Boing Boing 

Free six-part course on encrypting email and securing your network sessions against snooping


Jeff sez, "Tuts+ has made my six part introduction to PGP encryption, email and networking privacy available to readers for free."

Read the rest

What happened when we got subpoenaed over our Tor exit node

We've run a Tor exit-node for years. In June, we got the nightmare Tor operator scenario: a federal subpoena (don't worry, it ended surprisingly well!)Read the rest

Going to DEFCON? EFF's got your back


The Electronic Frontier Foundation always has a huge presence at Las Vegas's DEFCON, but this year, we're hosting our first-ever badge-hack contest!

Read the rest

Once again: Crypto backdoors are an insane, dangerous idea


The Washington Post editorial board lost its mind and called on the National Academy of Sciences to examine "the conflict" over whether crypto backdoors can be made safe: the problem is, there's no conflict.

Read the rest

IRS responds to records request with encrypted CD full of blacked-out documents


Michael sez, "Sometimes a simple 'no' can be better than what agencies consider a response when it comes to Freedom of Information. J. Pat Brown over at FOIA powerhouse MuckRock discovered that the hard way when, after a request for information on information about the IRS's whisteblower office resulted in documents being sent on a CD ... that was fully encrypted ... using a Windows only app ... where the password was sent along in a separate letter."

Read the rest

The Tor Project is hiring a new executive director


So, an EFF activist gig isn't for you and neither is deputy director of the Free Software Foundation: how about executive director of the Tor Project, which maintains The Onion Router, a crucial piece of anonymity and privacy technology?

Read the rest

Moxie Marlinspike profiled in WSJ. Obama thinks secure messaging apps like the one he built are “a problem.”

[Wall Street Journal]


[Wall Street Journal]

The Wall Street Journal just discovered what some of us have known for a long time: Moxie Marlinspike is really cool, and the work he does is important.

Read the rest

What happened at yesterday's Congressional hearings on banning crypto?


Cryptographers and security experts gathered on the Hill yesterday to tell Congress how stupid it was to ban crypto in order to make it easier to spy on "bad guys."

Read the rest

Computer scientists on the excruciating stupidity of banning crypto

A paper from some of the most important names in crypto/security history scorchingly condemns plans by the US and UK governments to ban "strong" (e.g. "working") crypto.

Read the rest

EFF's new certificate authority publishes an all-zero, pre-release transparency report


EFF, Mozilla and pals are launching Let's Encrypt, an all-free certificate authority, in September -- but they've released a transparency report months in advance.

Read the rest

You'll falafel about this horrifying new pita-sized crypto-key-sniffing hack


I nearly falafel my chair when I read about the Israeli researchers who've designed a device that can derive crypto keys from the unintentional radio signals emitted by a computer's CPU—and miniaturized it until it can fit into a pita.

Read the rest

US CIO defies the FBI, orders HTTPS for all government websites


Tony Scott, CIO of the US government, has spit in the eye of assistant FBI director Michael Steinbach, who called on companies "to build technological solutions to prevent encryption above all else."

Read the rest

If the FBI has a backdoor to Facebook or Apple encryption, we are less safe

Reuters


Reuters

Freedom of the Press Foundation director Trevor Timm tells Boing Boing,

Now that the USA Freedom Act is out of the way, it seems pretty clear the next battle in Congress will almost certainly be over encryption, as the FBI has not stopped its push to force tech companies to insert a backdoor into their communications tools, despite being ridiculed for it by security experts. The FBI seems to push it even farther in the past week, testifying before Congress that they need to stop encryption "above all else" and leaking a story to the LA Times about ISIS using encrypted text messaging apps. I wrote about what a dumb move it is on several levels for the Guardian.

Read the rest

There was a David Cameron who swallowed a fly...

In my latest Guardian column, I talk about the real danger from the UK Tories' plan to ban effective cryptography: not the initial mandate forcing companies to help spy on their users, but all the things we'll have to do when that doesn't work.

Read the rest

UN rapporteur sticks up for crypto and anonymity

Within days of David Cameron's Queen's Speech promise to ban the use of effective crypto in the UK, David Kaye, the UN special rapporteur for Freedom of Expression effectively called this a plan to make UK into a rogue state.

Read the rest

Hacktivist sees too much, FBI lock him up on child-porn charges, produce no evidence


Matthew DeHart, a veteran from a multi-generational military/intelligence family, ran a Tor hidden service server for his Wow guildies, members of his old army unit, and whistleblowers.

Read the rest

Today's terrifying Web security vulnerability, courtesy of the 1990s crypto wars

The Logjam bug allows attackers to break secure connections by tricking the browser and server to communicate using weak crypto -- but why do browsers and servers support weak crypto in the first place?

Read the rest