Australia announces plan to ban working cryptography at home and in the US, UK, New Zealand, and Canada

The Australian Attorney General and a key Australian minister have published a memo detailing the demand they plan on presenting to the next Five Eyes surveillance alliance meeting, which will be held next week in Ottawa. Read the rest

Germany mulls sweeping surveillance bill, crypto backdoors and fingerprinting kids

Germany's interior ministry has announced sweeping new surveillance powers ahead of the coming national election, which would include the right to infect residents' computers with malware in order to spy on their encrypted communications (shades of the illegal Bundestrojaner program), ordering tech companies to deliberately introduce defects into their cryptography, and fingerprinting children as young as 6. Read the rest

Linux worm turns Raspberry Pis into cryptocurrency mining bots

Linux.MulDrop.14 is a Linux worm that seeks out networked Raspberry Pi systems with default root passwords; after taking them over and ZMap and sshpass, it begins mining an unspecified cryptocurrency, creating riches for the malware's author and handing you the power-bill. Read the rest

Opsec and #blacklivesmatter: how Trump is motivating activists to learn and practice digital security

It's been more than two years since Harlem Cryptoparty made the connection between the struggle for racial justice in America and access to networks and encryption; the Trump election has strengthened that proposition, with a national network of Digital Security in the Era of Trump workshops where activists train each other on operational security. Read the rest

The Russian Britney Spears Instagram hackers also used satellites to hide their tracks

Pity poor Turla, the advanced persistent threat hacking group closely associated with the Russian government who were outed yesterday for their extremely clever gimmick of using Britney Spears's Instagram account as a covert channel for controlling compromised computers in the field while protecting their "command and control" servers; today, Turla faces another devastating disclosure, a report that Turla exploited gaps in the security model of satellite TV and internet systems to make it possible for compromised computers to contact the C&C servers without revealing their locations. Read the rest

Donate to support GnuPG, the backbone of email privacy and security

It's been two years since the net came together to raise funds to support Werner Koch, who maintains the absolutely vital GnuPG email encryption system, used daily by millions to protect the privacy and integrity of their email. Read the rest

Theresa May wants to ban crypto: here's what that would cost, and here's why it won't work anyway

Aaron Swartz once said, "It's no longer OK not to understand how the Internet works."

Why don't people use secure internet tools?

A group of scholars and practicioners from the US, Germany and the UK conducted a qualitative study on the "obstacles to adoption of secure communications tools," which was presented to the 38th IEEE Symposium on Security and Privacy. Read the rest

UK Tories say they'll exploit Manchester's dead to ban working crypto in the UK

One of UK Prime Minister Theresa May's government ministers told a reporter from The Sun that the government is planning on invoking the "Technical Capabilities Orders" section of the Snoopers Charter, a 2016 domestic spying bill; the "orders" allow the government to demand that companies cease using working cryptography in their products and services, substituting it with deliberately defective code that can be broken. Read the rest

Thailand is losing the war on dissent, thanks to user notifications and HTTPS

Thailand's insane lese majeste laws make it radioactively illegal to criticize the royal family, reflecting a profound insecurity about the legitimacy of the ruling elites there that can only be satisfied through blanket censorship orders whenever one of the royals does something ridiculous, cruel or both (this happens a lot). Read the rest

Having a job in America means being subjected to continuous, intimate surveillance

It started with companies sneaking their own certificates into the devices you used so they could spy on you private communications, even those with HTTPS-based encryption. Read the rest

Bipartisan bill would end warrantless border searches of US persons' data

Under the Protecting Data at the Border Act, devices "belonging to or in the possession of a United States person" (a citizen or Green Card holder) could no longer be searched at the border without a warrant. Agents would no longer be able to deny US persons entry or exit on the basis of a refusal to allow such a search (but they could seize the equipment). Read the rest

The basics of crypto, in 4.5 pages, using only small words lawmakers can understand

Ed Felten (previously) -- copyfighter, Princeton computer scientist, former deputy CTO of the White House -- has published a four-and-a-half-page "primer for policymakers" on cryptography that explains how encryption for filesystems and encryption for messaging works, so they can be less ignorant. Read the rest

After shutting down to protect user privacy, Lavabit rises from the dead

In 2013, Lavabit -- famous for being the privacy-oriented email service chosen by Edward Snowden to make contact with journalists while he was contracting for the NSA -- shut down under mysterious, abrupt circumstances, leaving 410,000 users wondering what had just happened to their email addresses. Read the rest

Apple Store employees fired after accusations of snooping on customers' devices for sexual selfies and sharing them

Last October, an Apple Store in Brisbane, Australia terminated some of its employees after they were accused of searching customers' devices for sexually explicit selfies and sharing them with colleagues, rating them on a scale of 1-10. Read the rest

EFF in Trump's America: Protecting Tomorrow

Cindy Cohn, executive director of the Electronic Frontier Foundation, has published a heartfelt and defiant statement about the EFF's plans for the coming four years under a president who has demanded back-doors in crypto, promised mass surveillance and roundups of millions of people, and threatened the freedom of the press. Read the rest

Scotland Yard charge: teaching people to use crypto is an act of terrorism

Samata Ullah from Cardiff faces six terrorism charges, including "preparation of terrorism..."by researching an encryption programme, developing an encrypted version of his blog site, and publishing the instructions around the use of [the] programme on his blog site." Read the rest

More posts