Online Security is threatened by Politics in the EU

René Pfeiffer/ June 17, 2024/ Communication, Security

A vote for the EU Chat Control disaster is scheduled again. If the vote passes, then this chat control system will destroy the security of communication platforms for all Internet users, organisation, and companies. Chat control basically disables end-to-end-encryption (E2EE). The proposals have been widely discussed, but it seems that the Belgian presidency decided to rush the topic right before the Summer break. Secure communications platforms such as Signal and Threema warned lawmakers. EuroISPA has published a statement of protest as well. E2EE is a cornerstone of information security. The chat control regulation would only affect citizens and businesses. Criminals will always have a way around this. The proposed mass surveillance is a security risk by itself. Nation state conducting espionage will welcome the weakening of the security posture and use it against the

Read More

Press Release: A 40-year Step Backwards for Secure Communication

Sanna/ March 2, 2023/ Press

The UK government’s Online Safety Bill wants to set back the state-of-the art for secure communication 40 years backwards. The proposal includes compulsory backdoors for communication platforms and will lead modern encryption technologies into complete futility. If implemented, the secure messenger Signal will withdraw from the British market. The law is a serious threat to businesses and represents an unprotected gateway for espionage. “Crypto Wars” – the fight against security Secure communication has been under constant legal attack since it became widespread. The secure exchange of messages is perceived as a threat because, technically, no monitoring of correspondence can be implemented. The encryption software Pretty Good Privacy (PGP) was created in 1991 by Phil Zimmermann. After the code was published on the internet and spread internationally in the following years, Zimmermann became the target

Read More

Translated Article: EU Decryption Plans apparently “Done Deal”

Sanna/ December 30, 2020/ Stories

EU-Entschlüsselungspläne offenbar „beschlossene Sache“ by Erich Moechel for fm4.ORF.at Even without an official mandate from the Council for such a regulation, the Commission has already started to anchor a decryption requirement in other regulation projects. Chronicle of the second Cyberwars from 2014 to today, Part II. You can find part one here. The controversial resolution of the Council of Ministers against secure encryption was anchored in the new draft guidelines for “high-class cyber security” of December 16. Since resolutions are not binding per se, this indicates a “Fait Accompli”, an informally already decided matter. From data retention (until 2006) to the currently adopted regulation against online terrorist propaganda (start in 2016) , all major EU surveillance projects have started in this way. So much more than the public information available so far should have already

Read More

Translated Article: EU Directive for “High-Class Cybersecurity” with Duplicate Keys

Sanna/ December 29, 2020/ Conference, Security, Stories

EU-Richtlinie für „hochklassige Cybersicherheit“ mit Nachschlüsseln by Erich Moechel for fm4.ORF.at. The key message of the Council of Ministers’ resolution against secure encryption has already arrived in a first draft directive. For this reason here’s a historical outline of the new Crypto Wars since 2014. The resolution of the EU Council of Ministers against secure encryption, which resulted in so much criticism, has already appeared in a first draft directive. A corresponding passage can be found in the new draft directive on “Measures for high-quality cybersecurity in the Union”. The date of December 16 of the document shows that it was already drawn up before the Council resolution was passed (on December 19). Here, too, it is claimed that secure end-to-end encryption remains intact if duplicate keys are generated for third parties. Meanwhile the EU

Read More