Informations about SSL certificates and networks security
The Guardian has reported that the app Whisper tracks users, and then published a second article explaining what it knows after Whisper denied the story. Here’s Whisper’s denial; be sure to also read the first comment from Moxie Marlinspike. Slashdot thread. Hacker News thread. EDITED TO ADD (10/22): Another Whisper explanation, and another Guardian article. … Read More “Whisper Tracks Users” »
FBI Director James Comey again called for an end to secure encryption by putting in a backdoor. Here’s his speech: There is a misconception that building a lawful intercept solution into a system requires a so-called “back door,” one that foreign adversaries and hackers may try to exploit. But that isn’t true. We aren’t seeking … Read More “More Crypto Wars II” »
Last month, I wrote that the FBI identified Ross W. Ulbricht as the Silk Road’s Dread Pirate Roberts through a leaky CAPTCHA. Seems that story doesn’t hold water: The FBI claims that it found the Silk Road server by examining plain text Internet traffic to and from the Silk Road CAPTCHA, and that it visited … Read More “How Did the Feds Identity Dread Pirate Roberts?” »
Kevin Poulsen has written an interesting story about two people who successfully exploited a bug in a popular video poker machine. Powered by WPeMatico
ECI is a classification above Top Secret. It’s for things that are so sensitive they’re basically not written down, like the names of companies whose cryptography has been deliberately weakened by the NSA, or the names of agents who have infiltrated foreign IT companies. As part of the Intercept story on the NSA’s using agents … Read More “NSA Classification ECI = Exceptionally Controlled Information” »
This is a creepy story. A woman has her phone seized by the Drug Enforcement Agency and gives them permission to look at her phone. Without her knowledge or consent, they steal photos off of the phone (the article says they were “racy”) and use it to set up a fake Facebook page in her … Read More “DEA Sets Up Fake Facebook Page in Woman's Name” »
A few days ago, I saw this tweet: “Just a reminder that it is now *a full year* since Schneier cited it, and the FOXACID ops manual remains unpublished.” It’s true. The citation is this: According to a top-secret operational procedures manual provided by Edward Snowden, an exploit named Validator might be the default, but … Read More “FOXACID Operations Manual” »
This essay, “Grooming students for a lifetime of surveillance,” talks about the general trends in student surveillance. Related: essay on the need for student privacy in online learning. Powered by WPeMatico
Interesting essay about James Bamford and his efforts to publish The Puzzle Palace over the NSA’s objections. Required reading for those who think the NSA’s excesses are somehow new. Powered by WPeMatico
The latest Intercept article on the Snowden documents talks about the NSA’s undercover operatives working in foreign companies. There are no specifics, although the countries China, Germany, and South Korea are mentioned. It’s also hard to tell if the NSA has undercover operatives working in companies in those countries, or has undercover contractors visiting those … Read More “NSA Has Undercover Operatives in Foreign Companies” »