Page 41 - Cyber Warnings
P. 41
It s the Industry Titans Against the Federal Deities
Ensuring zero intrusion with best practices in the encryption software
industry
by Anamika Kumari, Content Writer, Allied Analytics LLP
Veracrypt tracked the success route of Truecrypt with great agility. The rise of the latter at the
encryption software industry skyline was as rapid as was its decline. A recent audit highlighted
its architecture to be infested with critical loopholes that made the system vulnerable to external
threats. A series of security fixes followed the internal audit that began in August 2016. Two
months later, the developers came up with Veracrypt1.19 a more secure version of the previous
format. It does include some issues that could not be resolved due the intense complexity in
their codes, yet can be handled by religiously adhering to the safe practices as outlined in the
Veracrypt User Manual.
Empowerment of open source frameworks
How is it that a similar file-system level encryption (FLE) strategy failed earlier, while another
encryption software tool developed from the same source code saw the daylight of success? A
close observance to certain government strategies and their security policies might lend you
some answer. Our focus here, is on the commendable support handed out by the Open Source
Technology Improvement Fund (OSTIF) towards the safekeeping and improvement of similar
projects. Among the others that were patronized by the OSTIF are OpenSSL, OpenVPN,
GnuPG, and OTR messaging. These platforms target to protect the privacy concerns of public
users over secure internet, private networks, email servers, and public chat networks.
Rising above the federal dilemma
The global encryption software industry got wound in an unexpected turn of events in 2013,
when global surveillance revelations began trickling from NSA’s debauched child Edward
Snowden. The first world was already concerned about the data-in-transit and data-at-rest
critical to their business and enterprise. With NSA’s intrusion, the technology development
programs were instantly accelerated. The result is evident; North America now represents the
largest market for data-at-rest encryption software solutions for both FLE and FDE (Full Disk
Encryption).
The role of non-profit organizations in the upraise of encryption software industry is under
microscope of the federal governments. The battle will intensify with the recent change in
political demographics of the U.S. The encryption debate in the region so far has caused ripples
that have been felt across the globe. Amidst the tug of war between product developers and the
government agencies continue, compliance to the security breach notification law is a rather
imperative criterion of selection.
41 Cyber Warnings E-Magazine November 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
