UK’s secret iCloud backdoor order triggers civil rights challenge.
The UK government’s secret order to Apple demanding it backdoor the end-to-end encrypted version of its iCloud storage service is challenged by two civil rights groups, Liberty and Privacy International.
They called the order “unacceptable and disproportionate” and warned of “global consequences” as it's thought to extend to non-UK users too.
#chiffrement #backdoor
Bien !
Depuis le temps qu'ils essayent et réessayent de casser les sécurités ces imbéciles, il y en a qui ont pris des mesures pour sécuriser le chiffrement.
https://www.numerama.com/politique/1925057-chiffrement-le-gouvernement-subit-un-revers-cinglant-sur-les-backdoors.html
BREAKING The French National Assembly removed the backdoor section from the amendment to the #Narcotrafic law.
Read here how Politicians tried to undermine everybody's #security: https://tuta.com/blog/france-surveillance-nacrotrafic-law
And thank you for fighting against this with us. This is a great win for privacy, yet, the battle is not over. Together we are strong! 
Undocumented commands found in #Bluetooth chip used by a billion devices
Une porte dérobée dans une puce #Bluetooth très populaire ? Durant le week-end, la communauté de la sécurité informatique découvrait avec stupeur une information étonnante : la puce ESP32, que l’on trouve dans plus d’un milliard d’appareils dans le monde, contenait une porte dérobée.
https://next.ink/174624/une-porte-derobee-dans-une-puce-bluetooth-tres-populaire-pas-si-vite/
#sécurité #backdoor
Journalists once again parroting whatever law enforcement/governments say they're doing, aiding and abetting them in pretending that "criminals" and "bad guys" and "hostile nation-states" are the primary/only threat when really governments mostly just want themselves (and the corporations they approve of) to have a monopoly on terrorizing their own populations. There is a straight line between this kind of journalism and the general population's deep confusion about who is out to harm them. Credit to the journo for at least including some critical perspectives, but even those don't mention that police themselves *are* the threat.
"France is proposing a law to require encrypted messaging applications, including Signal and WhatsApp, and encrypted email services such as Proton Mail to provide law enforcement with decrypted data on request.
The law, which aims to provide French law enforcement with stronger powers to combat drug trafficking, has raised concerns among tech companies and civil society groups that it will lead to the creation of “backdoors” in encrypted services that will be exploited by cyber criminals and hostile nation-states."
The law also permits the use of spyware such as NSO Group’s Pegasus or Paragon to allow police to remotely activate microphones and cameras of mobile phones and computers, according to an analysis by the civil society group, La Quadrature Du Net.
It also extends the scope of algorithms, known as “black boxes”, which collect data on communications over the internet with the intention of identifying people suspected of criminal activity to authorise the collection of data for “combatting crime and organised crime”."
Jedes Produkt ist nur so sicher wie seine Einzelteile: Am Wochenende wurde eine #Backdoor in einem #IoT-#Mikrocontroller entdeckt, der in geschätzt mehr als einer Milliarde IoT Devices verbaut ist. Und weil der Chip nur 2 EUR im Einkauf kostet, wird er auch in so vielen Endgeräten verbaut. Mit der Backdoor ist es u.a. möglich, sensible Daten abzugreifen, Geräte fernzusteuern oder #Schadsoftware zu verbreiten - Security by Design schaut anders aus:
Apple ne veut pas de backdoor et attaque le Royaume-Uni | Korben | https://exoseed.be/yourls/3k
Yikes, from an article that contains a lot more detail, but just to get your attention as to the impact part:
«The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands that could be leveraged for attacks.
The undocumented commands allow spoofing of trusted devices, unauthorized data access, pivoting to other devices on the network, and potentially establishing long-term persistence.
…
"Exploitation of this backdoor would allow hostile actors to conduct impersonation attacks and permanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment by bypassing code audit controls."
The researchers warned that ESP32 is one of the world's most widely used chips for Wi-Fi + Bluetooth connectivity in IoT (Internet of Things) devices, so the risk is significant.»
People worried about this topic might also "enjoy" the recent Netflix series Zero Day.
And not to get too far afield, but hopefully it also didn't escape notice that there have been broad firings of qualified people in the US government for reasons related not to their technical skill or ability to protect our nation from issues like this, but because of irrelevant details of their private lives or personal leanings on issues of having fair and competent government, helping the needy, defending individual human freedom and dignity, or avoiding mass death in myriad ever-more-likely ways.
"The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented "backdoor" that could be leveraged for attacks."
Undocumented backdoor found in Bluetooth chip used by a billion devices
https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/
#ycombinator #computers #windows #linux #mac #support #tech_support #spyware #malware #virus #security #Backdoor #Bluetooth #Chips #ESP32 #Hardware #virus_removal #malware_removal #computer_help #technical_support
Loi #narcotrafic : pourquoi les idées de Bruno Retailleau sur le #chiffrement sont dangereuses. Il s'avère que le stratagème proposé constitue malgré tout un énorme problème. Même sans #backdoor, même sans casser le chiffrement....
https://www.numerama.com/politique/1919185-loi-narcotrafic-pourquoi-les-idees-de-bruno-retailleau-sur-le-chiffrement-sont-dangereuses.html
Espionage Actor 'Lotus Blossom' Targets South East Asia. The threat actor, of unknown origin, is deploying a proprietary #backdoor #malware known as #Sagerunex against critical infrastructure in Hong Kong, Philippines, Taiwan, and Vietnam.
https://www.darkreading.com/threat-intelligence/espionage-lotus-blossom-south-east-asia
Article plutôt clair pour expliquer et vulgariser la situation, en espérant que sa conclusion de suppression de l'amendement soit correcte
https://www.francetvinfo.fr/internet/securite-sur-internet/proposition-de-loi-contre-le-narcotrafic-pourquoi-l-introduction-d-une-porte-derobee-dans-les-messageries-est-tres-critiquee_7111521.html
#chiffrement #backdoor #Legislation #messagerie #cryptography
Now they show up!
Apple is now fighting the UK over its demand for backdoor access to iCloud accounts
NCSC, GCHQ, UK Gov’t expunge advice to “use Apple encryption” for Barristers, Solicitors (etc…) — co-incidental with Apple lawsuit against HMG’s demanding a backdoor in the same (HT @DavidDavisMP @Privacymatters @Zsk)
https://alecmuffett.com/article/112522
#EndToEndEncryption #HomeOffice #apple #backdoor #surveillance #tcn
Apple is challenging UK’s iCloud encryption backdoor order.
Apple is challenging a UK Government data access order in the Investigatory Powers Tribunal (IPT). The order targeted iCloud backups that are protected by end-to-end encryption.
UK officials are exercising powers they hold via national security surveillance legislation to try to force the iPhone maker to provide data in the clear to law enforcement.
Loi contre le #narcotrafic : Bruno Retailleau confirme son soutien à une disposition controversée visant le #chiffrement des messages. Le ministre de l’intérieur a tenté de rassurer sur l’encadrement de ces #backdoor, qui permettraient aux forces de l’ordre d’accéder aux échanges chiffrés. Il s’est cependant dit « sans illusion » sur l’avenir de la mesure, qui fait l’objet d’une forte opposition.
https://www.lemonde.fr/pixels/article/2025/03/04/loi-contre-le-narcotrafic-bruno-retailleau-confirme-son-soutien-a-une-disposition-controversee-visant-le-chiffrement-des-messages_6576410_4408996.html
Ya plus qu'à utiliser la stéganographie si on veut chiffrer les échanges ?
→ Contre la loi surveillance et narcotraficotage
https://www.laquadrature.net/narcotraficotage/
« Il s’agit d’un des textes les plus répressifs et dangereux de ces dernières années »
« La loi prévoit que les services de #communication soient obligés d’introduire un accès – une « #backdoor » – au bénéfice de la #police […] »
« [Elle] porte une atteinte inédite et très grave aux #principes fondateurs du système judiciaire français que sont le #droit à se #défendre et le principe du #contradictoire »
/
) 
Hacker News 
