Informations about SSL certificates and networks security
This is a creepy story. The FBI wanted access to a hotel guest’s room without a warrant. So agents broke his Internet connection, and then posed as Internet technicians to gain access to his hotel room without a warrant. From the motion to suppress: The next time you call for assistance because the internet service … Read More “FBI Agents Pose as Repairmen to Bypass Warrant Process” »
Regin is another military–grade surveillance malware (tech details from Symantec and Kaspersky). It seems to have been in operation between 2008 and 2011. The Intercept has linked it to NSA/GCHQ operations, although I am still skeptical of the NSA/GCHQ hacking Belgian cryptographer Jean-Jacques Quisquater. Powered by WPeMatico
Nice article on some of the security assumptions we rely on in cryptographic algorithms. Powered by WPeMatico
Jim Sanborn has given the world another clue to the fourth cyphertext in his Kryptos sculpture at the CIA headquarters. Older posts on Kryptos. Powered by WPeMatico
AP is reporting that in 2009, several senior NSA officials objected to the NSA call-records collection program. The now-retired NSA official, a longtime code-breaker who rose to top management, had just learned in 2009 about the top secret program that was created shortly after the Sept. 11, 2001, attacks. He says he argued to then-NSA … Read More “Pre-Snowden Debate About NSA Call-Records Collection Program” »
Citadel is the first piece of malware I know of that specifically steals master passwords from password managers. Note that my own Password Safe is a target. Powered by WPeMatico
Tales of cephalopod behavior, including octopuses, squid, cuttlefish and nautiluses. Cephalopod Cognition, published by Cambridge University Press, is currently available in hardcover, and the paperback edition will be available next week. Powered by WPeMatico
Announcing Let’s Encrypt, a new free certificate authority. This is a joint project of EFF, Mozilla, Cisco, Akamai, and the University of Michigan. This is an absolutely fantastic idea. The anchor for any TLS-protected communication is a public-key certificate which demonstrates that the server you’re actually talking to is the server you intended to talk … Read More “A New Free CA” »
Whatapp is now offering end-to-end message encryption: Whatsapp will integrate the open-source software Textsecure, created by privacy-focused non-profit Open Whisper Systems, which scrambles messages with a cryptographic key that only the user can access and never leaves his or her device. I don’t know the details, but the article talks about perfect forward secrecy. Moxie … Read More “Whatsapp Is Now End-to-End Encrypted” »
The NSA recently declassified a report on the Eurocrypt ’92 conference. Honestly, I share some of the writer’s opinions on the more theoretical stuff. I know it’s important, but it’s not something I care all that much about. Powered by WPeMatico