Clik here to view.
Unobstructed HTTPS
There’s an interesting discussion on Slashdot about SSL certificates. It brings up two valid points: Invalid certificates, while providing a secure mechanism between the client/server are extremely...
View ArticleClik here to view.
Security Through Obscurity TSA/GSM Edition
It’s impossible to write code these days without having to study security to some extent. The byproduct of this is that since digital security concepts are based largely on real life, you see the...
View ArticleClik here to view.
The Future Of SSL
Google announced the other day that it will now enable HTTPS by default on Gmail. Previously a user had to either manually type in HTTPS or change a setting to default to it, something most people...
View ArticleClik here to view.
Decrypting The Internet
Bruce Schneier on the new wiretapping proposal: Any surveillance system invites both criminal appropriation and government abuse. Function creep is the most obvious abuse: New police powers, enacted to...
View ArticleClik here to view.
Wanted: Native JS Encryption
I’d like to challenge all browser vendors to put together a comprehensive JS API for encryption. I’ll use this blog post to prove why it’s necessary and would be a great move to do so. The Ultimate...
View ArticleClik here to view.
Project 365 Week 13
Another week, another set. The end of this set and the next set is going to be a bit week, I’ve been fighting a cold among other things that have been distracting me. That said, I kinda like how “Along...
View ArticleClik here to view.
GPRS Cracked
I mentioned the work of Karsten Nohl to expose how insecure cell phones really are back in 2009. It’s great work since many people assume cell phones are secure, while they likely aren’t nearly as...
View ArticleClik here to view.
iPhone Too Secure From Law Enforcement?
According to the US Department of Justice (DOJ) the iPhone is largely uncrackable at this point: “I can tell you from the Department of Justice perspective, if that drive is encrypted, you’re done,”...
View ArticleClik here to view.
Silent Circle Finally Bringing Security To Mobile?
Silent Circle is a pretty interesting sounding app: It’s a model for the nested cryptography of Silent Circle. The “safe room” is the iPhone processor, where all the encryption happens. By the time...
View ArticleClik here to view.
Slowly Moving The Web To HTTPS
The EFF has a pretty good post on the move to make HTTPS closer to the new normal on the web. It’s hardly normal yet, but it’s improving. Already some of the bigger sites on the internet like Google,...
View Article
