- Comms
- Law
- Medic
- News
- Opinion
- Threat Watch
- Training
- Warrior Tools
- Accessories
- Ammo
- Body Armor
- Books
- Clothing
- Commo
- Gear
- Handguns
- Holsters
- Knives
- Long Guns
- ACC
- Accuracy International
- Barrett
- Benelli
- Beretta
- Blaser
- Bushmaster
- Custom
- CZ
- Desert Tactical Arms
- DPMS
- FN
- Forums
- HK
- IWI
- Kel-Tec Long Guns
- LaRue
- LWRC
- McMillan
- Mosin Nagant
- Mossberg
- Para
- Remington
- Rock River Arms
- Ruger Long Guns
- Sabre Defense
- Sako
- SIG Sauer
- SKS
- Smith & Wesson Long Guns
- Springfield
- Styer
- Weatherby
- Wilson Combat
- Winchester
- Magazines
- Maintenance
- Navigation
- Optics
- Sights
- Tech
- Warriors
Posts Tagged encryption
Governments Continue Encryption Propaganda
From Electronic Frontier Foundation:
This week, the U.K. government launched an unprecedented and deceptive effort to kill off end-to-end encryption. They’ve hired a fancy ad agency to convince people that encrypted messages are dangerous to children.
The explicit goal of the “No Place to Hide” campaign, launched on Tuesday, is to prevent Facebook from expanding its use of end-to-end encryption. Currently, Facebook’s WhatsApp messaging system uses end-to-end encryption, but other communications systems, including Facebook Messenger, are scanned and checked against a US government database, run by the National Center for Missing and Exploited Children (NCMEC), which identifies child abuse images.
Apple Backs Down On Phone Scanning Plans
Keybase Bans Deterrence Dispensed Gun Group
From En Bloc Press:
Deterrence Dispensed, the group dedicated to designing and distributing plans for 3D printed firearms, is leaving encrypted chat app Keybase. The change comes following an update to the platform’s acceptable use policy (visible here).
Australia Wants Backdoors In Software
From Signal:
One of the myriad ways that the “Assistance and Access†bill is particularly terrible lies in its potential to isolate Australians from the services that they depend on and use every day. Over time, users may find that a growing number of apps no longer behave as expected. New apps might never launch in Australia at all.
Signal App Adds More Security
From Wired:
A key part of what makes Signal the leading encrypted messaging app is its effort to minimize the amount of data or metadata each message leaves behind. The messages themselves are fully encrypted as they move across Signal’s infrastructure, and the service doesn’t store logs of information like who sends messages to each other, or when. On Monday, the nonprofit that develops Signal announced a new initiative to take those protections even further. Now, it hopes to encrypt even information about which users are messaging each other on the platform.
Politicians Start Using Encrypted Messaging
Posted by Brian in News, Threat Watch on 3/Feb/2017 07:00
From The Wall Street Journal:
Signal, a smartphone app that allows users to send encrypted messages, is gaining popularity in the political world amid rising fears about hacking and surveillance in the wake of a tumultuous election year.
Some say the legion of political types has a singular goal to avoid a repeat of the WikiLeaks scandal, in which the emails of Mrs. Clinton and her closest allies were dumped onto the internet.
Signal App Subpoenaed For User Data
Posted by Brian in Law, News, Threat Watch on 10/Oct/2016 07:00
From Open Whisper Systems:
In the “first half of 2016” (the most specific we’re permitted to be), we received a subpoena from the Eastern District of Virginia. The subpoena required us to provide information about two Signal users for a federal grand jury investigation.
This is the first subpoena that we’ve received. It originally included a broad gag order that would have prevented us from publishing this notice, but the ACLU represented us in quickly and successfully securing our ability to publish the transcripts below. We’re committed to treating any future requests the same way: working with effective and talented organizations like the ACLU, andpublishing transcripts of our responses to government requests here.
FBI Director Equate Encryption Debate To Gun Debate
From The Wall Street Journal:
“Some of the emotion that I’ve received around this issued remind me sometimes, in the absolutist and slippery slope arguments, reminds me of some of the rhetoric we hear in the gun debate,†Mr. Comey said, according to the Associated Press.
How Did The FBI Break Into iPhone?
From the EFF:
In addition, this new method of accessing the phone raises questions about the government’s apparent use of security vulnerabilities in iOS and whether it will inform Apple about these vulnerabilities. As a panel of experts hand-picked by the White House recognized, any decision to withhold a security vulnerability for intelligence or law enforcement purposes leaves ordinary users at risk from malicious third parties who also may use the vulnerability. Thanks to a lawsuit by EFF, the government has released its official policy for determining when to disclose security vulnerabilities, the Vulnerabilities Equities Process (VEP).
LastPass Servers Compromised
From Ars Technica:
LastPass officials warned Monday that attackers have compromised servers that run the company’s password management service and made off with cryptographically protected passwords and other sensitive user data. It was the second breach notification regarding the service in the past four years.
In an e-mail to reporters, Ars resident password expert Jeremi Gosney said the real-world risks the breach posed to end users was minimal. He based his assessment on the LastPass response to the breach and the system that was in place when it happened. He paid particular attention to the 100,000-round hashing routine, which he said was among the strongest he has ever seen.
Google Backtracks on Default Encryption for Devices
From ArsTechnica:
In short, devices are required to support encryption, but it’s still up to OEMs to actually enable it; this is exactly what Google was doing in KitKat and older versions (PDF, see section 9.9). Full-disk encryption is expected to become a requirement in some future Android version, but it remains optional in Lollipop despite Google’s earlier statements.