Slashdot videos: Now with more Slashdot!
We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
"What we are alleging is occurring is that there are individuals and organizations that are profiting from the storage and the exchange of child sexual exploitation material," Scott Tod, Deputy Commissioner of the Ontario Provincial Police (OPP), told Motherboard at a conference late last month, after speaking to a crowd of defense specialists. "They store it and they provide a secure website that you can log into, much like people do with illegal online gaming sites."
Instead, Google said that the company would simply double down on its crackdown of bloggers who use their sites to sell porn.
In July, Google stopped porn from appearing in its online ads that appear on Blogger. And in 2013, Google decided to remove blogs from its Blogger network that contained advertisements for online porn sites. "We've had a ton of feedback, in particular about the introduction of a retroactive change (some people have had accounts for 10+ years), but also about the negative impact on individuals who post sexually explicit content to express their identities," wrote Jessica Pelegio, Google's social product support manager, in a post on Google product forums. "So rather than implement this change, we've decided to step up enforcement around our existing policy prohibiting commercial porn.
Yet the public record shows that over the years the NSA has honed its ability to steal encryption keys. Recent reports about the compromise of Gemalto's network and sophisticated firmware manipulation programs by the Office of Tailored Access Operations underscore this reality.
The inconvenient truth is that the current cyber self-defense formulas being presented are conspicuously incomplete. Security tools can and will fail. And when they do, what then? It's called Operational Security (OPSEC), a topic that hasn't received much coverage — but it should.
They say the two agencies were trying to intercept encryption keys that were being exchanged between mobile operators and the companies (like Gemalto) who supplied them with SIM cards. The company said it had noticed several security incidents in 2010 and 2011 that fit the descriptions in The Intercept's documents. Gemalto had no idea who was behind them until now. They add, "These intrusions only affected the outer parts of our networks – our office networks — which are in contact with the outside world. The SIM encryption keys and other customer data in general, are not stored on these networks." They claim proper use of encryption and isolation of different networks prevented attackers from getting the information they were after.