Interesting story. I always recommend using a random number generator like Fortuna, even if you’re using a hardware random source. It’s just safer. Powered by WPeMatico
Month: October 2019
WhatsApp is suing the Israeli cyberweapons arms manufacturer NSO Group in California court: WhatsApp’s lawsuit, filed in a California court on Tuesday, has demanded a permanent injunction blocking NSO from attempting to access WhatsApp computer systems and those of its parent company, Facebook. It has also asked the court to rule that NSO violated US … Read More “WhatsApp Sues NSO Group” »
The Carnegie Endowment for Peace published a comprehensive report on ICT (information and communication technologies) supply-chain security and integrity. It’s a good read, but nothing that those who are following this issue don’t already know. Powered by WPeMatico
In an extraordinary essay, the former FBI general counsel Jim Baker makes the case for strong encryption over government-mandated backdoors: In the face of congressional inaction, and in light of the magnitude of the threat, it is time for governmental authorities — including law enforcement — to embrace encryption because it is one of the … Read More “Former FBI General Counsel Jim Baker Chooses Encryption Over Backdoors” »
Interesting article and paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
The US Department of Justice unraveled a dark web child-porn website, leading to the arrest of 337 people in at least 18 countries. This was all accomplished not through any backdoors in communications systems, but by analyzing the bitcoin transactions and following the money: Welcome to Video made money by charging fees in bitcoin, and … Read More “Dark Web Site Taken Down without Breaking Encryption” »
This is really interesting: “A Data-Driven Reflection on 36 Years of Security and Privacy Research,” by Aniqua Baset and Tamara Denning: Abstract: Meta-research—research about research—allows us, as a community, to examine trends in our research and make informed decisions regarding the course of our future research activities. Additionally, overviews of past research are particularly useful … Read More “Mapping Security and Privacy Research across the Decades” »
There was a successful attack against NordVPN: Based on the command log, another of the leaked secret keys appeared to secure a private certificate authority that NordVPN used to issue digital certificates. Those certificates might be issued for other servers in NordVPN’s network or for a variety of other sensitive purposes. The name of the … Read More “NordVPN Breached” »
Coming out of the Privacy Commissioners’ Conference in Albania, Public Voice is launching a petition for an international moratorium on using facial recognition software for mass surveillance. You can sign on as an individual or an organization. I did. You should as well. No, I don’t think that countries will magically adopt this moratorium. But … Read More “Public Voice Launches Petition for an International Moratorium on Using Facial Recognition for Mass Surveillance” »
NIST has completed a study — it was published last year, but I just saw it recently — calculating the costs and benefits of the Advanced Encryption Standard. From the conclusion: The result of performing that operation on the series of cumulated benefits extrapolated for the 169 survey respondents finds that present value of benefits … Read More “Calculating the Benefits of the Advanced Encryption Standard” »