Secure Messaging Scorecard

Die Electronic Frontier Foundation (EFF) hat eine Checkliste für die Sicherheit von Messengern publiziert.
In the face of widespread Internet surveillance, we need a secure and practical means of talking to each other from our phones and computers. Many companies offer “secure messaging” products – but are these systems actually secure? We decided to find out, in the first phase of a new EFF Campaign for Secure & Usable Crypto.

Most commercial encryption products are junk

“Most commercial encryption products are junk.” (Matthew Green)

Truecrypt

Das komplette Archiv aller aktuellen Truecrypt-Versionen finden Sie jetzt auch hier, zusätzlich ein Zip-Archiv (410 MB) aller Dateien.

Bullshit made in Germany

Verteidigung gegen die dunklen Künste

Edward Snowden ruft zur Gegenwehr (Heise):
So versicherte er erneut, dass Verschlüsselung wirkt (“Encryption works”), ein Beweis sei doch, dass die US-Regierung noch immer nicht wisse, welche Dokumente sich – verschlüsselt – in seinem Besitz befanden.

NSA Reportedly Paid A Security Firm Millions To Ship Deliberately Flawed Encryption Technology

Reuters, Techcrunch.com, Arstechnica u.a.: Die NSA hat dem IT Security Branchenprimus RSA $10 Millionen bezahlt, um schwache Verschlüsselung zu promoten.
Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products. (…) The RSA deal shows one way the NSA carried out what Snowden’s documents describe as a key strategy for enhancing surveillance: the systematic erosion of security tools.

RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

“Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. These acoustic emanations are more than a nuisance: they can convey information about the software running on the computer, and in particular leak sensitive information about security-related computations. (…)

A detailed accounts of the results and their context is given in the full version of our paper (8MB PDF).

← ltere Einträge