OpenSSL maintainer and Google cryptographer Ben Laurie and I collaborated on an article for Nature magazine on technical systems for finding untrustworthy Certificate Authorities. We focused on Certificate Transparency, the solution that will shortly be integrated into Chrome, and also discuss Sovereign Keys, a related proposal from the Electronic Frontier Foundation. Both make clever use of cryptographic hashes, arranged in Merkle trees, to produce "untrusted, provable logs."
In 2011, a fake Adobe Flash updater was discovered on the Internet. To any user it looked authentic. The software’s cryptographic certificates, which securely verify
the authenticity and integrity of Internet connections, bore an authorized signature. Internet users who thought they were applying a legitimate patch unwittingly turned their computers into spies. An unknown master had access to all of their data. The keys used to sign the certificates had been stolen from a ‘certificate authority’ (CA), a trusted body (in this case, the Malaysian Agricultural Research and Development Institute) whose encrypted signature on a website or piece of software tells a browser program that the destination is bona fide. Until the breach was found and the certificate revoked, the keys could be used to impersonate virtually any site on the Internet.
Secure the Internet (PDF)
If you’ve ever locked yourself out of your home and googled for a locksmith, you’ve seen that it’s virtually impossible to reach a real local locksmith.
Iphone 6s that have been repaired by independent service centers are bricking themselves, seemingly permanently, with a cryptic message about “Error 53.”
CBS announced today that ailing and aging media mogul Sumner M. Redstone, who is 92, has resigned as the company’s executive chairman. Leslie Moonves, CEO, has now taken the role of chairman.
Plastic is so 2013. You don’t want to buy something only to throw it away or lose it and barely care. You like nice things and want to hang onto them. The Plazmatic lighter here is a high quality, high tech alternative to the typical cheap, plastic lighter you get at the old gas station. […]
Real engineers build things. Super cool engineers build things with their hands and fingers, like our engineering forefathers did. No idea where to even begin to do that? This step by step Arduino course is now 92% off and is going to get you up and running, from zero to hero, in no time. So […]
How do Google and YouTube really work? It turns out, Python kind of runs things around those parts. And with this bootcamp, you’ll get whipped into shape and ready to start programming yourself. Whether you’re a Python pro and just want to sharpen your skills, or a total tech newbie with little or no coding […]