U.S. Senate Staff can now use Signal for Secure Messaging and So Can You

The US Senate just got a little bit more secure. You can also do the same: increase your security.

Without any fanfare, the Senate Sergeant at Arms recently told Senate staffers that Signal, widely considered by security researchers and experts to be the most secure encrypted messaging app, has been approved for use by all Senate staff members.

The news was revealed in a letter Tuesday by Sen. Ron Wyden (D-OR), a staunch privacy and encryption advocate, who recognized the effort to allow the encrypted messaging app as one of many “important defensive cybersecurity” measures introduced in the chamber.

I have written several times about Signal in past articles in this blog. See https://privacyblog.com/?s=Signal for those past articles.

Continue reading

How to Protect Yourself From Ransomware Attacks

Ransomware, which is often transmitted by email or web pop-ups, involves locking up people’s data and threatening to destroy it if a ransom is not paid. The global cyberattack has affected 200,000 Windows computers in more than 150 countries, including the United States, China, Japan, South Korea, Germany and Britain.

An article by Brian X. Chen in the New York Times at http://nyti.ms/2pR6YJg gives advice on how to avoid the ransomware problems.

How to Increase Your Privacy in Microsoft Edge

The Edge browser does a fair bit of eavesdropping (or allows others to eavesdrop). For those who value their privacy online, there are several steps you can take to ensure a more locked-down experience.

Details may be found at: http://www.laptopmag.com/articles/increase-privacy-using-microsoft-edge.

However, switching to the Brave web browser will result in still better security and privacy. See https://privacyblog.com/2017/02/20/brave-a-privacy-focused-browser-with-built-in-torrent-streaming.


Storj.io, a Distributed, Encrypted File Storage Service Where Only You Have Access to Your Data

Storj.io logo

Storj.io (pronounced “Storage eye oh) is a proposed new service for storing data in the cloud. The data can be anything you wish. I suspect most users will use Storj.io as a file backup service, keeping copies of critical files off site and available at any time. Storj.io’s primary goal is to provide a cloud storage solution that is substantially faster and 50% less expensive than traditional data center-based cloud storage solutions provided by Amazon, Google and Microsoft.

Storj uses distributed peer-to-peer storage. That is, there are no centralized servers with huge disk drives. Instead, the Storj.io software breaks the file(s) to be stored into thousands of tiny segments, encrypts each segment, and then stores the segments in available disk space of other Storj.io customers. Each segment is stored in multiple locations. The result is that the information can be restored to the user’s system at any time, even if some or even many of the other Storj.io customers turn their computers off. There are so many segments saved in so many locations around the world that the possibility of any segment being unavailable at any time is mathematically almost impossible. The developers of Storj.io expect the system to provide 99.99999% availability, higher than most any competitive system in use today.

Continue reading

Cyberattack Hits England’s National Health Service With Ransom Demands

Hospitals across England have been hit by a large-scale cyber-attack, the NHS has confirmed, which has locked staff out of their computers and forced many trusts to divert emergency patients.Hospitals across the country appear to have been simultaneously hit, with a pop-up message demanding a ransom in exchange for access to the PCs. NHS Digital said it was aware of the problem and would release more details soon. Details of patient records and appointment schedules, as well as internal phone lines and emails, have all been rendered inaccessible.

The problem appears to be limited to Windows PCs. Macintosh, Linux, and various mobile tablets appear to be unaffected.

Details may be found at: http://bit.ly/2pHzHjW.

Trump Signs Executive Order On Cybersecurity

President Trump on Thursday signed an executive order on cybersecurity that makes clear that agency heads will be held accountable for protecting their networks, and calls on government and industry to reduce the threat from automated attacks on the Internet.

He said the order was not, however, prompted by Russia’s targeting of electoral systems last year. In fact, the order is silent on addressing the security of electoral systems or cyber-enabled operations to influence elections, which became a significant area of concern during last year’s presidential campaign. The Department of Homeland Security in January declared election systems “critical infrastructure.”

Details maybe found at: http://wapo.st/2qaJkdp.

Huge Trove of Confidential Medical Records Discovered on Unsecured Server Accessible to Anyone

At least tens of thousands, if not millions, of medical records of New York patients were until recently readily accessible online to just about anyone who knew how to look.

Patient demographic information, social security numbers, records of medical diagnoses and treatments, along with a plethora of other highly-sensitive records were left completely undefended by a medical IT company based in Louisville, Kentucky. The files, which belong to at least tens of thousands of patients, originate from Bronx-Lebanon Hospital Center in New York.

Details may be found at: http://bit.ly/2psJQoB.