Informations about SSL certificates and networks security
This Verge article isn’t great, but we are certainly moving into a future where audio and video will be easy to fake, and easier to fake undetectably. This is going to make propaganda easier, with all of the ill effects we’ve already seen turned up to eleven. I don’t have a good solution for this. … Read More “The Future of Faking Audio and Video” »
A few days ago, I blogged an excellent essay by Filippo Valsorda on why he’s giving up on PGP. Neal Walkfield wrote a good rebuttal. I am on Valsorda’s side. I don’t like PGP, and I use it as little as possible. If I want to communicate securely with someone, I use Signal. Powered by … Read More “The Pro-PGP Position” »
The Encryption Working Group of the House Judiciary Committee and the House Energy and Commerce Committee has released its annual report. Observation #1: Any measure that weakens encryption works against the national interest. Observation #2: Encryption technology is a global technology that is widely and increasingly available around the world. Observation #3: The variety of … Read More “Encryption Working Group Annual Report from the US House of Representatives” »
Google has released Project Wycheproof a test suite designed to test cryptographic libraries against a series of known attacks. From a blog post: In cryptography, subtle mistakes can have catastrophic consequences, and mistakes in open source cryptographic software libraries repeat too often and remain undiscovered for too long. Good implementation guidelines, however, are hard to … Read More “Google Releases Crypto Test Suite” »
A film student put spyware on a smartphone and then allowed it to be stolen. He made a movie of the results. Powered by WPeMatico
This would be a good idea, although I can’t imagine countries like the US, China, and Russia going along with it — at least not right now. Powered by WPeMatico
This is what passes for news these days. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Filippo Valsorda wrote an exellent essay on why he’s giving up on PGP. I have long believed PGP to be more trouble than it is worth. It’s hard to use correctly, and easy to get wrong. More generally, e-mail is inherently difficult to secure because of all the different things we ask of it and … Read More “Giving Up on PGP” »
In this impressive social-engineering display, a hacker convinces a cell phone tech-support person to change an account password without being verified in any way. Powered by WPeMatico
Like many, I was surprised and shocked by the election of Donald Trump as president. I believe his ideas, temperament, and inexperience represent a grave threat to our country and world. Suddenly, all the things I had planned to work on seemed trivial in comparison. Although Internet security and privacy are not the most important … Read More “My Priorities for the Next Four Years” »