iGyaan Network

Tag: Encryption

  • WhatsApp Encryption Is The Best Thing To Happen To The Free World

    WhatsApp Encryption Is The Best Thing To Happen To The Free World

    At this very moment, the largest debate in the world is around Whatsapp and their brand new End to End Encryption.

    With the Apple vs. FBI debacle just barely out the door, a new threat to “National Security” of many governments is the encryption of messages on the world’s largest messaging app. This app which daily carries personal data of nearly a billion users has just pushed a major upgrade that will encrypt the messages, files, images, videos, etc. of each chat from a point of origin to a point of receiving.

    How does it work?

    If both users of a Whatsapp message (i.e. the sender and recipient) have updated to the latest update, then their message is encrypted with a 256-bit algorithm. Which in turn means that, apart from the sender and the recipient of said message, no one will know what message was sent, including WhatsApp.

    whataspp encrypt

    WhatsApp uses what’s called public key encryption: To send a message to User B, User A asks a WhatsApp server for a public key that applies to User B. User A then uses the public key to encrypt the message. User B’s private key—only available on User B’s phone—decrypts the message.

    Whatsapp_Encryptio
    Image via Wired

    The encryption method is so diverse the service will encrypt all messages, phone calls, photos, and videos moving among them. And that’s true on any phone that runs the app, from iPhones to Android phones to Windows phones to old school flip phones.

    To get more information on how this works you can download WhatsApp’s Whitepaper here.

    Why Did it Happen?

    Jan Koum, WhatsApps founder, was one of the first to voice support for Apple in the Apple vs. FBI debate. The company has been encrypting some of the information on the messages since 2013.

    Facebook, which is WhatsApp’s parent company, is also trying to implement encryption in their messaging systems, and with WhatsApp’s encryption out the door, this may happen sooner than later.But, why is all of this important for us as users? The answer to this question lies within our thought processes. After the biggest information leak by Edward Snowden, it has become apparent that governments have become careless in combating terrorism. To the point where they are breaking the fundamentals of privacy and collecting data on each of their citizens, breachings the basics of the law systems set in many countries.

    We’ve been working for the past two years to give people better security over their conversations on WhatsApp… People deserve security. It makes it possible for us to connect with our loved ones. It gives us the confidence to speak our minds. It allows us to communicate sensitive information with colleagues, friends, and others. We’re glad to do our part in keeping people’s information out of the hands of hackers and cyber-criminals.  – Said Jan Koum

    But, why is all of this important for us as users?

    The answer to this question lies within our thought processes. After the biggest information leak by Edward Snowden, it has become apparent that governments have started collecting personal analogue and digital data, which is an equivalent of hundreds and thousands of email, calls,  personal images, videos, and messages.

    Snooping in on private moments has been the biggest conversation of the past few years. With WhatsApp adding a no backdoor system the data on the service becomes completely private. No requests by the governments will be entertained, and WhatsApp has made that loudly clear.

    This will ensure privacy to a billion users of the largest messaging application in the world. Which means no matter what moment you share on this app with the latest update, you can be assured no one is snooping in on it.

    But it is not only the governments that this information encryption is trying to prevent. Hundreds of hackers and cyber-thieves are constantly on the lookout for an easy payday. This encryption will protect sensitive data from being easily taken and used against you. This also prevents identity theft and many other cyber crimes that one may have become a victim to in the past.

    Security

    What About the Security Risk?

    Many Governments and security agencies will debate, that this will help terrorists communicate easier, and security will mostly be broken. In pushing back against end-to-end encryption, the US government argues that it’s merely trying to maintain the status quo—that it has long had the power to issue a warrant for communications data.

    With no backdoor, WhatsApp data will not be decrypted; no information apart from timestamps and metadata of when the messages were sent  and possibly who they were sent to will be available to the app makers themselves.

    Encryption is one of the most important tools governments, companies, and individuals have to promote safety and security in the new digital age. Recently there has been a lot of discussion about encrypted services and the work of law enforcement. While we recognize the important work of law enforcement in keeping people safe, efforts to weaken encryption risk exposing people’s information to abuse from cybercriminals, hackers, and rogue states. – WhatsApp

    For the time being it seems that the free world citizens are winning the battle over privacy. But the security agencies and governments are not ones to sit back and watch quietly. For one there remains a significant vulnerability for privacy-concerned people using WhatsApp to communicate. The metadata about communications is not secret. The government, could, for example, demand to know from Facebook/WhatsApp with whom a particular user communicated, when he or she did so, and how frequently. They may even be able to tell where the parties to a conversation were located when the conversation took place.

    The metadata and timestamps about communications are not secret. The governments could demand to know from Facebook/WhatsApp with whom a particular user communicated, when he or she did so, and how frequently. They may even be able to tell where the parties to a conversation were located when the conversation took place.

     

  • Tim Cook Refuses to Provide FBI With Specialized Encryption Code

    Tim Cook Refuses to Provide FBI With Specialized Encryption Code

    In December, 2015, Calif, San Francisco, became victim of a cold-blooded shooting incident orchestrated by Syed Rizwan Farook and his wife, Tashfeen Malik. Fourteen civilians were shot dead before the couple was taken down by the police. It was later confirmed that Rizwan Farook’s phone, an iPhone 5c, was in custody with the authorities.

    After two months of failed attempts of unlocking it, the court ordered Apple to provide an encryption code that would take down the security measures of the device. Judge Sheri Pym asked Apple to provide specialized software that would bring down the security, while also getting rid of the feature which erases all data from the phone after a couple of unsuccessful attempts to log in.

    It was later confirmed that the auto-delete feature has been deactivated and that authorities are using brute force attack to unlock the code. According to Apple, a method of this kind would take decades to move past the security encryption of the phone. In fact, a supercomputer would take over five years to crack such a six-digit code.

    He may look it, but he's not pleased.
    He may look it, but he’s not pleased.

    Apple has accepted that it is pretty much impossible to break into an Apple device which is running on iOS 9. In the wake of these events, Apple was requested by FBI to provide a unique encryption that would allow them to retrieve security key to Rizwan Farook’s iPhone. Apple refused to offer a solution that would allow FBI to bypass the code for it believes this would be detrimental for the security of iPhone users all over the world.

    “We have great respect for the professionals at the FBI, and we believe their intentions are good…The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control,” Tim Cook wrote on the Apple website.

    Apple has been very conscious of its users’ privacy from the start. Only a few days ago the company had declared it would never reveal personal details of iPhone users to the police. And now comes this very clearly stated message from the company. Tim Cook is definitely not overly pleased by FBI’s demands and has made his stance clear. Has he opted for the right plan of action by protecting users’ privacy all over, or should he just go ahead and provide the authorities with the encryption?

    [poll id=”41″]

  • Indian Government’s New Policy Proposal Threatens Our Online Privacy

    Indian Government’s New Policy Proposal Threatens Our Online Privacy

    The latest draft of the National Encryption Policy released by DeitY has found itself on the receiving end of ridicule and scathing criticism. Being condemned as an obsolete move that puts India decades behind in the tech-world, the proposal is seen as an attack on privacy on the internet.

    The draft aims to “enable information security environment and secure transactions in Cyber Space for individuals, businesses, Government including nationally critical information systems and networks”.Internet

    This proposition is facing criticism because inherent within it is the implication of weakening of the encryption codes that would make private files on the internet accessible to the government. Apple offers an advanced version of iMessages where the company itself has no record of the messages of its users, and fights it out with the US government in the court regarding the latter’s involvement in the virtual existence of its citizens.

    Back home, India asks its citizens to make themselves more vulnerable in Cyber Space in the form of regulation regarding the internet. It goes ahead to talk of plans of imposing a 90-day-compulsory-period of storage on all data exchanged using services like WhatsApp or iMessage, which make use of an end-to-end-encryption technology.

    “All information shall be stored by the concerned B / C entity for 90 days from the date of transaction and made available to Law Enforcement Agencies as and when demanded in line with the provisions of the laws of the country.”

    The complete draft of this new policy has been posted by DeitY on their website. The authorities ask for comments on the decision which can be sent to [email protected], until October 16, 2015.

iGyaan Network
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.