Up coming NYT article: "Whole India Hacked! Country Paralyzed! Nuclear Warheads Armed Remotely. Blackmailers want 5M BTC"
Topic: India joins war on crypto, wants everyone to keep plaintext copy of data (Read 408 times)
September 22, 2015, 02:28:55 PM
Up coming NYT article: "Whole India Hacked! Country Paralyzed! Nuclear Warheads Armed Remotely. Blackmailers want 5M BTC"
September 22, 2015, 12:08:36 PM
This is tremendously stupid, especially for a country attempting to become the silicon valley of the East. I was watching a DEFCON talk the other day about hacking cell phones, and they were explaining that in India by law all cellular networks must be in plain text in order to comply with these laws against encryption. As a result literally everyone's cell phones and communications there are vulnerable to anyone with a few hundred dollars worth of parts, a laptop, and some free software.
September 22, 2015, 05:18:20 AM
I hope my country will not enforce this rule. Since we are encrypting our data, why should we keep a plain version for 90 days? This is very... Can't find a word to describe.
September 22, 2015, 04:44:31 AM
India joins war on crypto, wants everyone to keep plaintext copy of encrypted data for 90 days
India's newly released draft national encryption policy includes a requirement that plaintext versions of all encrypted data and messages must be kept by every user, whether a business or an individual, for 90 days. And the "verifiable" plaintext must made available to law enforcement agencies on demand. This unprecedented requirement is likely to make security breaches even more serious, and present enormous logistical problems for companies using encryption on a large scale, since they will have to manage the storage and timely deletion of the plaintext versions.
http://arstechnica.co.uk/tech-policy/2015/09/india-joins-war-on-crypto-wants-everyone-to-keep-plaintext-copies-of-all-encrypted-data-for-90-days/
India's newly released draft national encryption policy includes a requirement that plaintext versions of all encrypted data and messages must be kept by every user, whether a business or an individual, for 90 days. And the "verifiable" plaintext must made available to law enforcement agencies on demand. This unprecedented requirement is likely to make security breaches even more serious, and present enormous logistical problems for companies using encryption on a large scale, since they will have to manage the storage and timely deletion of the plaintext versions.
http://arstechnica.co.uk/tech-policy/2015/09/india-joins-war-on-crypto-wants-everyone-to-keep-plaintext-copies-of-all-encrypted-data-for-90-days/
Jump to: