A new draft proposal at the Internet Engineering Task Force by Phillip Hallam-Baker sets out a work program to harden the Internet against Prism-style surveillance. It's a long but fascinating read, and it's been nicely summarized by ParityNews's Ravi Mandalia, who highlights the proposal's emphasis on Perfect Forward Secrecy and strong crypto by default. Last week, I posted John Gilmore's firsthand account of NSA sabotage of a IETF standard; it will be interesting to see how the NSA engages with this process.
Baker starts off by listing out the attack degree including he likes of information / content disclosure, meta-data analysis, traffic analysis, denial of service attacks and protocol exploits. The author than describes the different capabilities of an attacker and the ways in which an attack can be carried out – passive observation, active modification, cryptanalysis, cover channel analysis, lawful interception, Subversion or Coercion of Intermediaries among others.
Baker then highlights the controls that may be used to defend against the attacks including use of Perfect Forward Secrecy which tends to dramatically increase the cost involved with an attack; use of strong cryptography as a control against passive attacks; use of dual-layered public key exchange “using the credentials of the parties to negotiate a temporary key which is in turn used to derive the symmetric session key used for communications” among others.
The draft lists the final control as policy, audit and transparency; however, it notes that this area is “the most underdeveloped area of internet security to date.”
IETF floats draft PRISM-proof security considerations [Ravi Mandalia/Parity News]
In one week, an EU committee will vote on a pair of extreme copyright proposals that will ban linking to news articles without permission, and force internet platforms to spy on all the pictures, text, video, audio and code their users post, sending it to AIs designed to catch copyright infringement and automatically censor anything […]
At the urging of Uganda's corrupt dictator Yoweri Museveni, the Ugandan parliament has enacted legislation imposing a daily tax on anyone using social media platforms; Museveni said the measure would curb "gossip," while Matia Kasaija claimed it would fund security and electrification efforts.
A New York federal judge has ruled that Donald Trump can't block people he doesn't like on Twitter, because he uses Twitter to communicate his edicts and policies as President of the United States, and the US government can't exclude communications based on viewpoint, as this violates the First Amendment.
The human eye is a powerful thing, but it’s not so great at seeing in the dark or around tight spaces, which is partially why most of us struggle with unplugging drains, cleaning under the fridge, and other hard-to-reach jobs. This 1080p HD Waterproof WiFi Wireless Endoscopic Camera, however, gives you the flexibility necessary to get […]
Macs are undeniably some of the most versatile computers on the market, but they can do so much more than what their stock apps allow. For those looking to get the most out of their Mac hardware, the Pay What You Want 2018 Super Mac Bundle features 10 of the industry’s top apps, including photo editors and […]
Salesforce has reinvented the way companies manage customer information, close deals, and ultimately drive revenue, so it should come as no surprise that it’s one of the more valuable skills you can list on your resume today. In fact, according to research from Burning Glass, this platform is now the 7th most in-demand software skill, beating out […]