Informations about SSL certificates and networks security
Auto Added by WPeMatico
A modern photocopier is basically a computer with a scanner and printer attached. This computer has a hard drive, and scans of images are regularly stored on that drive. This means that when a photocopier is thrown away, that hard drive is filled with pages that the machine copied over its lifetime. As you might … Read More “Photocopier Security” »
BBC.com reports that squid are proliferating around the North Sea, and speculates that they will become an increasingly common British dinner. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Nice article on the 2011 DigiNotar attack and how it changed security practices in the CA industry. Powered by WPeMatico
Signal, the encrypted messaging app I prefer, is being blocked in both Egypt and the UAE. Recently, the Signal team developed a workaround: domain fronting. Signal’s new anti-censorship feature uses a trick called “domain fronting,” Marlinspike explains. A country like Egypt, with only a few small internet service providers tightly controlled by the government, can … Read More “How Signal Is Evading Censorship” »
Former TSA Administrator Kip Hawley wrote an op-ed pointing out the security vulnerabilities in the TSA’s PreCheck program: The first vulnerability in the system is its enrollment process, which seeks to verify an applicant’s identity. We know verification is a challenge: A 2011 Government Accountability Office report on TSA’s system for checking airport workers’ identities … Read More “Security Risks of TSA PreCheck” »
Merry Squidmas. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Crowdstrike has an interesting blog post about how the Russian military is tracking Ukrainian field artillery units by compromising soldiers’ smartphones and tracking them. News article. Powered by WPeMatico
NIST is accepting proposals for public-key algorithms immune to quantum computing techniques. Details here. Deadline is the end of November 2017. I applaud NIST for taking the lead on this, and for taking it now when there is no emergency and we have time to do this right. Slashdot thread. Powered by WPeMatico
This Verge article isn’t great, but we are certainly moving into a future where audio and video will be easy to fake, and easier to fake undetectably. This is going to make propaganda easier, with all of the ill effects we’ve already seen turned up to eleven. I don’t have a good solution for this. … Read More “The Future of Faking Audio and Video” »
A few days ago, I blogged an excellent essay by Filippo Valsorda on why he’s giving up on PGP. Neal Walkfield wrote a good rebuttal. I am on Valsorda’s side. I don’t like PGP, and I use it as little as possible. If I want to communicate securely with someone, I use Signal. Powered by … Read More “The Pro-PGP Position” »