Real people don't (just) need encryption

Earlier this month, UK Home Secretary Amber Rudd idiotically insisted that "real people" don't need encrypted messaging apps; but as foolish a statement as that was, there was a kernel of truth to it. Read the rest

Fake negative reviews are a cheap way to screw up darknet drug marketplaces

In The Network Structure of Opioid Distribution on a Darknet Cryptomarket, (Sci-Hub mirror), a paper presented today at the American Sociological Association meeting in Montreal, social scientists Scott W. Duxbury and Dana L. Haynie lay out their findings on using fake bad reviews to disrupt the darknet drug-trade. Read the rest

Bruce Sterling in 1994, talking about crypto backdoors and the future of VR

Here's a 30-minute keynote that Bruce Sterling gave in 1994 to the ICA's "Towards the Aesthetics of the Future" VR conference in London. You should watch it, if only for the insight it gives into the early years of today's most contested technology questions. Read the rest

UK Home Secretary evolves the self-serving crypto-denialism argument with exciting new bullshit

UK Home Secretary Amber Rudd has demanded that online services stop using working cryptography in their products, and instead leave all your communications vulnerable to interception by criminals, governments, businesses and spies. Read the rest

A brief history of Alice & Bob, cryptography's first couple

Alice and Bob are the hypothetical communicants in every cryptographic example or explainer, two people trying to talk with one another without being thwarted or overheard by Eve, Mallory and their legion of nefarious friends. Read the rest

Australia's Prime Minister is a goddamned idiot

Australian PM Malcolm Turnbull: "Well the laws of Australia prevail in Australia, I can assure you of that. The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia." Read the rest

Proof-of-concept camera encrypts images with GPG

W Aaron Waychoff, creator of the Falsom Upside-Down ⊥ "Resist" campaign, was inspired by this 2016 post; he writes, "I've made a proof-of-concept encrypting digital camera based on the open source, widely adoped GnuPG. This project uses public key encryption to encrypt every photo the camera takes before writing the encrypted version to memory. Of particular note, there are absolutely no UI changes over what an ordinary point-and-shoot camera provides. No extra keyboards or touch screens are needed as no passwords need be entered." Read the rest

China orders mobile app stores to remove VPN apps

Starting July 1, the official Android and Apple App stores will no longer allow Chinese users to download the VPN apps that Chinese people rely upon in order to get around the Great Firewall of China, which censors information in China and surveils Chinese peoples' use of the net. Read the rest

A new ransomware strain is seemingly using a leaked NSA cyberweapon to race around the planet

Petya is a well-known ransomware app that has attained a new, deadly virulence, with thousands of new infection attempts hitting Kaspersky Lab's honeypots; security firm Avira attributes this new hardiness to the incorporation of EternalBlue -- the same NSA cyberweapon that the Wannacry ransomware used, which was published by The Shadow Brokers hacker group -- into a new Petya strain. Read the rest

Australia announces plan to ban working cryptography at home and in the US, UK, New Zealand, and Canada

The Australian Attorney General and a key Australian minister have published a memo detailing the demand they plan on presenting to the next Five Eyes surveillance alliance meeting, which will be held next week in Ottawa. Read the rest

Germany mulls sweeping surveillance bill, crypto backdoors and fingerprinting kids

Germany's interior ministry has announced sweeping new surveillance powers ahead of the coming national election, which would include the right to infect residents' computers with malware in order to spy on their encrypted communications (shades of the illegal Bundestrojaner program), ordering tech companies to deliberately introduce defects into their cryptography, and fingerprinting children as young as 6. Read the rest

Linux worm turns Raspberry Pis into cryptocurrency mining bots

Linux.MulDrop.14 is a Linux worm that seeks out networked Raspberry Pi systems with default root passwords; after taking them over and ZMap and sshpass, it begins mining an unspecified cryptocurrency, creating riches for the malware's author and handing you the power-bill. Read the rest

Opsec and #blacklivesmatter: how Trump is motivating activists to learn and practice digital security

It's been more than two years since Harlem Cryptoparty made the connection between the struggle for racial justice in America and access to networks and encryption; the Trump election has strengthened that proposition, with a national network of Digital Security in the Era of Trump workshops where activists train each other on operational security. Read the rest

The Russian Britney Spears Instagram hackers also used satellites to hide their tracks

Pity poor Turla, the advanced persistent threat hacking group closely associated with the Russian government who were outed yesterday for their extremely clever gimmick of using Britney Spears's Instagram account as a covert channel for controlling compromised computers in the field while protecting their "command and control" servers; today, Turla faces another devastating disclosure, a report that Turla exploited gaps in the security model of satellite TV and internet systems to make it possible for compromised computers to contact the C&C servers without revealing their locations. Read the rest

Donate to support GnuPG, the backbone of email privacy and security

It's been two years since the net came together to raise funds to support Werner Koch, who maintains the absolutely vital GnuPG email encryption system, used daily by millions to protect the privacy and integrity of their email. Read the rest

Theresa May wants to ban crypto: here's what that would cost, and here's why it won't work anyway

Aaron Swartz once said, "It's no longer OK not to understand how the Internet works."

Why don't people use secure internet tools?

A group of scholars and practicioners from the US, Germany and the UK conducted a qualitative study on the "obstacles to adoption of secure communications tools," which was presented to the 38th IEEE Symposium on Security and Privacy. Read the rest

More posts