WikiLeaks shook the internet again on March 7, 2017, by posting several thousand documents containing information about the tools the CIA allegedly used to hack, among others, Android and iOS devices. These classified files were obtained from the CIA's Center for Cyber Intelligence, although they haven't yet been verified and a CIA official declined to comment on this incident.
This isn't the first time that the U.S. government agencies were accused of crossing the line and undermining online security and civil liberties, as it's been only a year since the infamous FBI-Apple encryption dispute. It's like "1984" all over again.
According to these documents, the alleged exploits took place between 2013 and 2016, while at least 24 Android vulnerabilities were identified. Among them were hacking tools capable of turning Android and iPhone devices, smart TVs, and computers into "covert microphones". Chrome was targeted by the EggsMayhem attack, the Sulfur exploit caused Android to leak critical OS information, while the RoidRage bundle was used to obtain remote control over Android devices. At first, all the tech companies from Silicon Valley maintained their silence, but two days later, Google's Manager of Information Security, Heather Adkins, said that many of the vulnerabilities referred to in the report were fixed.
However, security specialists say that those government intrusions on privacy, although undeniably severe and illegal, haven't been reported to affect versions of Android after 4.4. Google is currently busy analyzing their security issues, and working on implementing further protections. Apple also issued a statement saying that their users were protected as the latest iOS version contained security patches for the mentioned exploits. Security protocols of many chat apps such as Facebook's WhatsApp, Signal, or Weibo, were broken, too.
All this obviously puts not only many individual users, but also numerous companies at risk, as their privacy can be easily violated and their trade secrets exposed. That's why it's wise to think about alternative methods of communication and constant security software testing.
On December 2, 2015, 14 people were killed, while 22 were injured in a terrorist attack at the Inland Regional Centre in San Bernardino, California. The perpetrators were subsequently killed in a shoot-out with the police. During the investigation, the FBI found an Apple iPhone 5C, issued to one of the terrorists by the San Bernardino County, as he was its employee. However, the phone had a password and couldn't be unlocked due to its advanced security features.
The FBI asked Apple to help them and disable certain security features, which the company declined on the grounds of its policy of never undermining the security features of their products. This case sparked a heated debate regarding the importance of security and encryption both in court and among the general public. A poll conducted by the Pew Research Center on the sample of 1,022 adults showed that 51% of the U.S. citizens supported the FBI, while 38% agreed with Apple, although the company warned that creating a backdoor to the iPhone could pose a threat to the data security, as the government or hackers could potentially unlock any iPhone.
Finally, the FBI used a tool purchased from a third party unlock the device and withdrew the request. This incident is still a controversial matter in the U.S.
In December 2013, it was revealed that the NSA and the UK's GCHQ entered the realm of online gaming and started collecting data from the likes of WoW and Second Life, as an attempt to track potential terrorists. The two intelligence agencies claimed, although their efforts weren't fruitful, that terrorists might be using MMORPG networks in order to stay under the radar thus making it easier for them to communicate, plan attacks, or even move money.
This was revealed, together with many other NSA surveillance practices, by Edward Snowden. As a result, 8 tech giants, including Facebook, Google, and Microsoft penned an open letter to the Obama Administration requesting reforms of government surveillance practices.
|Data Center||Policy & Regulation|
|DNS Security||Regional Registries|
|Domain Names||Registry Services|
|Intellectual Property||Top-Level Domains|
|Internet of Things||Web|
|Internet Protocol||White Space|
Afilias - Mobile & Web Services
.eco launches globally at 16:00 UTC on April 25, 2017, when domains will be available on a first-come, first-serve basis. .eco is for businesses, non-profits and people committed to positive change for the planet. See list of registrars offering .eco more»