[QODLink]
Americas

Twitter makes it harder to spy on users

Twitter follows in footsteps of Google and Facebook, adding layer of security to protect data from prying eyes.

Last updated: 23 Nov 2013 01:07
Email Article
Print Article
Share article
Send Feedback
Twitter's move comes after disclosures about widespread US government surveillance programmes [Reuters]

Twitter Inc said it has implemented a security technology that makes it harder to spy on its users and called on other Internet firms to do the same, as Web providers look to thwart spying by government intelligence agencies.

Twitter followed in the footsteps of Google and Facebook, adding a layer of security called Perfect Forward Secrecy to protect data that users would like kept from prying eyes.

"On top of the usual confidentiality and integrity properties of HTTPS, Forward Secrecy adds a new property," Twitter explained in a blog post on Friday.

"If an adversary is currently recording all Twitter users' encrypted traffic, and they later crack or steal Twitter's private keys, they should not be able to use those keys to decrypt the recorded traffic."

The non-profit Electronic Frontier Foundation is among online rights champions who advocate for this kind of added protection on personal Internet traffic, according to San Francisco-based Twitter.

"We are writing this not just to discuss an interesting piece of technology, but to present what we believe should be the new normal for web service owners," Twitter said of the announcement.

"A year and a half ago, Twitter was first served completely over HTTPS," the company added. "Since then, it has become clearer and clearer how important that step was to protecting our users' privacy."

Snowden disclosures

US Internet titans whose businesses are based on maintaining the trust of users have been kept to strengthen privacy protection in the wake of disclosures of broad scale cyber spying by the National Security Agency.

Former NSA contractor Edward Snowden revealed US surveillance on a global scale, straining Washington's ties with key allies and putting pressure on Internet firms to show people that their online privacy is being guarded.

Among the disclosures were spy tools for decoding data and a practice of saving encrypted information so that it might be unscrambled in the future.

Forward secrecy prevents attackers from exploiting one potential weakness in HTTPS, which is that large quantities of data can be unscrambled if spies are able to steal a single private "key" that is then used to encrypt all the data, said Dan Kaminsky, a well-known Internet security expert.

The more advanced technique repeatedly creates individual keys as new communications sessions are opened, making it impossible to use a master key to decrypt them, Kaminsky said.

"It is a good thing to do," he said. "I'm glad this is the direction the industry is taking."

411

Source:
Agencies
Email Article
Print Article
Share article
Send Feedback
Featured on Al Jazeera
At least 25 tax collectors have been killed since 2012 in Mogadishu, a city awash in weapons and abject poverty.
Tokyo government claims its homeless population has hit a record low, but analysts - and the homeless - beg to differ.
3D printers can cheaply construct homes and could soon be deployed to help victims of catastrophe rebuild their lives.
Lack of child protection laws means abandoned and orphaned kids rely heavily on the care of strangers.
Featured
Booming global trade in 50-million-year-old amber stones is lucrative, controversial, and extremely dangerous.
Legendary Native-American High Bird was trained in ancient warrior traditions, which he employed in World War II.
Hounded opposition figure says he's hoping for the best at sodomy appeal but prepared to return to prison.
Fears of rising Islamophobia and racial profiling after two soldiers killed in separate incidents.
Group's culture of summary justice is back in Northern Ireland's spotlight after new sexual assault accusations.