Trustycon: how to redesign NSA surveillance to catch more criminals and spy on a lot fewer people

The Trustycon folks have uploaded over seven hours' worth of talks from their event, an alternative to the RSA security conference founded by speakers who quit over RSA's collusion with the NSA. I've just watched Ed Felten's talk on "Redesigning NSA Programs to Protect Privacy" (starts at 6:32:33), an absolutely brilliant talk that blends a lucid discussion of statistics with practical computer science with crimefighting, all within a framework of respect for privacy, liberty and the US Bill of Rights. — Read the rest

Computer scientists to FBI: don't require all our devices to have backdoors for spies

In an urgent, important blog post, computer scientist and security expert Ed Felten lays out the case against rules requiring manufacturers to put wiretapping backdoors in their communications tools. Since the early 1990s, manufacturers of telephone switching equipment have had to follow a US law called CALEA that says that phone switches have to have a deliberate back-door that cops can use to secretly listen in on phone calls without having to physically attach anything to them. — Read the rest

Bubble-in forms betray individual, traceable "handwriting"

Original research from Princeton's Joe Calandrino, Ed Felten and Will Clarkson show that machine analysis can make very accurate guesses about the identity of people who complete bubble-in forms — that is, there's something like a recognizable, individual "penmanship" for the small scribbles used to fill in the bubbles on machine-readable forms. — Read the rest

Intel threatens lawsuits against HDCP jailbreakers

Last week, the master key for the HDCP DRM scheme — which prevents people from connecting unapproved monitors, recorders and switches to high-def players, computers and consoles — leaked. Using this key, it is now possible to make more flexible and cheaper high-def equipment (for example, high-def recorders that save unrestricted video-files). — Read the rest

Blu-Ray falls: HDCP key crack confirmed

Intel has confirmed that the rumored master key crack for HDCP (the high-definition video "copy protection" used in Blu-Ray, high def consoles, and many game consoles) is real. Blu-Ray and other systems that rely on HDCP are now terminally compromised.

As a practical matter, the most likely scenario for a hacker would be to create a computer chip with the master key embedded it, that could be used to decode Blu-ray discs.

Read the rest

HDCP master-key leaks, possible to make unrestricted Blu-Ray recorders

Engadget reports that the master key that controls HDCP, the anti-copying system used to restrict the outputs of Blu-Ray boxes, set-top boxes, and many game systems, have been compromised and published. With these keys, knowledgeable users can make their own "source" and "sink" keys for devices that permit copying at full resolution — which means that you should be able to create a hard-drive-based recorder that you can plug into your Blu-Ray player and record shows in real-time. — Read the rest

EFF panel: Architecture is policy

One of the Electronic Frontier Foundation's founding principles was Mitch Kapor's aphorism, "Architecture is politics." The design of systems determines the kinds of politics that can take place in them, and designing a system is itself a political act. As part of EFF's ongoing 20th anniversary celebrations, it held a panel called "Architecture is policy" at Carnegie-Mellon, featuring Ed Felten, Dave Farber, Lorrie Cranor, John Buckman, and Cindy Cohn — all heavy hitters in their own right, and dynamite together. — Read the rest