NSA director just admitted that government copies of encryption keys are a big security risk

NSA chief Michael S. Rogers speaks at Fort Meade.

The director of the NSA, Admiral Michael Rogers, just admitted at a Senate hearing that when Internet companies provide copies of encryption keys to law enforcement, the risk of hacks and data theft goes way up.

The government has been pressuring technology companies to provide the encryption keys that it can use to access data from suspected bad actors. The keys allow the government “front door access,” as Rogers has termed it, to secure data on any device, including cell phones and tablets.

Rogers made the statement in answer to a question from Senator Ron Wyden at the Senate Intelligence Committee hearing Thursday.

Screen Shot 2015-09-24 at 2.06.46 PMWyden:  “As a general matter, is it correct that anytime there are copies of an encryption key — and they exist in multiple places — that also creates more opportunities for malicious actors or foreign hackers to get access to the keys?

Screen Shot 2015-09-24 at 2.07.12 PMRogers: Again, it depends on the circumstances, but if you want to paint it very broadly like that for a yes and no, then i would probably say yes.”

View the exchange in this video.

Security researchers have been saying for some time that the existence of multiple copies of encryption keys creates huge security vulnerabilities. But instead of heeding the advice and abandoning the idea, Rogers has suggested that tech companies deliver the encryption key copies in multiple pieces that must be reassembled.

From VentureBeat

Get faster turnaround on creative, more testing, smarter improvements and better results. Learn how to apply agile marketing at our roadshow in SF.

“The NSA chief Admiral Rogers today confirmed what encryption experts and data scientists have been saying all along: if the government requires companies to provide copies of encryption keys, that will only weaken data protection and open the door for malicious actors and hackers,” said Morgan Reed of the App Association in a note to VentureBeat.

Cybersecurity has taken center stage in the halls of power this week, as Chinese president Xi Jinping is in the U.S. meeting with tech leaders and President Obama.

The Chinese government itself has been linked with various large data hacks on U.S. corporations and on U.S. government agencies. By some estimates, U.S. businesses lose $ 300 billion a year from Chinese intellectual property theft.

One June 2nd, the Senate approved a bill called the USA Freedom Act, meant to reform the government surveillance authorizations in the Patriot Act. The Patriot Act expired at midnight on June 1st.

But the NSA has continued to push for increased latitude to access the data of private citizens, both foreign and domestic.



Uncategorized

Get ready to watch all your favorite TV shows in virtual reality

Netflix-living-room

Feed-twFeed-fb

Hulu and Netflix are jumping on the virtual reality train. All aboard, early adopters.

Both streaming video services will soon offer virtual reality apps that let users explore content and watch what they want in 3D virtual spaces. Netflix is up first, with an app launching in the Gear VR store on Thursday, just hours after it was announced on stage at Oculus Connect.

While the video itself plays inside the headset on a virtual screen — banish all hopes of stepping into your favorite TV show or movie, at least for now — the app’s browsing interface is an interactive “Netflix Living Room.” This is a valuable feather in Netflix’s cap, marking the “first” subscription video app for VR and yet another platform for the ubiquitous service. Read more…

More about Entertainment, Gaming, Netflix, Hulu, and Television


RSS-3

5 Things You Must Do To Keep Some Dirtbag From Renting Out Your Crib While You’re Away on Vacay

While “John and Ed” were at Burning Man earlier this month, their paid house sitter (from TrustedHousesitters.com no less) listed their San Francisco pad on Airbnb. , this naturally prompts the question: what can I, as a person who leaves my home from time to time, do to prevent something similar, or worse, from happening to me? Here’s the answer.


Cloud Computing

Cloudera is building a new open-source storage engine called Kudu, sources say

Cloudera CeBIT Flickr

EXCLUSIVE:

Big data company Cloudera is preparing to launch major new open-source software for storing and serving lots of different kinds of unstructured data, with an eye toward challenging heavyweights in the database business, VentureBeat has learned.

The storage engine, Kudu, is meant as an alternative to the widely used Hadoop Distributed File System and the Hadoop-oriented HBase NoSQL database, borrowing characteristics from both, according to a copy of a slide deck on Kudu’s design goals that VentureBeat has obtained. The technology will be released as Apache-licensed open-source software, the slides show.

Cloudera has had one of its early employees leading a small team to work on Kudu for the past two years, and the company has begun pitching the software to customers before an open-source release at the end of this month, a source familiar with the matter told VentureBeat.

From VentureBeat

Get faster turnaround on creative, more testing, smarter improvements and better results. Learn how to apply agile marketing at our roadshow in SF.

That source and others believe Kudu could present a new threat to data warehouses from Teradata and IBM’s PureData (formerly Netezza), and other vendors. It may also be used as a highly scalable in-memory database that can handle massively parallel processing (MPP) workloads, not unlike HP’s Vertica and VoltDB, the sources say. And one day Kudu — which works across multiple data centers with RAM and fast solid-state drives (SSDs) — could even play a part in backup and disaster recovery.

Cloudera declined to comment.

However Cloudera chooses to market Kudu, it’s clear that the software is a big step forward for the company, not only in the company’s efforts to outdo other Hadoop vendors, but also in its quest to become a prominent player in enterprise software.

Not that Cloudera is a nobody. It’s worth almost $ 5 billion, according to one recent estimate, it has considerable backing from Intel, and it’s been positioning itself as a competitor to much larger database companies, like IBM and Oracle. But the fact is, fellow Hadoop vendor Hortonworks has gained credibility after it went public last year, and Hadoop company MapR is still around, too.

Cloudera recently doubled down on the rising Apache Spark open-source big data processing framework, but Spark is something Cloudera has been working on for years. And a few months ago, Cloudera brought new Python capability to Hadoop, following its acquisition of DataPad last year. Those are important efforts, but Kudu is something entirely new, something that can give the company freshness as it grows toward an initial public offering.

So what is Kudu, then?

It’s “nearly as fast as raw HDFS for scans” and, at the same time, “nearly as fast as HBase for random access,” according to one slide from a presentation on Kudu’s design goals. But Kudu is not meant to be a drop-in substitute for HDFS or HBase. “There are still places where these systems will be optimal, and Cloudera will continue to support and invest in them,” a slide said.

Kudu could be used for time-series data, or real-time reporting, or model building, according to another slide.

And it’s important to note that Kudu isn’t a SQL query engine for pulling up specific data. Cloudera has Impala for that, and others have Hive for that. Kudu has an “early integration” with Impala, and Spark support is coming, according to a slide.

The Kudu application programming interface (API) works with Java — the common language of Hadoop — as well as C++. Kudu’s architecture allows for operation across sites, according to one slide. That makes it comparable to Google’s Spanner and the Spanner-inspired CockroachDB. That could make Kudu a great choice for big companies looking to store their big data around the world.

Is Kudu well adopted, though? No, not yet.

“Looking for beta customers,” a slide said.

More information:

Powered by VBProfiles



RSS-4

Real Advice for Real Money