HOWTO make a physical, papercraft GPG box

thumb37

Shiro writes, This is a tutorial by @shiromarieke and @nsmnsr on how to make a 'GPG BOX' [PDF], a tool to easily explain GPG encryption. It has been made for CryptoParty Berlin. Read the rest

David Cameron now all alone in demanding crypto backdoors, doubles down on antibiotic resistant superterrorists

544px-David_Cameron_with_Soldiers_in_Afghanistan_MOD_45154991

The US government has given up on demanding backdoors in cryptography for now (advocates have announced that they'll wait until a terrorist attack and then use that as the excuse for fresh demands), leaving the UK government as the last man standing in the race to compromise the security of the technologies with the power of life and death over us. Read the rest

Symantec caught issuing rogue Google.com certificates

why-symantec-ssl-certificates-are-1-1-638

Your browser trusts SSL certificates from hundreds of "Certificate Authorities," each of which is supposed to exercise the utmost caution before issuing them -- a rogue cert would allow a criminal or a government to act as a man-in-the-middle between you and your bank, email provider, or employer, undetectably intercepting communications that you believed to be secure. Read the rest

America's spooks abandon crypto-backdoors, plan shock-doctrine revival

thumb27

They have decided that there's no political will to ban crypto today, but have vowed to bring it back after some unspecific future terrorist atrocity. Read the rest

Kilton Library's Tor node is back online

IMG_0050

Kilton, New Hampshire's public library was the first library in the USA to offer an Tor node on its computers, giving its patrons a technological assist in maintaining their privacy and anonymity -- until the DHS sent them a letter demanding that they switch it off.

Now, ninja librarian Alison Macrina has tweeted the good news: "WE'VE DONE IT. THE KILTON LIBRARY WILL TURN THEIR #TOR RELAY BACK ON!!!"

(Image: Tor Project) Read the rest

Library offers Tor nodes; DHS tells them to stop

John writes, "After a library created a Tor node on its network, the DHS and local police contacted them to ask them to stop. For now they have; their Board of Trustees will vote soon on whether to renew the service." Read the rest

Ashley Madison's passwords were badly encrypted, 15 million+ passwords headed for the Web

A flaw in the fraudulent dating site's password hashing means that at least 15 million of its users' passwords are liable to decryption. Read the rest

Free six-part course on encrypting email and securing your network sessions against snooping

Jeff sez, "Tuts+ has made my six part introduction to PGP encryption, email and networking privacy available to readers for free." Read the rest

What happened when we got subpoenaed over our Tor exit node

We've run a Tor exit-node for years. In June, we got the nightmare Tor operator scenario: a federal subpoena (don't worry, it ended surprisingly well!)

Going to DEFCON? EFF's got your back

The Electronic Frontier Foundation always has a huge presence at Las Vegas's DEFCON, but this year, we're hosting our first-ever badge-hack contest! Read the rest

Once again: Crypto backdoors are an insane, dangerous idea

The Washington Post editorial board lost its mind and called on the National Academy of Sciences to examine "the conflict" over whether crypto backdoors can be made safe: the problem is, there's no conflict. Read the rest

IRS responds to records request with encrypted CD full of blacked-out documents

Michael sez, "Sometimes a simple 'no' can be better than what agencies consider a response when it comes to Freedom of Information. J. Pat Brown over at FOIA powerhouse MuckRock discovered that the hard way when, after a request for information on information about the IRS's whisteblower office resulted in documents being sent on a CD ... that was fully encrypted ... using a Windows only app ... where the password was sent along in a separate letter." Read the rest

The Tor Project is hiring a new executive director

So, an EFF activist gig isn't for you and neither is deputy director of the Free Software Foundation: how about executive director of the Tor Project, which maintains The Onion Router, a crucial piece of anonymity and privacy technology? Read the rest

Moxie Marlinspike profiled in WSJ. Obama thinks secure messaging apps like the one he built are “a problem.”

[Wall Street Journal]

[Wall Street Journal]

The Wall Street Journal just discovered what some of us have known for a long time: Moxie Marlinspike is really cool, and the work he does is important. Read the rest

What happened at yesterday's Congressional hearings on banning crypto?

Cryptographers and security experts gathered on the Hill yesterday to tell Congress how stupid it was to ban crypto in order to make it easier to spy on "bad guys." Read the rest

Computer scientists on the excruciating stupidity of banning crypto

A paper from some of the most important names in crypto/security history scorchingly condemns plans by the US and UK governments to ban "strong" (e.g. "working") crypto. Read the rest

EFF's new certificate authority publishes an all-zero, pre-release transparency report

EFF, Mozilla and pals are launching Let's Encrypt, an all-free certificate authority, in September -- but they've released a transparency report months in advance. Read the rest

More posts