OpenSSL maintainer and Google cryptographer Ben Laurie and I collaborated on an article for Nature magazine on technical systems for finding untrustworthy Certificate Authorities. We focused on Certificate Transparency, the solution that will shortly be integrated into Chrome, and also discuss Sovereign Keys, a related proposal from the Electronic Frontier Foundation. Both make clever use of cryptographic hashes, arranged in Merkle trees, to produce "untrusted, provable logs."
In 2011, a fake Adobe Flash updater was discovered on the Internet. To any user it looked authentic. The software’s cryptographic certificates, which securely verify
the authenticity and integrity of Internet connections, bore an authorized signature. Internet users who thought they were applying a legitimate patch unwittingly turned their computers into spies. An unknown master had access to all of their data. The keys used to sign the certificates had been stolen from a ‘certificate authority’ (CA), a trusted body (in this case, the Malaysian Agricultural Research and Development Institute) whose encrypted signature on a website or piece of software tells a browser program that the destination is bona fide. Until the breach was found and the certificate revoked, the keys could be used to impersonate virtually any site on the Internet.
Secure the Internet (PDF)
Petition demands recall of 500,000+ cars over alleged defect Electric car maker Tesla said on Monday there was no unintended acceleration in its vehicles, as petition signature-gatherers demanding a federal safety investigation have claimed.
Frontier is the bottom-rung of the top-tier of US ISPs, serving customers in 29 states. Despite enjoying monopoly control over its customers' online lives, and despite massive government handouts and a lackadaisical approach to maintenance, and despite out-and-out theft from customers, the company is filing for bankruptcy, having accumulated $16.3b in debt through mismanagement.
Bees are big business. Almonds are in big demand as a cash crop in California, ever the more so as the almond milk trend grows. Growers use bees to pollinate the trees. The bees are already challenged enough as it is — now there are bee stealing criminals who drive around stealing them. One such […]
From OneDrive to Slack, there are numerous ways to store files online. Because many platforms offer a certain amount of free storage, it makes sense to mix and match. However, spreading your files across multiple apps can make things very confusing. Rethink Files offers a simple solution. By connecting to all your other cloud storage […]
Winter can be a difficult time of year for golfers. Between the freezing temperatures and frequent snow showers, maintaining your handicap can seem almost impossible. When the fairways are frozen solid, the PhiGolf simulator lets you practice at home. This device captures every nuance of your swing to provide virtual coaching. Better still, you can […]
Photoshop is one of the most widely used photo editing tools out there, to the point that it’s the default program designers think of whenever they need work done. Small wonder, too: The flagship software in Adobe’s creative suite is very powerful — if you know how to use it. There is a lot to […]