Informations about SSL certificates and networks security
Auto Added by WPeMatico
This is a really interesting story of an ad fraud scheme that relied on hijacking the Border Gateway Protocol: Members of 3ve (pronounced “eve”) used their large reservoir of trusted IP addresses to conceal a fraud that otherwise would have been easy for advertisers to detect. The scheme employed a thousand servers hosted inside data … Read More “Massive Ad Fraud Scheme Relied on BGP Hijacking” »
Five years ago, the NSA published 23 years of its internal magazine, Cryptolog. There were lots of redactions, of course. What’s new is a nice user interface for the issues, noting highlights and levels of redaction. Powered by WPeMatico
The US Privacy and Civil Liberties Oversight Board is looking for a director. Among other things, this board has some oversight role over the NSA. More precisely, it can examine what any executive-branch agency is doing about counterterrorism. So it can examine the program of TSA watchlists, NSA anti-terrorism surveillance, and FBI counterterrorism activities. The … Read More “The PCLOB Needs a Director” »
This is an interesting interview with a former NSA employee about supply chain security. I consider this to be an insurmountable problem right now. Powered by WPeMatico
A 2006 document from the Snowden archives outlines successful NSA operations against “a number of “high potential” virtual private networks, including those of media organization Al Jazeera, the Iraqi military and internet service organizations, and a number of airline reservation systems.” It’s hard to believe that many of the Snowden documents are now more than … Read More “NSA Attacks Against Virtual Private Networks” »
The Intercept has a long story about the NSA’s domestic interception points. Includes some new Snowden documents. Powered by WPeMatico
The Intercept has a long article on Japan’s equivalent of the NSA: the Directorate for Signals Intelligence. Interesting, but nothing really surprising. The directorate has a history that dates back to the 1950s; its role is to eavesdrop on communications. But its operations remain so highly classified that the Japanese government has disclosed little about … Read More “Japan’s Directorate for Signals Intelligence” »
This is interesting: Creating these defenses is the goal of NIST’s lightweight cryptography initiative, which aims to develop cryptographic algorithm standards that can work within the confines of a simple electronic device. Many of the sensors, actuators and other micromachines that will function as eyes, ears and hands in IoT networks will work on scant … Read More “NIST Issues Call for “Lightweight Cryptography” Algorithms” »
It’s Lt. Gen. Paul Nakasone. I know nothing about him. Powered by WPeMatico
The ISO has rejected two symmetric encryption algorithms: SIMON and SPECK. These algorithms were both designed by the NSA and made public in 2013. They are optimized for small and low-cost processors like IoT devices. The risk of using NSA-designed ciphers, of course, is that they include NSA-designed backdoors. Personally, I doubt that they’re backdoored. … Read More “Two NSA Algorithms Rejected by the ISO” »