Tor Project is working on a web-wide random number generator

hs_montreal_4

Random number generators are the foundation of cryptography -- that's why the NSA secretly sabotaged the RNG standard that the National Institute for Standards and Technology developed. Read the rest

EFF is hiring a software engineer!

image1

Forget "disrupting" some industry -- work at EFF and you can write code to make a better future for everyone! Read the rest

James Clapper: Snowden accelerated crypto adoption by 7 years

EnronStockPriceAugust2000toJanuary2001.svg

Apparently America's spy agencies have a seven-year plan for cryptographic adoption: James Clapper, the Director of National Intelligence, has credited Edward Snowden with the acceleration of commercial adoption of encryption by 7 years. Read the rest

Brussels terrorists kept their plans in an unencrypted folder called "TARGET"

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1029

Remember how, in the wake of the horrific terrorist attacks on Brussels last month, authorities all over the world declared that the world was critically endangered by cryptography, insisting that crazy, far-reaching crypto-bans were necessary to prevent another attack? Read the rest

Ron Wyden vows to filibuster anti-cryptography bill

3642123174_18d160528f_b

Senators Richard Burr [R-NC] and Dianne Feinstein [D-CA] finally introduced their long-rumored anti-crypto bill, which will ban US companies from making products with working cryptography, mandating that US-made products have some way to decrypt information without the user's permission. Read the rest

Let's Encrypt is actually encrypting the whole Web

free-ssl-certificate

Let's Encrypt (previously) a joint EFF-Mozilla-Linux Foundation project that lets anyone easily create an SSL certificate for free in minutes and install and configure it so that visitors to their Websites will be shielded from surveillance, came out of beta this week, and it's already making a huge difference. Read the rest

Why the rise of ransomware attacks should worry you

20012127713_aed0df29b4_b

Sean Gallagher does an excellent job of running down the economics and technology behind the rise and rise of ransomware attacks: ransomware has become a surefire way to turn a buck on virtually any network intrusion, and network intrusions themselves are trivial if you don't especially care whose networks you break into. Read the rest

Security flaws found in 3 state health insurance websites

Reuters / Phil McCarten

Federal investigators have discovered major security vulnerabilities in the state health insurance websites for California, Kentucky and Vermont that could allow criminals to access sensitive personal data for hundreds of thousands of people.

Read the rest

Artist installs sculptures that are also Tor nodes in the world's galleries

IMG_6969_D01-1024x693

Trevor Paglen and Jacob Appelbaum collaborate to create beautiful, acrylic-encased computers that are also Tor nodes, anonymizing data that passes through them, and install the in art galleries all over the world, so that patrons can communicate and browse anonymously, while learning about anonymity and Tor. Read the rest

Hungarian ruling party wants to ban all working crypto

Dia03 (1)

The parliamentary vice-president from Fidesz -- the largest faction in the Hungarian government -- has asked parliament to "ban communication devices that [law enforcement agencies] are not able to surveil despite having the legal authority to do so." Read the rest

Justice Department to drop 'FBI vs. Apple' case, because they've unlocked the iPhone

Tashfeen Malik, left, and Syed Farook died on Dec. 2, 2015, in a gun battle with authorities several hours after their assault on a gathering of Farook's colleagues in San Bernardino, Calif., that left 14 people dead.

The #FBIvsApple legal case may be over, but the fight over security, privacy, and the right to live free of surveillance has just begun. The Justice Department is expected to drop its legal action against Apple, possibly as soon as today, because an 'outside method' to bypass security on the San Bernardino gunman's iPhone has proven successful, a federal law enforcement official said Monday.

Read the rest

Ransomware gets a lot faster by encrypting the master file table instead of the filesystem

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1005

In just a few short years, ransomware -- malware that encrypts all the files on the computer and then charges you for a key to restore them -- has gone from a clever literary device for technothrillers to a cottage industry to an epidemic to a public menace. Read the rest

Security-conscious darkweb crime marketplaces institute world-leading authentication practices

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1002

If you are a seller on Alphabay -- a darkweb site that sells "drugs, stolen data and hacking tools," you'll have to use two-factor authentication (based on PGP/GPG) for all your logins. Read the rest

Ransomware hackers steal a hospital. Again.

methodhop

A month after a hospital in Hollywood was shut down by a ransomware infection that encrypted all the files on its computers and computer-controlled instruments and systems, another hospital, this one in Kentucky, has suffered a similar fate. Read the rest

Paris terrorists used disposable burner phones to hide plans. No evidence of encryption.

burner-phones

"Everywhere they went, the attackers left behind their throwaway phones."

Buried in the New York Times story Mark poked fun at earlier for its Crypto Panic vibe, a confirmation of sorts that there's really no evidence the terrorists used crypto at all. There is lots of evidence they used throwaway burner phones to evade detection while planning mass murder. Again, no evidence encryption, none, period. This is significant because these attacks, and similar ones that followed, are at the core of an anti-encryption charm offensive by the FBI and Department of Justice, now targeted at Apple's iPhone.

Ars Technica rehashes the details of the NYT piece and then puts it plainly:

Until we have stronger evidence to the contrary, it seems likely that encryption played little or no part in the Paris terrorist attacks.

Read the rest

NYT: If you see weird text on a computer screen, might be terrorist encryption software

CeFFWtxUEAAJ9BA
From a March 19, 2016 New York Times article:

One of the terrorists pulled out a laptop, propping it open against the wall, said the 40-year-old woman. When the laptop powered on, she saw a line of gibberish across the screen: β€œIt was bizarre β€” he was looking at a bunch of lines, like lines of code. There was no image, no Internet,” she said. Her description matches the look of certain encryption software, which ISIS claims to have used during the Paris attacks.

To summarize, if you see something on someone's computer screen that fits the description below, the person with the computer could be an ISIS terrorist! It looks like "a line of gibberish across the screen." It's "a bunch of lines, like lines of code." There's "no image." There's "no Internet."

It's good to know the spirit of Judith Miller lives on at the Times!

Read the rest

LGBTQ people and Apple vs FBI

gay-apple.png

Evan from Fight for the Future writes, "Everyone is focused on the high profile fight between Apple and the FBI, which is a good thing, because the outcome of this case will affect all of us." Read the rest

More posts