Informations about SSL certificates and networks security
Google has released Project Wycheproof a test suite designed to test cryptographic libraries against a series of known attacks. From a blog post: In cryptography, subtle mistakes can have catastrophic consequences, and mistakes in open source cryptographic software libraries repeat too often and remain undiscovered for too long. Good implementation guidelines, however, are hard to … Read More “Google Releases Crypto Test Suite” »
A film student put spyware on a smartphone and then allowed it to be stolen. He made a movie of the results. Powered by WPeMatico
This would be a good idea, although I can’t imagine countries like the US, China, and Russia going along with it — at least not right now. Powered by WPeMatico
This is what passes for news these days. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Filippo Valsorda wrote an exellent essay on why he’s giving up on PGP. I have long believed PGP to be more trouble than it is worth. It’s hard to use correctly, and easy to get wrong. More generally, e-mail is inherently difficult to secure because of all the different things we ask of it and … Read More “Giving Up on PGP” »
In this impressive social-engineering display, a hacker convinces a cell phone tech-support person to change an account password without being verified in any way. Powered by WPeMatico
Like many, I was surprised and shocked by the election of Donald Trump as president. I believe his ideas, temperament, and inexperience represent a grave threat to our country and world. Suddenly, all the things I had planned to work on seemed trivial in comparison. Although Internet security and privacy are not the most important … Read More “My Priorities for the Next Four Years” »
That’s the conclusion of a research paper: Once [costs and complexity] are eliminated, it enables big hosting providers to issue and deploy certificates for their customers in bulk, thus quickly and automatically enable encryption across a large number of domains. For example, we have shown that currently, 47% of LE certified domains are hosted at … Read More “Let's Encrypt Is Making Web Encryption Easier” »
Interesting: “We used silver and carbon ink to print an image consisting of small rods that are about a millimeter long and a couple of hundred microns wide,” said Ajay Nahata from the University of Utah, leader of the research team. “We found that changing the fraction of silver and carbon in each rod changes … Read More “Hiding Information in Silver and Carbon Ink” »
A new ransomware, Popcorn Time, gives users the option of infecting others in lieu of paying the ransom. Related: a good general article on ransomware. EDITED TO ADD: Slashdot thread. Powered by WPeMatico