Signal's new "Sealed Sender" will hide your identity from Signal

A new feature on the encrypted messaging platform Signal, "Sealed Sender," will hide your identity from Signal itself, so that if the company is ever compromised, it will not be able to reveal who sent messages to whom. Read the rest “Signal's new "Sealed Sender" will hide your identity from Signal”

Efail: can email be saved?

The revelation that encrypted email is vulnerable to a variety of devastating attacks (collectively known as "Efail") has set off a round of soul-searching by internet security researchers and other technical people -- can we save email? Read the rest “Efail: can email be saved?”

Amazon doesn't like how Signal circumvents censorship

Signal is an encrypted messaging app for smartphones and desktops that I and a lot of other folks use on a daily basis to communicate with discretion and security. I like it so much that I've moved away from using other services on my iOS and Android phones to using Signal for all of the texting I do, even with those who don't use the app. Unfortunately, according to The Verge, the Signal team is having a difficult time trying to provide its services to users in the UAE, Egypt and Oman, where the app has been banned by the government. Considering the fact that these states aren't known for treating political dissidents and minorities none too well, that's a big deal. For some people, encrypted comms are essential to avoiding incarceration or worse.

The crux of Signal's issues with providing services to users in these countries is that Amazon, whose CloudFront web services Signal's parent company, Open Whisper System, uses, has banned domain-fronting. Domain-fronting, put simply, is a technique for making traffic from one site look like it's from another site. In an email received by Open Whisper System's founder, Moxie Marlinspike (best damn name in the business,) the General Manager of Amazon CloudFront called Open Whisper Systems' domain-fronting out, telling Marlinspike that Amazon would love to have their business, but not his company refuses to comply with their no domain-fronting policies.

From the email:

When access to Signal was originally censored in Egypt, Oman, Qatar, and UAE, we responded by through Google App Engine.

Read the rest “Amazon doesn't like how Signal circumvents censorship”

Amazon orders Signal to stop using AWS to defeat censorship

Repressive autocracies like Egypt, Oman, and the UAE ban Signal and other encrypted messaging apps, using national firewalls to try to block their traffic; Signal evades these blocks by using "domain fronting," in which the service's cloud provider shows up as the origin of its traffic, forcing countries to block Google or Amazon to get at a single service hiding behind them. Read the rest “Amazon orders Signal to stop using AWS to defeat censorship”

A profile of Moxie Marlinspike: the seagoing anarchist cryptographer who brought private messaging to millions

Andy Greenberg's colorful and nuanced profile of Moxie Marlinspike offers some insight into the young, talented cryptographer whose tool, Signal, is now part of both Whatsapp and (shortly) Allo -- an anarchist who walked away from $1M in Twitter payouts after a near-death experience and decided, instead, to build free and open tools to give the entire world the power to keep secrets from the police. Read the rest “A profile of Moxie Marlinspike: the seagoing anarchist cryptographer who brought private messaging to millions”