The RubyGems package repository removed 18 backdoors from Ruby 11 software libraries meant to launch secret cryptocurrency mining.
U.S. Attorney General William Barr suggested that Americans should just accept encryption backdoor security risks (via TechCrunch). Encryption Backdoor Risks In a speech today, William Barr called on tech companies to help the federal government to access devices with a lawful order. In other words, ignore the security risks and put a backdoor into their…
A report from Bloomberg says software flaws found in Vodafone’s Huawei equipment back in 2011-2012 were backdoors. Vodafone, while admitting that the equipment did have security flaws, denies that Huawei could have used them as such.
The issues in Italy identified in the Bloomberg story were all resolved and date back to 2011 and 2012. The ‘backdoor’ that Bloomberg refers to is Telnet, which is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet. Bloomberg is incorrect in saying that this ‘could have given Huawei unauthorised access to the carrier’s fixed-line network in Italy’.
The BBC article is worth the read. Also keep in mind that this isn’t the first time Bloomberg has reported on alleged backdoors by a Chinese company. They provided no evidence the first time and so far have refused to issue a retraction.
Researchers uncovered a GitHub code ring made up of 89 accounts promoting 73 repos that contain over 300 apps with backdoors.
You can’t simultaneously have strong end-to-end encryption and a way to break or circumvent that encryption.
The Electronic Frontier Foundation (EFF) is backing the the Secure Data Act, proposed legislation the EFF says would stop government-mandated backdoors.
The Mac Observer has some best practices to make sure you’re safe from phishing attacks:
By “evil genius stuff” he of course refers to mathematics. That’s what encryption is, just a bunch of fancy math.
When politicians propose that Apple build a backdoor into the iPhone for law enforcement, we write off their idea as ill-informed. So why do they persist?