NSA declares war on general purpose computers

NSA director Michael S Rogers says his agency wants "front doors" to all cryptography used in the USA, so that no one can have secrets it can't spy on -- but what he really means is that he wants to be in charge of which software can run on any general purpose computer. Read the rest

NSA-proof passwords

The Intercept's Micah Lee explains how to use Diceware's to generate a passphrase that can survive the NSA's trillion-guess-per-second cracking attempts -- but which can still be easily memorized. Read the rest

Mobile ad

As crypto wars begin, FBI silently removes sensible advice to encrypt your devices

The FBI used to publish excellent advice about encrypting your devices to keep your data secure when your stuff is lost or stolen; this advice has been silently dropped now that FBI Director James Comey is trying to stop manufacturers from using crypto by default. Read the rest

Automating remote BIOS attacks

Legbacore's upcoming "digital voodoo" presentation will reveal an automated means of discovering BIOS defects that are vulnerable to remote attacks, meaning that your computer can be compromised below the level of the OS by attackers who do not have physical access to it. Read the rest

Parliamentary Office of Science & Technology tells Cameron Tor is good, unstoppable

David Cameron has vowed to ban crypto if he wins the UK election, but Parliament's lead technical experts have told him that he can't, and shouldn't, mess with Tor and other cryptographic tools. Read the rest

Bruce Schneier's Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

No one explains security, privacy, crypto and safety better.

Companies should never try to intercept their users' encrypted traffic

Lenovo's disgraceful use of Superfish to compromise its users' security is just the tip of the iceberg: everywhere we look, companies have decided that it's a good idea to sneakily subvert their users' encryption. Read the rest

Mobile ad

Laura Poitras's Citizenfour OPSEC

One of the most startling motifs of Citizenfour, Laura Poitras's Academy Award-winning documentary about Edward Snowden, is the use and abuse of cryptographic tools, which are at the center of the NSA's surveillance plans and Snowden's audacious act of whistleblowing. Read the rest

Anyone who makes you choose between privacy and security wants you to have neither

An excellent op-ed from the Open Rights Group: "When ORG defends privacy, we are fighting to protect people from abuses of power that leave them vulnerable." Read the rest

If privacy was really dead, would everyone be trying so hard to kill it?

A reader writes, "SF author Peter Watts writes about the ever-encroaching assault on our privacy and how relocating their arguments from the Internet to meatspace illustrates how ridiculous they are, and reasons to be cheerful because of the governments of the 'free world''s determination to eliminate the last shreds of our privacy." Read the rest

Alan Turing's lost notes discovered as crumpled insulation in Bletchley Park huts

After the war ended, Churchill ordered all of Bletchley's work -- the computers, the notebooks -- destroyed, but some of Alan Turing's notes were discovered between the walls of Hut 6 during a recent renovation, and are now on display at Bletchley Park. Read the rest

Leaked US cybersecurity report singles out crypto as essential for security of private data

A newly released document from the Snowden trove is a five-year "cyber-threat" forecast that stresses the importance of strong civilian use of cyrptography as crucial to protecting private data, especially the industrial secrets sought by foreign spies. Read the rest

What David Cameron just proposed would endanger every Briton and destroy the IT industry

David Cameron says there should be no "means of communication" which "we cannot read" -- and no doubt many in his party will agree with him, politically. But if they understood the technology, they would be shocked to their boots.

Exciting progress towards surveillance-resistant email

Ladar Levison -- persecuted founder of the now-shuttered private mail service Lavabit, as used by Edward Snowden -- has made great progress on his Darkmail project, a joint initiative with Phil "PGP" Zimmerman's also shut-down Silent Circle private email service. Read the rest

Crypto puzzles and games for kids

Dev Gualtieri's newly published Secret Codes & Number Games: Cryptographic Projects & Number Games for Children Ages 5-16 is a thoughtfully designed introduction to crypto for kids. Read the rest

More posts