Author: admin

Australia Threatens to Force Companies to Break Encryption

Posted on | by admin

In 2018, Australia passed the Assistance and Access Act, which—among other things—gave the government the power to force companies to break their own encryption.

The Assistance and Access Act includes key components that outline investigatory powers between government and industry. These components include:

  • Technical Assistance Requests (TARs): TARs are voluntary requests for assistance accessing encrypted data from law enforcement to teleco and technology companies. Companies are not legally obligated to comply with a TAR but law enforcement sends requests to solicit cooperation.
  • Technical Assistance Notices (TANs): TANS are compulsory notices (such as computer access warrants) that require companies to assist within their means with decrypting data or providing technical information that a law enforcement agency cannot access independently. Examples include certain source code, encryption, cryptography, and electronic hardware.
  • Technical Capability Notices (TCNs): TCNs are orders that require a company to build new capabilities that assist law enforcement agencies in accessing encrypted data. The Attorney-General must approve a TCN by confirming it is reasonable, proportionate, practical, and technically feasible.

It’s that final one that’s the real problem. The Australian government can force tech companies to build backdoors into their systems.

This is law, but near as anyone can tell the government has never used that third provision.

Now, the director of the Australian Security Intelligence Organisation (ASIO)—that’s basically their CIA—is threatening to do just that:

ASIO head, Mike Burgess, says he may soon use powers to compel tech companies to cooperate with warrants and unlock encrypted chats to aid in national security investigations.

[…]

But Mr Burgess says lawful access is all about targeted action against individuals under investigation.

“I understand there are people who really need it in some countries, but in this country, we’re subject to the rule of law, and if you’re doing nothing wrong, you’ve got privacy because no one’s looking at it,” Mr Burgess said.

“If there are suspicions, or we’ve got proof that we can justify you’re doing something wrong and you must be investigated, then actually we want lawful access to that data.”

Mr Burgess says tech companies could design apps in a way that allows law enforcement and security agencies access when they request it without comprising the integrity of encryption.

“I don’t accept that actually lawful access is a back door or systemic weakness, because that, in my mind, will be a bad design. I believe you can ­ these are clever people ­ design things that are secure, that give secure, lawful access,” he said.

We in the encryption space call that last one “nerd harder.” It, and the rest of his remarks, are the same tired talking points we’ve heard again and again.

It’s going to be an awfully big mess if Australia actually tries to make Apple, or Facebook’s WhatsApp, for that matter, break its own encryption for its “targeted actions” that put every other user at risk.

—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains

Cybersecurity Tips for Students Returning to School

Posted on | by admin

Almost every teenager in the United States (approximately 96%) reports using the internet daily. As students prepare to return to school after the summer break, ensuring their cybersecurity practices are up to date is essential to protect personal information from increasingly sophisticated cyber threats. By teaching proactive cybersecurity measures, parents can empower their children to maintain a secure online presence, fostering a safer digital environment for the entire family.

Protecting Devices

According to research conducted at Baylor University, students are estimated to spend a substantial average of eight to ten hours daily engaged with smartphones or other forms of technology. These devices need to be safeguarded because they are integral to daily life, facilitating communication, learning, and productivity.

Here are essential steps to safeguard computers, cell phones, and tablets:

  • Update Software Regularly: Make it a habit to update all software promptly. Updates frequently contain crucial security patches that shield devices from potential cyber threats. Encourage your student to enable automatic updates whenever possible to stay protected against the latest vulnerabilities.
  • Use Holistic All-Around Online Protection: Install and activate reputable online protection software on all devices. This acts as a defense mechanism, detecting and neutralizing malicious software that could compromise personal information or disrupt device functionality.
  • Secure Your Network: Use a secure Wi-Fi network with encryption (such as WPA2) and change the default administrator passwords on your routers. Avoid accessing sensitive information or conducting financial transactions over public Wi-Fi. Consider using a Virtual Private Network (VPN) when connecting to public Wi-Fi networks to encrypt internet traffic and protect data from potential eavesdroppers.

Using Complex Passwords

One study found that young students knew not to share their passwords with others, but only about 13% of them created very strong passwords. Creating a complex password is crucial because it acts as a barrier against unauthorized access to personal accounts and sensitive information.

  • Create Complex Passwords: Use passwords that are at least 12 characters long, include a mix of letters, numbers, and special characters, and don’t have any easily guessable information like birthdates or names. A password generator can suggest strong passwords for you.
  • Avoid Password Reuse: Emphasize the importance of using different passwords for different accounts. If one account is compromised, having unique passwords ensures that other accounts remain secure.
  • Consider Password Managers: Using a password manager can help students securely store and manage their passwords. This eliminates the need to remember multiple passwords while maintaining security.
  • Enable Multi-Factor Authentication (MFA): Enable multi-factor authentication for added security. This extra layer of protection requires a second form of verification (like a text message code or authentication app) in addition to a password, significantly reducing the risk of unauthorized access.

Being Cautious of Online Scams and Phishing Attempts

Phishing attacks are prevalent and can trick students into revealing sensitive information or downloading malware. These scams often mimic trusted sources like educational institutions or familiar online services, enticing recipients to click on malicious links or download attachments containing malware. Once engaged, these tactics exploit vulnerabilities to compromise devices, steal information, or gain unauthorized access to accounts, posing significant risks to personal and academic security.

  • Educate About Phishing: Teach students how to identify common phishing red flags, such as urgent requests for personal information or emails with grammatical errors and suspicious links.
  • Verify Sources: Always verify the legitimacy of emails, messages, or websites before clicking on links or providing personal information.
  • Report Suspicious Activity: Encourage students to report any suspicious emails or messages to their school’s IT department or a trusted authority figure.

To further enhance students’ defenses against phishing attacks, utilizing a scam protection tool can be invaluable. These tools are designed to automatically detect and alert users to potentially dangerous URLs embedded in texts, emails, or social media messages. Imagine receiving a suspicious link in what appears to be a package delivery notification or a bank alert—this tool’s AI technology swiftly identifies such threats and alerts you before you click, providing peace of mind against falling victim to phishing scams. As a proactive measure, it can even block access to risky websites if you inadvertently follow a scam link, effectively bolstering your defenses across various digital platforms.

Protecting Personal Information

A Pew Research Center survey found that the majority of U.S. teens use social media sites like TikTok (67%), Instagram (62%) and Snapchat (59%). Social media serves as a powerful tool for connecting, discovering, and exchanging information. However, oversharing can inadvertently expose us to threats posed by scammers, hackers, and data aggregators. To stay better protected on social media, consider these tips:

  • Limit Social Sharing: Advise students to refrain from disclosing sensitive details like home addresses, phone numbers, or upcoming travel plans. This proactive step minimizes the risk of such information falling into the wrong hands, ensuring personal safety and privacy.
  • Use Privacy Settings: Make full use of privacy controls available on social media platforms to specify who can view posts, access personal information, and contact you. Customizing these settings empowers users to manage their online presence effectively, but finding and adjusting privacy settings on social media accounts can often be a difficult task. McAfee’s Social Privacy Manager can help you adjust more than 100 privacy settings across your social media accounts in just a few clicks.

As students gear up for another school year, cybersecurity awareness should be a top priority. Staying vigilant and proactive is key to maintaining a secure digital environment for students at all educational levels. By implementing these cybersecurity tips, students can protect themselves against potential threats and focus more on their studies with peace of mind.

The post Cybersecurity Tips for Students Returning to School appeared first on McAfee Blog.

—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains