Wednesday, April 15, 2015

“Encryption Doesn’t Matter In a World Where Anyone Can Plant Software On Your Phone and See What You’re Seeing”

John McAfee invented commercial antivirus software. He may be a controversial and eccentric figure … but the man knows his technology.
Earlier this month, McAfee told security expert Paul Asadoorian that encryption is dead.  Specifically, he said:
  • Every city in the country has 1 to 3 Stingray spy devices … Bigger cities like New York probably have 200 or 300
  • When you buy a Stingray, Harris Corporation makes you sign a contract keeping your Stingray secret (background here and here)
  • Stingray pushes automatic “updates” – really malicious software – onto your phone as soon as you come into range
  • The software – written by the largest software company in the world – allows people to turn on your phone, microphone and camera, and read everything you do and see everything on your screen
  • Encryption doesn’t matter in a world where anyone can plant software on your phone and see what you’re seeing.  Protecting transmission of information from one device to the other doesn’t matter anymore … they can see what you see on your device
  • There are many intrusions other than Stingray.   For example, everyone has a mobile phone or mobile device which has at least 10 apps which have permission to access camera and microphone
  • Bank of America’s online banking app requires you to accept microphones and cameras. McAfee called Bank of America and asked why they require microphones and cameras. They replied that – if you emptied all of the money in your account and said “it wasn’t me”, they could check, and then say:
Well, it certainly looks like you. And it certainly sounds like you.
  • In order to do that, B of A’s app keeps your microphone and camera on for a half hour after you’ve finished your banking
  • In addition, people can call you – and have you call them back – and plant software on your phone when you call them back