You’re Getting More Secure

IMAG1400In case you don’t read the geek press, everything you touch digitally will soon have new encryption schemes built in. That lessens the chance anyone but you will ever see your stuff.

It’s the new world where JLa’s pics stay private.

But everyone knows it’s really about keeping the government out.

Apple and Google’s next operating systems are toughened against spying. It’s my understanding Apple is removing a ‘feature’ iPhones now have which enabled much of this.

More and more websites are https not http. They’ve added layers of encryption. Your transactions are hidden from prying eyes.

Businesses have been hurt by government’s massive spying efforts. Cloud companies, meaning Google, Amazon and a bunch of others, need to reassure nervous clients in our global economy. This is a sector where US companies have had great success.

Businesses and people want to flesh out ideas without later answering for early notes. We should be allowed to think in private.

In the end, by spying too invasively, the NSA and others made their own jobs more difficult. Is this how checks and balances work in the 21st Century? Maybe. Probably.

The NSA’s On The Wrong Side Of Heartbleed

Since this entry was published the NSA had denied any part in knowing the Heartbleed flaw existed. Their adherence to the truth has been less than exemplary in the past. Let’s let this play out. – Geoff

heartbleedYou’ve probably heard about the Heartbleed bug by now. It’s a flaw introduced to to SSL (Secure Sockets Layer); a mistake as code was updated.

Simply put, Internet data transmissions we thought were secure were not. Things like passwords, financial information, anything private was easily cracked.

The bug languished mostly unknown for years. That’s called security by obscurity. Never a good idea. We’re seeing that now.

As far as I can tell Heartbleed’s never been exploited for nefarious commercial purposes. It has that potential. However, it has been exploited by our government’s spies!

The NSA knew Heartbleed existed. They had a choice, tell the maintainers of the code to fix it or exploit it themselves and leave us vulnerable. They chose the latter.

Now, because the NSA felt their ability to soak up data trumped our collective security, Heartbleed is a big deal! Leaving this security hole open for years is reprehensible.

More and more it seems America’s intelligence agencies, beginning with the NSA, are out-of-control. They have lost sight of their actually mission–protecting us. Instead we are more vulnerable and our international partners know we can’t be trusted with their precious secrets.

This story was broken by Michael Riley at Bloomberg News.

“It flies in the face of the agency’s comments that defense comes first,” said Jason Healey, director of the cyber statecraft initiative at the Atlantic Council and a former Air Force cyber officer. “They are going to be completely shredded by the computer security community for this.”

It’s time we have a come to Jesus meeting with our spies. Is everyone in Washington that scared of them?