32 Matching Annotations
  1. Apr 2019
    1. LastPass has always been stressing that they cannot access your passwords, so keeping them on their servers is safe. This statement has been proven wrong several times already, and the improvements so far aren’t substantial enough to make it right. LastPass design offers too many loopholes which could be exploited by a malicious server. So far they didn’t make a serious effort to make the extension’s user interface self-contained, meaning that they keep asking you to trust their web server whenever you use LastPass.
  2. Mar 2019
    1. Carson Farmer noted that GMAIL is fundamentally a better user experience because individuals didn’t need to run their own protocols or set up their own servers.

      If so, why then not use ProtonMail that does not serve ads, abuse your data, and gives you the option for built-in e-mail encryption?

  3. Aug 2018
  4. Jun 2018
    1. IDEAS FOR TECHNICAL MECHANISMSA technique called differential privacy1 provides a way to measure the likelihood of negative impact and also a way to introduce plausible deniability, which in many cases can dramatically reduce risk exposure for sensitive data.Modern encryption techniques allow a user’s information to be fully encrypted on their device, but using it becomes unwieldy. Balancing the levels of encryption is challenging, but can create strong safety guarantees. Homomorphic encryption2 can allow certain types of processing or aggregation to happen without needing to decrypt the data.Creating falsifiable security claims allows independent analysts to validate those claims, and invalidate them when they are compromised. For example, by using subresource integrity to lock the code on a web page, the browser will refuse to load any compromised code. By then publishing the code’s hash in an immutable location, any compromise of the page is detectable easily (and automatically, with a service worker or external monitor).Taken to their logical conclusion these techniques suggest building our applications in a more decentralized3 way, which not only provides a higher bar for security, but also helps with scaling: if everyone is sharing some of the processing, the servers can do less work. In this model your digital body is no longer spread throughout servers on the internet; instead the applications come to you and you directly control how they interact with your data.
  5. Apr 2018
  6. Jul 2017
    1. n this case, decentralization enables them toexchange encrypted data and obtain the sought after re-sult without relying on any particular entity to preservetheir privacy.
  7. Jun 2016
  8. Feb 2016
  9. Jan 2016
    1. “traffic analysis.” It’s basis lies in observing all message traffic traveling on a network and discerning who’s communicating with whom, how much, and when.

      The strategy seems to be archive everything in case traffic analysis finds something worth going back and reading.

      Defense against traffic analysis:

      Messages from users must be padded to be uniform in size and combined into relatively large “batches,” then shuffled by some trustworthy means, with the resulting items of the randomly ordered output batch then distributed to their respective destinations. (Technically, decryption needs to be included in the shuffling.) Mix network

      He then talks about limited anonymity and pairwise pseudonyms as ways of solving problems with complete anonymity versus public identification. There is an article in Wired about his proposed system.

    1. State legislators in New York and California have introduced bills that would require smartphone vendors to be able to decrypt users' phones.

  10. Dec 2015
    1. Manhattan district attorney Cyrus R. Vance Jr. says that law enforcement agencies want Google and Apple to return to systems without full-disk encryption -- those before iOS 8 and Android Lollipop -- which they could unlock in compliance with a warrant.

      He says that's all they're asking. If that's true, they should be speaking out loudly against mass surveillance and FBI demands for backdoors.

    1. Representatives of the White House seemed to listen attentively, but shared little about their thoughts. They maintained that President Obama’s position has not changed in the last few months. While they seemed well aware of our concerns about the technical infeasibility of inserting backdoors, they didn’t necessarily share them. That worried us a great deal.
    1. this week’s announcement by Google that a machine made by a Canadian company, D-Wave Systems, which is marketed as “the world’s first commercial quantum computer”, had shown spectacular speed gains over conventional computers. “For a specific, carefully crafted proof-of-concept problem,” Google’s Hartmut Neven reported, “we achieved a 100-million-fold speed-up.”
    1. Apple CEO Tim Cook has repeatedly and strongly criticized those in government who have demanded backdoors, explaining: “You can’t have a back door in the software because you can’t have a back door that’s only for the good guys.” And a representative of many of the large tech companies recently remarked: “Weakening security with the aim of advancing security simply does not make sense.” Eighty-five percent of cybersecurity experts recently surveyed by Politico called backdoors “a bad idea”. (We know, for example, the NSA in particular loves to prey on foreign phone companies’ backdoors.)
    1. The San Bernardino shootings are also being cited by some Republicans, including presidential candidate Sen. Marco Rubio, as a reason to reinstate the warrantless bulk collection of domestic telephone data — the one program that was shut down by Congress after NSA whistleblower Edward Snowden revealed a massive, secret surveillance dragnet. An Associated Press story on Saturday added fuel to the fire when it claimed that as a result of the shutdown, the government could no longer access historical call records by the San Bernardino couple. But as Emptywheel blogger Marcy Wheeler amply explained, the FBI has plenty of other ways of getting the information.
  11. Nov 2015
    1. The key lesson of the post-9/11 abuses — from Guantanamo to torture to the invasion of Iraq — is that we must not allow military and intelligence officials to exploit the fear of terrorism to manipulate public opinion. Rather than blindly believe their assertions, we must test those claims for accuracy.
    2. In sum, Snowden did not tell the terrorists anything they did not already know. The terrorists have known for years that the U.S. government is trying to monitor their communications.What the Snowden disclosures actually revealed to the world was that the U.S. government is monitoring the Internet communications and activities of everyone else: hundreds of millions of innocent people under the largest program of suspicionless mass surveillance ever created, a program that multiple federal judges have ruled is illegal and unconstitutional.
    3. Bodies were still lying in the streets of Paris when CIA operatives began exploiting the resulting fear and anger to advance long-standing political agendas. They and their congressional allies instantly attempted to heap blame for the atrocity not on Islamic State but on several preexisting adversaries: Internet encryption, Silicon Valley's privacy policies and Edward Snowden.
    1. In this rush to blame a field that is largely unknowable to the public and therefore at once alluring and terrifying, little attention has been paid to facts: The Paris terrorists did not use encryption, but coordinated over SMS, one of the easiest to monitor methods of digital communication. They were still not caught, indicating a failure in human intelligence and not in a capacity for digital surveillance.
    2. The call for backdoors is nothing new. During my career in the private sector, I’ve seen requests to backdoor encryption software so as to please potential investors, and have seen people in the field who appeared to stand for secure software balk under the excuse of “if that’s what the customer wants,” even if it results in irreparable security weaknesses. I’ve had well-intentioned intelligence officers ask me informally, out of honest curiosity, why it is that I would refuse to insert backdoors. The issue is that cryptography depends on a set of mathematical relationships that cannot be subverted selectively. They either hold completely or not at all. It’s not something that we’re not smart enough to do; it’s something that’s mathematically impossible to do. I cannot backdoor software specifically to spy on jihadists without this backdoor applying to every single member of society relying on my software.
    3. When you make a credit card payment or log into Facebook, you’re using the same fundamental encryption that, in another continent, an activist could be using to organize a protest against a failed regime.<br> ...<br> If a terrorist is suspected of using a Toyota as a car bomb, it’s not reasonable to expect Toyota to start screening who it sells cars to, or to stop selling cars altogether.<br> ...<br> The brouhaha that has ensued from the press has been extreme. ... A Wired article, like many alongside it, finds an Arabic PDF guide on encryption and immediately attributes it as an “ISIS encryption training manual” even though it was written years ago by Gaza activists with no affiliation to any jihadist group.

    1. In the wake of the cowardly terrorist attacks in Paris, many politicians, intelligence officials and pundits are predictably calling for a return to discredited policies of the past that would weaken Americans’ security, violate their privacy and do little or nothing to protect us from terrorists.

      Senator Ron Wyden of Oregon takes the position in favor of strong encryption, and against mass surveillance, with links to supporting articles.

    1. Another provision of the proposed Investigatory Powers Bill is that internet service providers (ISPs) must retain a record of all the websites you visit (more specifically, all the IP addresses you connect to) for one year. This appears to be another measure to weaken privacy while strengthening security – but in fact, it is harmful to both privacy and security. In order to maintain a record of every website you have visited in the last year, the ISP must store that information somewhere accessible. Information that is stored somewhere accessible will sooner or later be stolen by attackers.
    2. I’ll say it again, to be absolutely clear: any mechanism that can allow law enforcement legitimate access to data can inevitably be abused by hostile foreign intelligence services, and even technically sophisticated individuals, to break into systems and gain unauthorised access to the same data.
    3. If the law enforcement services can remotely break into the device of a suspect, then sooner or later criminals will find ways to use the same mechanism to break into devices and steal or destroy your personal data.
    4. Any method that provides exceptional access immediately exposes the system to attacks by malicious parties, rendering the protection of encryption essentially worthless. Exceptional access would probably require that government departments have some kind of master keys that allowed them to decrypt any communication if required. Those master keys would obviously have to be kept extremely secret: if they were to become public, the entire security infrastructure of the internet would crumble into dust. How good are government agencies at keeping secrets?
  12. Jun 2014