{"id":1409,"date":"2015-02-24T05:34:08","date_gmt":"2015-02-24T13:34:08","guid":{"rendered":"https:\/\/www.privateinternetaccess.com\/blog\/?p=1409"},"modified":"2020-08-26T15:16:44","modified_gmt":"2020-08-26T22:16:44","slug":"superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more","status":"publish","type":"post","link":"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/","title":{"rendered":"Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security &#8211; And More"},"content":{"rendered":"<p><strong>Last week, two significant events further demonstrated the necessity for defense in depth and for end-to-end encryption. It was revealed that surveillance agencies had broken into the mobile network and stolen all cryptokeys, and that the computer maker Lenovo was wiretapping all secure communications of its users in order to insert advertising into it. These are two deep betrayals that force us to re-think what level of security is good enough.<\/strong><\/p>\n<p>The NSA\/GCHQ theft of cryptographic keys \u2013 likely billions of them \u2013 certainly constitutes a crime when done by any other person or agency. But when done by surveillance agencies, it forces us to re-evaluate what is wiretapped and what is not. In this case, it becomes clear that any phonecall over a cellphone is decrypted and wiretapped, and that the surveillance agencies have ensured that they have access to multiple methods to achieve this.<\/p>\n<p>Don\u2019t say anything on an ordinary phonecall that you don\u2019t want to be public. In this case, we turn to end-to-end encryption, where nobody but you and the person you communicate with have the cryptokeys. This principle is crucial: as soon as your communication is decrypted somewhere in the middle \u2013 in this case, in the phone network \u2013 you no longer have <em>end-to-end encryption<\/em>. This is a <em>minimum requirement<\/em> today in order to stay unwiretapped.<\/p>\n<p>The mobile phone apps RedPhone and Signal, from Open Whisper Systems, have been found to be hard to crack by the surveillance agencies. They provide end-to-end encryption for voicecalls and are compatible with each other \u2013 Signal for iPhone, RedPhone for the Android ecosystem.<\/p>\n<p>However, as a serious wake-up call, end-to-end encryption was <em>not enough<\/em> in some cases that appeared last week. The Lenovo computers were compromised from the factory, so the  You needed to trust your computer to perform end-to-end encryption for you, but <em>your computer had been subverted by its manufacturer<\/em>.<\/p>\n<p>This brings us to the second principle: defense in depth.<\/p>\n<p>Defense in depth means that one security solution isn\u2019t good enough. Just like when you dress warm in the winter, you don\u2019t depend on one warm jacket: you need many layers of security. This is because at least one of them will be subverted and compromised. In this case, your very machine\u2019s operating system was compromised, which would normally be a game-over situation \u2013 but even such situations can be mitigated, like by running Tails.<\/p>\n<p>As always, privacy remains your own responsibility.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Last week, two significant events further demonstrated the necessity for defense in depth and for end-to-end encryption. It was revealed that surveillance agencies had broken into the mobile network and stolen all cryptokeys, and that the computer maker Lenovo was wiretapping all secure communications of its users in order to insert advertising into it. These &hellip; <a href=\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security &#8211; And More&#8221;<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_stopmodifiedupdate":false,"_modified_date":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-1409","post","type-post","status-publish","format-standard","hentry","category-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.9 (Yoast SEO v26.9) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security - And More<\/title>\n<meta name=\"description\" content=\"Last week, two significant events further demonstrated the necessity for defense in depth and for end-to-end encryption. It was revealed that surveillance\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security - And More\" \/>\n<meta property=\"og:description\" content=\"Last week, two significant events further demonstrated the necessity for defense in depth and for end-to-end encryption. It was revealed that surveillance\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/\" \/>\n<meta property=\"og:site_name\" content=\"PIA\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/privateinternetaccess\/\" \/>\n<meta property=\"article:published_time\" content=\"2015-02-24T13:34:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-08-26T22:16:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/ogimage.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Rick Falkvinge\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@http:\/\/twitter.com\/Falkvinge\" \/>\n<meta name=\"twitter:site\" content=\"@buyvpnservice\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rick Falkvinge\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/\"},\"author\":{\"name\":\"Rick Falkvinge\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/8153559f44e1b6f9738dd6c7d33046a4\"},\"headline\":\"Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security &#8211; And More\",\"datePublished\":\"2015-02-24T13:34:08+00:00\",\"dateModified\":\"2020-08-26T22:16:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/\"},\"wordCount\":422,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#organization\"},\"articleSection\":[\"General Privacy News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/\",\"name\":\"Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security - And More\",\"isPartOf\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#website\"},\"datePublished\":\"2015-02-24T13:34:08+00:00\",\"dateModified\":\"2020-08-26T22:16:44+00:00\",\"description\":\"Last week, two significant events further demonstrated the necessity for defense in depth and for end-to-end encryption. It was revealed that surveillance\",\"breadcrumb\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.privateinternetaccess.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security &#8211; And More\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#website\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/\",\"name\":\"PIA\",\"description\":\"Online privacy news from around the world.\",\"publisher\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.privateinternetaccess.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#organization\",\"name\":\"Private Internet Access\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png\",\"contentUrl\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png\",\"width\":1200,\"height\":1200,\"caption\":\"Private Internet Access\"},\"image\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/privateinternetaccess\/\",\"https:\/\/x.com\/buyvpnservice\",\"https:\/\/www.instagram.com\/piavpn\/\",\"https:\/\/www.youtube.com\/channel\/UClyJZ47Rizb1xnwuKXDI0_w\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/8153559f44e1b6f9738dd6c7d33046a4\",\"name\":\"Rick Falkvinge\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ad30e41b6591c75d90c6002e54553bdd55f419d89a54b72241efa308b84a7f03?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ad30e41b6591c75d90c6002e54553bdd55f419d89a54b72241efa308b84a7f03?s=96&d=mm&r=g\",\"caption\":\"Rick Falkvinge\"},\"description\":\"Rick is the founder of the first Pirate Party and is a political evangelist, traveling around Europe and the world to talk and write about ideas of a sensible information policy. Additionally, he has a tech entrepreneur background and loves good whisky and fast motorcycles.\",\"sameAs\":[\"https:\/\/falkvinge.net\/\",\"https:\/\/x.com\/http:\/\/twitter.com\/Falkvinge\"],\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/author\/rick\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security - And More","description":"Last week, two significant events further demonstrated the necessity for defense in depth and for end-to-end encryption. It was revealed that surveillance","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/","og_locale":"en_US","og_type":"article","og_title":"Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security - And More","og_description":"Last week, two significant events further demonstrated the necessity for defense in depth and for end-to-end encryption. It was revealed that surveillance","og_url":"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/","og_site_name":"PIA","article_publisher":"https:\/\/www.facebook.com\/privateinternetaccess\/","article_published_time":"2015-02-24T13:34:08+00:00","article_modified_time":"2020-08-26T22:16:44+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/ogimage.png","type":"image\/png"}],"author":"Rick Falkvinge","twitter_card":"summary_large_image","twitter_creator":"@http:\/\/twitter.com\/Falkvinge","twitter_site":"@buyvpnservice","twitter_misc":{"Written by":"Rick Falkvinge","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/#article","isPartOf":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/"},"author":{"name":"Rick Falkvinge","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/8153559f44e1b6f9738dd6c7d33046a4"},"headline":"Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security &#8211; And More","datePublished":"2015-02-24T13:34:08+00:00","dateModified":"2020-08-26T22:16:44+00:00","mainEntityOfPage":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/"},"wordCount":422,"commentCount":0,"publisher":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#organization"},"articleSection":["General Privacy News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/","url":"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/","name":"Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security - And More","isPartOf":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#website"},"datePublished":"2015-02-24T13:34:08+00:00","dateModified":"2020-08-26T22:16:44+00:00","description":"Last week, two significant events further demonstrated the necessity for defense in depth and for end-to-end encryption. It was revealed that surveillance","breadcrumb":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.privateinternetaccess.com\/blog\/superfish-lenovo-gemalto-show-need-for-defense-in-depth-end-to-end-security-and-more\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.privateinternetaccess.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Superfish, Lenovo, Gemalto Show Need For Defense In Depth, End-To-End Security &#8211; And More"}]},{"@type":"WebSite","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#website","url":"https:\/\/www.privateinternetaccess.com\/blog\/","name":"PIA","description":"Online privacy news from around the world.","publisher":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.privateinternetaccess.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#organization","name":"Private Internet Access","url":"https:\/\/www.privateinternetaccess.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png","contentUrl":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png","width":1200,"height":1200,"caption":"Private Internet Access"},"image":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/privateinternetaccess\/","https:\/\/x.com\/buyvpnservice","https:\/\/www.instagram.com\/piavpn\/","https:\/\/www.youtube.com\/channel\/UClyJZ47Rizb1xnwuKXDI0_w"]},{"@type":"Person","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/8153559f44e1b6f9738dd6c7d33046a4","name":"Rick Falkvinge","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ad30e41b6591c75d90c6002e54553bdd55f419d89a54b72241efa308b84a7f03?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ad30e41b6591c75d90c6002e54553bdd55f419d89a54b72241efa308b84a7f03?s=96&d=mm&r=g","caption":"Rick Falkvinge"},"description":"Rick is the founder of the first Pirate Party and is a political evangelist, traveling around Europe and the world to talk and write about ideas of a sensible information policy. Additionally, he has a tech entrepreneur background and loves good whisky and fast motorcycles.","sameAs":["https:\/\/falkvinge.net\/","https:\/\/x.com\/http:\/\/twitter.com\/Falkvinge"],"url":"https:\/\/www.privateinternetaccess.com\/blog\/author\/rick\/"}]}},"_links":{"self":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts\/1409","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/comments?post=1409"}],"version-history":[{"count":4,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts\/1409\/revisions"}],"predecessor-version":[{"id":1413,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts\/1409\/revisions\/1413"}],"wp:attachment":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/media?parent=1409"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/categories?post=1409"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/tags?post=1409"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}