a weak encryption algorithm by default. While secure methods to protect and share data exist and are freely available, many people do not know which software they should use. Given the ongoing threat of cyber attacks by foreign state actors and high-profile data breaches, this is a potentially catastrophic national security problem that needs to be fixed. The government must ensure that federal workers have the tools and training they need to safetly share sensitive data. To address this problem, I ask that NIST create and publish an easy-to-understand guide describing the best way for individuals and organizations to securely share sensitive data over the internet.

An anonymous reader shares a report: Over 70 million records were stolen or leaked from poorly configured databases last year, making privacy a top concern. That's no doubt one motivation behind Google's open-sourcing this morning of Private Join and Compute, a new secure multi-party computation (MPC) tool designed to help organizations work together with confidential data sets. "We continually invest in new research to advance innovations that preserve individual privacy while enabling valuable insights from data," wrote engineering director Sarvar Patel and research scientist Moti Yung in a blog post. "Many important research, business, and social questions can be answered by combining data sets from independent parties, where each party holds their own information about a set of shared identifiers, some of which are common."

At its core, Private Join and Compute lets organizations gain aggregated insights about the other party's data. They're able to encrypt identifiers and associated data, join them, and then perform calculations on the overlapping corpora to draw useful information. All identifiers and their associated data remain fully encrypted and unreadable throughout the process. While neither party is forced to reveal their raw data, they can answer questions at hand using outputs of the computation -- for instance, counts, sums, and averages. Private Join and Compute achieves this with two cryptographic privacy methods devised to protect sensitive data: Private set intersection and homomorphic encryption.

Google is finally taking charge of the RCS rollout by allowing Android users in the UK and France to opt in to RCS Chat services provided directly by Google instead of waiting for their carrier to support it, which is largely the reason why it hasn't been more widely adopted. Google says that it will release the services to more countries "throughout the year," but wouldn't commit to saying that it would be available in all regions by the end of the year. The Verge reports: That seems like yet another minor status check-in on the service meant to replace SMS, but in fact it's a huge shift in strategy: as Google rolls this offering out to more countries, it should eventually mean that RCS will become universally available for all Android users. For the first time in years, Google will directly offer a better default texting experience to Android users instead of waiting for cellphone carriers to do it. It's not quite the Google equivalent of an iMessage service for Android users, but it's close. Not knowing when or if RCS Chat would be available for your phone was RCS's second biggest problem, and Google is fixing it.

RCS's biggest problem is that messages are still not end-to-end encrypted. iMessage, WhatsApp, and Signal are secured in that way, and even Facebook has said it will make all its apps encrypted by default. Google's chat solution is increasingly looking out of touch -- even immoral. But there is hope on that front as well. The product management director overseeing Android Messages, Sanaz Ahari, assures me that Google recognizes the need for private chat within RCS and is working on it. Here's her full statement: "We fundamentally believe that communication, especially messaging, is highly personal and users have a right to privacy for their communications. And we're fully committed to finding a solution for our users."

"I am not saying that Neal Stephenson is Satoshi Nakamoto," writes the features editor at Reason. "What I am saying is: Would it really be surprising if he were?"

This prompted a strong rebuke from CCN Markets: The article starts, "Consider the possibility that Neal Stephenson is Satoshi Nakamoto, the pseudonymous inventor of Bitcoin."

Let's not do that. That's like saying let's consider the possibility that anyone at all is Satoshi Nakamoto. In one respect, it doesn't matter. In another, it's exhausting the lengths people will go with this... if someone doesn't advance the idea that they are Satoshi Nakamoto themselves, there's no reason to put that sort of grief upon them. If someone is just brilliant, you can tell them that without insinuating that they invented the blockchain and Bitcoin.... You don't just off-handedly claim someone might be Satoshi Nakamoto. There needs to be a reason.
Reason had written that "For nearly three decades, Stephenson's novels have displayed an obsessive, technically astute fascination with cryptography, digital currency, the social and technological infrastructure of a post-government world, and Asian culture," and that the science fiction author "described the core concepts of cryptocurrency years before Bitcoin became a technical reality."

They also note later that "Satoshi Nakamoto's initials are SN; Neal Stephenson's are NS."

Coin Telegraph writes that the question "has seemingly come to a head over the last couple of months, as a number of people have gone a step further" -- not only publicly claiming to be the creator of bitcoin, but even filing copyright and trademark claims. Their list of "Satoshi posers" includes Craig Wright, Wei Liu, and the brother of Colombian drug lord Pablo Escobar. (And another new theory also suggests "global criminal kingpin" Paul Le Roux, the creator of encryption software E4M and TrueCrypt.

An anonymous reader quotes a report from Ars Technica, written by Wired's . Andy Greenberg: In upcoming versions of iOS and macOS, the new Find My feature will broadcast Bluetooth signals from Apple devices even when they're offline, allowing nearby Apple devices to relay their location to the cloud. That should help you locate your stolen laptop even when it's sleeping in a thief's bag. And it turns out that Apple's elaborate encryption scheme is also designed not only to prevent interlopers from identifying or tracking an iDevice from its Bluetooth signal, but also to keep Apple itself from learning device locations, even as it allows you to pinpoint yours.

In a background phone call with WIRED following its keynote, Apple broke down that privacy element, explaining how its "encrypted and anonymous" system avoids leaking your location data willy nilly, even as your devices broadcast a Bluetooth signal explicitly designed to let you track your device. The solution to that paradox, it turns out, is a trick that requires you to own at least two Apple devices. Each one emits a constantly changing key that nearby Apple devices use to encrypt and upload your geolocation data, such that only the other Apple device you own possesses the key to decrypt those locations. That system would obviate the threat of marketers or other snoops tracking Apple device Bluetooth signals, allowing them to build their own histories of every user's location. In fact, Find My's cryptography goes one step further than that, denying even Apple itself the ability to learn a user's locations based on their Bluetooth beacons. That would represent a privacy improvement over Apple's older tools like Find My iPhone and Find Friends, which don't offer such safeguards against Apple learning your location.

"What would happen, or what should happen, if tomorrow a trivial method was discovered for Prime Factorization?" asks Slashdot reader medv4380: By trivial I mean an algorithm that runs in relatively constant time that could factor a number like 2737631357921793461914298938174501291 relatively instantly on most modern hardware today. And that even increasing the bit length wouldn't slow it down much. How much chaos would result if such a method were revealed tomorrow with little warning?

Keeping it a secret only means that others may have long ago exploited the method at the expense of others. Should proof be presented without revealing the method, to reduce the impact, and who should be told first if at all?
Slashdot reader Shikaku sees a real possibility of this actually happening when quantum computers are developed, adding that quantum-resistant encryption "is an ongoing experiment."

But if development lags -- what would happen if all encryption could be broken?

Horst Seehofer, Germany's federal interior minister, wants to require encryption companies to provide the government with plain text transcripts. One security expert says Facebook is already working on a way to make it happen.

An anonymous reader quotes his remarks in Forbes: The reality is that at its annual conference earlier this month, Facebook previewed all of the necessary infrastructure to make Germany's vision a reality and even alluded to the very issue of how Facebook's own business needs present it with the need to be able to covertly access content directly from users' devices that have been protected through end-to-end encryption...

While it was little noticed at the time, Facebook's presentation on its work towards moving AI-powered content moderation from its data centers directly onto users' phones presents a perfect blueprint for Seehofer's vision. Touting the importance of edge content moderation, Facebook specifically cited the need to be able to scan the unencrypted contents of users' messages in an end-to-end encrypted environment to prevent them from being able to share content that deviated from Facebook's acceptable speech guidelines. This would actually allow a government like Germany to proactively prevent unauthorized speech before it is ever uttered, by using court orders to force Facebook to expand its censorship list for German users of its platform.

Even more worryingly, Facebook's presentation alluded to the company's need to covertly harvest unencrypted illicit messages from users' devices without their knowledge and before the content has been encrypted or after it has been decrypted, using the client application itself to access the encrypted-in-transit content. While it stopped short of saying it was actively building such a backdoor, the company noted that when edge content moderation flagged a post in an end-to-end encrypted conversation as a violation, the company needed to be able to access the unencrypted contents to further train its algorithms, which would likely require transmitting an unencrypted copy from the user's device directly to Facebook without their approval.

Could this be the solution Germany has been searching for?
The article warns that by "sparking the idea of being able to silently harvest those decrypted conversations on the client side, Facebook is inadvertently telegraphing to anti-encryption governments that there are ways to bypass encryption while also bypassing the encryption debate."

An anonymous reader quotes the Next Web: According to Spiegel Online, the country's Federal Interior Minister, Horst Seehofer, wants encrypted messaging services like WhatsApp and Telegram to provide chat logs in plain text to the authorities. Since these services come with end-to-end encryption, the companies will have to break the encryption and provide a backdoor to give access to the texts.
Wired adds that "This is obviously incompatible with end-to-end encryption, used by services such as Signal, WhatsApp and Telegram and, if passed, such a law would effectively ban secure encryption for instant messaging." Some commenters on Bruce Schneier's site suggest this is just political grandstanding.

An analysis from the Carnegie Endowment for International Peace, a foreign policy think tank, argues that this would be a major change from Germany's stance on encryption over the last two decades: Instead of focusing on regulating encryption itself, Germany has worked to enable its security agencies to conduct hacking. It has even passed a legal framework tailored to government hacking operations...

The legal debate eventually led to a landmark supreme court ruling emphasizing the government's responsibility for the integrity of information technology systems. The conversation is far from over, with some supreme court cases still pending in regard to recent legislation on the lawful hacking framework.

Tech giants, civil society groups and Ivy League security experts have condemned a proposal from Britain's eavesdropping agency as a "serious threat" to digital security and fundamental human rights. From a report: In an open letter to GCHQ (Government Communications Headquarters), 47 signatories including Apple, Google and WhatsApp have jointly urged the U.K. cybersecurity agency to abandon its plans for a so-called "ghost protocol." It comes after intelligence officials at GCHQ proposed a way in which they believed law enforcement could access end-to-end encrypted communications without undermining the privacy, security or confidence of other users.

Details of the initiative were first published in an essay by two of the U.K.'s highest cybersecurity officials in November 2018. Ian Levy, the technical director of Britain's National Cyber Security Centre, and Crispin Robinson, GCHQ's head of cryptanalysis (the technical term for codebreaking), put forward a process that would attempt to avoid breaking encryption. The pair said it would be "relatively easy for a service provider to silently add a law enforcement participant to a group chat or call."

Samsung on Tuesday announced the launch of two new chips that it says will support secure, fast-charging USB-C power delivery controllers. "One of them, the SE8A, is what the company calls the industry's first solution that combines a power delivery controller and Secure Element in a single chip, offering new protections like security key storage," reports BGR. "Another result of the development of these new power delivery controllers is that Samsung's power chargers will now be able to support up to a 100W capacity: A 10x improvement over the 10W of a general smartphone charger." From the report: Samsung said the MM101 supports a symmetric encryption algorithm called the Advanced Encryption Standard that enables product authentication and includes moisture sensing capabilities to ensure safer charging conditions. The SE8A supports USB Type-C Authentication, the certificate-based authentication program for USB-C chargers and devices. "With enhanced security," Samsung explained in the announcement, "the SE8A opens possibilities for new kinds of content and services that may be exclusive to a certain brand, location or event."

Today's announcement is also significant because Samsung says the new power delivery controllers meet the most recent USB specs for fast-charging which addresses things like compatibility and efficiency challenges across mobile devices and other electronics. Those challenges can have effects like causing a device to, for example, charge slower than usual in addition to compromising the battery's life cycle.

An anonymous reader shares a report: Facebook's F8 2019 developer conference dominated last week, with talk of AI and AR/VR and privacy. But the news and reactions were all largely expected, and frankly, I was disappointed there was no detail on end-to-end encryption messaging across Messenger, Instagram, and WhatsApp. No, what really stood out for me this week was last night's Stripe announcement: Its fifth engineering hub will be remote. Stripe has decided that hiring 100 remote engineers makes more sense than hiring 100 engineers in one place. Housing and relocation certainly played a role in the decision, but not enough to just choose a location with a low cost of living. Stripe would rather hire the best 100 engineers, regardless of where they are in the world.

That's huge. It's also inevitable. Remote work is happening everywhere you look. Coffee shops and restaurants, temporary offices and co-working spaces, train stations and airports -- private and public spaces are full of people doing their job remotely. I've been thinking a lot about this, and not just because VentureBeat's editorial team is almost all remote workers. In my personal life, I've noticed a clear pattern. All my friends, and their friends, choose to "work from home" every chance they get. If their job allows once a month, they work from home once a month. If the maximum is once a week, they do exactly that. If their boss is on vacation or traveling for work, they work from home for as many days as the office environment permits. Whatever the maximum is, that's what they do.

Facebook CEO Mark Zuckerberg says he's committed to turning his company around. Onstage at Facebook's F8 developer conference, the chief executive said that privacy will be the defining pillar of his social network's sprawling empire going forward. From a report: His opening statements build on the massive shift in Zuckerberg's vision for the company that he first outlined early last month when he announced that Facebook would transition away from the News Feed and public posts and toward a "privacy-focused communications platform" that unified its messaging products around concepts like ephemerality and encryption. "The future is private," Zuckerberg told the crowd, noting that Facebook's most dominant vision over the last decade was to build global communities that would bring the world together, for better or worse. "Over time, I believe that a private social platform will be even more important to our lives than our digital town squares. So today, we're going to start talking about what this could look like as a product, what it means to have your social experience be more intimate, and how we need to change the way we run this company in order to build this."

Slack said it faces threats from "sophisticated organized crime, nation-state, and nation-state supported actors" in an S-1 securities registration form published online Friday. An anonymous reader shares this report from Motherboard: The document says that these threats from organized crime and nation-states actors and affiliates are alongside "threats from traditional computer 'hackers', malicious code (such as malware, viruses, worms, and ransomware), employee theft or misuse, password spraying, phishing, credential stuffing, and denial-of-service attacks."

These threats are impossible to entirely mitigate, according to the document.

The S-1 filing does not claim that an attack from organized crime, nation-state, or nation-state affiliate actually happened. Rather, it just says that threats from these actors present an active risk to the company. Slack was breached in March 2015, as the company points out in its S-1 filing. For four days, an unknown person or group of people had access to Slack information that included "user names, email addresses, encrypted passwords, and information" and phone numbers stored by the company. Slack introduced two-factor authentication to its services following the incident.
The article also points out that Slack doesn't have end-to-end encryption, and that "in some cases, it's possible for your boss to download and read your entire Slack history without your knowledge."

dryriver writes: Imagine for a second that a second, smaller internet infrastructure is built parallel to, but separate from, the regular internet. Lets call this the SafeNet. The SafeNet, which does not allow anonymous use, is not intended for general purpose use like watching Youtube videos, downloading a Steam game, or going on Facebook. Rather, it is a safer, more policed mini-internet that you access through a purpose-built terminal device and use for security critical tasks like online banking, stock trading, medical data transfer and sending confidential business emails, text messages or documents or other things that you don't trust the general internet with.

For example, if you are buying a $250,000 home for your family, you would issue the payments and documents side of this via the SafeNet with a SafeNet terminal device, not over the internet, with a generic computing device. SafeNet requires every user to be government photo-ID registered -- you cannot use SafeNet anonymously like the internet. The network knows who you are, where you are, and you can't hide behind VPNs, proxies or other anonymizers on this network. SafeNet also has a police force that can be alerted if you are hacked, tricked or scammed in any way. Would an internet alternative -- a smaller, separate parallel network -- like this reduce Cybercrime? Again, you wouldn't use the SafeNet for everyday crap like ordering pizza, buying movie tickets, or arguing over something on an internet forum. SafeNet would be used in situations where you are concerned that hackers, cybercriminals or other malevolent agents could get hold of your personal data, steal money from you, impersonate you, or snoop into your confidential communications. Other uses would include letting minors communicate with each other in a controlled fashion without exposing them to the big bad internet itself. Basically, in many situations where you deem performing a task over the larger internet as risky or dangerous, you could perform that task over a SafeNet terminal instead. Shouldn't an "alternative internet" like this exist in some form by now?

Devices using Qualcomm chipsets, and especially smartphones and tablets, are vulnerable to a new security bug that can let attackers retrieve private data and encryption keys that are stored in a secure area of the chipset known as the Qualcomm Secure Execution Environment (QSEE). From a report: Qualcomm has deployed patches for this bug (CVE-2018-11976) earlier this month; however, knowing the sad state of Android OS updates, this will most likely leave many smartphones and tablets vulnerable for years to come. The vulnerability impacts how the Qualcomm chips (used in hundreds of millions of Android devices) handles data processed inside the QSEE.

A year ago, the French government unveiled its plan to build its own encrypted messenger service to ease fears that foreign entities could spy on private conversations between top officials. That app, named Tchap, is now official for Android handsets and the iPhone. From a report: A web dashboard is also in the works. Only official French government employees can sign-up for an account; however, the French government also open-sourced Tchap's source code on GitHub so other organizations can roll out their own versions of Tchap for internal use as well. Work on the app started in July 2018, and the app itself is based on Riot, a well-known open-source, self-hostable, and secure instant messaging client-server package. The app was officially developed by DINSIC (Interministerial Directorate of Digital and Information System and Communication of the State), under the supervision of ANSSI, France's National Cybersecurity Agency.