It seems that the data security landscape is constantly changing. Every day, new threats arise and fresh best practices emerge to keep companies at the forefront of protecting sensitive information. PKWARE’s staff of experts in data security share their thoughts in our blog, highlighting the most current topics on data security, management, and reduction. Check back frequently and join the conversation.

Encryption grows as response to NSA and XKeyscore surveillance

Posted by on in Data Security

b2ap3_thumbnail_Encryption_blocks_snooping_and_security_risks-080713.pngWikipedia recently raised issues with NSA surveillance of the domain and related Wikimedia properties, and declared that it would change its encryption protocols to ensure more secure data exchange between sites and users.

The change appears to have been particularly motivated by the revelation of the NSA's comprehensive XKeyscore tools.

In response to reports of the NSA monitoring certain users, Wikipedia will be introducing HTTPS in late August 2013 for all logged-in users, a move which should theoretically prevent government agencies from eavesdropping on its users.

"[Wikipedia] believes strongly in protecting the privacy of its readers and editors," said an official statement on the Wikimedia blog. "Recent leaks of the NSA's XKeyscore program have prompted our community members to push for the use of HTTPS by default for the Wikimedia projects."

Compared to the NSA's PRISM initiative, the XKeyscore provides quicker, more comprehensive access to data ranging from email and social media postings to encrypted documents, reported Deutsche Welle contributor Carla Bleiker. The Guardian contributor Glenn Greenwald, who originally exposed the program, stated that XKeyscore allows for advanced tracking and probing even if agents did not have access to a particular starting data point.

Even security experts have expressed surprise at the depth and scope of XKeyscore's sophistication, including Peter Schaar, a German data protection commissioner, who stated that the precise details of XKeyscore were "indeed surprising." 

As more details of NSA’s XKeyscore and PRISM programs were unveiled last week, the security agencies actions became the “most talked about” topic at Black Hat conference in Las Vegas, including ramped up displays of the importance of high-level and data-centric encryption. 

Download Viivo

If you share & store it in Dropbox, secure it with Viivo

For CIOs, details of the NSA programs provide opportunities to solidify enterprise encryption and shore up cloud migration security plans, among other teachable lessons, according to CIO.com. As for Wikipedia, the transition to HTTPS has so far been delayed due to bugs. Wikipedia co-founder Jimmy Wales characterized encryption for protecting sensitive data as a "human rights issue."

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest Wednesday, 02 October 2013