Translated Article: New EU Regulation makes securely encrypted Chats illegal

Sanna/ July 13, 2022/ Stories/ 0 comments

Neue EU-Regulierung macht sicher verschlüsselte Chats illegal by Erich Moechel for fm4.orf.at [This article has been sitting in our translation queue for a while. We have translated the content, because Erich monitors the development of the war against encryption for many decades and has always deep insights into the processes behind the scenes.] The word “encryption” is hardly mentioned directly in the Commission’s draft, which aims to make end-to-end encryption illegal in general. Series, Part 1. The EU Commissioner Ylva Johansson’s Regulation on Combating Child Abuse on the Internet, which was presented on Wednesday, caused incredulous amazement in the professional world. “This will be the most sophisticated system of mass surveillance ever set up outside of Russia or China,” prominent cryptographer Matthew Green wrote in a first reaction on Twitter. Securely encrypted chats are de

Read More

Translated Article: EU Control Committee Blocks Regulation on Chat Surveillance

Sanna/ April 4, 2022/ Stories/ 0 comments

EU-Kontrollausschuss blockt Verordnung zur Chat-Überwachung by Erich Moechel for fm4.orf.at [We have translated this article, because we have criticised client side scanning and introducing backdoors to circumvent encryption in past articles. Erich Möchel has an update on the current EU initiative to make encryption useless.]. A leaked report from the Commission’s control committee shows that officials from the Commission’s interior department have not presented a legally compliant draft in two years. The publication of the ordinance on the automated monitoring of chats, which was announced at the end of March, has already been postponed again. This ordinance, ostensibly aimed at combating child abuse, is now 18 months behind schedule. A recent leak now shows the reason for this series of postponements. The officials responsible for the Commission’s draft could not come up with a text

Read More

Translated Article: Internet Traffic in Russia will be Rerouted

Sanna/ March 17, 2022/ Stories

Der Internetverkehr Russlands wird umgeroutet by Erich Moechel for fm4.orf.at With Lumen and Cogent, the leading transit carrier and the number three are just exiting the Russian market. Apparently, this doesn’t happen voluntarily and, above all, not as quickly as announced. After the media sector and the stock exchange, the western sanctions are now hitting the Russian IT industry with full force. With Cogent and Lumen, two of the top five international Internet carriers are in the process of cutting off their major customers in Russia one after the other. Market leader Rostelecom, all mobile phone companies and the Internet group Yandex are losing their strongest connections to the world. On Friday, the London Internet Exchange announced that Rostelecom traffic would no longer be routed. All of this is a first in the history of

Read More

Translated Article: CIA Data Mining in SWIFT Financial Data from Europe

Sanna/ March 2, 2022/ Stories

[Editor’s note: This article was translated before the invasion of Russian troops into Ukraine. It features SWIFT, and the discussed data mining methods still apply regardless of the sanctions.] Data-Mining der CIA in SWIFT-Finanzdaten aus Europa by Erich Moechel for fm4.orf.at Massive financial datasets are constantly being delivered from the EU to the US as part of the TFTP treaty against terrorist financing. The CIA receives this data. The fog is slowly clearing around the huge datasets in which the CIA claims to be data mining. The “foreign financial data platforms” from which the CIA “collects large amounts of structured financial data” to stop ISIS terrorist funding are the databases of payment processor SWIFT. Around 11,000 banks from 200 countries process their payment transactions via the SWIFT system, which currently processes around 40 million

Read More

Translated Article: New ETSI Standard for Reporting Security Vulnerabilities

Sanna/ September 9, 2021/ Stories

Neuer ETSI-Standard zur Meldung von Sicherheitslücken by Erich Moechel for fm4.ORF.at The European Standards Institute for Telecommunications ETSI, previously known more for the standardization of back doors for surveillance authorities than for IT security, is now concerned with finding non-standardized security vulnerabilities. Late but still, the discovery of ever new, critical security gaps in IT equipment in industry has finally woken up the European Standards Institute for Telecommunications (ETSI). The public review period for an ETSI specification, which is intended to standardize the reporting process of security vulnerabilities by third parties, runs until September 15. Since the introduction of LTE (4G), the standards of the IT world have increasingly applied to the formerly proprietary networks of the telecoms. This specification takes this into account by standardizing important IT security processes for the world of telecommunications. However,

Read More

Translated Article: Germany becomes the Federal Trojan Republic

Sanna/ July 12, 2021/ Security, Stories

Deutschland wird zur Bundestrojanerrepublik by Erich Moechel for fm4.ORF.at All 19 secret services now have a license to use malware. IT security vulnerabilities can therefore be kept open, preventive cyber attacks are the best defense – security expert Manuel Atug on the new German “cybersecurity strategy.” Since Friday, the “Law to Adapt the Constitutional Protection Law” has been in force in Germany. All 19 federal and state secret services are now allowed to use Trojan malware. Another law is already in the Federal Council, which authorizes the police authorities to use Trojans even before a criminal offense has occurred. German police and customs authorities have had a legal license to distribute such malware since 2017. At the same time, a new cybersecurity strategy is being worked out which, among other things, stipulates that newly discovered security

Read More

Translated Article: EU-US Negotiations on Cloud Monitoring started

Sanna/ June 7, 2021/ Stories

Verhandlungen EU-USA zur Cloud-Überwachung gestartet by Erich Moechel for fm4.ORF.at The EU has quietly started negotiations on direct data access for European law enforcement officers to data from Whatsapp, YouTube, Zoom and Co with the USA. The next round of negotiations is scheduled for June. The EU Council of Ministers has started negotiations behind the scenes with the USA on “cross-border access to electronic evidence”, according to a Council document classified as “sensitive” that ORF.at has. The first round at diplomatic and official level was held on March 26th. The declared aim of the council is direct access to data in the clouds from WhatsApp, YouTube, or Zoom. The EU directive of the same name on transnational data access within the EU is currently stuck in the trialogue negotiations between the Commission, Council and Parliament. There

Read More

Translated Article: EU-US Summit Against Secure Encryption

Sanna/ March 31, 2021/ Legal, Stories

Gipfel EU-USA gegen sichere Verschlüsselung by Erich Moechel for fm4.ORF.at The agenda of the virtual meeting at a high-ranking official level in two weeks features pretty much all data protection-related topics that are currently controversial in Europe. Joe Biden’s appearance before the EU Council of Ministers will be followed by a two-day video conference on April 14th at the top level of officials in the field of justice and homeland security between the EU and the USA. Practically all currently controversial issues around data protection are on the agenda, from cross-border data access for law enforcement officers to joint action against secure encryption. This is also the case with the “fight against child abuse”, which is once again being instrumentalized for these general surveillance projects. Ylyva Johansson, EU Commissioner for Home Affairs and Justice, commissioned a

Read More

Translated Article: Further Wrangling in the Council of Ministers over Competences for Europol

Sanna/ March 30, 2021/ Discussion, High Entropy, Legal, Stories

Weiter Gerangel im Ministerrat um Kompetenzen für Europol by Erich Moechel for fm4.ORF.at A majority led by Germany and France does not even want to give Europol the power to initiate transnational investigations itself in the event of a major cyber attack. On Monday the EU Council of Ministers decided on an approach for a new cybersecurity strategy. A network of “Security Operation Centers” across Europe will form an early warning system against attacks, and a new “Joint Cyber Unit” will be responsible for crisis management. In addition, they want to promote strong encryption methods together – but with back doors for law enforcement officers. Whether this collection of buzzwords will actually become an EU-wide implemented strategy is very much in question. The ongoing discussions in the Council of Ministers about the planned new powers of

Read More

Translated Article: E-Privacy Regulation allows retained Data and duplicate Keys

Sanna/ March 29, 2021/ Discussion, Internet, Legal, Stories

E-Privacy-Verordnung erlaubt Vorratsdaten und Nachschlüssel by Erich Moechel for fm4.ORF.at The most important EU regulation for the protection of privacy contains a license for data processing of all kinds without the consent of the user and allows political parties to spread spam mail. For four years the e-privacy regulation has been stuck in the EU Council of Ministers, but under the Portuguese presidency, it was possible to agree on a version for the first time. However, this version of the “Ordinance on the Respect of Privacy and the Protection of Personal Data” has been designed in such a way that Germany’s top data protection officer, Ulrich Kelber, sees “several red lines crossed at the same time”. In addition to the reference to data retention, which was rejected by the EU Court of Justice for the third

Read More

Translated Article: EU Decryption Plans apparently “Done Deal”

Sanna/ December 30, 2020/ Stories

EU-Entschlüsselungspläne offenbar „beschlossene Sache“ by Erich Moechel for fm4.ORF.at Even without an official mandate from the Council for such a regulation, the Commission has already started to anchor a decryption requirement in other regulation projects. Chronicle of the second Cyberwars from 2014 to today, Part II. You can find part one here. The controversial resolution of the Council of Ministers against secure encryption was anchored in the new draft guidelines for “high-class cyber security” of December 16. Since resolutions are not binding per se, this indicates a “Fait Accompli”, an informally already decided matter. From data retention (until 2006) to the currently adopted regulation against online terrorist propaganda (start in 2016) , all major EU surveillance projects have started in this way. So much more than the public information available so far should have already

Read More

Translated Article: EU Directive for “High-Class Cybersecurity” with Duplicate Keys

Sanna/ December 29, 2020/ Conference, Security, Stories

EU-Richtlinie für „hochklassige Cybersicherheit“ mit Nachschlüsseln by Erich Moechel for fm4.ORF.at. The key message of the Council of Ministers’ resolution against secure encryption has already arrived in a first draft directive. For this reason here’s a historical outline of the new Crypto Wars since 2014. The resolution of the EU Council of Ministers against secure encryption, which resulted in so much criticism, has already appeared in a first draft directive. A corresponding passage can be found in the new draft directive on “Measures for high-quality cybersecurity in the Union”. The date of December 16 of the document shows that it was already drawn up before the Council resolution was passed (on December 19). Here, too, it is claimed that secure end-to-end encryption remains intact if duplicate keys are generated for third parties. Meanwhile the EU

Read More

Translated Article: The Terrorist Attack is followed by an EU Ban on Encryption

Sanna/ November 9, 2020/ Conference

Auf den Terroranschlag folgt EU-Verschlüsselungsverbot by Erich Moechel for fm4.ORF.at In the EU Council of Ministers, a resolution was made ready within five days, obliging platform operators such as WhatsApp, Signal and Co to create master keys for monitoring E2E-encrypted chats and messages. The terrorist attack in Vienna is used in the EU Council of Ministers to enforce a ban on secure encryption for services such as WhatsApp, Signal and many others in a fast track procedure. This emerges from an internal document dated November 6th from the German Presidency to the delegations of the member states in the Council, which ORF.at has received. This should now be understood as the “further steps against terrorism” that French President Emmanuel Macron wants to discuss with Federal Chancellor Sebastian Kurz (ÖVP) in a video conference at

Read More

Translated Article: Urgent Warning of Back Doors in Citrix Systems

Sanna/ October 6, 2020/ Stories

Dringende Warnung vor Hintertüren in Citrix-Systemen by Erich Moechel for fm4.ORF.at An unknown number of these VPN gateways, which protect important networks in Austria such as electronic official traffic, ministries, supermarket chains, etc., are infected with malware. Ransomware blackmailers are now attacking one network after another. After the huge security gap in Citrix dial-up systems (“Shitrix”) at the beginning of the year, the consequences are now coming to light. The German security consultants HiSolutions have recently discovered a number of encryption attacks that were carried out through back doors installed at the time. Large company and authority networks are affected, which, like the electronic file traffic of the Republic (ELAK), were open for weeks over the turn of the year. Almost all of these “VPN gateways” were backed up by software updates much too

Read More

Translated Article: EU Council of Ministers discusses Back Doors in Encryption again

Sanna/ July 21, 2020/ Security, Stories

EU-Ministerrat diskutiert wieder Hintertüren in Verschlüsselung by Erich Moechel for fm4.ORF.at Gilles de Kerchove, EU’s anti-terror coordinator, is once again working against secure encryption per se. Since these new demands by law enforcement officials on the EU Council of Ministers are nowhere openly accessible, this confidential Council document is published in full by FM4. The corona virus pandemic has led to a surge in teleworking worldwide. Instead of behind firewalls in secure corporate networks, millions of employees worldwide work from insecure home offices. The only real protection is the end-to-end encryption (E2E) of the data traffic. In the middle of this scenario, the “Five Eyes” secret service alliance is starting the next phase of its global campaign against secure encryption. Again, police law enforcement is used as a vehicle. After the United States, the European protagonist

Read More