Sign in or Join FriendFeed
FriendFeed is the easiest way to share online. Learn more »
Crypto, Security, Privacy

Crypto, Security, Privacy

Cryptography, Security, Privacy
imabonehead
Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA | Enterprise | WIRED - http://www.wired.com/2014...
Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA | Enterprise | WIRED
"When NSA whistle-blower Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. But this month, we learned that Snowden used another technology to keep his communications out of the NSA’s prying eyes. It’s called Tails. And naturally, nobody knows exactly who created it." - imabonehead from Bookmarklet
imabonehead
"SigmaVPN is simple, light-weight and modular VPN software for UNIX systems, deploying the NaCl encryption library. It's easy to configure, has low overheads and is reliable. No longer is it necessary to waste precious time configuring overcomplicated tunnels." - imabonehead from Bookmarklet
imabonehead
"The Canadian Revenue Agency (CRA), which performs the same function for the Canadian government that the Internal Revenue Service does in the U.S., announced today that it has been bitten by the Heartbleed bug. The agency said that hackers removed approximately 900 social insurance numbers (SINs — equivalent to U.S. social security numbers) in a six-hour period before the CRA systems could be shut down. The attack occurred on April 8th." - imabonehead from Bookmarklet
Crypto, Security, Privacy
Obama lets NTSB exploit widespread tire vulnerabilities - http://benlog.com/2014...
Crypto, Security, Privacy
to Brendan and Mozilla - http://benlog.com/2014...
imabonehead
Sources: Credit Card Breach at California DMV — Krebs on Security - http://krebsonsecurity.com/2014...
Sources: Credit Card Breach at California DMV — Krebs on Security
"The California Department of Motor Vehicles appears to have suffered a wide-ranging credit card data breach involving online payments for DMV-related services, according to banks in California and elsewhere that received alerts this week about compromised cards that all had been previously used at California DMV locations." - imabonehead from Bookmarklet
Oh, fuck. - Spidra Webster
indeed. - imabonehead
Dang. - Stephen Mack from iPhone
Eric Logan
This Very Complex Malware Has Been Spreading Since 2007, and It's Not Clear Where It Came From | Motherboard - http://motherboard.vice.com/blog...
This Very Complex Malware Has Been Spreading Since 2007, and It's Not Clear Where It Came From | Motherboard
A surprisingly sophisticated malware named Careto has been infecting computers globally since at least 2007, a new report from security firm Kaspersky revealed today. While the virus, also known as The Mask, appears to have originated in a Spanish-speaking country—careto, a Spanish slang term for an ugly face, was found in the code—it's so complex that it's not clear the average hacker could have built it. According to Kaspersky's report, Careto is definitely aimed at power brokers—government and diplomatic targets, private companies (especially in the energy sector), research institutions, private equity firms, and activists—and 380 victims with over 1000 IP addresses in 31 countries have been found so far. Aside from its targets, the truly notable thing about the virus is how flexible it is. The researchers write that it "includes an extremely sophisticated malware, a rootkit, a bootkit, 32- and 64-bit Windows versions, Mac OS X and Linux versions and possibly versions for Android... more... - Eric Logan from Bookmarklet
Criminy! - Jkram|ɯɐɹʞſ
Crypto, Security, Privacy
when selfish acts become altruistic - http://benlog.com/2014...
imabonehead
U.S. & British Governments Reportedly Spying on Your 'Angry Birds' Game - http://www.yahoo.com/tech...
"The National Security Agency and its British counterpart are tapping into smartphone applications to scoop up personal data, The New York Times reported Monday. In the latest revelations from U.S. intelligence leaker Edward Snowden, classified documents show the NSA and Britain’s Government Communications Headquarters are working to snatch location and other sensitive information by exploiting “leaky” smartphone apps such as Google Maps or mobile versions of Facebook, Twitter and other services, the Times wrote." - imabonehead from Bookmarklet
Crypto, Security, Privacy
the French like their strikes like Americans like their guns - http://benlog.com/2014...
Crypto, Security, Privacy
there are 3 kinds of crypto - http://benlog.com/2014...
imabonehead
Exclusive: Secret contract tied NSA and security industry pioneer - Yahoo Newsc - http://news.yahoo.com/exclusi...
"As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned." - imabonehead from Bookmarklet
imabonehead
Target says 40 million cards likely skimmed in security breach | PCWorld - http://www.pcworld.com/article...
"Target has confirmed that data from about 40 million credit and debit cards was stolen at its stores between Nov. 27 and Dec. 15. The statement from the retailer Thursday follows reports that thieves had accessed data stored on the magnetic stripe on the back of credit and debit cards during the Black Friday weekend through card swiping machines that could have been tampered with at the retailer’s stores, a practice known as card skimming." - imabonehead from Bookmarklet
Eric Logan
An MIT Project That Lets You Spy On Yourself : Planet Money : NPR - http://www.npr.org/blogs...
An MIT Project That Lets You Spy On Yourself : Planet Money : NPR
I didn't make this picture, or choose the colors, or create categories, or anything. I just went to immersion.media.mit.edu and gave the site permission to access my Gmail account and map my metadata. You can do it, too. It's fun and kind of creepy. It's like being your own Big Brother. The project, called Immersion, was created by a few guys at the MIT Media Lab. It went live yesterday, according to the Boston Globe. "When you see it all together, it is, in a way, an out-of-body experience," one of the creators of the project told the Globe. "You're seeing all of your network and you're seeing yourself out of it and you're seeing it from afar and you're seeing it in one picture." - Eric Logan from Bookmarklet
imabonehead
Microsoft joins group seeking to replace passwords | PCWorld - http://www.pcworld.com/article...
"Microsoft has joined the FIDO Alliance, an industry group attempting to craft industry standards that reduce reliance on passwords, long regarded as a weak point in Web security. Launched in July 2012, FIDO, which stands for Fast IDentity Online, is hoping its specifications for security devices and browser plugins will be widely adopted across the technology industry. Such efforts depend on voluntary adoption by many companies and organizations. So far, those participating in FIDO include heavyweights Google, MasterCard, Lenovo, Infineon, LG Electronics and a variety of smaller companies." - imabonehead from Bookmarklet
imabonehead
Someone's Been Siphoning Data Through a Huge Security Hole in the Internet | Threat Level | Wired.com - http://www.wired.com/threatl...
Someone's Been Siphoning Data Through a Huge Security Hole in the Internet | Threat Level | Wired.com
"In 2008, two security researchers at the DefCon hacker conference demonstrated a massive security vulnerability in the worldwide internet traffic-routing system — a vulnerability so severe that it could allow intelligence agencies, corporate spies or criminals to intercept massive amounts of data, or even tamper with it on the fly." - imabonehead from Bookmarklet
"The traffic hijack, they showed, could be done in such a way that no one would notice because the attackers could simply re-route the traffic to a router they controlled, then forward it to its intended destination once they were done with it, leaving no one the wiser about what had occurred." - imabonehead
"Now, five years later, this is exactly what has occurred. Earlier this year, researchers say, someone mysteriously hijacked internet traffic headed to government agencies, corporate offices and other recipients in the U.S. and elsewhere and redirected it to Belarus and Iceland, before sending it on its way to its legitimate destinations. They did so repeatedly over several months. But luckily someone did notice. And this may not be the first time it has occurred — just the first time anyone has noticed." - imabonehead
Eric Logan
From Turing to Snowden: how US-UK pact forged modern surveillance. - http://www.theguardian.com/world...
From Turing to Snowden: how US-UK pact forged modern surveillance.
There haven't been too many moments of levity over the past four months for those intimately involved in the story of Edward Snowden. It hasn't been a laughing matter for the man himself, who is now stuck in Russia, the intelligence agencies whose secrets he has disclosed, or the governments that have had to deal with the consequences. But the impasse between the opposing forces in this unprecedented and complex saga has been broken on occasion. One of these moments came at the Guardian's London headquarters, near King's Cross station, on Wednesday 17 July. The scene was a second-floor office overlooking Regent's Canal, the time 11am. On one side of a large, round wooden table sat two senior officials from the Cabinet Office, nursing cups of coffee and unconcealed irritation. Facing them were two journalists from the Guardian. After hollow pleasantries and firm handshakes, the conversation turned to the right to freedom of speech on issues that might affect national security. And,... more... - Eric Logan from Bookmarklet
Crypto, Security, Privacy
on cooking turkey and solving problems - http://benlog.com/2013...
imabonehead
Opinion: 'Stalker economy' here to stay - CNN.com - http://edition.cnn.com/2013...
Opinion: 'Stalker economy' here to stay - CNN.com
Opinion: 'Stalker economy' here to stay - CNN.com
"Surveillance is the business model of the Internet -- Al Gore recently called it a "stalker economy." All major websites run on advertising, and the more personal and targeted that advertising is, the more revenue the site gets for it. As long as we users remain the product, there is minimal incentive for these companies to provide any real privacy." - imabonehead from Bookmarklet
la pubblicitá è il male - Clark Kent
advertising is evil - Clark Kent
"advertising is evil" and "people don't want to pay for content" --> 404 business model not found - Pierotaglia
Hahaha @ Pierotaglia. Big issues with the way private investigators were in access of personal information like medical records, which is illegal but possible to obtain in the example of the UK. Unfortunately, they also influence the way that market is valued and will generate a bubble with more and more organizations willing to go over the thin line. In another direction, it also helps... more... - Zu from AOD
that people don't wanna pay for online content is a given not demonstrated anywhere. - Clark Kent
@CK try to talk with someone in the "content" industry (maybe you can save them) ;) - Pierotaglia
Speaking seriously there is a big problem in the trade off: on one hand people ask for a personalized service or product (saying that "mas market is dead! I'm a person not a target" and other dumb things) but this require a considerable knowledge of the target/customer and You need data; on the other hand people want privacy and they don't want to be tracked from companies. It's not a... more... - Pierotaglia
You're so literary. You know so many notions but you understand less than a tenth of those. You know too much for your own good - Clark Kent
@ck maybe You can enlight us - Pierotaglia
I already tried, to no use, as usual. The article already suggests a different business model, if you read again, well, all the way to the end, a lamp might go off in your head. I'll give you a hint: remember when people used to say that they didn't want commercials in tv shows ? The cable came. Another hint: when they say "I'm not a target" you deduce that your profiling has to be more... more... - Clark Kent
@ck quite an interestig point of view but imho You're forgetting something when You talk about "cable": in the last 20 years the content ecosystem had radically changed with internet. I therefore think that it's quite legittimate that users don't want to be tracked, but without tracking You'll keep getting useless banners and popups. I pay for content, but my behaviour it's not... more... - Pierotaglia from FreshFeed
Oh I forgot something ! Oh pesky me, I knew I was gonna screw it up - Clark Kent
banners? popups? can't remember... what do you mean? - непростые коротышки
Crypto, Security, Privacy
Testimony before the US House Committee on Science, Space, and Technology - http://avi-rubin.blogspot.com/2013...
imabonehead
BinaryPig: Scalable Static Binary Analysis Over Hadoop | Cloudera Developer Blog - http://blog.cloudera.com/blog...
BinaryPig: Scalable Static Binary Analysis Over Hadoop | Cloudera Developer Blog
BinaryPig: Scalable Static Binary Analysis Over Hadoop | Cloudera Developer Blog
"Our thanks to Telvis Calhoun, Zach Hanif, and Jason Trost of Endgame for the guest post below about their BinaryPig application for large-scale malware analysis on Apache Hadoop. Endgame uses data science to bring clarity to the digital domain, allowing its federal and commercial partners to sense, discover, and act in real time." - imabonehead from Bookmarklet
imabonehead
imabonehead
Apple REVEALS how it passes fanbois' data to govt, says 'we're better than Facebook, though' • The Register - http://www.theregister.co.uk/2013...
Apple REVEALS how it passes fanbois' data to govt, says 'we're better than Facebook, though' • The Register
"Apple has joined Facebook, Google, Microsoft, Twitter, and Yahoo!'s transparency club, releasing a detailed report on the numbers and types of requests for personal records it has received from law enforcement and government agencies around the world. "We have reported all the information we are legally allowed to share," the report, issued Tuesday, states, "and Apple will continue to advocate for greater transparency about the requests we receive."" - imabonehead from Bookmarklet
imabonehead
A (relatively easy to understand) primer on elliptic curve cryptography | Ars Technica - http://arstechnica.com/securit...
A (relatively easy to understand) primer on elliptic curve cryptography | Ars Technica
Show all
"Elliptic curve cryptography (ECC) is one of the most powerful but least understood types of cryptography in wide use today. An increasing number of websites make extensive use of ECC to secure everything from customers' HTTPS connections to how they pass data between data centers. Fundamentally, it's important for end users to understand the technology behind any security system in order to trust it. To that end, we looked around to find a good, relatively easy-to-understand primer on ECC in order to share with our users. Finding none, we decided to write one ourselves. That is what follows." - imabonehead from Bookmarklet
Davide in the TARDIS
Crypto, Security, Privacy
An Approach to Reduce Storage for Homomorphic Computations, by Jung Hee Cheon and Jinsu Kim - http://eprint.iacr.org/2013...
Crypto, Security, Privacy
Adaptive Witness Encryption and Asymmetric Password-based Cryptography, by Mihir Bellare and Viet Tung Hoang - http://eprint.iacr.org/2013...
Crypto, Security, Privacy
Limits of Extractability Assumptions with Distributional Auxiliary Input, by Elette Boyle and Rafael Pass - http://eprint.iacr.org/2013...
Crypto, Security, Privacy
Cryptanalysis of Zorro, by Jian Guo and Ivica Nikolic and Thomas Peyrin and Lei Wang - http://eprint.iacr.org/2013...
Crypto, Security, Privacy
Ambiguous One-Move Nominative Signature Without Random Oracles, by Dennis Y. W. Liu and Duncan S. Wong and Qiong Huang - http://eprint.iacr.org/2013...
Other ways to read this feed:Feed readerFacebook