FBI wants backdoors

Recently, the director of the FBI, James Comey, stated that unless the government is give special access cell phone encryption will prevent them from doing their job, ie stopping terrorists. He noted “both real-time communication and stored data are increasingly encrypted,” which prevents them for “lawfully pursuing criminals”.

He wishes to expand on the Communications Assistance for Law Enforcement Act(CALEA) from 1994 which mandated that telephone companies build backdoors in their equipment for wiretapping. But currently law forces communication companies to do so.

The director of the FBI stated that the default encryption in iOS 8 and the soon to be default for Android, will block law enforcement from gathering all evidence against a suspects and the solution to the problem is the tech companies build “front-doors” on the cell phones.

“”We aren’t seeking a back-door approach,” Comey said, referring to a common term          for encryption that has been intentionally weakened. “We want to use the front door,            with clarity and transparency, and with clear guidance provided by law,” including court      orders, he said.”

He also notes that “adversaries will exploit any vulnerability they find” and to reduce the risk from the backdoor there should be a development of “intercept solutions during the design phase”.

-Chris Lazarus

The “Shellshock” Bug

This past week a new bug has been discovered. It has been nicknamed the “Shellshock”. The bug is a glitch within bash in the Unix command shell. Basically, the command line will run a function but after the function is over it can continue to run code.

shellshock_bash

 

This is an issue that has gone unnoticed for almost 25 years. There are few issues. if a hacker get to your home computer, can simply run a function and some some malicious code and infect your system. However, if you are using a firewall it is not as big of a concern. Servers though are a little bit different. They are easier to infect since they aren’t protected by firewall and little complex to fix.

Good news is there are many patches already released since the discoverer, so fixing the bug will require a system update.

 

http://www.engadget.com/2014/09/25/what-is-the-shellshock/