Data Privacy Smoke and Mirrors

As hardware and software manufacturers make public statements about hardening and protecting their services in the name of customer privacy, federal agencies speak out against it – let the smoke and mirrors game begin…

After Snowden revealed how deep tech company’s “data sharing” cooperation with the federal government has been, many of them are now making stands on protecting their customer’s data privacy. Google and Apple have announced that their latest operating systems will include encryption by default. According to the Washington Post, Apple has gone as far as stating that they will not be able to unlock an Apple device, even with a search warrant:

“Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data, so it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”

As expected, government officials are coming out in protest of the tech giants move to protect data privacy. FBI Director James Comey recently told reporters that the move could hinder investigations and put lives at risk, “I’d hate to have people look at me and say, ‘Well how come you can’t save this kid?’ ‘How come you can’t do this thing?“

In all honesty, this just appears to be a lot of smoke and mirrors. Manufacturers have worked hand-in-hand with law enforcement for a very long time, and most likely are not going to stop now, or anytime soon. Does anyone remember Cisco’s “Lawful Intercept?”

On Cisco’s website, Lawful Intercept is defined as:

“… the process by which law enforcement agencies conduct electronic surveillance of circuit and packet-mode communications as authorized by judicial or administrative order. Countries throughout the world have adopted legislative and regulatory requirements for providers of public and private communication services (service providers) to design and implement their networks to support authorized electronic surveillance explicitly. International standards organizations have also developed standards to guide service providers and manufacturers in specific lawful intercept capabilities.”

Communication interception devices in use by the government (and apparently some law enforcement agencies) have the capability to intercept and analyze cell phone calls and other electronic signals, so having physical access to a device may not be as big as a priority as before. Even so, if someone can remotely access a device as the currently logged in user, certain data encryption is meaningless – the device will dutifully unencrypt the data for the remote user thinking it is in fact the legitimate user.

It would seem that this display of concern for data privacy is nothing more than a public display to regain consumer trust. As soon as access to a device is needed for a criminal case or terrorist incident, you better believe that a back door or other way to access needed data will be available.

 

Book Review: Kali Linux Network Scanning Cookbook

Everything you ever wanted to know about scanning (and then some)!

Security Guru and trainer Justin Hutchens has recently released an exceptional book on network scanning with Kali Linux. The book starts out with the very basics of network scanning and progresses through stages to more advanced scans and even exploitation.

All the basics are present, like using Nmap, ARPing, Scapy and other tools to perform varied levels of discovery, port scanning and fingerprinting.  You are then masterfully shown how to greatly expand the capabilities and functions of these tools by using scripting.

But it doesn’t stop there, you then move on to using scanning tools and Burp Suite to perform Denial of Service attacks, SQL injection and Metasploit attacks. Because really what is a scanning book without including offensive attacks?  🙂

The book is easy to read and follow using step-by-step instructions and screen views. It is setup in sections (called “Recipes”) so that if you want to know how to perform Layer 4 discovery using Scapy or DoS attacks with Nmap, you just go directly to that particular section.

I have worked with Justin on a couple projects and he is one of the most talented security teachers and authors that I have ever met. He covers material in this book that I have never seen covered anywhere else. If you have any interest in network scanning or want to learn a lot more about it, get this book!

Available at Packt Publishing and Amazon.com.

*** UPDATE *** Original print quality issues have been rectified according to the publisher.

US Army Activates “Cyber Protection Brigade”

On Friday the US Army activated what it is calling a “Cyber Protection Brigade”.

According to a post on Army.mil’s website:

“The Army is activating a Cyber Protection Brigade today, and discussing a new cyber branch that could be established as early as next month.

Command Sgt. Maj. Rodney D. Harris, Army Cyber Command, said the branch announcement could come as early as the second week of October, during the Association of the U.S. Army’s annual meeting.

The Cyber Protection Brigade is being activated by the U.S. Army Network Enterprise Technology Command at Fort Gordon, Georgia. It’s the first brigade of its kind in the Army and the nucleus of the new unit will be its cyber protection teams, according to the command.”

The cyber soldiers who are highly trained by the military will help defend the Army’s systems, but will also include offensive strike teams.

“The cyber teams will be roughly platoon-sized, but vary depending on their mission. The combat-mission or offense teams are larger, Harris said. The network defense or cyber-protection teams are mid-size.”

The Army may create a new cyber branch next month. It can take up to three years to train a NCO cyber leader, making it one of the longest training cycles. And with computer attacks increasing every day, the Army is focusing on obtaining and retaining troops who have cyber skills.