- Threat Watch
- Warrior Tools
- Body Armor
- Long Guns
- Accuracy International
- Desert Tactical Arms
- Kel-Tec Long Guns
- Mosin Nagant
- Rock River Arms
- Ruger Long Guns
- Sabre Defense
- SIG Sauer
- Smith & Wesson Long Guns
- Wilson Combat
Posts Tagged encryption
From The Wall Street Journal:
Signal, a smartphone app that allows users to send encrypted messages, is gaining popularity in the political world amid rising fears about hacking and surveillance in the wake of a tumultuous election year.
Some say the legion of political types has a singular goal to avoid a repeat of the WikiLeaks scandal, in which the emails of Mrs. Clinton and her closest allies were dumped onto the internet.
From Open Whisper Systems:
In the “first half of 2016” (the most specific we’re permitted to be), we received a subpoena from the Eastern District of Virginia. The subpoena required us to provide information about two Signal users for a federal grand jury investigation.
This is the first subpoena that we’ve received. It originally included a broad gag order that would have prevented us from publishing this notice, but the ACLU represented us in quickly and successfully securing our ability to publish the transcripts below. We’re committed to treating any future requests the same way: working with effective and talented organizations like the ACLU, andpublishing transcripts of our responses to government requests here.
From The Wall Street Journal:
“Some of the emotion that I’ve received around this issued remind me sometimes, in the absolutist and slippery slope arguments, reminds me of some of the rhetoric we hear in the gun debate,” Mr. Comey said, according to the Associated Press.
From the EFF:
In addition, this new method of accessing the phone raises questions about the government’s apparent use of security vulnerabilities in iOS and whether it will inform Apple about these vulnerabilities. As a panel of experts hand-picked by the White House recognized, any decision to withhold a security vulnerability for intelligence or law enforcement purposes leaves ordinary users at risk from malicious third parties who also may use the vulnerability. Thanks to a lawsuit by EFF, the government has released its official policy for determining when to disclose security vulnerabilities, the Vulnerabilities Equities Process (VEP).
From Ars Technica:
LastPass officials warned Monday that attackers have compromised servers that run the company’s password management service and made off with cryptographically protected passwords and other sensitive user data. It was the second breach notification regarding the service in the past four years.
In an e-mail to reporters, Ars resident password expert Jeremi Gosney said the real-world risks the breach posed to end users was minimal. He based his assessment on the LastPass response to the breach and the system that was in place when it happened. He paid particular attention to the 100,000-round hashing routine, which he said was among the strongest he has ever seen.
In short, devices are required to support encryption, but it’s still up to OEMs to actually enable it; this is exactly what Google was doing in KitKat and older versions (PDF, see section 9.9). Full-disk encryption is expected to become a requirement in some future Android version, but it remains optional in Lollipop despite Google’s earlier statements.
Terms of the buyout deal with Spanish smartphone maker Geeksphone, the phone’s hardware manufacturer, were not disclosed. Silent Circle said Thursday that it has raised $50 million and plans on showing off an encrypted “enterprise privacy ecosystem” at World Mobile Congress next week. A BlackPhone tablet is on the way, too.
“Silent Circle has brought tremendous disruption to the mobile industry and created an integrated suite of secure enterprise communication products that are challenging the status quo,” Mike Janke, cofounder and chairman of the Silent Circle board, said in a statement. “This first stage of growth has enabled us to raise approximately $50M to accelerate our continued rapid expansion and fuel our second stage of growth.”
From The Washington Post:
Merely by playing a YouTube video or visiting a Microsoft Live service page, for instance, an unknown number of computers around the world have been implanted with Trojan horses by government security services that siphon their communications and files. Google, which owns YouTube, and Microsoft are racing to close the vulnerability.
From the Electronic Frontier Foundation:
In an era when email and messaging services are being regularly subject to attacks, surveillance, and compelled disclosure of user data, we know that many people around the world need secure end-to-end encrypted communications tools so that service providers and governments cannot read their messages. Unfortunately, the software that has traditionally been used for these purposes, such as PGP and OTR, suffers from numerous usability problems that make it impractical for many of the journalists, activists and others around the world whose lives and liberty depend on their ability to communicate confidentially. Read the rest of this entry »
From the Electronic Frontier Foundation:
How to Protect Your Users from NSA Backdoors: An Open Letter to Technology Companies
As security researchers, technologists, and digital rights advocates, we are deeply concerned about collaboration between government agencies and technology companies in undermining users’ security. Among other examples, we are alarmed by recent allegations that RSA, Inc. accepted $10 million from NSA to keep a compromised algorithm in the default setting of a security product long after its faults were revealed. We believe that covert collusion with spy agencies poses a grave threat to users and must be mitigated with commitment to the following best practices to protect users from illegal surveillance: Read the rest of this entry »
From the Silent Circle blog:
Blackphone is an innovative new ecosystem. The idea of creating an entirely new ecosystem is not new. Microsoft had its run with Windows, Skype, and Bing. They created an entire ecosystem behind the hardware and software, but failed to innovate ahead of the curve. Blackberry had its run with the phones, BEZ servers and BBM messaging. They are now dying a thousand little deaths because they did not innovate quickly enough. Google, Apple, Samsung and others have created dominant ecosystems that tie in software, hardware, wearables, media, music and services. They rapidly innovated new platforms and models that left Microsoft, Blackberry, Nokia, HTC and others behind quickly. It’s been an amazing run for them, but this model too is dwindling. Fast movers like Xiaomi are killing them. Innovation, security and privacy demands are already putting cracks in this windshield. The fuel that feeds their ecosystem machine is customer data… Your data. It is pure gold to them.
First, a few words on Chat’s origins. Here at BitTorrent, we value privacy. With the news this year reminding us all of the susceptibility of the communications platforms we rely on to snooping, we found ourselves wanting something new, something secure, something private. We ultimately realized that we were uniquely qualified to build this platform.
From The Guardian:
RSA, the security arm of the storage company EMC, sent an email to customers telling them that the default random number generator in a toolkit for developers used a weak formula, and they should switch to one of the other formulas in the product.