Boing Boing 

You'll falafel about this horrifying new pita-sized crypto-key-sniffing hack


I nearly falafel my chair when I read about the Israeli researchers who've designed a device that can derive crypto keys from the unintentional radio signals emitted by a computer's CPU—and miniaturized it until it can fit into a pita.

Read the rest

US CIO defies the FBI, orders HTTPS for all government websites


Tony Scott, CIO of the US government, has spit in the eye of assistant FBI director Michael Steinbach, who called on companies "to build technological solutions to prevent encryption above all else."

Read the rest

If the FBI has a backdoor to Facebook or Apple encryption, we are less safe

Reuters


Reuters

Freedom of the Press Foundation director Trevor Timm tells Boing Boing,

Now that the USA Freedom Act is out of the way, it seems pretty clear the next battle in Congress will almost certainly be over encryption, as the FBI has not stopped its push to force tech companies to insert a backdoor into their communications tools, despite being ridiculed for it by security experts. The FBI seems to push it even farther in the past week, testifying before Congress that they need to stop encryption "above all else" and leaking a story to the LA Times about ISIS using encrypted text messaging apps. I wrote about what a dumb move it is on several levels for the Guardian.

Read the rest

There was a David Cameron who swallowed a fly...

In my latest Guardian column, I talk about the real danger from the UK Tories' plan to ban effective cryptography: not the initial mandate forcing companies to help spy on their users, but all the things we'll have to do when that doesn't work.

Read the rest

UN rapporteur sticks up for crypto and anonymity

Within days of David Cameron's Queen's Speech promise to ban the use of effective crypto in the UK, David Kaye, the UN special rapporteur for Freedom of Expression effectively called this a plan to make UK into a rogue state.

Read the rest

Hacktivist sees too much, FBI lock him up on child-porn charges, produce no evidence


Matthew DeHart, a veteran from a multi-generational military/intelligence family, ran a Tor hidden service server for his Wow guildies, members of his old army unit, and whistleblowers.

Read the rest

Today's terrifying Web security vulnerability, courtesy of the 1990s crypto wars

The Logjam bug allows attackers to break secure connections by tricking the browser and server to communicate using weak crypto -- but why do browsers and servers support weak crypto in the first place?

Read the rest

150 orgs, experts and companies tell Obama: hands off crypto!


The joint letter from human rights organizations, eminent cryptographers, tech companies and trade associations takes aim at the FBI's ever-louder calls to ban the use of effective cryptography.

Read the rest

Smart Grid consortium rolled its own crypto, which is always, always a bad idea


When you make up your own crypto, it's only secure against people stupider than you, and there are lots of people smarter than the designers of the Open Smart Grid Protocol, who rolled their own (terrible) crypto rather than availing themselves of the numerous, excellent, free public cryptographic protocols.

Read the rest

Computer scientist/Congressman: crypto backdoors are "technologically stupid," DA is "offensive"

Rep Ted Lieu (D-CA) is a USAF reserve colonel, former member of the Judge Advocate General Corps and holds a computer science degree -- he's one of the four members of Congress with any formal computer science qualifications.

Read the rest

Encryption backdoors are like TSA luggage-locks for the Internet

In my new Guardian column, I look at UK Prime Minister David Cameron's election pledge to eliminate strong crypto and point out that we already have a forerunner of this in the "TSA-safe" luggage locks -- and it's a disaster.

Read the rest

FBI's crypto backdoor plans require them to win the war on general purpose computing


The FBI wants backdoors in all your crypto, and UK Prime Minister David Cameron made backdoors an election promise, but as Stanford lawyer/computer scientist Jonathan Mayer writes, there's no way to effectively backdoor modern platforms without abolishing the whole idea of computers as we know them, replacing them with an imaginary and totalitarian computing ecosystem that does not exist and probably never will.

Read the rest

Encrypting your laptop demystified

On The Intercept, Micah Lee follows up on his great primer on NSA-proof passwords with a soup-to-nuts tutorial on encrypting your laptop.

Read the rest

Ransomware decryptor


If you or someone you love has been hijacked by Coinvault ransomware -- malware that encrypts your data and won't decrypt it unless you transfer Bitcoin to criminals -- Kaspersky may be able to help you (via Hacker News)

Surveillance self-defense kit for LGBTQ youth


The latest addition to the Electronic Frontier Foundation's Surveillance Self-Defense series is a set of tools and instructions aimed specifically at LGBTQ kids, who have unique threat models (being outed) and adversaries (homophobic friends, parents, pastors).

Read the rest

NSA declares war on general purpose computers


NSA director Michael S Rogers says his agency wants "front doors" to all cryptography used in the USA, so that no one can have secrets it can't spy on -- but what he really means is that he wants to be in charge of which software can run on any general purpose computer.

Read the rest

NSA-proof passwords


The Intercept's Micah Lee explains how to use Diceware's to generate a passphrase that can survive the NSA's trillion-guess-per-second cracking attempts -- but which can still be easily memorized.

Read the rest