Archive for category Comms

BitTorrent Creates More Secure Chat Program

From BitTorrent:

First, a few words on Chat’s origins. Here at BitTorrent, we value privacy. With the news this year reminding us all of the susceptibility of the communications platforms we rely on to snooping, we found ourselves wanting something new, something secure, something private. We ultimately realized that we were uniquely qualified to build this platform.

, , , , ,

No Comments

NSA “CO-TRAVELER” Program Revealed

From EFF:

With neither public debate nor court authorization, CO-TRAVELER collects billions of records daily of cell phone user location information. It maps the relationships of cell phone users across global mobile network cables, gathering data about who you are physically with and how often your movements intersect with other cell phone users. The program even tracks when your phone is turned on or off.

, , , , ,

No Comments

RSA Paid $10 Million By NSA To Keep Backdoor In Crypto

From Ars Technica:

Security company RSA was paid $10 million to use the flawed Dual_EC_DRBG pseudorandom number generating algorithm as the default algorithm in its BSafe crypto library, according to sources speaking to Reuters.

, , , ,

No Comments

Military To Add Mobile Devices To Networks

From FierceMobileIT:

For the first time in U.S. military history, foot soldiers and company support teams in Afghanistan are using specialized handheld mobile devices to access digital maps, exchange information with other troops and store mission-critical information. What began in 2011 as a way to supply soldiers with high-resolution maps on a PDA-type device eventually morphed into a suite of over 50 apps on something that now more closely resembles a mobile phone.

From Military.com:

In May, the Defense Department approved government-issued Apple devices using the iOS 6 operating system to connect to its networks, so long as they are operated within the confines of mobility pilots or a mobile device management (MDM) solution, once that is in place.

Likewise, the Samsung Knox version of Android was approved for use on DoD networks, pending the rollout of an MDM solution, said DoD spokesman Lt. Col. Damien Pickart.

, , , , ,

No Comments

Repeated attacks hijack huge chunks of Internet traffic.

From: Ars Technica

Man-in-the-middle attacks divert data on scale never before seen in the wild.

The hacks, which exploit implicit trust placed in the border gateway protocol used to exchange data between large service providers, affected “major financial institutions, governments, and network service providers” in the US, South Korea, Germany, the Czech Republic, Lithuania, Libya, and Iran.

more

, ,

No Comments

Spy Apps For the Individual

Silent Circle – Secure Communications

Photo Trap – Tamper Detection

Life360 – Safety and Tracking

1Password – Secure Password Management

iDiscreet – Data Encryption

Norton Mobile Security – Firewall for Phones

, , , , , , ,

No Comments

Operation Mountain Roundup 2013

, , , , , , , ,

No Comments

Press Release: Dark Mail Alliance

Today at the Inbox Love conference in Mountain View, CA, Silent Circle along with Ladar Levision, Founder of Lavabit officially announced the creation of the Dark Mail Alliance.

Silent Circle and Lavabit, as privacy innovators have partnered to lead the charge to replace email as we know it today – fundamentally broken from a privacy perspective – we have collaborated in developing a private, next-generation, end-to-end encrypted alternative. Read the rest of this entry »

, , , , , , , ,

No Comments

Head of NSA Out in 2014

From The Guardian:

Alexander has formalized plans to leave by next March or April, while his civilian deputy, Chris Inglis, is due to retire by year’s end, according to US officials who spoke on condition of anonymity.

, ,

No Comments

Ham Radios – James Yeager

James Yeager talks about his Ham Radios

,

No Comments

Did the NSA Build a Backdoor into U.S. Crypto?

From: Threat Level

… The talk was only nine slides long (.pdf). But those nine slides were potentially dynamite. They laid out a case showing that a new encryption standard, given a stamp of approval by the U.S. government, possessed a glaring weakness that made an algorithm in it susceptible to cracking. But the weakness they described wasn’t just an average vulnerability, it had the kind of properties one would want if one were intentionally inserting a backdoor to make the algorithm susceptible to cracking by design.

more

, , , ,

No Comments

Senate to Approve “Real” Journalists, Drudge Explodes

Matt Drudge was none too happy about Democrats determining who is and who is not a journalist:

, , , ,

No Comments

NSA May Have Impersonated Google

From Cnet.com:

Earlier this week, Techdirt picked up on a passing mention in a Brazilian news story and a Slate article to point out that the US National Security Agency had apparently impersonated Google on at least one occasion to gather data on people. (Mother Jones subsequently pointed out Techdirt’s point-out.)

A technique commonly used by hackers, a MITM attack involves using a fake security certificate to pose as a legitimate Web service, bypass browser security settings, and then intercept data that an unsuspecting person is sending to that service. Hackers could, for example, pose as a banking Web site and steal passwords.

, , , , , , , ,

No Comments

The NSA and the Obama Administration

Just after the revelations about the NSA’s encryption-breaking abilities, there is now a story that the Obama administration let the leash off the NSA in 2011. In the encryption story published by The Guardian, New York Times and Pro Publica there was an interesting nugget of information. The programs run by the NSA are named after Civil War battles. Does that mean that the NSA sees the American public as its enemy? I have no problem with the NSA doing what they do and focusing that effort outward but as soon as that capability is turned inward on our own citizens that is when we have a problem. There is that pesky Fourth Amendment to the Constitution that specifically prohibits looking at our “effects”:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Bruce Schneier, a security technologist, is now calling on engineers who work in the government or for companies that contract with the government to start blowing the whistle on these type of programs. This administration has a history of citing the dangers that certain citizens pose while ignoring the explicit threats from outside. Targeting Americans with these programs is unacceptable.

, , , , , , , , ,

No Comments

NSA Employing 35,000 to Break Encrypted Communications

From Wired.com:

The Post’s article doesn’t detail the “groundbreaking cryptanalytic capabilities” Clapper mentions, and there’s no elaboration in the portion of the document published by the paper. But the document shows that 21 percent of the intelligence budget — around $11 billion — is dedicated to the Consolidated Cryptologic Program that staffs 35,000 employees in the NSA and the armed forces.

, , , , , ,

No Comments