OpenSSL maintainer and Google cryptographer Ben Laurie and I collaborated on an article for Nature magazine on technical systems for finding untrustworthy Certificate Authorities. We focused on Certificate Transparency, the solution that will shortly be integrated into Chrome, and also discuss Sovereign Keys, a related proposal from the Electronic Frontier Foundation. Both make clever use of cryptographic hashes, arranged in Merkle trees, to produce "untrusted, provable logs."
In 2011, a fake Adobe Flash updater was discovered on the Internet. To any user it looked authentic. The software’s cryptographic certificates, which securely verify
the authenticity and integrity of Internet connections, bore an authorized signature. Internet users who thought they were applying a legitimate patch unwittingly turned their computers into spies. An unknown master had access to all of their data. The keys used to sign the certificates had been stolen from a ‘certificate authority’ (CA), a trusted body (in this case, the Malaysian Agricultural Research and Development Institute) whose encrypted signature on a website or piece of software tells a browser program that the destination is bona fide. Until the breach was found and the certificate revoked, the keys could be used to impersonate virtually any site on the Internet.
Secure the Internet (PDF)
In a new working paper from the Center for Economic Policy Research, scholars look at the trading records of shareholders, directors and top executives of major financial institutions in the runup to the crash of 2007, and find that the sell-offs by the top five executives at a bank strongly correlated with that bank’s losses […]
In 2007, Singaporean blogfather Mr Brown discovered this video, which is literally the most best thing you will ever see, this week: middle-aged Singaporean government officials rapping(ish) about the nation’s public-private partnership strategy, with fresh rhymes like “They call me CEO, hear me out everyone/My aim, a vibrant media-hub for the city/Singapore-made content can be […]
In spring, 2015, American farmers started to spread the word that John Deere claimed that a notorious copyright law gave the company exclusive dominion over repairs to Deere farm-equipment, making it a felony (punishable by 5 years in prison and a $500K fine for a first offense) to fix your own tractor.
Much of what goes into creating an amazing photo happens in the digital darkroom. Here’s your chance to master all things photo editing: the Ultimate Adobe Photo Editing Bundle, now available in the Boing Boing Store for just $29.99.Across 8 courses and over 41 hours of intensive instruction, you’ll learn the fundamentals of Adobe’s suite of photo […]
3D printers are hot, but they’re also pricey. While the prospect of cranking out everything we can dream up is enticing, cost is often one factor that keeps us from jumping onto the 3D printing train.Now, thanks to M3D, that doesn’t have to be the case. You can now get its flagship 3D printer–plus four reels of filaments–for just […]
It’s no secret that technology is changing the way we all work—but it’s also transforming the way we play. The games of today look nothing like those of 10 or even 20 years ago: these days it’s all about mobile and 3D. And now you can learn to design 3D mobile games with the Intro to Unity 3D Game […]