Monthly Archives: August 2013

TrueCrypt May Be Dead (To GCHQ)

In a statement to a British court, it’s come out that Brit authorities have managed to decipher a LOT of the encrypted hard drive David Miranda was carrying. Given that Laura Poitras is known for being extremely good and extremely careful when it comes to encryption and technical “operational security”… this should suggest to you […]

Becoming the Grey Man (and crypto, Snowden redux)

Useful skills in life, partial list: not standing out from the crowd. Here’s a handy guide… I particularly like their suggestions for “learning to see the grey man” — this is dynamite. You gotta learn to spot what doesn’t draw your attention if you want to stay secure against a crafty adversary. Here, the exercise […]

(offtopic) The NSA Won’t Promote Brilliant People

“Edward Snowden accessed some secret national security documents by assuming the electronic identities of top NSA officials, said intelligence sources. “Every day, they are learning how brilliant [Snowden] was,” said a former U.S. official with knowledge of the case. “This is why you don’t hire brilliant people for jobs like this. You hire smart people. […]

Using Facebook May Hurt Your Credit Score

Just in case getting shocked wasn’t enough to keep you off the site: not that you should be taking on debt (eeeeevil…) but the new trend in lending is to look at your online presence. Friends with people on Facebook who don’t pay back loans on time? That’ll hurt your chances of getting one at […]

Detecting Forged Images (and Russian lies?, mass spying predates 9/11)

Are you staring at a photoshopped picture? There are a couple of ways to tell, and the article covers the major ones. (one that doesn’t work are in-camera cryptographic signatures, which have been broken.) All of the tricks tend to rely on image artifacts arising from multiple compression passes. If both the source image and […]

Building a Snoop-Resistant Internet (and Pavlov Poke)

The Internet Engineering Task Force has a neat solution to LOVEINT and co: design the next version of the HTTP standard (2.0) so that either client or server can require encryption. (Right now, only the server can do that. If the web site you’re visiting doesn’t support HTTPS, you can’t do anything to encrypt the […]

How To Answer Anyone’s Cell Phone — Remotely (and #NSAPickupLines, Snowden)

You know, this whole cell phone thing… Ye ole tin cans and string are looking increasingly attractive. Nothing like longitudinal waves down a nonmetallic thread to keep things secure. Frankly, even 2M HT’s come out ahead in this latest round. At least everyone would notice if someone broke in and started messing with you. What’s […]