encryption – Page 17 – SSL and internet security news

How Signal Is Evading Censorship

December 28, 2016 infossl

academicpapers, censorship, egypt, encryption, Security technology, tls, unitedarabemirates

Signal, the encrypted messaging app I prefer, is being blocked in both Egypt and the UAE. Recently, the Signal team developed a workaround: domain fronting. Signal’s new anti-censorship feature uses a trick called “domain fronting,” Marlinspike explains. A country like Egypt, with only a few small internet service providers tightly controlled by the government, can … Read More “How Signal Is Evading Censorship” »

The Pro-PGP Position

December 22, 2016 infossl

email, encryption, pgp, Security technology, usability

A few days ago, I blogged an excellent essay by Filippo Valsorda on why he’s giving up on PGP. Neal Walkfield wrote a good rebuttal. I am on Valsorda’s side. I don’t like PGP, and I use it as little as possible. If I want to communicate securely with someone, I use Signal. Powered by … Read More “The Pro-PGP Position” »

Encryption Working Group Annual Report from the US House of Representatives

December 21, 2016 infossl

backdoors, encryption, lawenforcement, nationalsecuritypolicy, Security technology

The Encryption Working Group of the House Judiciary Committee and the House Energy and Commerce Committee has released its annual report. Observation #1: Any measure that weakens encryption works against the national interest. Observation #2: Encryption technology is a global technology that is widely and increasingly available around the world. Observation #3: The variety of … Read More “Encryption Working Group Annual Report from the US House of Representatives” »

Giving Up on PGP

December 16, 2016 infossl

email, encryption, pgp, Security technology, usability

Filippo Valsorda wrote an exellent essay on why he’s giving up on PGP. I have long believed PGP to be more trouble than it is worth. It’s hard to use correctly, and easy to get wrong. More generally, e-mail is inherently difficult to secure because of all the different things we ask of it and … Read More “Giving Up on PGP” »

My Priorities for the Next Four Years

December 15, 2016 infossl

backdoors, encryption, fear, nationalsecuritypolicy, privacy, Security technology, voting

Like many, I was surprised and shocked by the election of Donald Trump as president. I believe his ideas, temperament, and inexperience represent a grave threat to our country and world. Suddenly, all the things I had planned to work on seemed trivial in comparison. Although Internet security and privacy are not the most important … Read More “My Priorities for the Next Four Years” »

Let's Encrypt Is Making Web Encryption Easier

December 14, 2016 infossl

academicpapers, certificates, cryptography, encryption, Security technology

That’s the conclusion of a research paper: Once [costs and complexity] are eliminated, it enables big hosting providers to issue and deploy certificates for their customers in bulk, thus quickly and automatically enable encryption across a large number of domains. For example, we have shown that currently, 47% of LE certified domains are hosted at … Read More “Let's Encrypt Is Making Web Encryption Easier” »

Enigma Machine Sold for Almost Half a Million Dollars

December 9, 2016 infossl

encryption, enigma, historyofcryptography, Security technology

A fully functional four-rotor Enigma machine sold for $463,500. Wow. Powered by WPeMatico

Securing Communications in a Trump Administration

November 23, 2016 infossl

backdoors, computersecurity, encryption, lawenforcement, nationalsecuritypolicy, privacy, Security technology, surveillance, uk

Susan Landau has an excellent essay on why it’s more important than ever to have backdoor-free encryption on our computer and communications systems. Protecting the privacy of speech is crucial for preserving our democracy. We live at a time when tracking an individual — a journalist, a member of the political opposition, a citizen engaged … Read More “Securing Communications in a Trump Administration” »

Whistleblower Investigative Report on NSA Suite B Cryptography

November 9, 2016 infossl

algorithms, cryptography, encryption, nsa, Security technology, whistleblowers

The NSA has been abandoning secret and proprietary cryptographic algorithms in favor of commercial public algorithms, generally known as “Suite B.” In 2010, an NSA employee filed some sort of whistleblower complaint, alleging that this move is both insecure and wasteful. The US DoD Inspector General investigated and wrote a report in 2011. The report … Read More “Whistleblower Investigative Report on NSA Suite B Cryptography” »

Self-Propagating Smart Light Bulb Worm

November 9, 2016 infossl

academicpapers, aes, authentication, cryptography, encryption, internetofthings, malware, Security technology, sidechannelattacks

This is exactly the sort of Internet-of-Things attack that has me worried: “IoT Goes Nuclear: Creating a ZigBee Chain Reaction” by Eyal Ronen, Colin OFlynn, Adi Shamir and Achi-Or Weingarten. Abstract: Within the next few years, billions of IoT devices will densely populate our cities. In this paper we describe a new type of threat … Read More “Self-Propagating Smart Light Bulb Worm” »