A new draft proposal at the Internet Engineering Task Force by Phillip Hallam-Baker sets out a work program to harden the Internet against Prism-style surveillance. It's a long but fascinating read, and it's been nicely summarized by ParityNews's Ravi Mandalia, who highlights the proposal's emphasis on Perfect Forward Secrecy and strong crypto by default. Last week, I posted John Gilmore's firsthand account of NSA sabotage of a IETF standard; it will be interesting to see how the NSA engages with this process.
Baker starts off by listing out the attack degree including he likes of information / content disclosure, meta-data analysis, traffic analysis, denial of service attacks and protocol exploits. The author than describes the different capabilities of an attacker and the ways in which an attack can be carried out – passive observation, active modification, cryptanalysis, cover channel analysis, lawful interception, Subversion or Coercion of Intermediaries among others.
Baker then highlights the controls that may be used to defend against the attacks including use of Perfect Forward Secrecy which tends to dramatically increase the cost involved with an attack; use of strong cryptography as a control against passive attacks; use of dual-layered public key exchange “using the credentials of the parties to negotiate a temporary key which is in turn used to derive the symmetric session key used for communications” among others.
The draft lists the final control as policy, audit and transparency; however, it notes that this area is “the most underdeveloped area of internet security to date.”
IETF floats draft PRISM-proof security considerations [Ravi Mandalia/Parity News]
Hank Green (previously) is one half of the famous and much-loved Vlog Brothers; while his brother John Green (previously) is well-known for his novels, Hank hasn't ventured into fiction -- until now. His debut novel, An Absolutely Remarkable Thing is a deceptively romp-y novel about mysterious samurai alien robot statues appearing all at once, everywhere that has hidden and absolutely remarkable depths.
Apple pioneered the idea of "app stores," where operating system vendors got to decide who could distribute software that ran on their platforms, arguing that these "curated" stores would ensure high quality and protect users from malicious and inferior code.
Journalist Sarah Jeong (previously) was just appointed to the New York Times's editorial board, prompting garbage people to dig through her twitter for old posts that could be made to seem offensive out of context in the hopes of getting her fired.
Whether you’re heading for a career as a web developer or designer, the road is wide open. Careers in tech won’t be slowing down anytime soon, but it’s important that you keep up. Enter the Complete Learn to Code Masterclass Bundle. An invaluable resource for beginners or budding pros, the bundle teaches must-know development and […]
Sipping on whiskey is already a sophisticated experience, but that doesn’t mean you can’t kick it up a notch. A perfect addition to your desk or home bar, the Eravino Whiskey Globe Decanter features a beautifully etched map on the surface and an eye-catching glass ship inside, bringing an entirely new level of class to […]
Gone are the days when you needed to pore over a 400-page physics textbook to learn about weight ratios, aerodynamics, and all of those other STEM concepts that let us take to the skies. Thanks to Force Flyers’ DIY Building Block Drones, you can foster your STEM knowledge as you build and fly your own functional […]