tag:blogger.com,1999:blog-64313773045404114002024-02-15T20:35:08.396-08:00Encrypted MobileMobile security blog sponsored by SecfoneMia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.comBlogger14125tag:blogger.com,1999:blog-6431377304540411400.post-82333025569725667722014-07-10T00:34:00.002-07:002014-07-10T12:58:08.791-07:00Top 10 forgotten mobile threats revealed<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="margin-left: 1em; margin-right: 1em; text-align: left;">
<b>Do you have a smartphone? Of course you have. Let's say you even use some encryption for your mobile calls. Do you know what threats you are exposed to when using it? Keep reading..</b>.</div>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0In8jAoIAnlqgRVkOG2nIBNdhpY4Hobzh0-ah6HBikWar3isJm03Kmlydlv6mLLGEcakLIVGkJdG75Bi5tKMcu3JyAtzow0D5enrhnLTxz3aCskV3CDE9zGVo9jq_xIa21zNL66ezEnY/s1600/sexy-call.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0In8jAoIAnlqgRVkOG2nIBNdhpY4Hobzh0-ah6HBikWar3isJm03Kmlydlv6mLLGEcakLIVGkJdG75Bi5tKMcu3JyAtzow0D5enrhnLTxz3aCskV3CDE9zGVo9jq_xIa21zNL66ezEnY/s1600/sexy-call.jpg" height="252" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Just for you. Really?</td></tr>
</tbody></table>
<br />
<b>1. Spyware</b><br />
Spyware run on smartphone and can record all communication. It can send the recorded communication later or broadcast it live. Spyware is hidden and difficult to detect.<br />
<br />
<b>2. Record microphone</b><br />
A malware can record the microphone of your smartphone can send or broadcast the communication it captures.<br />
<br />
<b>3. Man-in-the-middle attack</b><br />
A malicious outsider inserts him or herself into a conversation between you and your party and gains access to your private information.<br />
<br />
<b>4. Stealing encryption keys</b><br />
The encryption keys can be stolen before or during the communication. It is a common problem of encryption software. However it is possible to physically protect encryption keys with <a href="http://secfone.co.uk/en/why-secfone.html" target="_blank">cryptochip</a> or TPM technology. It requires a hardware piece in your smartphone, typically integrated into a micro SD card.<br />
<br />
<b>5. Cracking encryption keys</b><br />
Cracking the keys can be easier if you use public key encryption. Since public keys are sent over the Internet and define the key space, they make cracking a lot easier. You can find a nice explanation of the mathematical background here: https://www.udacity.com/course/cs387.<br />
<br />
<b>6 to 10</b><br />
Find the rest in the infographic below. Just click on it. Hover or tap the threats.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://secfone.co.uk/en/mobile-security-threats-skycraper.html" target="_blank"><img alt=" Mobile Security Threats Skycraper" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRpOXl939UWPXf23NtuiDLeJC6D_NNa57c08N8JgMhILcV7RcsasPVj_oGN4FnTW9jCvY23x5MQLFTroK-pn12kLfYwM514CGkiYnJq5rigSxiO_Xd6cu1Hkh9zNutaEcxzKAiOdha_KM/s1600/sf-mobile-threats-blog.jpg" height="320" width="171" /></a></div>
<br />
<br />
Please share and like :-) Thank you!<br />
<br />
<br />
<br />Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com73tag:blogger.com,1999:blog-6431377304540411400.post-16564613399995802922014-02-21T14:02:00.003-08:002014-02-21T14:02:34.191-08:00First NSA-proof phone already on the market<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgC9-91Sp8KKpsm8eB95BmeHGlIh5xnPUzCVOHJR7FXqnrmxdk9uCIIZ6F5NK5j4Em42pV5AOOJJfObA_TU1Wmw_g4iFXX8CZrsJkvviXMCtfDUoQjiFd157s1x2TGp3dM8I03wL24HO60/s1600/NSA-proof.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgC9-91Sp8KKpsm8eB95BmeHGlIh5xnPUzCVOHJR7FXqnrmxdk9uCIIZ6F5NK5j4Em42pV5AOOJJfObA_TU1Wmw_g4iFXX8CZrsJkvviXMCtfDUoQjiFd157s1x2TGp3dM8I03wL24HO60/s1600/NSA-proof.jpg" height="200" width="320" /></a></div>
<br />
Believe it or not, the first <a href="http://secfone.co.uk/" target="_blank">NSA-proof phone</a> is on the market for years, and it is called Secfone, not Blackphone. It was not available for public for a long time - only for governments and military organizations -, but <a href="http://www.prweb.com/releases/encrypted-mobile/Secfone/prweb11387046.htm" target="_blank">as of 2013 it can be ordered</a> from BeSure Europe LLP. It was announced at Mobile World Congress (MWC) Barcelona in 2013.<br />
<br />
This is the only solution that we have enough information about to claim it to be NSA-proof or rather <a href="http://secfone.co.uk/" target="_blank">eavesdrop-proof</a>.<br />
<br />
<b>How can Secfone protect mobile conversations?</b><br />
<br />
Secfone is the only solution on the market that implements triple-level protection. Triple-level protection means the protection of communication, encryption keys and smartphone. Leaving any level out makes the encryption solution vulnerable and easy to tap. For example encryption software on iPhone and BlackBerry smartphones can not protect the smartphone itself, since these smartphones have proprietary operating systems. We had no information how these operating systems work until <a href="http://encrypted-mobile.blogspot.hu/2014/01/snowden-killed-all-iphone-encryptions.html" target="_blank">Snowden released the NSA documents</a>. These documents prove that iPhone and BlackBerry has a backdoor. The backdoor called DROPOUTJEEP, and provides direct access to the smartphone's microphone and camera. This makes these smartphones a personal bug. <br />
<br />
<b>Protection of communication - Level 1</b><br />
<br />
Secfone protects the communication with unique implementation of assymetric encryption. Using non-standard implementation is inevitable. Standards define the methods of cracking - they provide enough information to crack the keys. Encryption cracking software and hardware appliances are designed and optimized to crack standard encryptions.<br />
<br />
<a href="https://www.google.com/patents/US8208638?pg=PA2&dq=mikl%C3%B3s+jobb%C3%A1gy&hl=en&sa=X&ei=4MkHU768NIqJtQa-joD4DQ&sqi=2&pjf=1&ved=0CEEQ6AEwAg" target="_blank">Read the implementation (patent description only for experts!)</a><br />
<br />
<b>Protection of encryption keys - Level 2</b><br />
<b><br /></b>
Encryption keys can not be protected on any smartphone, especially not with encryption software. Keys can be protected only in a special hardware, called <a href="http://en.wikipedia.org/wiki/Trusted_Platform_Module" target="_blank">Trusted Platform Modul</a> or cryptochip. This hardware is designed to generate, manage and use encryption keys. It is unreadable by design, and there is no known method for getting the encryption keys out of it.<br />
<br />
<b>Protection of smartphone - Level 3</b><br />
<b><br /></b>
The solution have to protect the smartphone itself too. It means that no software can access the smartphone's microphone and camera during calls. Secfone monitors the microphone during the calls, detects the malicious software that tries to access it, and handles the situation.<br />
<br />
<b>Takeaway</b><br />
<br />
NSA-proof phone will never come from US or any other world-power. Think it over...<br />
<br />
Please click Google+ below, or share this post on Facebook, Twitter or any other social media. Thank you!Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com34tag:blogger.com,1999:blog-6431377304540411400.post-80456185033655744582014-02-19T17:18:00.001-08:002014-02-19T17:22:06.946-08:005 questions your boss will ask you on encrypted mobile communication<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYlPP8gEoRE1_jfo7r9R6bdL6lvl5dpd1Aszl55mPUcLZpcys0g3MruXlFiR5oGbtQ4B155nVXp8O7n1wlfoB0Cemwe6I4jpF8f3tybTJ-tFm-CMxPOr1ae0VG-J2nMslUXg5CxkSA5rg/s1600/be-prepared.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYlPP8gEoRE1_jfo7r9R6bdL6lvl5dpd1Aszl55mPUcLZpcys0g3MruXlFiR5oGbtQ4B155nVXp8O7n1wlfoB0Cemwe6I4jpF8f3tybTJ-tFm-CMxPOr1ae0VG-J2nMslUXg5CxkSA5rg/s1600/be-prepared.jpg" height="244" width="320" /></a></div>
<div>
<br /></div>
<div>
Companies working with valuable technologies and information have to protect their ideas from the beginning. Employees work on valuable ideas for a while before the idea becomes a product or a service. Meanwhile they communicate with each other through mobile communication too. It is essential to protect the information in transit. If you work a company like that, and you do not use high security level mobile communication solution, than be prepared to brief your boss on <a href="http://secfone.co.uk/" target="_blank">encrypted mobile communication</a>. You will have to make the brief, sooner or later…</div>
<b><br /></b>
<b>
1st Question: What encryption software should we use?</b><br />
<div>
<b>Answer:</b> Encryption software provide very limited security level. One of the most fundamental features of a secure mobile encryption solution is to protect the encryption keys, because once the key is compromised, the communication is leaked. Software reside on smartphones non-protected storage and run on smartphones non-protected processor. These parts of the smartphones are not designed to protect any information. There is no way to protect the keys on any smartphone.</div>
<br />
<b>
2nd Question: Is there a mobile encryption solution that can effectively protect the encryption keys?</b><br />
<div>
<b>Answer:</b> Yes, there are some solutions on the market. Only special hardware, designed for generating, storing, managing and using encryption keys can protect the keys. These hardware are not readable by design and hack-proof. Often referred to as <a href="http://secfone.co.uk/" target="_blank">cryptochip</a> or trusted platform modul. They are sensitive by design, so any attempt to read out the information from them damages the hardware and destroys all the information it stores, including the encryption keys.</div>
<br />
<b>
3rd Question: Which TPM or cryptochip based solution should we choose?</b><br />
<div>
<b>Answer:</b> TPM or cryptochip is just the bottom line. For the highest level of security the solution has to implement the protection of the communication, the encryption keys and the smartphone too. If let’s say the smartphone is not protected, than the communication can be eavesdropped directly through the microphone before any encryption takes place. Known backdoor called DROPOUTJEEP exists on all iPhone and BlackBerry smartphones. It is totally useless to use any mobile encryption solution on these smartphones.</div>
<br />
<b>4th Question: What kind of encrypted mobile solution should we use?</b><br />
<div>
<b>Answer:</b> We should use a cryptochip based solution with triple-level protection. The solution has to protect the communication, the encryption keys and the smartphone. It has to run on a smartphone and operating system which has no known backdoors. </div>
<br />
<b>
5th Question: How much does the most secure solution costs? Is it expensive?</b><br />
<div>
<b>Answer:</b> Surprisingly not the highest level of security is the most expensive. The most expensive software solution, Crypttalk costs 250 euro/month with all the defects mentioned. Yet we can reach the highest level of security at a reasonable price of 55 euro/month. A one-time fee of 300 euro applies that includes the price of a unique cryptochip. We do not have to buy new smartphones, we just have to insert the cryptocard into the micro SD card slot of our smartphones. The solution is called <a href="http://secfone.co.uk/" target="_blank">Secfone</a>.</div>
<div>
<br /></div>
<div>
<b>If you liked this post please Google+ it or share it on Facebook, Twitter or any social media you prefer. Thank you!</b></div>
<div>
<br /></div>
Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com1tag:blogger.com,1999:blog-6431377304540411400.post-6059677825697717872014-01-17T09:07:00.000-08:002014-01-18T10:55:14.887-08:00Secfone beyond encrypted mobile communication - Key protection<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjR84wWdw356rpvAHrKiXrm_M0mJ0FpBEnmQxpcJ6VjQRyF6fHnkQ3zJobdDM5YhdQfIgyQmmITo_DiJRtTOdqMrSM12PeBCwrBaNa3-rPYYLISAkxov7qsu7yK8yCNdHrXMXwyHfZfhq4/s1600/safe.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjR84wWdw356rpvAHrKiXrm_M0mJ0FpBEnmQxpcJ6VjQRyF6fHnkQ3zJobdDM5YhdQfIgyQmmITo_DiJRtTOdqMrSM12PeBCwrBaNa3-rPYYLISAkxov7qsu7yK8yCNdHrXMXwyHfZfhq4/s1600/safe.jpg" height="217" width="320" /></a></div>
<br />
<br />
A recent blog post on the <a href="http://encrypted-mobile.blogspot.hu/2014/01/snowden-killed-all-iphone-encryptions.html" target="_blank">impacts of Snowden's leaded documents on encryption softwares</a> skyrocketed on this blog. Thanks folks!<br />
<br />
However several questions came up concerning <a href="http://secfone.co.uk/" target="_blank">Secfone's solution</a> let me answer them here. I try not to be too technical, so it will be understandable for non-infosec users too.<br />
<br />
<b>
How Secfone protects encryption keys?</b><br />
<br />
One of the fundamental issues in communication encryption is how the solution protects the encryption keys. If the keys are compromised, than the communication can easily be tapped. Encryption softwares can use only the device's (smartphone) store and CPU to store, generate, manage and use encryption keys. However these hardware elements are not designed to protect anything. This is one of the biggest weak-point of all encryption software.<br />
<br />
Secfone uses <a href="http://en.wikipedia.org/wiki/Trusted_Platform_Module" target="_blank">TPM technology</a> (Trusted Platform Module), a cryptochip integrated into a micro SD card (the card goes into the micro SD slot of the smartphone). This hardware piece is designed to generate, store, manage, use and PROTECT encryption keys. The cryptochip is designed to be very sensitive on purpose. That means the information can't be retrieved from the chip (it is not readable by design). If you try to hack the cryptochip - with an oscilloscope, or put it under an electro-microscope, try to freeze and remove it - it damages the chip and all the information it stores is lost immediately. This is the only proven technology today that can protect encryption keys (More on TPM technology: <a href="http://encrypted-mobile.blogspot.hu/2013/11/5-functions-of-tpm-you-did-not-know.html" target="_blank">5 functions of TPM you did not know about</a>).<br />
<br />
<i>Interesting: One of an early version of cryptochips was <a href="http://hackaday.com/2010/02/09/tpm-crytography-cracked/" target="_blank">hacked by Cristopher Tarnovsky</a> in 2010. The hack required very high level of expertise and physical possession of the chip. This hack does not work anymore with the new hardwares.</i><br />
<br />
<b>What about stealing the encryption keys?</b><br />
<br />
Good question. There are some companies that use cryptochip (they call it security card or trustchip, this is the very same thing) and put the keys into the chip at production. The keys are safe inside the cryptochip, it is no question, but can be compromised BEFORE they put it into the chip.<br />
<br />
Secfone has its own method. Secfone does not put keys into the cryptochip, but uses cryptochip's functions to generate the keys for itself at production. What does it mean?<br />
<br />
<ol>
<li>Keys needed to decrypt the information that arrives to the device NEVER leave the safe storage of cryptochip.</li>
<li>Keys can not be stolen from the factory or from a sysadmin.</li>
<li>Nobody knows the keys (producer of the cryptocard, Secfone, the customer, nobody)</li>
</ol>
<br />
<i>Interesting: Cryptochip is a military-grade technology under special export regulations. Strict legislation apply to keep information on who possesses the technology. It can not be exported to "sensitive" countries. </i><br />
<br />
Now the keys are safe. However, there are more layers of security in Secfone, I will write a post about them soon.<br />
<br />
Thanks for reading. If you found this blog post interesting, please spread the word.Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com2tag:blogger.com,1999:blog-6431377304540411400.post-47246234971146121972014-01-15T17:24:00.000-08:002014-01-18T11:08:28.523-08:00Snowden killed all iPhone encryptionsIf you use encryption software on your iPhone and you paid for it, than you paid for illusion not for security. Thanks to Snowden and security researcher <a href="http://en.wikipedia.org/wiki/Jacob_Appelbaum" rel="nofollow" target="_blank">Jacob Appelbaum</a> now the entire World knows the magic word DROPOUTJEEP and the meaning of it.<br />
<div>
<br /></div>
<div>
DROPOUTJEEP is a spyware program developed by NSA that runs on iPhone, and provides access to almost everything. It can intercept SMS messages, can read the contact lists, locate the iPhone based on cell tower data, and the best part is, it can turn on the camera and the microphone, and can listen to any conversation. It can even be deployed remotely.</div>
<div>
<br /></div>
<div>
According to leaked documents <a href="http://www.dailydot.com/politics/nsa-backdoor-iphone-access-camera-mic-appelbaum/" rel="nofollow" target="_blank">NSA claims 100% success rate</a> on iOS devices. It is impossible to reach 100%, unless you have access to a backdoor. Of course <a href="http://www.dailydot.com/politics/apple-iphone-nsa-denial-dropoutjeep/" rel="nofollow" target="_blank">Apple denies</a> that it helped NSA to build iPhone's backdoor, but it does not change anything. It does not change the 100% success rate.</div>
<div>
<br /></div>
<div>
<b>How DROPOUTJEEP impact encryption softwares on iPhone?</b></div>
<div>
<br /></div>
<div>
Now come the bad news. It is well known for the industry experts that purely software-based mobile encryption solutions can not secure any communication. Now things are going bad to worse. No encryption solution can protect your communication on iPhone. Not even hardware based solutions.</div>
<div>
<br /></div>
<div>
Since DROPOUTJEEP can manage the microphone of the iPhone, it listens to the conversation BEFORE any encryption takes place. Your software or hardware solution can even use military-grade 4096 bit encryption keys, it provides zero security if you use it on iPhone. If you use Gold Lock, Silent Circle, Zfone, Crypttalk, Cellcrypt, Kryptos, Secustar or any other encryption software on iPhone and you still need secure mobile communication, consider just deleting your app.</div>
<div>
<br /></div>
<div>
Time to reconsider what you think about encryption software and iPhone security.</div>
<div>
<br /></div>
<div>
<b>Takeaway</b></div>
<div>
<br /></div>
<div>
The good news is you still can have secure mobile communication. Avoid iPhone and BlackBerry, use open source operating system. Choose cryptochip (hardware) based <a href="https://secfone.co.uk/" target="_blank">encrypted mobile communication</a> solution with triple-level protection. Triple level protection keeps any unauthorized process to access your phone's microphone.</div>
<div>
<br /></div>
<div>
If you have found anything new in this blog post, please share it. Thank you :-)</div>
<div>
<br /></div>
Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com8tag:blogger.com,1999:blog-6431377304540411400.post-66957322902767272112013-12-31T00:31:00.000-08:002013-12-31T00:32:45.420-08:00Top 5 mobile security news in 2013<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihUyFMdCEMKledi2n3OxzXjYVXPimE3SbBamoxOu7xXixU1KV42CihsCX9-q3Pwj-I1F8-sT5B8WRpUy2tQrAga0UvgShwX4iA4o6pMJiYp3ZyR0kLB9AyZBogDnM6urnxD4OErv85yww/s1600/snowden.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="217" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihUyFMdCEMKledi2n3OxzXjYVXPimE3SbBamoxOu7xXixU1KV42CihsCX9-q3Pwj-I1F8-sT5B8WRpUy2tQrAga0UvgShwX4iA4o6pMJiYp3ZyR0kLB9AyZBogDnM6urnxD4OErv85yww/s320/snowden.jpg" width="320" /></a></div>
<br />
<br />
2013 was all about mobile security. NSA scandals were on top of the news since it turned out that European politicians were tapped. Furthermore we had to say goodbye to some illusions concerning mobile communication security. Check the list below for details.<br />
<br />
<b>1. Regular cellphones can be tapped for less than 300 USD.</b><br />
We thought that tapping into a regular GSM cellphone requires sophisticated methods and tools. It turned out that regular GSM calls are in greater danger than we thought.<br />
More on this: <a href="http://bit.ly/1cSZhcG">http://bit.ly/1cSZhcG</a><br />
<br />
<b>2. Edward Snowden released classified materials</b><br />
Internet surveillance programs watch users every move. NSA intercepts US and European telephone metadata.<br />
Snowden Wiki: <a href="http://bit.ly/1k2Mwjx">http://bit.ly/1k2Mwjx</a><br />
<b><br /></b>
<b>3. Chancellor Merkel's mobile phone tapped by NSA</b><br />
Even political leaders can be tapped. And they are. We thought that they have access to the best encryption technologies to protect their communication. Not so successfully...<br />
More on this: <a href="http://bit.ly/1k2KcsQ">http://bit.ly/1k2KcsQ</a>, <a href="http://bit.ly/1irqbuh">http://bit.ly/1irqbuh</a><br />
<br />
<b>4. NSA has nearly complete backdoor access to Apple's iPhone</b><br />
Experts in mobile security industry knew that Apple's iPhone is not a secure system when it comes to eavesdropping. Now everyone knows that it's a personal bug carried by millions of users.<br />
More on this: <a href="http://bit.ly/19CK6hN">http://bit.ly/19CK6hN</a><br />
<br />
<b>5. Military technology protects European companies</b><br />
Companies started to look for secure mobile communication solution. Secfone made its military technology available for European companies.<br />
More in this: <a href="http://bit.ly/1dQwthh">http://bit.ly/1dQwthh</a><br />
<br />
The most important task now is to protect yourself and your sensitive information. Companies and individuals has to make the first steps in 2014. As a first step, choose a really secure mobile communication solution. Which one is safe? Read these and be an expert:<br />
<b><a href="http://bit.ly/17UXHpl" rel="nofollow" target="_blank">3 characteristics of any eavesdrop proof mobile communication solution </a></b><br />
<b><a href="http://bit.ly/IcUEwQ" target="_blank">Cryptohip, security card or trustchip</a> </b><br />
<b><a href="http://bit.ly/HV4Muq" target="_blank">5 functions of TPM you did not know about</a></b><br />
<br />
And a bonus video for those who do not know much about software based encryptions.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/BKVtOxsxicg?feature=player_embedded' frameborder='0'></iframe></div>
<br />
<div style="text-align: center;">
<b>Have a secure, eavesdrop free 2014!</b></div>
<br />
<br />Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com2tag:blogger.com,1999:blog-6431377304540411400.post-81036100503038766722013-12-11T11:12:00.001-08:002013-12-11T11:12:05.356-08:00Military Technology Protects European Companies - Press ReleaseNSA scandals and news have drawn attention away from corporate spying, but according to industry experts, this issue continues to cost businesses billions of euros a year. Be Sure Europe LLP has launched <a href="https://secfone.co.uk/presale" target="_blank">online presale program</a> and made Secfone's military-grade, encrypted mobile communication solution used by several governmental and military organizations obtainable for all European companies.<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://secfone.co.uk/presale" target="_blank"><img border="0" height="168" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVtjtA7xKqDe1LJmyWb-dkFW8po58MTSmOWSyRjQLg0VjmRZX9-Vqab-VuGj-v93ChYImDcxl2-vzpIcXhhdSNgcibaLjj7Ow4iE_zfAgMeeAyVJozzG-KuMWTgkrcY4WAUg6HKBaO6y0/s320/fb-ad-presale-logo.jpg" width="320" /></a></div>
<div>
<br /><div>
<br /></div>
<div>
<div>
Manchester, UK (PRWEB UK) 11 December 2013</div>
<div>
<br /></div>
<div>
Be Sure Europe LLP has made Lichtenstein based Secfone’s eavesdrop-proof, encrypted mobile communication solution obtainable for all European companies. The <a href="https://secfone.co.uk/presale" target="_blank">online presale program</a> has been launched to provide preliminary access to the online ordering system from Be Sure Europe LLP.</div>
<div>
<br /></div>
<div>
According to a <a href="http://uk.reuters.com/article/2013/11/13/uk-syria-crisis-germany-idUKBRE9AC0NA20131113" rel="nofollow" target="_blank">Reuters article</a> published November 13, 2013, Hans-Georg Maassen, the President of the Federal Office for the Protection of the Constitution in Germany, stated that corporate spying has been estimated to cost businesses over 50 billion euros a year in Germany alone. Companies are becoming more aware of this issue, and are looking for solutions to the problem. There are several tools on the market that claim to help these companies protect themselves, but when it comes to <a href="https://secfone.co.uk/" target="_blank">encrypted mobile communication</a>, companies have traditionally had to compromise due to the lack of eavesdrop-proof solutions. Secfone’s communication technology offers a solution to this problem.</div>
<div>
<br /></div>
<div>
All software based encryption solutions share the very same and serious problem. The encryption keys that are used to protect the communication can be easily compromised. The encryption solutions built around micro SD security cards or cryptocards can stop this problem from occurring because they have special built in hardware that protects the keys. However, this type of card and protection is just an element of a tap-free system, and cannot guarantee that no eavesdropping will occur. Cracking the encryption for eavesdropping on a smartphone is still possible even if the protection being used is a micro SD security card.</div>
<div>
<br /></div>
<div>
Secfone offers triple-level protection. It goes beyond a hardware-based key protection by utilizing a unique encoding method, along with additional protection against spyware and malware. This technology, which has previously only been available to military professionals, provides protection within a closed, encrypted, global communication network (Manageable Virtual Closed Network, MVCN). Their patented encoding method, a cryptochip integrated into a micro SD card, and the Secfone protection against spyware and malware combine to provide clients with the highest level of security possible.</div>
<div>
<br /></div>
<div>
The pricing for corporate subscriptions to Secfone is for 55 €/month (with 2 years contract, 300 € one-time fee applies to the micro SD cryptocard).</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-Dl-R13yqtd9mvuF6ZRTDkNG_xmlrkDZb0K3iO5JHTuOrsW41OxCxZaYHO_A1xKb_VQ6dPcke52MMmsNwsSut1MC8zfKzTVkU8t0Aet-xv0EMJOTHMqE4ElBoSOLuJyYQwYl7wa6h-lg/s1600/EN-email-secfone-call-on-table-zoom.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-Dl-R13yqtd9mvuF6ZRTDkNG_xmlrkDZb0K3iO5JHTuOrsW41OxCxZaYHO_A1xKb_VQ6dPcke52MMmsNwsSut1MC8zfKzTVkU8t0Aet-xv0EMJOTHMqE4ElBoSOLuJyYQwYl7wa6h-lg/s320/EN-email-secfone-call-on-table-zoom.jpg" width="320" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<div>
<b>About Secfone</b>: <a href="https://secfone.co.uk/" target="_blank">Secfone</a> was launched as a start-up company in the early 2000s, and is a secure communication system supplier for governmental organizations and military. The company built the first eavesdrop-proof smartphone by implementing its patented encoding method on Android and by being the first to use the micro SD card for mobile communication security.</div>
<div>
<br /></div>
<div>
<b>About Be Sure Europe LLP</b>: BeSure Europe LLP is the official Secfone distributor.</div>
</div>
<div>
<br /></div>
<div>
Original Press Release:</div>
<div>
Reuters: <a href="http://www.reuters.com/article/2013/12/11/idUSnGNX5hNYTk+1ce+GNW20131211">http://www.reuters.com/article/2013/12/11/idUSnGNX5hNYTk+1ce+GNW20131211</a></div>
<div>
PRWeb: <a href="http://www.prweb.com/releases/encrypted-mobile/Secfone/prweb11387046.htm">http://www.prweb.com/releases/encrypted-mobile/Secfone/prweb11387046.htm</a></div>
<br /></div>
</div>
Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com2tag:blogger.com,1999:blog-6431377304540411400.post-34894578065050218732013-11-24T23:56:00.001-08:002013-11-25T04:27:18.589-08:00Cryptohip, security card or trustchip<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi340FpYhEHfbNN2Nb5-wadHC5cyiquB-Otoa04ixb8JU0IfQ6uGE1cizCKwNzTRPgKi6-xMFDK3GITVEsGO_TmBYY8-ZwyiCBLvQMlc572GdGZrB-RQ_nODejSnI0FDT0l0gGdvkGwEyI/s1600/sf-blog-text-highlight.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi340FpYhEHfbNN2Nb5-wadHC5cyiquB-Otoa04ixb8JU0IfQ6uGE1cizCKwNzTRPgKi6-xMFDK3GITVEsGO_TmBYY8-ZwyiCBLvQMlc572GdGZrB-RQ_nODejSnI0FDT0l0gGdvkGwEyI/s320/sf-blog-text-highlight.jpg" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
As mobile communication encryption is getting more and more important, several companies announce their solutions build around micro SD security cards. You get this special micro SD card (security card, cryptocard or trust chip, several names for the very same hardware piece), put it into your smart phone's micro SD slot, and your communication is secured. Or not?<br />
<br />
With this new development a myth arose, namely that all micro SD security card based solution provides eavesdrop-proof mobile communication. These systems are more secure than purely software based solutions, that's no question. However using a micro SD security card in a mobile encryption solution does not guarantee eavesdrop-proof communication.<br />
<br />
Anyone who thinks it over comes to this conclusion. What happens if a smart phone has a micro SD card with an integrated trust chip or security chip in its micro SD card slot, but a spy ware running on the phone reaches the phone's microphone during calls? The spyware records the conversation, and the conversation is tapped before it even gets to the trust chip. Or what if the trust chip uses standard public key (PKI) encryption, and sends out keys needed to encrypt messages? Well, it is a big help for anyone who tries to crack into the system. Knowing the encryption key significantly reduces the time to figure out the decryption key, therefore to get the message.<br />
<br />
Encrypted mobile communication solution has to be chosen based on technical implementation of the encryption system, not based on marketing buzzwords. 100% percent security can be reached only with triple level protection, when a hardware - micro SD cryptocard - protects the encryption keys, a software - an app running on the smart phone - protects against malware and spyware, and a unique encryption solution, that <a href="http://secfone.co.uk/" target="_blank">provides eavesdrop-proof communication</a>.<br />
<br />
If a company does not take this into consideration, choosing a wrong solution will hurt badly sooner or later.<br />
<br />
<br />
<br />
<br />Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com2tag:blogger.com,1999:blog-6431377304540411400.post-11674106773183843092013-11-15T15:04:00.001-08:002013-11-15T15:04:13.518-08:00Years old technology sold to Germany heavily overpriced - BlackBerry z10sI read the news that Germany decided to buy 5000 BlackBerry z10s for 2500 € apiece for encrypted mobile communication (<a href="http://bit.ly/1eWFGc1">http://bit.ly/1eWFGc1</a>). They were told that this is a brand new technology, and was first seen at Cebit 2013. The technology - in nutshell - is that they use cryptochip integrated on microSD card for storing and using encryption keys during mobile communication. You can put this microSD criptochip into BlackBerry z10 (SecuSmart's solution for governmental use).<br />
<br />
<div style="text-align: center;">
<img src="http://static.itpro.co.uk/sites/itpro/files/styles/article_main_image/public/secusuite1s.jpg" /></div>
<br />
Well, we are far away from truth...<br />
<br />
The technology is not new. It debuted at Cebit Hannover, but years ago. And not by SecuSmart... Secfone, a startup company launched in 2006, introduced the first implementation of microSD criptochip mobile encryption, and is selling its solution for companies and governments for years.<br />
<br />
Secfone's solution is not tight to any smartphone brand (unlike SecuSmart's solution, that was sold to German government). It can be used with most of the new smartphones (<a href="http://bit.ly/1bLN7xK" target="_blank">smartphone whitelist</a>).<br />
<br />
German government bought the BlackBerry z10s for 2500 € apiece. However, you can get Secfone microSD cryptocard for 300 €. If you do not want to have your own managing servers, than for another 55 €/ month you can use Secfone's infrastructure. So it is really affordable for governmental institutes with smaller budget, to multinational companies, or even to smaller companies.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVX4YKVPD4xXBCbSQ_wQpc1HpS_QweoxPt4Jh0YaC4gWr4yIV2TuAlwq_mFu44q_H1C65iAGhB2f9fdarsGaMwc3r05yrhra3P6wPvirCxDqp85Jek5rhUVorIXon0wD6ZsVJfQiO84vY/s1600/secfone-cryptocard.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVX4YKVPD4xXBCbSQ_wQpc1HpS_QweoxPt4Jh0YaC4gWr4yIV2TuAlwq_mFu44q_H1C65iAGhB2f9fdarsGaMwc3r05yrhra3P6wPvirCxDqp85Jek5rhUVorIXon0wD6ZsVJfQiO84vY/s1600/secfone-cryptocard.png" /></a></div>
<br />
And the best at the end. Secfone provides higher security level based on a patent it uses (Patent No <a href="http://bit.ly/18blEql" rel="nofollow" target="_blank">WO2005083972 A1</a>).<br />
<br />
Tadaaaa....<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com1tag:blogger.com,1999:blog-6431377304540411400.post-64394475905778357902013-11-12T17:29:00.002-08:002013-11-14T00:24:33.378-08:00Funniest mobile security expert on YouTube<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/BKVtOxsxicg?feature=player_embedded' frameborder='0'></iframe></div>
<br />
Share on Facebook, follow the blog, follow the YouTube channel, send it in e-mail.<br />
That's it.Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com0tag:blogger.com,1999:blog-6431377304540411400.post-83761049272980275812013-11-12T00:52:00.001-08:002013-11-14T00:32:22.074-08:005 functions of TPM you did not know about<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJMeN4j9IclDRszet2vkJcJ2c5jPN-hB2YwAuS0kq0x48cAwHlaQePETqgrwzHJnGEkk_GKBedru3bzB8KnTH8brcKtpy9kQAlmk7qWtmuxddJn_8EPaZYIfWbNE2n6Eir7D6FaCSJXt4/s1600/sf-tarnovsky.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJMeN4j9IclDRszet2vkJcJ2c5jPN-hB2YwAuS0kq0x48cAwHlaQePETqgrwzHJnGEkk_GKBedru3bzB8KnTH8brcKtpy9kQAlmk7qWtmuxddJn_8EPaZYIfWbNE2n6Eir7D6FaCSJXt4/s400/sf-tarnovsky.jpg" width="400" /></a></div>
<br />
<br />
TPM or <a href="http://en.wikipedia.org/wiki/Trusted_Platform_Module" rel="nofollow" target="_blank">Trusted Platform Module</a> is a hardware piece - or say a chip - that stores encryption keys and sensitive data, and provides encryption services. It is still the most secure way to store sensitive data. There is no simple way to read out data from these chips. Only some industry hacking experts could read out some information from these chips with 9 months of work on the chip (known as <a href="http://www.darkreading.com/authentication/researcher-cracks-security-of-widely-use/222600843" rel="nofollow" target="_blank">Tarnovsky crack</a>). That means the chip has to be in possession of the cracker. Otherwise it is bullet-proof (However, Tarnovsky cracked a 2010 modell, and the crack does not work anymore on the new chips)<br />
<b><br /></b>
<b>What does these chips do? </b><br />
<br />
<ol>
<li><b>Protect secrets</b><br />It works as an electronic safe for sensitive data.</li>
<li><b>Can create, store and manage keys</b><br />Creates it's own unique encryption keys on production, so these chips are unreproducable.</li>
<li><b>Perform cryptographic functions</b><br />It works as a black box, gets the plain information, and gives the encrypted information back.</li>
<li><b>Provide unique keys</b><br />It can produce severl unique encryption keys during its operation too</li>
<li><b>Protect itself against attacks</b><br />Detects any physical attempt to read out its content (oscilloscope, electro-microscope etc.) and destorys the sensitive data immediately</li>
</ol>
<br />
<br />
Sounds good. Several solutions use TPM technology to provide integrity of systems - servers, laptops or any devices - for example <a href="http://windows.microsoft.com/en-us/windows7/products/features/bitlocker" rel="nofollow" target="_blank">Microsoft BitLocker Drive Encryption</a>. These systems are still secure, because if the TPM chip is removed - otherwise it can not be investigated in any way-, the system stops working, which is noticed immediately - or at least during the next 9 months.<br />
<br />
However, if you use TPM technology to encrypt communication on the fly - for example to encrypt VoIP calls-, than you are 100% secure. If the TPM is stolen or lost, the communication is stopped. You can get another TPM with other unique encryption keys :-)<br />
<br />
<b>Takeaway</b><br />
Secure communication encryption solutions always include a unique hardware piece, preferable a cryptochip or TPM chip. Softwares are physically unable to protect any sensitive information, including encryption keys. Take this into consideration when you choose a secure mobile communication solution for your company...<br />
<br />
Bonus: <a href="http://prezi.com/i_dlwntjy1jt/5-functions-of-secfone-cryptochip/">http://prezi.com/i_dlwntjy1jt/5-functions-of-secfone-cryptochip/</a><br />
<br />
Please click +Google or share on Facebook if you found this article interesting.Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com1tag:blogger.com,1999:blog-6431377304540411400.post-34389075337299093442013-11-04T08:11:00.001-08:002014-02-25T07:53:25.939-08:003 characteristics of any eavesdrop proof mobile communication solution<div class="separator" style="clear: both; text-align: center;">
</div>
<br /><br /><div style="text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuHPQAPGDTXq16c-wKWPioPrCf0Ao7jlMsa2nR8tpSHYEftU3gbGE6TqK3xb0Xm-va_oKJhCBZrxTNriyOlpXteTVahGDG9Qjr2XDYcWtUl9CNn-BicZ9Hm6J5CWKrTbdO63K5h7zUt4A/s1600/b2b-banner.jpg"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuHPQAPGDTXq16c-wKWPioPrCf0Ao7jlMsa2nR8tpSHYEftU3gbGE6TqK3xb0Xm-va_oKJhCBZrxTNriyOlpXteTVahGDG9Qjr2XDYcWtUl9CNn-BicZ9Hm6J5CWKrTbdO63K5h7zUt4A/s320/b2b-banner.jpg" /></a></div>
<br />Eavesdropping and tapping is a hot topic right now. But how can a company choose a really eavesdrop proof solution?<br /><br />You can read articles on daily basis on how politicians were tapped by several national agencies. You might think that there is no eavesdrop proof mobile communication solution on the market, because if there were, at least Angela Merkel would buy it. Let's take a close look.<br /><br />There are 3 requirements of eavesdrop proof encrypted mobile solutions:<br /><br /><b>1. Purely software-based solutions are not secure</b><br /><br />The reason is evident. Computer softwares are codes that reside and run on devices, like laptops, smartphones or tablets. These codes use the general storing and processing capabilities of devices, which are not designed to protect or secure any information. So if you find a software on Google Play or iTunes Store that claims it can protect you communications if you download it, it is simply not true.<br /><br />Think of softwares that can be downloaded from torrent sites. Those softwares consist of codes. Codes, that construct a purely software based encryption solution too. Sounds safe?<br /><br />If you have ever encountered a software that can not be copied, that software must have been included some kind of unique hardware protection (USB dongle for example). The unique hardware piece provides the security, because the hardware can not be copied.<br /><br /><b>2. Using standard encrpytion methods reduces security</b><br /><br />If a solution claims that is uses standard encryption that means only one thing: It is a way easier to crack that solution than a solution that use non-standard encryption. Standardization is a big help for a cracker. The more characteristics regulated by the standard, the easier to crack the solution. Not mentioning that agencies specialized in cracking encryptions have hardware designed to crack standardized encryptions.<br /><br /><b>3. Certificates of agencies indicate backdoor</b><br /><br />If you run into a solution that claims it is a certified solution of for example an Israeli agency, that means you can be sure that the agency in question has access to a backdoor in the solution. The reason is simple. There is not a single agency in a world that would encourage the use of a solution that can not be controlled - that is eavesdropped - by that agency. The picture is getting clear as you think it over...<br /><br />Now comes the final question. Are there solutions on the market meeting these requirements? Of course yes, there are. But most of them are not available for public, only for agencies and governmental institutes. <br /><br /><div>
UPDATE:<br /><br />The only hardware based encrypted mobile communication solution that provides triple layer protection is Secfone.<br /><br /><a href="http://secfone.co.uk/">Secfone Official Website</a><br /><br />Please click +Google or share on Facebook if you found this article interesting.<div style="color: #222222; font-family: Georgia, Palatino, 'Palatino Linotype', FreeSerif, serif; font-size: 16px; line-height: 24px;">
<br /></div>
</div>
<!-- Blogger automated replacement: "https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuHPQAPGDTXq16c-wKWPioPrCf0Ao7jlMsa2nR8tpSHYEftU3gbGE6TqK3xb0Xm-va_oKJhCBZrxTNriyOlpXteTVahGDG9Qjr2XDYcWtUl9CNn-BicZ9Hm6J5CWKrTbdO63K5h7zUt4A/s320/b2b-banner.jpg" with "https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuHPQAPGDTXq16c-wKWPioPrCf0Ao7jlMsa2nR8tpSHYEftU3gbGE6TqK3xb0Xm-va_oKJhCBZrxTNriyOlpXteTVahGDG9Qjr2XDYcWtUl9CNn-BicZ9Hm6J5CWKrTbdO63K5h7zUt4A/s320/b2b-banner.jpg" --><!-- Blogger automated replacement: "https://images-blogger-opensocial.googleusercontent.com/gadgets/proxy?url=http%3A%2F%2F1.bp.blogspot.com%2F-XRJs1xgi76U%2FUnfGulZi5BI%2FAAAAAAAAANA%2FUc9nerDYNhk%2Fs320%2Fb2b-banner.jpg&container=blogger&gadget=a&rewriteMime=image%2F*" with "https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuHPQAPGDTXq16c-wKWPioPrCf0Ao7jlMsa2nR8tpSHYEftU3gbGE6TqK3xb0Xm-va_oKJhCBZrxTNriyOlpXteTVahGDG9Qjr2XDYcWtUl9CNn-BicZ9Hm6J5CWKrTbdO63K5h7zUt4A/s320/b2b-banner.jpg" -->Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com1tag:blogger.com,1999:blog-6431377304540411400.post-46561945541665850322013-10-29T04:42:00.000-07:002013-11-12T03:37:52.615-08:00What is the privacy score of your smartphone?<div class="separator" style="clear: both; text-align: left;">
<a href="http://www.cluefulapp.com/" rel="nofollow" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;" target="_blank"><img alt="Clueful" border="0" height="113" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhe0R4Ul3P7PFiLJ672t4y0gdqhIg7cBacacBTx6AYkclAiN5knb8A-grVjtANoNz_dOxBpizxrA0O88v8K3T3Ybv71e2P4pdgsR7MSgTXbzjtspW5oa0SwcrdfDAh0QJzVKVgjTLLyIqs/s320/clueful.jpg" title="Clueful" width="320" /></a></div>
You might know that apps on smartphones ask for permissions upon installing. However, some apps might ask more permission than their function really needs. If you would like to protect your information, than the first step is to check if your smartphone can leak your data. We have tried an app that does the work, <a href="http://www.cluefulapp.com/" rel="nofollow" target="_blank">Clueful </a>(available for Android and iOS).<br />
<br />
Clueful gives a general privacy score, that gives you an idea how safe is your smartphone.<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGsacoClF5FPA8kUC4YtLwjGpjrkYZe9ZAPOJQFURu_3TnlnHaBqY8hileUC2Km6qUqVpmveG5LubqfZH7J33iQqWi4N7l6Xo2Is83uTLB4wCHg9XJUcOMg3vK3nvAoe9E0UmhyphenhyphenN7naXc/s1600/Screenshot_2013-10-29-12-32-31.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGsacoClF5FPA8kUC4YtLwjGpjrkYZe9ZAPOJQFURu_3TnlnHaBqY8hileUC2Km6qUqVpmveG5LubqfZH7J33iQqWi4N7l6Xo2Is83uTLB4wCHg9XJUcOMg3vK3nvAoe9E0UmhyphenhyphenN7naXc/s320/Screenshot_2013-10-29-12-32-31.png" width="192" /></a></div>
<br />
It categorizes the apps into three categories:<br />
<br />
<ul>
<li>High risk apps</li>
<li>Moderate risk apps</li>
<li>Low risk apps</li>
</ul>
<br />
You should really think over to uninstall apps that are in the high risk category. After installation Clueful checks new installations too, and alerts if a new app asks for too many permissions. Filtering by specific types of risks is also available (what apps can send SMS for example).<br />
<br />
Check your smartphone, and put your Privacy Score in a comment here. Its free.<br />
<br />
Please click +Google or share on Facebook if you found this article interesting.<br />
<br />
<br />Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com1tag:blogger.com,1999:blog-6431377304540411400.post-34626706793918034932013-10-25T05:14:00.000-07:002014-02-25T07:54:59.311-08:00Did US Tap Chancellor Merkel’s Mobile Phone? - Opinion<div style="text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjldBdcpRu79eNWtOWta0mJQSjoh-h_y3fFRdWHx5ymQDzZ4S4VyZwI-6_uNAP2-rPa5Rj16nG54U7vHWEIRfCA9aoDW8aXU__MeAQX7tkrJc8WPorCQlvjamvEhJ9Jx5wVncI4h0ovGAw/s1600/Merkel-phone.jpg"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjldBdcpRu79eNWtOWta0mJQSjoh-h_y3fFRdWHx5ymQDzZ4S4VyZwI-6_uNAP2-rPa5Rj16nG54U7vHWEIRfCA9aoDW8aXU__MeAQX7tkrJc8WPorCQlvjamvEhJ9Jx5wVncI4h0ovGAw/s320/Merkel-phone.jpg" /></a></div>
<br />I read new articles every day on how Germany complains about NSA spying. Now turned out that there is a high chance that even Merkel’s phone conversations were tapped. What is the main problem behind protecting ourselves?<br /><br /><b>1. Security solutions come from US </b><br /><br />This is a big problem since there is not a single security solution in US that has no backdoor. Even the “most secure” PGP was compromised, however PGP has no connection to any US governmental institutes. Why not to use PGP? Read this: <a href="https://github.com/pagekite/Mailpile/issues/79">https://github.com/pagekite/Mailpile/issues/79</a>. Blackberry is very popular smartphone in Germany, and guess, what encryption Blackberry uses? Yes, you all right, PGP.<br /><br /><b>2. Standard mobile encryption solutions</b><br /><br />The standards considerably decrease the security level. You now why? Because standard sets rules that is a good help when you try to break an encryption (you know the key lenghts for example). Not mentioning that governmental institutes and corporations have hardware and software resources tailored to break standard encryptions. Any non standard encryption need substantial extra effort to break.<br /><br /><b>3. Software based solutions</b><br /><br />To protect a communication channel you need to protect all information that provides security of that converstion. These are encryption keys in the first place. If you use software base solution, your keys are stored in standard storing elements of your device. These elements (memory for example) are readable, writeable storages, not designed to store anything in a secure way. That means your encryption keys can be read or written. Sounds secure? Not really…<br /><br /><b>Any solution?</b><br /><br />Of course, there is a solution. The keys that provide the security of a communication network have to be stored in a secure place, which MUST BE some kind of a hardware piece. Several solutions are on the market with unique hardware protection, mainly available for governmental use. These are special hardwares, you can not use it with you smartphone. However, <a href="http://secfone.co.uk/how-does-it-work.html">Secfone </a>seems to break the rule…<br /><br />Please click +Google or share on Facebook if you found this article interesting.
<!-- Blogger automated replacement: "https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjldBdcpRu79eNWtOWta0mJQSjoh-h_y3fFRdWHx5ymQDzZ4S4VyZwI-6_uNAP2-rPa5Rj16nG54U7vHWEIRfCA9aoDW8aXU__MeAQX7tkrJc8WPorCQlvjamvEhJ9Jx5wVncI4h0ovGAw/s320/Merkel-phone.jpg" with "https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjldBdcpRu79eNWtOWta0mJQSjoh-h_y3fFRdWHx5ymQDzZ4S4VyZwI-6_uNAP2-rPa5Rj16nG54U7vHWEIRfCA9aoDW8aXU__MeAQX7tkrJc8WPorCQlvjamvEhJ9Jx5wVncI4h0ovGAw/s320/Merkel-phone.jpg" --><!-- Blogger automated replacement: "https://images-blogger-opensocial.googleusercontent.com/gadgets/proxy?url=http%3A%2F%2F1.bp.blogspot.com%2F-ZiQV05-ffLQ%2FUmpgNsRpcFI%2FAAAAAAAAAL0%2Fy0_noZAMwZ4%2Fs320%2FMerkel-phone.jpg&container=blogger&gadget=a&rewriteMime=image%2F*" with "https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjldBdcpRu79eNWtOWta0mJQSjoh-h_y3fFRdWHx5ymQDzZ4S4VyZwI-6_uNAP2-rPa5Rj16nG54U7vHWEIRfCA9aoDW8aXU__MeAQX7tkrJc8WPorCQlvjamvEhJ9Jx5wVncI4h0ovGAw/s320/Merkel-phone.jpg" -->Mia Dinomadhttp://www.blogger.com/profile/04073895831341284160noreply@blogger.com1Germany51.165691 10.45152600000005840.94185 -10.202770999999942 61.389532 31.105823000000058