Reasons (not) to trust Apple's privacy promises

Apple's new Ios privacy policy makes some bold promises about their technology's wiretap-resistance, saying that even if Apple wanted to snoop on your messages, they couldn't, but as EFF co-founder John Gilmore points out, Apple's asking you to take an awful lot on faith here.

Read the rest

Privacy for Normal People


My latest Guardian column, Privacy technology everyone can use would make us all more secure, makes the case for privacy technology as something that anyone can -- and should use, discussing the work being done by the charitable Simply Secure foundation that launches today (site is not yet up as of this writing), with the mandate to create usable interfaces to cryptographic tools, and to teach crypto developers how to make their tools accessible to non-technical people.

Read the rest

Free cybersecurity MOOC


The Open University's "Introduction to Cyber Security" is a free online course -- with optional certificate -- that teaches the fundamentals of crypto, information security, and privacy; I host the series, which starts on Oct 13."

Read the rest

UK Ministry of Justice loses harddrive with 3,000 prisoners' data, which they forgot to encrypt

Alan sez, "The UK Ministry of Justice was just slapped with a fine for the loss of a hard disk containing data on over 3,000 prisoners. These things happen."

Read the rest

Honorable spies anonymously leak NSA/GHCQ-discovered flaws in Tor

Andrew Lewman, head of operations for The Onion Router (TOR), an anonymity and privacy tool that is particularly loathed by the spy agencies' capos, credits Tor's anonymous bug-reporting system for giving spies a safe way to report bugs in Tor that would otherwise be weaponized to attack Tor's users.

Read the rest

A video about cybersecurity that you should really watch

Dan Geer's Black Hat 2014 talk Cybersecurity as Realpolitik (also available as text) is thoughtful, smart, vital, and cuts through -- then ties together -- strands of security, liability, governance, privacy, and fairness, and is a veritable manifesto for a better world.

Read the rest

EFF unveils secure, sharing-friendly, privacy-minded router OS

As promised, the Open Wireless Movement's new sharing-friendly, privacy-minded router operating system was unveiled at HOPE X in New York last weekend.

Read the rest

Snowden will develop pro-privacy crypto tools

He made the announcement at the HOPEX conference in New York this past weekend, calling on other attendees to join him in a project to "improve the future by encoding our rights into programs and protocols by which we rely every day."

(via /.)

(Image: SHH, Liz Welsh, CC-BY)

Snowden: Dropbox is an NSA surveillance target, use Spideroak instead


A remarkable moment from last night's remarkable Snowden video from the Guardian.

Read the rest

Finnish national broadcaster will transmit blockchain over terrestrial digital TV network

The Finnish national broadcaster has partnered with Kryptoradio to broadcast the Bitcoin blockchain over the digital television network making it accessible over a non-Internet channel to 95% of the Finnish population.

Read the rest

Digital First Aid Kit: where to turn when you're DoSed or have your accounts hijacked

A group of NGOs, including the Electronic Frontier Foundation, offer a suite of tools for diagnosing and mitigating the kinds of attacks faced by dissidents and independent media all over the world, especially when they threaten the powerful.

Read the rest

Fake Google subdomain certificates found in the wild

An Indian certificate authority in the Microsoft root of trust has been caught issuing fake Google subdomain certificates that would allow nearly undetectable eavesdropping on "secure" connections to services like Google Docs.

Read the rest

"Personal Internet security" is a team sport


My latest column in Locus magazine, Security in Numbers, looks at the impossibility of being secure on your own -- if you use the Internet to talk to other people, they have to care about security, too.

Read the rest

Blackphone: a privacy-conscious phone that actually works


The Blackphone is a secure mobile phone whose operating system is based on Android, designed to minimize the amount of data you leak as you move through the world through a combination of encryption and systems design that takes your privacy as its first priority.

Read the rest

Cyber-crooks turn to Bitcoin extortion


Security journalist Brian Krebs documents a string of escalating extortion crimes perpetrated with help from the net, and proposes that the growth of extortion as a tactic preferred over traditional identity theft and botnetting is driven by Bitcoin, which provides a safe way for crooks to get payouts from their victims.

Read the rest