Oct 21

Establish Email Communication Network to Enhance Information Security

For the countries, the impacts caused by the issue of prism finally gradually emerged, and as a former world power, Germany finally plans to take actions on the information security aspect.

“Close the door on the U.S. National Security Agency!” German “Focus” magazine said on the 14th, the Germany’s largest telecommunications operator Deutsche Telekom Group appealed to set up a domestic email communication network to prevent foreign spies and hackers monitoring Germany local e-mail.

There’s report that since the United States the “prism” scandal disclosed, transnational Internet information and communication security has been questioned by various sectors. So far, the contents of emails transferred between Germany local users have to be sent to the destination by passing the server set in the United States or the UK. Therefore, Deutsche Telekom expressed the hope that in conjunction with other network operators to establish domestic mail communications network.

The director of Deutsche Telekom data confidentiality affairs-Mel Klein said that by this, e-mail communications between users in Germany has no need to pass the international focal point, but to restrict the data in the territory, which ensures that Germany data will not be monitored by the third party.

Deutsche Telekom has taken a step for the establishment of domestic e-mail communications network. The group has come to an agreement about providing a more secure email services framework with the German mail carrier Wed.de and GMX.de. Three companies employ more secure e-mail technology “Email – Made in Germany” to ensure that e-mail message sent by the user will be transferred with encryption technology. Moreover, all data of three carriers will only be stored on a server in Germany.

Allegedly, Deutsche Telekom has set an ambitious goal. In addition to the immediate objectives of establishment of the e-mail communications network in Germany outside, Deutsche Telekom is also proposed to extend the network to the European Schengen countries. Of course, this does not include the United Kingdom, one reason is that the UK is not a Schengen country, and the other reason is that there’s a complex relationship between the United Kingdom and the United States. Mel Klein said now all aspects have been matured, what we need is the consent of the German government and support of the network operator. But Deutsche Telekom’s competitor broadband network operators QSC said it’s impossible to determine that data is transferred through domestic or international routes.

Since there had been a history of monitoring people during the period of East Germany and Hitler’s Nazi, acts of government surveillance is a very sensitive topic in Germany. If establish a domestic e-mail communications network, the German intelligence agency may still monitor domestic data and telephone communication ​​under existing laws. Currently, the German government is authenticating on this proposal, many people expressed support.

Since the expansion of the prism’s impacts, countries are bound to introduce their own information security measures to deal with the problem, and as us, using file encryption software for data security protection is a must.

Oct 14

Source Code and Millions of Users’ Data of Adobe Were Stolen

According to Reuters, Adobe Systems said that hackers stole some of source code of its most popular software and millions of users’ data. Security experts worried about theft of the source code, because the confined review on the software will result in discovering new vulnerabilities that can be used to launch an attack difficult to detect.

Adobe said the hacker gained source code of Adobe Acrobat, ColdFusion and ColdFusion Builder. The company’s chief security officer Brad Arkin said that since the incident happened two weeks ago, they have been investigating the invasion , and there are no indications that hackers use the stolen source code to launch attacks.

Akin said that hackers stole 2.9 million Adobe customers’ information, including name, user ID and encrypted password, and payment card numbers. He believes that these attacks may be associated with each other. The company said it will reset passwords for customers worldwide who are affected by this issue, and to remind them to change the reusable passwords used on other sites. The response team of computer incident issue of US Department of Homeland Security said on Thursday, Adobe user should be careful not to be taken in.

Adobe said it is working with banks and federal law enforcement agencies to resist the invasion to customer accounts and to investigate the responsibility of these acts.

Large-scale disclosure of user information will cause more immediate threat on information security. Since this information including user names, bank card account numbers, passwords and other sensitive information. Therefore, in addition to the chance that real or virtual property will be stolen, they may be used to conduct phishing attacks which will cause more threats against users information security.

Users need to be aware of and guard against the threat caused by this issue, if you are a member of Adobe, please change your password. If you use the same password on other sites, you need to modify. If you use of login your credit or debit card in Adobe, please note whether there is unknown cards consumption.

Enterprises that hold customers personal information can’t pay too much attention to data security, since customers give their information to you out of trust, once you disclose the data to others and let the customers know that, they will never trust you. For enterprises which have customers’ information, complete data security solutions, such as server encryption, shared folder protection are necessary.

Oct 09

The Ban on Samsung Smartphone Import Is in Effect

According to the news, the U.S. Trade Representative’s office (USTR) said on Thursday that the ban on importing Samsung smartphones proposed by U.S. International Trade Commission (hereinafter referred to as “ITC”) will come into effect.

The earlier report said that owing to the absence of a veto by the United States President Barack Obama, the ban on imports of Samsung smartphones ruled by ITC is already in force.

However, the ITC’s ruling has to be handed over to U.S. President Barack Obama for considering, Obama has 60 days to give the final result of this ruling. If Obama does not veto the ITC ruling, the ruling will come into effect. Several media reports said, now 60 days time has passed, and Obama did not veto the decision.

ITC’s decision does not clearly indicate which devices of Samsung infringe, but has been determined that, Galaxy S 4G, Fascinate and Galaxy Tab these old models are infringing.

In sharp contrast, Apple has had a similar experience, but the result was the opposite. In June this year, ITC has ruled that some old products of Apple has infringed the patent of data transferring of Samsung’s products and ban the import or sale of AT & T version of the iPhone 4, iPhone 3GS, iPad (3G version) and iPad2 (3G version). But in August this year, the Obama government has rejected ITC’s ruling.

Nowadays, innovations in the field of IT usually rely on many small improvements involving numerous technologies, which means the patent is not always clear precisely. The open secret is that everyone infringes others’ patents in some way.

The battles of patent between companies are continuing, the fights of copyright are also continuous. If you operate a business and your company specializes in selling created videos or documents to customers, most companies tend to store the videos or documents into a USB and sell this USB to customers, but what can you do to protect your copyright from being breached by others? Here, I recommend you to use USB encryption solution to ensure the contents in your USBs will not be copied or transmitted by unauthorized users. You can use USB copy protection program to password protect the USB and configure access permissions to specific groups or individuals to allow them to access the contents in it and prevent other unauthorized access at the same time. Complete protection is the indispensable measure to ensure the security of companies’ wealth and inventions.

Sep 23

NSA Implanted Back Door into International Encryption Technology

According to” New York Times’ online edition, a few years ago, the U.S. National Security Agency (hereinafter referred to as” NSA “) has inserted a secret backdoor system into an international encryption technology that allows U.S. federal agents to decipher any data encrypted by this technology.

There were reports that in 2006 the U.S. National Institute of Standards and Technology helped to develop an international encryption technology to assist countries and all walks of life to prevent their computer system being hacked. But another federal agency of U.S. – NSA – in the case of many users unknowing it, secretly implanted back door into this technology, so that any federal agents can decipher the data encrypted by this technology.

According to the documents leaked by former NSA contractor Edward Snowden, NSA has attempted to infiltrate each set of encryption systems, and often try to achieve the goal with easiest means. Since modern encryption technology is very difficult to be deciphered, it’s always failed even with the powerful supercomputers of this institution, therefore, NSA prefers to cooperate with large software developers and encryption techniques licensors, secretly getting access permissions to the system.

According to the news recently revealed by” New York Times”, “The Guardian” and news site ProPublica, NSA can now access the code which is originally used to protect the commercial banking system, trade secrets, medical records, e-mail and Internet chat message, which includes virtual private network. Sometimes, NSA also forced some companies to give them access.

These back door systems and special access permissions are another evidence of ultra vires of the U.S. intelligence community. Today, more and more businesses and individuals will store their most secret data in the cloud storage service, and therefore they need the data security guarantee about these services, but this relationship was largely based on a trust. Once users know that the encryption system has been deliberately damaged, their trust to this system will be broken, which will have an adverse impact on business activity.

People originally thought that individuals, businesses and government agencies’ privacy would be protected in the general communications, but the exposure that NSA backdoor system may shatter such illusions. One might ask if the NSA implants backdoor into the system, the intelligence agencies of other countries wouldn’t find it. This is really a question worth considering.

NSA often assures the United States Government that only deciphers those who are suspected of illegal individual or corporate communications. However, the action that weakens citizens’ use of encryption technologies is apparently the practice of ultra vires. This ultra vires leads to the soar of data encryption industry, and the file/folder encryption attracts more and more attentions these days.

Sep 16

Reuters: “Prism” Scandal Propels the U.S. Technology Industry

Reuters published an article entitled “Despite fears, NSA revelations helping US tech industry” analyzing that after the exposure of monitoring project called “Prism” implemented by the National Security Agency, it’s widely believed that the scandal will have a serious impact on the image and income of U.S. technology companies in overseas markets. But it turns out, because demands of encryption and related security services rise in overseas markets, which actually allow some U.S. technology companies to benefit a lot from the “prism” scandal.


The following is parts of the article:


Prophesies of doom


Shortly after Snowden’s leaked documents detailed collaboration giving the NSA access to the accounts of tens of thousands of net companies’ users, the big Internet companies and their allies issued dire warnings, predicting that American businesses would lose tens of billions of dollars in revenue abroad as distrustful customers seek out local alternatives.


In a federal court filing last week, Google said that still-unfolding news coverage was causing “substantial harm to Google’s reputation and business”. The company said that could be mitigated if it were allowed to comment with precision about its intelligence dealings.


Likewise, last month, six technology trade groups wrote to the White House to urge reforms in the spy programs, citing what it called a “study” predicting a $35 billion cumulative shortfall by 2016 in the vital economic sector.


That number, it turns out, was extrapolated from a security trade group’s survey of 207 non-U.S. members – and the group, the Cloud Security Alliance, had explicitly cautioned that its members weren’t representative of the entire industry.


Boon for encryption sector


As for the upside, so far only a minority of people and businesses are tackling encryption on their own or moving to privacy-protecting Web browsers, but encryption is expected to get easier with more new entrants.


Snowden himself said that strong encryption, applied correctly, was still reliable, even though the NSA has cracked or circumvented most of the ordinary, built-in security around Web email and financial transactions.


Some early adopters of encryption have senior jobs inside companies, and they could bring their habits to the office and eventually change the technology habits of the whole workplace, in the same way that executive fondness for iPhones and iPads prompted more companies to allow them access to corporate networks.


A week ago, Google said it had intensified encryption of internal data flows after learning about NSA practices from Snowden’s files, and consultants are urging other big businesses to do the same.


Stiennon said that after more companies encrypt, the NSA and other agencies will spend more to break through, accelerating a lucrative cycle. “They will start focusing on the encrypted data, because that’s where all the good stuff is,” Stiennon said.


Just as Snowden said, correctly applied strong encryption is still reliable. Correctly applied file encryption, folder encryption and USB encryption will useful and reliable for ordinary people and enterprise to protect their important or even confidential data. Data security isn’t a dispensable problem that we can ignore any more, for data loss and data leakage have retaliated back a bitter lesson. Complete data security management should be established in every enterprise and effective data protection should be paid more attention by individuals.

Sep 10

Google data center will fully encrypt data

Because of the data monitoring scandal of the U.S. National Security Agency (hereinafter referred to as “NSA”), Google has started a project that it will encrypt data transmitted between every data center.


“Washington Post” reported that Google has made this plan last year. But under the influence of “prism” incident of the NSA, Google is now ready to accelerate the implementation of the plan, in order to defend the company’s reputation for data protection. The vice president of Information Security Engineering of Google, Eric Grosse said: “This is an arms race, we see that the government sector is the most powerful race participants.”


On last Thursday, a report said that the U.S. government is seeking encryption keys to crack various forms of encryption solutions. Privacy protection and information security researcher, Ashkan Soltani said that government departments have a set of incredible keys, but they may be not applicable to this plan of Google.


Google’s plan does not have any influence on the legal requirements that this company need to meet. According to the Government’s request, Google still need to provide data for NSA or other departments. But Google has accelerated the deployment of this program, ensuring the program would begin in the coming months.


At present, the email transmitted from a Gmail account to another account email has been encrypted by “Transport Layer Security” encryption technology during the transmission. According to the plan, in the future the other data Google data center sends to others, such as the contents in Google Drive cloud storage service will be encrypted.


Google has not disclosed more information of the plan, such as how much it will cost Google, how many center centers it may refer to, and what encryption method it will use. Google said that this project will use end-to end encryption technology, which means that the data stored in the server and data in the transmission will be encrypted. It’s just like the folder protection on LAN which is used in our daily life, all the data will be conveyed to others via the Internet will be encrypted, which is a complete protection for the data. As the data leakage and data breach, we can’t pay too much attention to data security. As for us, individuals who are living in the real life and the network at the same time, we should take measures to password protect folder in the case of data being stolen.

Sep 02

The U.S. Launched Network Attacks to Several Countries in 2011

Top-secret documents “Washington Post” recently received shows that in 2011, U.S. intelligence agencies had implemented 231 network attacks to other countries which include Iran, Russia, China and North Korea and other countries.

This news is from funding budget documents provided by the former employee Edward Snowden of the U.S. National Security Agency (hereinafter referred to as “NSA”), which is also the evidence that the Obama government infiltrate and sabotage the foreign computer networks through cyber attacks.


Furthermore, according to another code-named “GENIE” secret plan, the U.S. computer experts also invade foreign computer network, placing it under the secret control of the U.S. Documents show that the project of $ 652 million budget inserts a large number of malware into tens of thousands of computer equipment every year, and plans to expand to several million units.

According to budget documents provided by Snowden, and the news disclosed by the former U.S. officials in an interview, the scope and scale of the computer intrusion implemented by the Obama administration are far more than outsiders imagine. Obama administration takes all network attacks as confidential action, and never publicly acknowledged.

The scope and scale of network attacks show that the United States has undergone tremendous changes, in the past the U.S. government sought to maintain international standards and against the intrusion actions via cyberspace, because at that time the U.S. economic and military force are very dependent on computer networks.


U.S. Deputy Defense Secretary William J. Lynn III Lynn said: “The guidance of policy debate has produced a change, attacking options now increasingly prevail, I think, more and more cases show that cyber attacks have been an important part for the United States to curb some of the enemy’s action.”


The budget documents disclosed by Snowden show that the U.S. government among the 231 network attacks implemented be the U.S. government since 2011, nearly three-quarters of which aimed at the highest priority targets, according to the former U.S. government officials, these targets includ Iran, Russia, China and North Korea, etc.. But budget documents provided little detailed information about these operations.

In 2009 and 2010, the United States and Israel allegedly jointly developed Stuxnet worm, which has destroyed Iran’s uranium enrichment facility’s computer system in the network attack. This event is often considered as a vivid case that the United States uses weapons to attack enemy networks.

According to presidential directive the U.S. government announced in October 2012, U.S. intelligence agencies define network attacks as “an activity of manipulate, destruct, destroy the information stored in your computer or computer network.” Therefore, folder encryption and file protection solution to network attacks now are widely used for data security. Most networks attacks will produce a direct impact on enemy computer system’s data or normal use of computer, such as network connection speed down and so on.

Aug 26

the Guardian, Cooperate with the New York Times Reports “Prism”

The British “Guardian” announced on Friday that it has agreed to let the “New York Times” see partial disclosure of confidential files that Edward Snowden disclosed in “prism” issue.


Before two sides reached a cooperation, the British government has threatened that unless the “Guardian” abandon or destroy the relevant documents about country’s Government Communications Department (hereinafter referred to as “GCHQ”), or it would commence legal action.


Informed sources said that the cooperate agreement has been reached as early as a few weeks ago, editor Jill Abramson of “New York Times” have been involved in negotiations.


According to the U.S. news website Buzzfeed reports, Scott Shane who is responsible for national security and intelligence news report, “New York Times” is now writing a series of reports which are expected to be released next month.


“The Guardian” said, the cooperation with “New York Times” makes it possible to continue to expose massive surveillance program of GCHQ besides its government duties in Snowden documents. ”


Allegedly, Snowden has gained temporary asylum from Russia and he has been informed of this cooperation agreement.


“The Guardian” editor, Alan Rusbridger disclosed earlier this week, under the supervision of GCHQ agents, “The Guardian” employees destroyed the computer devices contained Snowden’s documents earlier this month. Before that, the British government officials also threatened that they are likely to take legal action to “The Guardian”.


Luz Bridge said he had warned the British government officials, although those original materials have been destroyed but a copy was sent to the outside of British government jurisdictions.


British officials said they detained David Miranda briefly and had a questioning in London Heathrow Airport; and there will be a criminal investigate on this week. Miranda is the native British partner of Glenn Greenwald who is a reporter of “Guardian” in Brazil, Greenwald is the person who is in charge of the file disclosed by Snowden, what’s more, he also could directly contact Snowden.


British government officials said the disclosed information from Snowden has seriously undermined the UK’s national security, if there is more confidential disclosure, which can lead to a lot of people’s lives at risk.


For the issue of “Prism”, now more and more people are focusing on the data security, especially some enterprise and groups. Both individuals and groups are searching for a effective method to protect their files contained important and confidential data, of course, comprehensive protection for data will decrease many concerns and potential losses for us.

Aug 19

The Little-Known Serious Facet of Google

According to foreign media reports, people always have the impression that Google is a relaxed, laid-back, highly creative technology company. But when you get a really in-depth understanding, you will find the serious facet of Google – in order to protect user information, it has its own rigorous, thorough security policy.


All along, Google likes to portray itself as a highly innovative and flexible technology company with relaxed atmosphere. No matter the circular bike used for group meetings, or the easing policy that allows taking pets to work, and even the ubiquitous bright sofa cushions, which all make this company more interesting and charming.


However, the chief information officer of Google, Ben Fried, shows totally different feeling to people.


Google has been visited by network hackers regularly – from mid 2009 to the end of last year, this company suffered spate of attacks of Operation Aurora and individual hackers, hacker team.


Clearly, Google is not the only one targeted by hackers, however, in January 2010, Google responded and promised to improve the company’s safety and to better protect users’ data. Fried explains, “Security issues are the things IT departments need to spend most time thinking about.”


Now the problem lies in that the traditional security methods big companies like Google used before have been quickly eliminated. In the past, employees were given full trust in the company’s internal network. “We authorize Google employees just because there are their IP addresses in the internal network.”


At the same time, we believe that the Internet is an open network, where we cannot give any trust. Two networks are regarded as two completely separate entities, like a hard shell and a soft inside.


People think the Internet is too broad and difficult to control; while for the relatively small private corporate networks, it is manageable, because it has clear boundary, investigating misconduct is easier.


The problem is that now Google employees can’t work without the Internet, regardless of whether they use the company’s internal network, they will access to the World Wide Web. The only way to ensure Google data security is to limit the operations in the trusted network. But Fried admitted that the result of this is alienating our employees.


Although some people think, increasingly powerful firewall to protect Google corporate network, Friedrich has pointed out that this is only a very minor part of the puzzle.


Google are in a dilemma. In order to make services more intelligent, more effective, they need more user data. While more responsibilities will go along with more data. This means that the possibility that Google became target of cyber attacks also increase accordingly.


As for the data security, we have talked too much and there is always corresponding solution but not perfect solution to this problem. For us, we can password protect files to avoid data breaches and the anti-virus program is always the indispensable tool for PC users. Although we cannot eliminate data breaches thoroughly, we can still apply relative secured protection for our data.

Aug 12

Google are Developing New Security Authentication Products

According to foreign media reports, the world’s largest search engine Google ( microblogging ) is currently developing a new security authentication technology, the use of the technology may be able to make use of jewelry and other users Jewelry login account, instead of entering tedious password.


Google’s announcement about this experiment was appeared in a scholarly articles published in January. The goal of this development is to produce a small “USB key”, the user can use this key to entered all verified information into the computer. In addition, Google also mentioned that the embedded smart chip ring will be expectedly produced.


Last month, in RSA security conference hold in San Francisco, an engineer of Google who specializes in charge of security, Mayank Upadhyay, has a public speech for this technology. He said that the use of personal hardware to password login accounts can prevent from re-use or being copied. He also said that the people are familiar with this technology. “Everyone is very familiar with the ATM, why not use the computer in the same way?”


Upadhyay said that Google is developing a small USB key, when the key is inserted into the computer, the user can be authenticated through the network. The key is also built non-contact chip, which can be used on a mobile device.


Secret security token like that Google is developing does not contain a static password that can be replicated. Each encryption keys and devices are matched with each other; built-in data will never be transmitted to the outside world. When the key is connected, the key will make the right answer to the question the web site set up to ensure that the same information will not land again.


After the meeting, Upadhyay said that Google will also produce a ring which can replace cryptographic token, but he did not disclose the details of their work. “Some people may feel uncomfortable on the USB cryptographic token.”


From the development of Google, the personal security has become one of heated topic nowadays, for the science and technology have rapidly advanced, personal data and information are equal to fortune for all of us and the tricks of data theft have been more and more excellent. For people who are accustomed to storing personal data or information in PC or USB, the data security is the most important thing that will annoy them. I recommend Folder locker or USB locker to keep the data in the PC or USB more secure.