Reference Library – Security News
The ban has been imposed to protect “public security,” the Ankara3 governor’s office said. The restrictions came into effect on Saturday and will last for an “indefinite” period, applying to all LGBTI film screenings, theatres, panels and exhibitions. The governor’s office claimed such events may cause animosity between different groups and endanger “health and morality,” as well as the rights and freedoms of others.
It warned some groups may be provoked by LGBTI events and take action against participants due to “certain social sensitivities”. Unlike many Muslim countries, homosexuality is not a crime in Turkey and numerous LGBTI associations are legally registered with the state . But there is widespread hostility and rights activists say LGBTI people face discrimination and stigma. The announcement by Ankara’s government is likely to deepen concern about civil liberties under President Recep Tayyip Erdo an4.
Authorities in Ankara had already banned a German gay film festival on Wednesday, the day before it was due to start, citing public safety and terrorism risks . Organisers of Pink Life Queerfest said the ban “deprives us of our constitutional rights in the name of ‘protection'”. Gay pride parades have been banned in Istanbul for the last two years running. In June, 25 LGBTI rights supporters were arrested after attending a banned Pride march .
They were later charged with participating in an unauthorised demonstration. Istanbul’s local government had banned the march at the last minute on the grounds it might lead to provocative actions and disrupt the public order”. Police in riot gear broke up the parade5, firing rubber bullets at demonstrators, after organisers decided to press ahead with the event.
Our security cannot be provided by imprisoning us behind walls, asking us to hide, organisers said . Our security will be provided by recognising us in the constitution, by securing justice, by equality and freedom.
Earlier this month President Erdogan accused the main opposition party of moving away from the country s moral values after a small opposition-run district installed a quota for LGBTI candidates running for election to a neighbourhood committee.
The Turkish leader, a pious Muslim, said the pro-secular main opposition Republican people s Party, or CHP, would learn “the lesson they deserve” at an election in 2019.
We have no business with those who have declared war on the people s values, he said.
The amount of money spent protecting MPs has increased by more than 2 million since the murder of Jo Cox, figures have shown. Information published by the Independent Parliamentary Standards Authority (IPSA) shows that 170,576.24 was spent on security assistance in 2015/16. This sum increased 15-fold to 2,550,954.22 in 2016/17, IPSA said. Ruth Evans, chair of the authority, said: “Following the tragic events of June 2016, there was a big increase in the total expenditure on security, rising to 2.5 million during this year.
“It is important that we take the security of MPs, and that of their families and their staff, very seriously.” IPSA said a standard package of security measures is available to all MPs that has been recommended by security advisers and the police. Enhanced measures can be offered to MPs upon recommendation by the police, the authority added. Ms Cox was murdered by right-wing extremist Thomas Mair as she arrived to host a surgery in her Batley and Spen constituency last June.
Earlier this year, a coat of arms was unveiled in Parliament to honour the Labour MP.
Inspired by her maiden speech, the plaque bears the motto “More in Common”, with elements to show off her love of rivers and mountains and her support for women, as well as four red roses to represent each of her family members, two red for Labour and two white for Yorkshire.
Each of Spain’s DNIe ID cards has a chip containing two certificates, one for identification and one for electronic signing.
Each of Spain’s DNIe ID cards has a chip containing two certificates, one for identification and one for electronic signing.Image: Cuerpo Nacional de Polic a
When security researchers discovered last month that secure hardware made by Germany’s Infineon Technologies was not so secure after all1, it was clear that there would be major implications. There are a lot of smartcards and other devices out there with Infineon’s chips in them, and the ‘ROCA’ flaw2 in Infineon’s key pair-generation algorithm made it possible for someone to discover a target’s private key just by knowing what their public key was. Now, in an analogous situation to that recently experienced in Estonia3, Spain seems to be having a tough — and arguably more chaotic — time dealing with the implications for its national identity smartcards. Estonia’s big security flaw only affected around 760,000 cards, although Estonians genuinely use their cards for a great variety of public and private services. Against that figure, there are around 60 million identity smartcards in Spain . However, according to an El Pa s article4, Spaniards were only using theirs in 0.02 percent of public-service engagements when surveyed a few years back. Dan Cvrcek is the CEO at security firm Enigma Bridge, which was co-founded by researchers who identified the ROCA flaw.
He told ZDNet that exploitation of the flaw could allow attackers to revert or invalidate contracts that people have signed, in part because the Spanish don’t use timestamps for very important signatures. “I still don’t think you can do a large-scale attack that would target a lot of people,” Cvrcek said. However, he added, the cost of an individual attack has “rapidly decreased” . The assumption used to be that an attack cost between $20,000 and $40,000, but now it’s “realistically $2,000”. Each card, known as the DNIe, has a chip that contains two certificates, one for identification and one for electronically signing things. According to El Diario5, the authorities responded to Infineon’s October vulnerability disclosure by revoking, on November 6, all certificates issued since April 2015. What’s more, the authorities have stopped letting people sign things with the card at the self-service terminals found at many police stations.
That decision affects every card, not only those that have the flaw . However, people can still digitally sign documents online, using a small card reader that connects to their PCs. The readers are needed to update the affected cards . But there is as yet no indication of when the affected cards will be updated . Indeed, there doesn’t seem to be much official information out there at all, something which has not gone unnoticed in the Spanish tech press. “Neither the police nor other public bodies have given more information through their social media accounts about the impact of the vulnerability and how to act if affected,” said Xataka6. At least the Basque certificate authority Izenpe, which has revoked 30,000 certificates, has given information7 about how to replace them, the blog added. Amid all that chaos, it also seems that some people with recently issued DNIe cards are still able to use them, despite the supposed revocation of their certificates. “I would not mind if it continued like this until there are new certificates,” tweeted8 one user. Toomas Ilves, the former president of Estonia, said earlier this week that he believed millions of people in countries had been affected by the ROCA flaw, but their authorities were remaining “silent”.
Previous and related coverage
Estonia is built on secure state e-systems, so the world was watching when it hit a huge ID-card problem
A new security flaw has placed the security of RSA encryption in jeopardy.
- ^ not so secure after all (www.zdnet.com)
- ^ the ‘ROCA’ flaw (www.infineon.com)
- ^ experienced in Estonia (www.zdnet.com)
- ^ El Pa s article (cincodias.elpais.com)
- ^ El Diario (www.eldiario.es)
- ^ Xataka (www.xataka.com)
- ^ given information (www.izenpe.eus)
- ^ tweeted (twitter.com)
- ^ Estonia’s ID card crisis: How e-state’s poster child got into and out of trouble (www.zdnet.com)
- ^ As devastating as KRACK: New vulnerability undermines RSA encryption keys (www.zdnet.com)