While the world is laughing at UK PM David Cameron for his pledge to ban encryption, Australia is on the way to implementing legislation that could feasibly have a similar effect.
Moreover, the little-debated Defence Trade Control Act (DTCA) is already law - it's just that the criminal sanctions it imposes for sending knowledge offshore without a license are being phased in, and don't come into force until May 2015.
Just over a year ago, Jacob Appelbaum and Der Spiegel revealed pages from the National Security Agency's ANT catalog, a sort of "wish book" for spies that listed technology that could be used to exploit the computer and network hardware of targets for espionage. One of those tools was a USB cable with embedded hardware called Cottonmouth-I—a cable that can turn the computer's USB connections into a remote wiretap or even a remote control.
The trail that led US officials to blame North Korea for the destructive cyberattack on Sony Pictures Entertainment in November winds back to 2010, when the National Security Agency scrambled to break into the well-guarded computer systems of a country considered one of the most impenetrable targets on earth.
Verizon fixed a serious vulnerability in its My FiOS mobile application that allowed unfettered access to email accounts, according to a developer who found the problem.
Randy Westergren, a senior software developer with XDA Developers, looked at the Android version of My FiOS, which is used for account management, email and scheduling video recordings.
All-or-nothing approaches to security are part of what's making it so hard to achieve acceptable protection, a new RFC suggests.
Written by Viktor Dukhovni of Two Sigma, RFC 7435 argues that the way current systems fail is a discouragement to good security. A binary failure – if two peers in a conversation don't have the same capabilities, the connection fails – can result in users avoiding encryption, for example, because it's too inconvenient; or administrators switching off because user problems are too frequent.