What Exactly is Spyware?

Thankfully, people are on heightened guard to keep their communications secure from hackers and identity thieves. We’ve all seen companies and even political parties suffer high-profile data breaches, and awareness of the risks out there is good because there are multiple threats out there, and they aren’t all the same.

It’s a safe bet that anything with the suffix “ware” is bad news, but having a better understanding of the specific threat can help you stay safe.

“Spyware” is a unique risk that can permanently compromise your phone, so let’s learn more about it now.

Different Types of Trojan Horses

The poet Virgil describes in The Aeneid the story of the ancient Trojans, the ancestors of the Roman civilization. The Greeks appeared to have sailed back home after a long siege, and all that remained was a large wooden statue of a horse — the Trojans wheeled it inside their gates, thinking it a trophy of war, and at night the Greek soldiers hiding inside crept out and sacked the city as it slept.

When it comes to spyware, a Trojan is a type of malicious code that looks legitimate, but can take control of your computer. A Trojan disguises itself as something the user wants, and after it’s downloaded, it can damage, disrupt, steal data, or inflict other harms on you.

Have you ever seen a suspicious email from someone you don’t recognize asking you to click a dubious link? Such emails could very well be a cybercriminal trying to lure you into downloading the Trojan. Unlike a computer virus, a Trojan can’t replicate itself on your device.

It can only get onto your computer or phone if you open the door. Once a Trojan is inside the gates, you can’t get it back outside, and the danger is irreversible. Likewise, once your phone is compromised with a Trojan, it’s better to throw it away and buy a new one.

There are multiple types of Trojan, and all of them are dangerous. A Ransom Trojan seeks ransom money from the user and will bar access to their own device until they pay. A Remote Access Trojan can give the hacker control over your device and steal your information and spy on you.

Some Trojans are designed specifically for phones. An SMS Trojan can send and intercept text messages. Apart from stealthily compromising the security and confidentiality of your messages, they can message premium-rate numbers and drive up your phone bill.

A person may have a Trojan on their cell phone without knowing it and carry on indefinitely as if everything is normal.

Law Enforcement Uses Spyware?

Trojans aren’t only used by cybercriminals. In fact, law enforcement agencies in places like Germany have used them to sidestep encryption and eavesdrop on suspected individuals. Security gaps on people’s phones left them susceptible to what police grimly and euphemistically call “source telecommunication surveillance.”

Federal police used Trojans to access information stored on smartphones. For “operational reasons,” they refused to say the extent to which they use spyware to listen in on private citizens.

Spyware can monitor the most sensitive data on your phone, including:

  • Call history, including phone numbers, dates, and length of calls
  • Contacts
  • Texts messages, even phone number and SMS content
  • Photos
  • Internet browsing history and bookmarks
  • Emails downloaded to the phone

That criminals and law enforcement alike both use spyware only reinforces how many people are potentially trying to access sensitive information and how varied the threats are. Cybercriminals are dangerous when they know how to weaponize spyware, but at least they don’t have the protections and resources of the state behind them.

How Do You know if Your Phone has Spyware On it?

Spyware is a trap that must be cloaked for as long as possible for it to be effective. By design, it’s hard to tell when spyware has infected your phone. If the victim knew their device was compromised, they’d use a new phone and put an end to the threat.

If your phone is infected with spyware, you may notice it gets hot, or the battery quickly drains when you’re not using it. However, these things could be attributed to other perfectly innocuous reasons, such as the phone is simply getting older.

You may also see unexpected notifications or startup and shutdown times that are longer than usual. Ultimately, if you’re in a position where you’re unsure if you have spyware on your phone, you haven’t taken your cybersecurity seriously enough in the first place. Using a ChatMail phone is an effective way to know you’re free of spyware.

How to Steer Clear of Spyware

Safe habits are crucial to keep everyone’s sensitive information private. There are a few basic things you can do to reduce the odds of encountering spyware.

  • Avoid unsafe websites: if security software indicates a site may not be safe, close the window
  • Be skeptical of strange emails: don’t open a link from an email address you don’t recognize
  • Don’t download software or programs unless you trust the publisher
  • Never click on pop-up windows promising free stuff or helpful services

Taking the above precautions should be engrained in your daily habits and your colleagues’ too. If somebody in your office gets their phone compromised, it could directly affect you or your business. Organizations are only as strong as their weakest link, so everyone has a role to play in cybersecurity.

Keeping up with cybersecurity risks is often a game of cat and mouse — people who use spyware try to find new weaknesses to exploit, while cybersecurity experts keep vigilant, trying to anticipate and patch up any security holes before they become problems. In addition to taking basic steps to avoid falling into a trap, platforms using ChatMail help people communicate confidently without fear of spyware or other security vulnerabilities.

For peace of mind and business stability, the best encrypted phone provider lets you stay connected without worrying about all the threats out there, including every form of spyware. Don’t hesitate to contact us today to learn more about our secure platform.

Your Guide to Understanding Encryption

Phrases like “end-to-end encryption” are thrown around so commonly today that one would think everyone has in-depth knowledge of encryption. Encryption is a ubiquitous term but a complex subject.

To be sure, the average person doesn’t need to have expert knowledge about the ins and outs of encryption to safeguard their privacy, just like you don’t need to understand how a combustion engine works to drive a car.

However, sometimes mechanical skills do come in handy, and understanding the basic concept of encryption will help you appreciate what separates military-grade encryption from the popular platforms promising to be secure. Let’s look at what encrypted communication is and how it works.

Encryption, the Basics

When data is stored on a computer, the Cloud, on the phone, or transmitted across the internet, encryption is what keeps it confidential. Encryption transforms data into indecipherable text that looks like gibberish, and only authorized people with the right decryption key can render the text into a readable format.

Usually, the length of this code is what determines whether the encryption is “strong” or “weak.” Historically, 40-bit encryption keys were standard. They had one billion possible keys and combinations. While this may sound secure, even a common home computer from 2014 could crack this in a matter of two weeks.

Today’s 128-bit keys are exponentially more secure. If one billion permutations seemed large, the full number of possible keys and combinations on a 128-bit key is worth writing out in full: 340,000,000,000,000,000,000,000,000,000,000,000,000.

However, robust security entrusted to safeguard national security secrets requires more than just a long bit-key. Aside from short key length, implementation flaws, weak algorithms, and bad passwords can also compromise the encryption’s ability to protect your data.

What is Encryption Used For?

While it’s common for people to associate encryption with smartphone technology and cybercrime, more primitive forms of encryption have been around for a long time, even dating back to Ancient Egyptian hieroglyphics! It makes more sense to consider encryption in its current context, as the world revolves around digital technology, and encryption is at the heart of what keeps it secure.

Governments everywhere use encryption for safeguarding vast swathes of the economy, critical infrastructure, and national security. On a smaller scale, private individuals in positions of power use encryption (or ought to!) to ensure that nobody can access confidential communications to facilitate blackmail, corporate sabotage, identity theft, and other crimes.

Is Encryption Legal in Your Country?

There is currently a legal debate brewing between some well-intentioned people who want to give law enforcement access to encrypted communications and those who understand that building in any weakness in the encryption fatally undermines everything encryption is meant to protect — i.e., the bulk of modern society. 

Unlike its Western Five Eyes allies, Canada has traditionally refused to adopt or advance a reckless encryption policy that required private companies to build weaknesses into their cryptographic algorithms intentionally.

According to critics writing in outlets like Citizen Lab, The federal government’s attitude changed in 2019, aligning with major Western countries wanting some type of access to encrypted communications.

Down in the US, there is a heated, ongoing legal debate about how to reconcile law enforcement demands to access communications against the need for privacy rights for citizens, companies, and even government agencies.

The EARN IT act is ostensibly a crackdown on child sexual exploitation online, but critics warn that it threatens to erode badly-needed protections that society depends on. While this bipartisan proposition doesn’t explicitly oppose encryption, you don’t need to read much between the lines to understand that backdoor access to online communications is incompatible with secure encryption.

Tech leaders like Google, Facebook, Microsoft and others have pledged to follow the “voluntary principles” that were set out to curb predation online, but it’s still undetermined how exactly the government will draw the line between law enforcement’s need to peek behind the encryption and civil society’s need for security.

Even if you were to accept in principle that the government should be able to bypass encryption laws, the opening that gets left for them to do so could be exploited by malicious third parties. Legal questions about encryption are not just a matter of philosophy or even the law; it’s nearly impossible to discuss on a serious level without making very strict and technical definitions.

As always, the devil is in the details. With a new presidential administration in the US, they may take a new tack on encryption. Though with Australia and the EU seemingly at war with encryption, and considering the EARN IT act was supported by senators from both parties, the writing could be on the wall.

In the meantime, industry leaders like ChatMail Secure continue to provide state-of-the-art security, flexibility, and responsive customer service.

Why You Need Encryption

The legal and technical battles have enormous implications for the average citizen. COVID-19 has only accelerated the rate at which people have moved online, from Zoom calls to ecommerce.

The average person may not fear hackers or identity thieves are targeting them. Still, everyone has sensitive data that could be exploited by hackers to make a lot of money via identity theft, fraud, and even ransom. The global conversation around encryption involves complex legal and technical problems, but the way these questions are resolved will have an enormous impact on ordinary people’s everyday life.

Somebody falls victim to cybercrime every 39 seconds, and eventually, this person could be you, or it could be someone linked to your company. In our digital, interconnected world, people who work in banking, finance, journalism, defence, the energy sector, and a range of activists have a direct need to keep sensitive communications private.

There are fascinating success stories about encryption that demonstrate how safeguarding communications can be a matter of life or death.

Everyday smartphone users must get a more nuanced understanding of how encryption works and not automatically trust that “end-to-end encryption” is fully secure. Here are some Myntex resources that will help you better understand how our products address contemporary security needs. Genuinely secure platforms exceed the data security offered by WhatsApp and Signal to allow everyday users to get the best security on the market without having to understand complicated technical matters or follow evolving legal questions.

International Encryption Laws Are Weak and Subject to Erosion

Everyone agrees privacy rights are essential, but figuring out exactly where to draw the line between total privacy and granting government agencies access to private communications is more problematic. The two sides don’t see eye to eye, despite appearing to agree about the importance of privacy.

Governments claim that they need to bypass encryption protections for the sake of national security. Privacy advocates fear that, however justifiable the need for security is, setting a precedent of sidestepping encryption creates an opening that can be abused by the government as well as opportunistic hackers.

Existing encryption laws are weak or poorly defined, and even citizens who live in countries that currently enjoy robust privacy protections can’t necessarily depend on the laws staying intact. Laws are always in flux and can be weakened anytime.

Indeed, there are signs that legal protections associated with end-to-end encrypted messaging are being undermined in Europe right now.

EU Draft Council Encryption Resolution

In November of last year, the EU Draft Council Resolution on Encryption pushed for laws that would give the government increased access to encrypted messages without really saying how. They don’t claim to be fighting end-to-end encryption, but critics warn that’s precisely what they’re doing.

While the text is just a draft policy paper, privacy advocates have cause to worry. Text from the resolution does anything but assuage people’s fears:

“Encryption is a necessary means of protecting fundamental rights and the digital security of governments, industry and society. At the same time, the European Union needs to ensure the ability of competent authorities in the area of security and criminal justice, e.g. law enforcement and judicial authorities to exercise their lawful powers, both online and offline.”

The resolution fails to address in any concrete terms the legal criteria or burden of proof governments would need to demonstrate before they could access encrypted communications.  Perhaps even more problematically, the resolution contains no technical explanation for how the government could have a back door into encrypted communications without leaving a gaping security vulnerability nefarious parties could exploit.

In the above quote, “competent authorities” refers to law enforcement agencies with competence in their field, not in technical matters involving encryption, which are well beyond a government official’s domain knowledge.

A well-intended law enforcement agent with a justifiable need to access encrypted communications may accidentally create the conditions for flagrant privacy infringements by opportunistic hackers or other nefarious parties.

In other words, even if the government’s security concerns are taken at face value, their proposals don’t address what privacy critics fear most.

Is a Better Balance Possible?

The Council of Ministers has laid out what seems like a reasonable balance between privacy and security. Here’s an excerpt: “technical solutions for gaining access to encrypted data must comply with the principles of legality, transparency, necessity, and proportionality.”

However, the willingness to strike this balance doesn’t mean anything if they lack the technical expertise to uphold these principles. For example, how can they demonstrate to encryption experts that the openings governments will use won’t be exploited by hackers?

It’s difficult to have a broad, non-technical discussion of such a complicated and wide-ranging topic, but that’s just the problem: the devil is in the details, and the details have been unaddressed.  It’s reasonable to suspect these principles won’t be adhered, either on purpose or by accident, especially given how many high-profile breaches there have already been.

Real Encryption Doesn’t Deal in Half-Measures

Attaching the word “encryption” to a device doesn’t make it fully secure. Unless every potential vulnerability is accounted for, the device can be penetrated.

The market’s leading encrypted mobile security provider ensures their tools are hermetically sealed against any possible intrusion. Having this level of protection means your communications will remain private.

Given how data is collected by governments worldwide, people are wise to take the security of their communications into their own hands. Governments pay lip service to the absolute right to privacy, but every statement they make about upholding this right has a “but” in it that undermines their seriousness.

If governments only respect a partial right to encryption, the encryption may as well not exist.

Is Australia a Harbinger of What’s to Come?

The Australian government has already passed the Assistance and Access Bill 2018, which grants law enforcement bodies the right to seize user information, and even to access communications protected by end-to-end encryption. Companies will need to grant police access to a back door because not even they can see the communications themselves.

The law could still be amended, and privacy rights advocates are watching to see how companies will respond to the legislation once agencies begin to use this power. Will international companies claim they aren’t subject to Australian law? If they’re forced to comply, will they pack up and leave the country?

This climate of uncertainty is enough to undermine stable operating conditions businesses require, and there are signs that the damage has already begun. The tech giant Atlassian claims it’s presenting concerns they and smaller companies without their resources have that these laws effectively create embedded weaknesses in their products.

Think about it from the customer’s perspective: why would you commission a tech company from Australia subject to weak encryption laws when you could simply choose a tech company from a different country where no such laws exist?

Damage has already been done. For example, the UK’s biggest ever cyber attack was made possible by a Windows exploit located by America’s NSA. In other words, if the government gets even one toe in the door, the door will always be open.

Governments around the world pledge to respect privacy, and they may very well have the intentions in mind. But as case after case shows, their duty to safeguard the population often outweighs upholding privacy rights. If this doesn’t lead to outright spying, it may inadvertently give hackers the opening they need. Using a communication device that can’t be cracked is the only way to guarantee your privacy in a world where even the strongest legal protections are weak and subject to further erosion. Please see our customer support & resources for technical answers about how the best encryption works.

If You Knew How Data Was Really Collected, You Wouldn’t Like It

On some level, if you ask a person if their smartphone data is being collected, they’ll say “yes.” Most people know their data is highly sought after by companies and governments. Nobody likes this, yet an increasing number of people use smartphone apps every day despite these known privacy risks.

However, people probably underestimate just how much data their government possesses and how this data is used. News reports about the US Customs and Border Protection (CBP) agency shed light on just how far the government can reach.

Seized Devices

Vice News reports that US CBP agents seize tens of thousands of devices every year from travellers, even when they aren’t near a border or haven’t been charged with a crime. Data from these devices is then uploaded into a searchable database and remains there for up to 75 years.

It’s known that governments collect data on citizens in the name of national security. However, recent changes have decentralized the process, creating potential scenarios where border agents can extract large quantities of sensitive information that has no bearing on their specific investigation.

While this agency claims that they limit access to trained forensic analysts, privacy advocates warn the scope of the data obtained remains large and that this agency has a history of overstepping. So long as the CPB can demonstrate the lowest burden of proof, “reasonable suspicion of a crime, the type of data they can access includes:

  • GPS history
  • Text messages
  • Emails
  • Social media posts
  • Photos
  • Videos
  • Financial accounts
  • Transaction records

People uncomfortable with the idea of governments tracking their metadata should object to this even more. What could be a more flagrant privacy breach than government agents having full access to your private pictures and personal communications?

Activists worry that the CPB is stockpiling a centralized collection of data, which the government may then repurpose for unrelated matters down the road. The nightmare scenario where an initial government privacy invasion unfairly provides the basis for a second government overreach may seem far-fetched, but that it’s even plausible is a major red flag.

People need resources to help keep their information secure.

Buying Commercial Data

It’s possible that US border agents already have a cache of data on you, even if you have never interacted with one in person. The agency has location data on Americans from across the country, including those who don’t live near the border.

The US government doesn’t need to seize your device to obtain massive troves of your data. They also claim they don’t need a warrant, either.

CPB buys app location information from middlemen providers, who specialize in harvesting this data and selling it to law enforcement agencies so they can track individuals or groups. Venntel, one of these companies, sources their data from innocuous online apps countless people use every day:

  • Weather
  • E-commerce
  • Games
  • More

Most people use these types of apps without giving them much thought. At worst, they may wonder what the app does with their data.

It’s bad enough that private companies obtain your data under one pretext and sell it to third-party advertisers without you knowing, but quietly selling it to law enforcement agencies is a problem of a higher magnitude.

While it’s likely that most people would object to this type of privacy invasion, it’s not clear the government is doing anything illegal. A group of Democratic senators are calling on the Department of Homeland Security to investigate.

But in an important sense, legality here is moot. It shouldn’t be comforting if these practices are ultimately illegal because the government has already participated in them for years. On the other hand, it’s even worse if the CPB hasn’t broken the law, and the government permits this type of invasive data gathering.

Whatever the investigation finds, people need a way to ensure their communication remains confidential.

Real-World Examples of Breaches

If you don’t even know who has your sensitive data, how can you trust how it’s being used or misused? Most people have never had the government breach their privacy, so fears about potential overreach may seem overblown to them.

Many activists and journalists know that the danger is all too real because they have experienced it first-hand.

In 2019, the American Civil Liberties Union (ACLU) claimed the US government surveilled three not-for-profit organizers, who were on a list of more than 50 activists and journalists. The ACLU’s complaint alleges the activists’ relief efforts were hampered on both sides of the border, derailing their lives and work.

The CBP had defended the list, claiming the people on it were linked to the 2018 migrant caravan. However, there were activists on the list who had no prior experience working with anyone related to the caravan.

It’s unclear precisely what these activists did to draw the US government’s attention, but their privacy would have remained intact had they been using only encrypted communication solutions rather than third-party apps and web browsers.

Breaching Privacy is Non-Partisan

With a new Democratic administration set to take office in January 2021, it’s worth recalling that both political parties in the US have presided over enormous privacy breaches. The National Security Agency (NSA) has grown enormously since its founding in the wake of the 9/11 terror attacks, including under President Barack Obama.

In fact, one of Obama’s final acts as president was to allow the NSA to share its vast information-gathering network with 16 other agencies in the US intelligence community. It doesn’t matter who is in office: the government can access your data unless you take steps to prevent them from doing so.

Usually, the people interested in accessing your private communications are one step ahead of you. By the time you find out how far their reach is, it’s too late, and they’ve already violated your sensitive data. Check out these Myntex encryption success stories to learn more about how the market’s best encryption, vital security measures that patch up any remaining susceptibilities, and safe and reliable data storage have made an impact. Keeping data private is something you will like.

Heartwarming Encryption Success Stories

Some people wrongly associate encryption with something sinister. They suspect anyone who would go to such lengths to keep a secret must be hiding something dark. In many cases, the exact opposite is true!

In countries across the globe, people are fighting for a better world, but they face resistance. For human rights activists working in dangerous places, keeping their work confidential can be a matter of life and death. What if a death squad raids their offices and learns the names of activists and local witnesses who worked with the group? In such circumstances, privacy takes on another magnitude of importance.

We’ve all seen spy movies where secret agents with the backing of their government have elaborate ways to send and receive confidential messages. Until the early 1990s, smaller organizations didn’t have the resources for such tools, and they were at a serious disadvantage.

Philp Zimmermann changed that by creating the most widely-used encryption software in the world — Pretty Good Protection, known as PGP. An American computer scientist and cryptographer, PGP enabled human rights groups and activists worldwide to conduct their operations in safety. The emails Zimmermann received from grateful users on the ground attest that PGP has saved numerous lives.

Myntex was inspired to become a leader in PGP encryption technology after reading about the pioneering work of Philp Zimmermann and the impact he made. We’re proud to carry on this work today,

Please read these stories about PGP technology making an impact below to better understand the importance of confidentiality.

Kosovo

Grateful feedback from the brother of a rebel freedom fighter in Kosovo during the 1998 war puts into sharp relief PGP encryption’s importance. Here is an excerpt from the letter. Names have been withheld, and the letter is lightly edited for brevity.

“The peasant guerillas of KLA took heavy casualties during fall 1998…they had to rely on couriers to pre-coordinate any action, which in effect made them simply too slow. Phones, faxes, emails were, according to him, all taped by the government…which, he says, surveilled a great many call/min and got activated with code-words…And then, some within KLA came up with the PGP!

“…My brother is totally convinced that it saved the lives of hundreds of good men, who otherwise would have had no chance…I guess what I’m trying to say is, I’m grateful to have my brother back alive.”

Today, Myntex creates end-to-end encrypted communication tools that offer the same level of security, but they’re even easier to use.

Zagreb

Another letter from a grateful PGP user testifies to the life-saving ability of real encryption. The names of the people and organization involved were deleted out of privacy concerns, which will seem understandable after reading their story:

“We are part of a network of not-for-profit agencies, working among other things for human rights in the Balkans. Our various offices have been raided by various police forces looking for evidence of spying or subversive activities. Our mail has been regularly tampered with and our office in Romania has a constant wiretap.

“…The security police raided our office and confiscated our computers in the hope of retrieving information about the identity of people who had complained about their activities.

“In every instance, PGP has allowed us to communicate and protect our files from any attempt to gain access to our material as we PKZIP all our files and then use PGP’s conventional encryption facility to protect all sensitive files.

“Without PGP we would not be able to function and protect our client group. Thanks to PGP I can sleep at night knowing that no amount of prying will compromise our clients.

“I have even had 13 days in prison for not revealing our PGP pass phrases, but it was a very small price to pay for protecting our clients…Your work protects the innocent and the weak, and as such promotes peace and justice…”

The Need for Encryption, Today

The above letters may reference the breakup of the old Soviet Union, but there is still a critical need for encryption worldwide, including in modern North American society. The US government monitors whistleblowers before they even decide to blow the whistle.

Telecom companies and tech giants can piece together people’s day-to-day activities with extreme accuracy by stitching together their metadata. Even assuming these corporations do not read your emails, your smartphone can tell them your location at specific times, what websites you browsed, and other information which, taken together, completes a full picture.

Public servants in the US desperately tried to expose what they felt was government wrongdoing, and in response, the president wanted them punished and publicly outed. If employees of the federal government felt outmatched, it’s not hard to imagine how private citizens, activists, and human rights organizations with even fewer resources must feel.

Privacy for All

Everybody has valuable confidential data that identity thieves and others would love to access. Unfortunately, with a little bit of time and effort, they can — an experienced hacker only needs about 15 minutes to break into your Gmail.

Citizens have a wealth of data that could potentially be exploited for blackmail. Journalists need encryption to keep sources confidential. Banking and finance professionals have loads of sensitive information about their companies, clients, and personnel.

Those in pharmaceuticals, defence, activism, and many others need secure communication tools. There have been enough leaks in each of these sectors to demonstrate the value of preventing them before they occur.

For example, internal emails show that the Royal Canadian Mounted Police (RCMP) has a list of 89 indigenous activists it tracks. The lists of these activists lay dormant until the government announced the approval of the Trans Mountain pipeline. Unfortunately, even Canadian governments spy on citizens when controversial infrastructure projects are announced.

You may not think you have valuable secrets, but your private information could be used against you in ways you may not immediately imagine. Even if you aren’t a rebel fighting a civil war or an activist opposing a multi-billion-dollar pipeline, Myntex encryption lets you communicate securely.

When Governments Spy on Citizens, They Invent a Great Excuse

In theory, everyone agrees that the public has a right to safety and privacy. Yet, in practice, it isn’t easy to balance these competing needs in a way that satisfies all parties.

Businesses like social media platforms often get stuck in the middle. Governments ask them for data on citizens in the name of national security or protecting the public, while citizens insist that their privacy be respected, and may leverage their power and leave the platform unless it is.

How can a company keep sensitive user data confidential and fulfill legal obligations to let the government access this data? Suspicions of government snooping are reasonable.

For years, the US government secretly spied on citizens. Former National Security Agency employee Edward Snowden famously blew the whistle on a massive government spy program in 2015. The excuse for spying on citizens in the wake on 9/11 was national security. Now, there’s another reason.

In March 2020, a bipartisan group of American senators introduced the EARN IT Act, which seeks to prevent child sexual exploitation online by targeting child predators on social media platforms. On the surface, of course, the goal of keeping children safe is laudable! But that’s just the problem: when the government wants to secretly access the public’s private information, it knows it needs a justification everyone supports.

However, privacy advocates warn that encryption will be completely compromised if the government can side-step it when they feel the need. If this law passes, it could spell the end of encryption. At least on certain public platforms; communicating through Myntex security services ensures that your private data will remain confidential no matter what legislation passes or how the courts rule.

Why Have Encryption if the Government Can Demand Your Communication?

In the past, big tech companies weren’t responsible for the content their users published. The proposed EARN IT Act will put the onus on these tech companies to ensure predators don’t use their platforms to violate children.

If the law passes, big tech companies could be held liable for the harm their users cause, unless they comply with a 16-person commission’s recommendations. To catch predators, the commission could recommend non-intrusive measures like scanning photos and videos proactively to ensure there is no abusive content, and communication surveillance. The latter is where things get dicey.

Either users can know that their private communications are confidential, or the government can force companies to grant them back-door access to this data. Companies offering end-to-end encryption may not be willing to comply with such requirements, since concealing the messages is the entire point of encryption.

Silicon Valley giants like Facebook argue they can protect children without undermining encryption or their users’ privacy rights. Members of Congress and law enforcement disagree. If the time should come where companies like Facebook need to choose between protecting users’ privacy rights and complying with a government order to access people’s communications, what will they pick?

For how long can they hold out? And so, the privacy battle continues.

End-to-End Encryption in Business

Business leaders must take security into their own hands. They need to get access to the strongest encryption algorithms available, as they can’t depend on platforms that may not be secure in the near future.

Secure communications create a stable atmosphere executives need for conducting business. CEOs can’t sit around and wait to see what the laws will be after the government is finished duking it out with big tech companies.

Even if big tech companies found a way to keep children safe from online predators without requiring back-door access to encrypted communications, the government could claim another pretext for needing access to citizens’ private communications. When one door is closed on them, they usually find another to open eventually.

Taking the initiative to get state-of-the-art end-to-end encryption means shutting the door on them. You need to know that your confidential data is private, which means ensuring your messages are encrypted, and your phone is otherwise protected against identity thieves, corporate saboteurs, or even the government.

Encryption in Everyday Life

People making million-dollar deals understand the need for security, but most people use the internet for countless purposes and routinely buy things online. Identity thieves don’t need a lot of information to wreak havoc on a private citizen.

Aside from our enhanced encryption, additional features like remote wipes and tamper-proofing are perfect for protecting everyday citizens’ basic communications. Here are some resources to help understand your options for encrypted technology, as the topic can be technically complicated.

Millions of people chat each day on platforms like Facebook, sending sensitive information across the internet without really thinking about who else could read it. Even text messages from one phone to another are vulnerable to a hack without the right level of encryption.

Myntex specializes in advanced encryption technology, and our phones have numerous features that complement the encryption. Even if your phone goes missing or a thief steals it, they won’t access its contents because of the layers of world-class protection.

Historically, learning how to navigate phones with leading encryption took technical knowledge and time to learn. Now, everyday users can enjoy modern functionality, knowing they’re as secure as can be. Myntex believes that communicating securely should be easy to use. Please feel free to learn more about who we are and what we set out to accomplish in the encryption industry.

The government will always claim an overriding need for them to obtain data on citizens, despite all their respect for the right to privacy. If it isn’t to keep children safe online or defend the country against terrorism, there’ll be another reason.

Of course, these are genuine safety issues that affect us all! But wherever big tech companies and the government decide to draw the line between privacy and security, business leaders and private citizens can ensure their own communications are secure by relying on encrypted phones by Myntex.

Businesses Need Privacy, Even from Governments

A recent court ruling demonstrates the perpetual tension between law enforcement and privacy rights for citizens. Whatever the formal laws on the books, or peoples’ expectations for the right to privacy, citizens cannot necessarily trust that data related to their private communications won’t be collected.

Early last month, a federal appeals court ruled that the National Security Agency’s (NSA) surveillance program that collected data on Americans’ telephone calls was illegal. Former NSA employee Edward Snowden famously blew the whistle on this program in 2013, believing it was wrong for telecommunication companies to share customer data with the government without disclosing that this was being done to the public.

While the government never ascertained the phone calls’ contents, this secretly-shared data told them which phone numbers people dialed, and the duration of these phone conversations. Known as “metadata,” this information may seem vague or innocuous if seen in isolation.

But stitching together all the pieces of metadata the government had on a person put together a much more complete picture. For example, it might not seem like such a big deal if you just look at one phone record. But if you examine all of them, you can see patterns over time that indicate how they spend their days, months, years. It shines a light on other people’s daily schedules and habits who interact with that person, and neither know they’re being tracked.

The government’s surveillance program was officially ended in 2015, after being deemed illegal and possibly unconstitutional. This most recent court ruling determined that when the government prosecutes someone, it must get a court order before surveilling them and notify them of the secret surveillance that provided the data which yielded the evidence.

However, the law only compels the government to reveal how they obtained their intelligence — it does not prevent them from getting this intelligence. While this is a welcome legal decision, the fact is the American government spied on potentially millions of its citizens for years before anybody even knew it was happening, never mind sought to end the practice.

What started under the secretive Foreign Intelligence Surveillance Court after passing the Patriot Act in the wake of 9/11 to protect citizens ended up being used for different purposes altogether.

To understand the tension between privacy and law enforcement, you can’t just look at one case at a time. Instead, it’s a constant game of whack-a-mole: when the government has one door closed by a court ruling, they try to open up another legal front to obtain the right to spy on their citizens.

To be sure, sometimes the government and law enforcement genuinely need to crack down on heinous crimes and protect national security. However, there’s a danger that politicians use such a pretext merely as a reason to skirt privacy protections.

Businesses Can’t Rely on the Government to Stop Spying

In the years since the NSA was found to be spying on people, the US government has since enacted other legislation that reduces Americans’ privacy rights. In 2017, Donald Trump reversed an Obama-era law that required internet providers to obtain permission before sharing their personal data and even web-browsing history.

It was naïve to believe that shutting down the NSA’s secretive program in 2015 would result in a new era of transparency. Nor is the American government alone in spying on their citizens. The world of business is global, and governments worldwide vary in terms of their respect for privacy.

Whether it’s phone data, browser history, or more, it’s safe to assume that governments around the world are attempting to obtain private information on people without them knowing. Here are some quick tips to guard your privacy online that will help keep you safe in the meantime, but a comprehensive response is required.

The Connections Between Governments and Businesses

Some regions have strong links between the government and the leading businesses of that country, especially in the telecommunications industry. Businesses need to be wary of corporate rivals, but those rivals may have the state’s apparatus to help them spy, which only makes them more powerful.

Huawei is China’s controversial tech giant, and US intelligence says the world’s largest smartphone provider may spy on users on behalf of the Chinese government. The prospect of industry and governments combining their power to spy on people should make business leaders want secure their communications as quickly as possible.

Take Privacy into Your Own Hands

Certain industries rely on encrypted mobile security services from Myntex because they can’t afford to just sit back and hope that the government will not pry into their confidential communications. There are a multitude of different reasons why safeguarding this information is essential.

A hack can open companies up to multi-million-dollar lawsuits and shatter reputations that took years or even decades of fine business practices and branding campaigns to build. Information breaches can also cause devastating operational problems that are hard for companies to overcome.

As many as three of every four oil and natural gas companies have suffered a hack in recent years. Such breaches can result in the destruction of field data or loss to other vital proprietary information obtained at significant cost.

In many cases, commercial and retail businesses need robust security so their customers never face a breach in the first place. How can a company expect their customers to remain loyal after suffering a high-profile hack?

The public has never cared more about their privacy, and businesses are right to worry that one hack could be all it takes to lose a customer’s business forever. Our encryption services will grant you peace of mind, so business leaders can focus on growing revenue.

Feel free to contact us to learn more and see what products we offer to ensure you and your clients and customers all have their online data protected. Many governments worldwide have undermined privacy rights, and the courts often get the wrong balance between security and privacy. In this climate, the safest thing to do is get enterprise-grade encryption that protects your business, no matter who is in power or how the courts rule.

Who We Are

 

Myntex has been a global contender since mobile encryption emerged onto the market, but our manner of doing business has been what’s set us apart from the rest. We believe that running a legitimate, honest, and transparent business is key to gaining the trust and respect of our partners, customers, and competitors.

We have always been open with our intentions to make encryption readily available to everyone around the globe and we have never bought into blocking other providers, causing drama, or talking down about others in the industry. We feel that providing the best product coupled with the best customer service is key to healthy growth of our brand.

 

We operate our office and data center in Calgary, Alberta where we extend an open invitation to our partners, customers, and anyone else that is interested in learning about encryption. We don’t hide behind a website, or contact form but encourage people to come in to meet our team, and see our beautiful space.

 

Our data center is more than capable of handling the trials and tribulations that go along with running mission-critical services for our customers. You can read more about our data center here.

 

The Myntex office/data center is packed full of intriguing and fun things to help with morale, and encourage creativity. No one wants to come into boring a cubicle ridden office.

The sole purpose of creating our office the way we did was to make it welcoming to our current, and prospective partners and customers. We also want the place we work to reflect our business morals, and goals; to be fun, engaging, and modern.

 

With leading edge technology, world class customer support, 99.9% service up-time, and some of the brightest minds in the encryption industry we can confidently say that if you are looking to represent a brand, Myntex should be your first choice.

 

We would love to hear from you, feel free to get in touch with us!

Myntex Protect its Customers from Cyber Attacks. Here’s How.

Anyone with a computer or internet connection is vulnerable to a cyber attack. The motives behind these attacks vary, but generally the goal of hackers is to disable a network or service, expose confidential information, demand a ransom or steal private data. No matter the motivation, it’s always illegal and it’s becoming more and more common.

As a PGP encryption provider and a global business, Myntex is the target of something called a Distributed Denial of Service (DDoS) attack. In this post we’ll explore what a DDoS attack is and how Myntex has taken all the necessary steps to protect its customers.

 

What is a DDoS attack?

A DDoS attack happens when a hacker (or often a team of hackers) “flood” a network with requests and information in a bid to make a service unavailable. This flood overwhelms the server of a company or organization, and effectively takes it out of service. It’s illegal, but happens regularly, and it’s extremely difficult to track down the perpetrators because the attack usually comes from many different sources.

Before launching the attack, hackers will build a network of infected computers. These infected computers are called bots and when collectively used together they form a “botnet.” The hackers spread malware via emails and social media (read our last post about the dangers of phishing). Once they have a large enough botnet, hackers can use their army of computers to launch a coordinated attack.

Large-scale operations are often the target of DDoS attacks, including banks and health care systems. Many of the high-profile cyber incidents you’ve read about were most likely DDoS attacks.

 

How does Myntex protect its customers?  

We’re acutely aware of the threat of DDoS attacks. Keeping the data of our customers private and secure is our utmost priority. We protect PGP encryption customers with a two-prong approach.

First, only authorized individuals have the ability to communicate with the Myntex infrastructure, via our whitelist. This largely prevents DDoS attacks. Random computers don’t have the ability to launch an attack because we drop all unauthorized traffic from our system.

Second, we use Radware DDoS protection to further mitigate the threat of attacks.

Radware is a large and respected company that protects leading global businesses, as well as governments, from large-scale attacks.

Radware has the ability to detect and mitigate DDoS attacks as they are unfolding in real time and respond within seconds. They filter requests to our service, which gives us clean traffic. In turn, our infrastructure is protected and so are our customers.

Our customers retain their ability to communicate securely and privately using PGP encryption for BlackBerry.

 

 

Do you have more questions about how we protect customers from cyber attacks? Get in touch.

How to Guard Your Privacy Online: 5 Quick Tips

It can feel impossible to do anything online anymore without opening yourself up to significant privacy and security threats. Even without large-scale hacking incidents or government surveillance to worry about, there are still threats like email spam, which is both annoying and potentially dangerous.

Many of us take a relaxed approach to our online activities, perhaps because the threats to our privacy may not feel real or immediate. But everything we do leaves a digital footprint. And if we’re not careful, our information can be used against us as we lose access to email accounts and bank account passwords, or become victims of identity theft.

Consider taking these steps to guard your privacy online.

 

Never connect to an unsecured wifi network.

 It’s tempting to connect to an open wifi network as you sit in a coffee shop or a train station, but this is never a good idea. While secure networks are generally connected to a router, open wifi networks are often connected to other computers. Your personal information on your computer is at risk of being stolen or hacked the moment you connect to that open network.

 The safest thing to do is disable your wifi entirely on your phone until you know you can access a secure network, or to set up a VPN.

 

Online shop using only secure sites.

 Any reputable site will use the security protocol SSL for its online financial transactions. You’ll know that a site is using SSL when you look at the website address: it should say HTTPS at the beginning and you should also see a padlock icon. If these two things aren’t present, think twice before handing over your credit card information.

 

Take an honest look at your online activities.

 Be wary of any and all interactions. Thousands of people fall victim to scams on Facebook or via email, because they don’t stop to question what they’re doing. If you get a desperate Facebook message from a friend asking for a money, pick up your phone and call them to verify that they’re actually in trouble.

If you get an email from who you think is a trusted source, but something still feels off, inspect it carefully. Often, scammers will buy domain names that closely resemble one you’re familiar with, so that email addresses appear legitimate. This is called phishing. Inspect the email before you click any links. Always think twice before downloading any attachment.

A large-scale hacking incident at the University of Calgary in Canada, which led to the school forking over a $20,000 ransom payment to the hackers, likely started with a phishing email. A malware attack that crippled the NHS, the UK’s national health system, likely also began when a staff member opened a suspicious attachment.

When it comes to social media, carefully consider what you share online, including your location and personal details about your life and family.

 

Use strong passwords.

 Human errors or failings play a big role in online privacy breaches. Most of us choose passwords that we can remember, which means we choose passwords that are easy to crack. Coming up with a strong password needs to be your first priority. It should be a minimum of eight characters and include a capital letter, symbol and a number.

Don’t use the same one for every account. Avoid including obvious aspects of your life such as your spouse’s or pet’s name, or your date of birth. Never, ever use “password” as your password.

 

Use an encrypted mobile phone for secure email.

 Common email providers such as Gmail or Outlook are notoriously insecure.

 With the use of PGP encryption, BlackBerry users can send encrypted email messages that only the intended recipient can decrypt and read. Because messages between PGP BlackBerry devices are encrypted, an intercepted message is meaningless and unreadable. It’s the securest way to communicate privately.

 

Interested in learning more about PGP encryption? Click here