A new draft proposal at the Internet Engineering Task Force by Phillip Hallam-Baker sets out a work program to harden the Internet against Prism-style surveillance. It's a long but fascinating read, and it's been nicely summarized by ParityNews's Ravi Mandalia, who highlights the proposal's emphasis on Perfect Forward Secrecy and strong crypto by default. Last week, I posted John Gilmore's firsthand account of NSA sabotage of a IETF standard; it will be interesting to see how the NSA engages with this process.
Baker starts off by listing out the attack degree including he likes of information / content disclosure, meta-data analysis, traffic analysis, denial of service attacks and protocol exploits. The author than describes the different capabilities of an attacker and the ways in which an attack can be carried out – passive observation, active modification, cryptanalysis, cover channel analysis, lawful interception, Subversion or Coercion of Intermediaries among others.
Baker then highlights the controls that may be used to defend against the attacks including use of Perfect Forward Secrecy which tends to dramatically increase the cost involved with an attack; use of strong cryptography as a control against passive attacks; use of dual-layered public key exchange “using the credentials of the parties to negotiate a temporary key which is in turn used to derive the symmetric session key used for communications” among others.
The draft lists the final control as policy, audit and transparency; however, it notes that this area is “the most underdeveloped area of internet security to date.”
IETF floats draft PRISM-proof security considerations [Ravi Mandalia/Parity News]
A year ago, smarting over public criticism of its role in promoting division and stoking racism, Facebook announced a major shift in its newsfeed algorithm which would downrank posts from media organizations and uprank the things sent by your friends on the network, in the name of promotion a gentler form of "engagement" that would […]
A new report from Edison Research finds Facebook's American user-base contracted for the second consecutive year in 2018, shrinking by 15,000,000, and that the biggest declines have come from the coveted 12-34 year old group.
GDELT, a digital news monitoring service backed by Google Jigsaw, has released a massive, open set of linking data, containing 1.78 billion links in CSV, with four fields for each link: "FromSite,ToSite,NumDays,NumLinks."
Got a vision to put on film? The Film & Cinematography Mastery Bundle shows you how to put it there, with classes covering gear, lighting, production – even marketing. Even in this age of indie cinema, filmmaking can seem like an exclusive world for the chosen few. But with the right eye – and the […]
If you’re into tech at all, you should definitely consider unleashing your inner tinkerer on a Raspberry Pi board. If you’re intimidated, don’t be. It’s a statistical probability that people half your age have created cooler things than you can imagine with the versatile kit. Not sure where to start? The Complete Raspberry Pi 3B+ […]
Are you super organized? You’re going to love the Genius Pack G4 and its seemingly limitless, well-placed compartments. Not that organized? You’re still going to love this piece of luggage because it’s so well thought out that it practically does the packing for you. We’ve all tried to stuff a piece of carry-on so full […]