In my 2008 novel Little Brother, the underground resistance uses a secure operating system called "Paranoid Linux" that is designed to prevent surveillance and leave no evidence of its use; that was fiction, but there's a real Paranoid Linux out there: Tails, The Amnesic Incognito Live System, and it turns 10 today. Read the rest

Facebook's decision to default to end-to-end encryption for Facebook Messenger prompted the governments of the UK, the USA and Australia to write to Mark Zuckerberg, urging him to delay implementation of the move, warning him that adding working encryption by default would make it harder for spies and cops to do their jobs. Read the rest

Princeton's Center for Information Technology Policy is a marvellous interdisciplinary research center, and it is advertising for "visitors" for one-year stints: postdocs, policy fellows and visiting IT professors. Read the rest

[Addendum 2/20/2020: Following a legal complaint, the Guardian removed its article of 14 June 2019 and apologised to Mrs Peel. We are happy to clarify that Yana Peel is not, and was not, personally involved in the operation or decisions of the regulated Novalpina Capital investment fund, which is managed by her husband Stephen Peel, and others. Mrs Peel was not involved in any decision-making relating to the fund’s acquisition of NSO. Mrs Peel only has a small, indirect and passive interest in the fund. She does not own, whether directly or indirectly, any Novalpina Capital entity or any stake in NSO Group.] The NSO Group is one of the world's most notorious cyber-arms dealers, selling hacking tools to some of the world's most oppressive regimes that are used to identify targets for arrest, torture and even murder. The Israeli company went through a series of buyouts and buybacks, ending up in the hands of the European private equity fund Novalpina. Novalpina has pledged to rehabilitate the NSO Group's reputation by reforming its practices and limiting the sale of its spying tools to legitimate actors (whomever they may be). But research from the world-leading Citizen Lab (previously) revealed that NSO was behind a string of attacks on Whatsapp users last may, which was used to target human rights campaigners, journalists, and political dissidents. Facebook has filed a lawsuit against the NSO Group, accusing the company of being behind Whatsapp attacks in 20 countries (Whatsapp is a division of Facebook); Facebook claims that the attacks swept up at least 100 members of civil society groups. The suit seeks an injunction against future NSO Group attacks on Whatsapp and unspecified monetary damages. NSO is also being sued in Israel for allegedly helping to entrap the Saudi journalist Jamal Khashoggi, who was kidnapped, murdered and dismembered at the direction of the Saudi Crown Prince Mohammed Bin Salman. Facebook's suit presents a mixed bag of legal theories: they accuse NSO Group of violating California contract and property law, but also of violating the tremendously flawed Computer Fraud and Abuse Act, a 1986 federal anti-hacking law that Facebook drastically expanded when it sued a competitor called Power Ventures in 2008 (the CFAA was also the law used to hound Aaron Swartz to death). Read the rest

Jim Baker served as the FBI's general counsel from 2014 until 2017, and he presided over the the FBI's attempt to force Apple to undermine its cryptography under the rubric of investigating the San Bernadino shooters; he has long been a prominent advocate for mass surveillance, but he has had a change of heart: in a long, detailed essay on Lawfare, Baker explains why he believes that governments should not seek to introduce defects into cryptographic systems. Read the rest

If you're in China, Iran or some other country whose national firewall blocks BBC News, you can still access it over the Tor network at bbcnewsv2vjtpsuy.onion, which mirrors the main BBC News site as well as BBC Mundo and BBC Arabic. Read the rest

Since the 1990s, governments around the world have waged war on working encryption, arguing that "civilians" should be limited to using crypto with known defects that allow it to be broken, so that "good guys" can chase "bad guys." Read the rest

Australian politics are a revolting mess of unstable governments dominated by xenophobic, climate-denying far-right oligarchs, and the only check on their power is the fact that Australian governments are so riven by internal strife and unhinged authoritarianism that they tend to collapse on a quarterly basis, triggering new elections and/or leadership contests. Read the rest

I'm 100% in favor of pro-competitive regulation of Big Tech, and that is because I'm 100% in favor of pro-competitive regulation of all our hyper-concentrated, monopolistic industries. Read the rest

Eleanor Saitta's (previously) 2016 essay "Coercion-Resistant Design" (which is new to me) is an excellent introduction to the technical countermeasures that systems designers can employ to defeat non-technical, legal attacks: for example, the threat of prison if you don't back-door your product. Read the rest

After Deadspin's Laura Wagner published an incredible, brave, detailed look at how her new private equity masters -- Jim Spanfeller/Great Hill Partners -- were running Gawker now that they'd acquired it from Univision, the company (now called "G/O Media") struck back. Read the rest

“You have the right to remain silent.” We’ve heard the Miranda warning countless times on TV, but what good is the right to remain silent if our own cellphones testify against us? Imagine every incriminating and embarrassing secret our devices hold in the hands of prosecutors, simply because you’ve been accused of a minor crime. This is the brave new world that Attorney General Bill Barr advocated when he recently addressed the International Conference on Cyber Security and called for an end to encryption as we know it. Read the rest

Ben Herzog's Cryptographic Attacks: A Guide for the Perplexed from Check Point Research is one of the clearest, most useful guides to how cryptography fails that I've ever read. Read the rest

Proposals to ban working cryptography were all the rage in the Clinton years, but then they fell out of vogue for a decade, only to come roaring back in the form of bizarre proposals each stupider than the last, with Australia bringing home the gold in the Dumbfuck Olympics. Read the rest

The Bank of England has unveiled its new £50 notes, which had been earmarked to honour a distinguished British scientist, and which will feature Alan Turing, the WWII hero who discovered many of the foundational insights to both modern computing and cryptography, and whose work with the codebreakers of Bletchley Park are widely believed to have shortened WWII by many years and saved millions of lives. Read the rest

In 2012, the Wall Street Journal first reported on a mysterious cellphone surveillance tool being used by law-enforcement; years later, we learned that the origin of this report was an obsessive jailhouse lawyer who didn't believe that the cops had caught him the way they said they had. Read the rest

ISPs in the UK are required to censor a wide swathe of content: what began as a strictly limited, opt-in ban on depictions of the sexual abuse of children has been steadily expanded to a mandatory ban on "extreme" pornography, "terrorist content," copyright and trademark infringement, and then there's the on-again/off-again ban on all porn sites unless they keep a record of the identity of each user and the porn they request.. Read the rest