The Tech News Blog

June 4, 2014

Google Reveals Encryption Add-On, Calls Out Insecure Services

Gmail Logo

Google this week launched another attack on the NSA with a new Chrome add-on called End-to-End, which promises to keep users' data safe from prying eyes.

Aimed at folks who feel even the new Gmail encryption measures aren't quite enough, End-to-End promises that data leaving your browser will remain encrypted until the intended recipient decodes it, and vice versa.

End-to-end encryption tools are not new, but they do require what Google Security and Privacy product manager Stephan Somogyi called "a great deal of technical know-how and manual effort"—traits most Internet users don't have.

So, the Web giant on Tuesday released the source code for its new Chrome add-on, hoping savvy users will test and evaluate the program ahead of its public debut. Financial rewards were promised to those who find security bugs in the code. Once Google is satisfied that the extension is ready for primetime, End-to-End will hit the Chrome Web Store, allowing even the most unseasoned user to send and receive end-to-end encrypted emails.

"We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection," Somogyi wrote. "But we hope that the End-to-End extension will make it quicker and easier for people to get that extra layer of security should they need it."

April 4, 2013

Feds Say iMessage Is ‘Impossible’ to Intercept


Encryption technology used by Apple's iMessage makes it "impossible" for law enforcement to intercept the content of those messages, according to documentation from the Drug Enforcement Agency (DEA).

As reported by CNET, the DEA released an unclassified document that discusses how iMessage might thwart criminal investigations.

The DEA's San Jose office discovered last month that iMessages sent between Apple devices "are not captured by pen register, trap and trace devices, or Title III interceptions," the document says. "iMessages sent between two Apple devices are considered encrypted communication and cannot be intercepted, regardless of the cell phone service provider."

It's easier to intercept a message between an iOS and non-iOS device, the DEA said.

Apple introduced iMessage in 2011. By Nov. 2012, messaging data tipped a decline in text messaging for the first time in western markets - due in part to the switch to iMessage.

While you might find it heartening to learn that the feds cannot monitor the iMessages on your iPhone, the issue complicates efforts to collect evidence against those who are using their Apple gadget for criminal activity.

December 29, 2009

GSM Encryption is Cracked After 21 Years

For 21 years, the same encryption algorithm, A5/1, has been employed to protect the privacy of calls under the Global Systems for Mobile communications (GSM) standard.  With the GSM standard encompassing 80 percent of calls worldwide (AT&T and T-Mobile use it within the U.S.) -- far more than the leading rival standard CDMA -- this could certainly be considered a pretty good run.  However, someone has finally deciphered and published a complete analysis of the standard's encryption techniques in an effort to expose their weaknesses and prompt improvement.