France surveillance | Breaking Cybersecurity News | The Hacker News

We have heard a lot about privacy concerns surrounding Windows 10 and accusations on Microsoft of collecting too much data about users without their consent. Now, the French data protection authority has ordered Microsoft to stop it. France's National Data Protection Commission (CNIL) issued a formal notice on Wednesday, asking Microsoft to "stop collecting excessive data" as well as "tracking browsing by users without their consent." The CNIL, Commission Nationale de l'Informatique et des Libertés, ordered Microsoft to comply with the French Data Protection Act within 3 months, and if fails, the commission will issue a sanction against the company. Moreover, the CNIL notified Microsoft that the company must also take "satisfactory measures to ensure the security and confidentiality" of its users' personal data. The notice comes after a series of investigations between April and June 2016 by French authorities, revealing that Mic

Hacking of computers, smartphones and networks in the United Kingdom or abroad by the Government Communications Headquarters (GCHQ) is LEGAL , the UK's Investigatory Powers Tribunal ( IPT ) ruled. So, the UK is giving clean chit to its intelligence agency to spy on its people as well as people living abroad. Now, How is that okay? The British spying nerve center GCHQ has won a major court case in defense of the agency's persistent hacking programs.  After revelations by NSA whistleblower Edward Snowden about the extent of spying by the US and the UK, Privacy International and seven Internet Service Providers (ISPs) launched a legal challenge against the GCHQ's hacking operations. The case alleged that the British spying agency was breaking European law and violating fundamental warrant protections by its too intrusive and persistent surveillance actions. GCHQ Admitted its Hacking Practices Though GCHQ "neither confirm nor deny" the e

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Despite the French Ministry of Interior's demands, France will not ban the TOR anonymity network or Free public Wi-Fi as a way to help the law enforcement fight terrorism. French Prime Minister Manual Valls has gone on record saying that a ban on Free public Wi-Fi is " not a course of action envisaged ," and he is not in favor of banning the TOR anonymity network, either. Following the deadly terror attacks on Paris last month, an internal document obtained by Le Monde indicated that French government wanted to block communications of TOR as well as ban the use of Free Public Wi-Fi during states of emergency in an effort to fight terrorism more efficiently. However, according to France PM, banning Encrypted Communications could affect the country's economy and security. Must Read:  FBI Director Asks Tech Companies to At least Don't Offer End-to-End Encryption TOR and Free Wi-Fi Safe in France, PM Says  " A ban of [free public] W

Now this was to be done, Sooner or Later – The Government. In the wake of the recent deadly Paris terror attacks, the French government is considering new laws that would Ban access to Free Wi-Fi and the Tor anonymity network, according to a recent report by French newspaper Le Monde. The report cites an internal document from the Ministry of Interior by French Department of Civil Liberties and Legal Affairs (DLPAJ) that lists two proposed bills – one around the State of Emergency and the other on combating counter-terrorism. Last month's Paris attacks started blame games, calling Edward Snowden and end-to-end encrypted services responsible for the ISIS-sponsored massacre. Also Read: Anonymous declares War on ISIS: 'We will Hunt you Down!' Now, the government has started renewing their assault on encryption and reviving their efforts to force tech companies to hand over encryption keys, and the document obtained by Le Monde hints the same. Proposed Pieces of Legis

Google has found that the French government agency using unauthorized digital certificates  for some of its own domains to perform man-in-the-middle attacks on a private network. Google security engineer Adam Langley described the incident as a "S erious Security breach ", which was discovered in early December. Rogue digital certificates that had been issued by French certificate authority ANSSI, who closely work with the French Defense agency. "In response, we updated Chrome's certificate revocation metadata immediately to block that intermediate CA, and then alerted ANSSI and other browser vendors. Our actions addressed the immediate problem for our users" Google has immediately blocked the misused intermediate certificate and updated Chrome's certificate revocation list to block all dodgy certificates issued by the French authority. In a statement, ANSSI said that the intermediate CA certificate was used to inspect encrypted traffic with the user's knowledge on a p

The US isn't the only western country with an Digital eye i.e PRISM like  surveillance program , designed to monitor internet and phone communications . French is leading member at European Parliament and they voted to launch an in-depth inquiry against the US's based PRISM surveillance project. The fact that the French DGSE is itself engaged in similar program should make for some awkward proceedings as that inquiry gets underway. France's General Directorate for External Security has a PRISM like system that intercept and processes the metadata for billions and billions of communications, including internet messaging, phone calls , SMS and even faxes. The one difference being that PRISM was used to spy on international targets whereas the DGSE were only keeping a watch on the French. According to French newspaper, Le Monde - program goal is ostensibly to track the behavior of terrorist cells, but the Directorate allegedly shares the anonymized informa