Stop demonizing encryption
The security industry has more than its fair share of buzzwords and gimmicks. End-to-end encryption is not one of them. The recent discovery of a vulnerability in WhatsApp has instigated discussions and spawned hot takes surrounding spyware and export controls, with some declaring that end-to-end encryption is ineffective. With this particular vulnerability, spyware created by the NSO Group could be uploaded onto a phone through a series of malicious data packets sent via VoIP calls. This enabled access to the content and data on a targeted phone. While this particular vulnerability may prompt concerns over WhatsApp’s overall security (a patch has since been released), it does not negate the value of end-to-end encryption. Furthermore, the current negativity toward encryption perpetuates misinformation and provides fodder for governments seeking to undermine security and privacy across the globe. Yes, end-to-end encryption alone is not sufficient for complete security and privacy across every attack […]
The post Stop demonizing encryption appeared first on CyberScoop.