Join 3,433 readers in helping fund MetaFilter (Hide)

52 posts tagged with encryption. (View popular tags)
Displaying 1 through 50 of 52. Subscribe:

Related tags:
+ (12)
+ (9)
+ (8)
+ (6)
+ (5)
+ (5)
+ (5)
+ (4)
+ (4)
+ (4)
+ (4)
+ (4)
+ (4)


Users that often use this tag:
jeffburdges (5)
Steven Den Beste (3)
baylink (2)
skallas (2)

FalseCrypt

TrueCrypt is dead, and in an extremely bizarre way. Discussion on /r/netsec, /r/sysadmin, Hacker News and Ars Technica. A popular theory is that the bizarreness is a warrant canary.
posted by WCityMike on May 28, 2014 - 150 comments

"Nothing. You're screwed."

During their Freedom Hosting investigation and malware attack last year, the FBI unintentionally obtained the entire e-mail database of popular anonymous webmail service Tor Mail. And now, they've used it in an unrelated investigation to bust a Florida man accused of stealing credit card numbers. [more inside]
posted by zarq on Jan 27, 2014 - 39 comments

Pond, et al.

Pond provides end-to-end encrypted forward-secure asynchronous messaging that uses Tor to resist traffic analysis, i.e. metadata collection (threat model, technical, github). [more inside]
posted by jeffburdges on Jan 21, 2014 - 24 comments

DissidentX

DissidentX is a new steganography tool by Bram Cohen of BitTorrent fame designed to “vastly simplify the implementation of new steganographic techniques, and allow a universal decoder and encoding of multiple messages to different keys in the same file.” In particular, DissidentX allows encoding multiple plain texts into the same cover text with different keys, so called deniable encryption.
posted by jeffburdges on Jan 16, 2014 - 9 comments

EnCrypt Lock and Buy It

A recent strain of malware called Cryptolocker (technical description from BleepingComputer) has been infecting computers across the Internet. It's of the Ransomware (wiki) genre of attack, and searches a computer's drive for critical files by browsing their extensions (for example, focusing on word processing documents, images and music) and encrypts them with its own key that you can then buy back from the hacker for a fee of $100 to $300 dollars payable in Bitcoins. More information about the virus and how to avoid it is available at Krebs On Security, and the Malwarebytes Blog, with more recent developments on Naked Security.
posted by codacorolla on Nov 7, 2013 - 177 comments

NSA may have secretly made major mathematics breakthrough

If the NSA is able to break through banks' computer security, does that mean it solved the prime factorization problem? The New York Times reported recently that “the agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems.” Since banks' encryption codes rely on the fact that nobody knows how to find the prime factors of really large numbers, it could mean that the NSA has found a way to do that. Or it could mean that the NSA has simply gotten lots of banks to give up their information, or found other ways around their encryption. But if they've cracked this long-standing math problem, might the secret leak? What would be the effects?
posted by Sleeper on Sep 12, 2013 - 60 comments

We'd be happy to help you out with that spec....

The NSA has been spending $250 million a year on its "Sigint Enabling Project". The purpose of this project is to "actively engage[s] the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs' to make them 'exploitable."

Classified N.S.A. memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency. The N.S.A. wrote the standard and aggressively pushed it on the international group, privately calling the effort “a challenge in finesse.” “Eventually, N.S.A. became the sole editor,” the memo says.

The NSA requested that these reports not be published. [more inside]
posted by lattiboy on Sep 5, 2013 - 450 comments

Probably more secure than the Drafts folder on a shared Gmail account

Today The New Yorker unveiled Strongbox, a service that allows sources to share information with TNY journalists securely and anonymously. As explained in this infographic, Strongbox relies on the Tor network, a dedicated server, PGP encryption, VPNs, and multiple laptops and thumb drives to prevent files from being intercepted or traced. The codebase, which is open source, was designed by the late Aaron Swartz (Previously). Kevin Poulsen, one of the organizers of the project, chronicles how Swartz developed the code and how the project managed to carry on after his death. TNY hopes that Strongbox will help the magazine continue its long tradition of investigative journalism.
posted by Cash4Lead on May 15, 2013 - 34 comments

All your devices belong to US

Wired: DHS Watchdog OKs ‘Suspicionless’ Seizure of Electronic Devices Along Border [Source policy document]. Americans may find it useful to note that the definition of 'border' includes up to 100 miles from the nearest actual international border line.
posted by jaduncan on Feb 10, 2013 - 83 comments

Shhhhhhh …..

Silent Circle, a security start-up led by PGP creator Phil Zimmermann and two ex-Navy SEALs, has been teasing technology that purports to make mobile communications "virtually invulnerable to surveillance efforts" for a few months (previously). Now, they're pushing a "groundbreaking encrypted data transfer app that will enable people to send files securely from a smartphone or tablet at the touch of a button." The company has pledged not to comply with law enforcement surveillance requests, nor to provide backdoor access for the FBI.
posted by jbickers on Feb 5, 2013 - 49 comments

The Brief - A daily briefing of technology news worth caring about

NASA will send you an email or text alert when the International Space Station is visible from your area. IBM scientists have recently made significant advances in nanotechnology. A mathematician thought a poorly-encrypted headhunting email from Google was testing him, but he had actually discovered a major security hole. All of this found via The Brief: A Daily Briefing of Technology News Worth Caring About from MeFi's own nostrich. [via mefi projects]
posted by davidjmcgee on Nov 9, 2012 - 15 comments

TorChat

TorChat is an instant messaging protocol based upon Tor hidden services, making it perhaps the only instant messaging protocol with any substantive resistance to traffic analysis. [more inside]
posted by jeffburdges on Jun 18, 2012 - 19 comments

Eleventh Circuit Protects Right to Encrypt Data

The United States Court of Appeals for the Eleventh Circuit ruled yesterday [.pdf] that a citizen's refusal to decrypt encrypted drives is protected by the Fifth Amendment, at least under some circumstances. In doing so it reversed the district court's contempt order entered against a John Doe defendant after he refused to decrypt his laptop hard drive and five external hard drives in response to a subpoena. This decision arguably conflicts with an earlier decision in which a district court in Vermont required a defendant to provide the password to his encrypted drives. The Eleventh Circuit distinguishes the earlier case on the basis that the government in that case knew of the existence of the files and simply couldn't access them, while in the recent case the government did not know the names of files or even whether or not files actually existed on the encrypted drives.
posted by monju_bosatsu on Feb 24, 2012 - 89 comments

Encrypted database queries

CryptDB executes database queries over encrypted data without ever decrypting it. [more inside]
posted by jeffburdges on Dec 20, 2011 - 37 comments

Spill, Then Poof

When you send people passwords and private links via email or chat, there are copies of that information stored in many places. If you use a one-time link instead, the information persists for a single viewing which means it can't be read by someone else later. This allows you to send sensitive information in a safe way knowing it's seen by one person only. Think of it like a self-destructing message, a One Time Secret.
posted by netbros on Dec 16, 2011 - 35 comments

Homomorphic Encryption

Described as 'cryptography's holy grail', Homomorphic Encryption/Computation is a form of encryption where specific algebraic operations on the plaintext translate into different algebraic operations on the ciphertext, allowing the plaintext's owner to 'outsource' computations to untrusted machines. [more inside]
posted by jeffburdges on Aug 9, 2011 - 17 comments

"...nor shall be compelled in any criminal case to be a witness against himself..."

Public interests will be harmed absent requiring defendants to make available unencrypted contents in circumstances like these. Failing to compel Ms. Fricosu amounts to a concession to her and potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) that encrypting all inculpatory digital evidence will serve to defeat the efforts of law enforcement officers to obtain such evidence through judicially authorized search warrants, and thus make their prosecution impossible.

The "if you were innocent, you'd have nothing to hide" argument rears its head, in a big way. [more inside]
posted by fifthrider on Jul 11, 2011 - 215 comments

That Syncing Feeling

Christopher Soghoian, who exposed the latest Facebook PR move, is now filing an FTC complaint (pdf) against Dropbox on the grounds that they gained unfair competitive advantage by lying about how files are encrypted and who has access to them. Dropbox explains how safe your files are.
posted by swift on May 13, 2011 - 44 comments

"Few false ideas have more firmly gripped the minds of so many intelligent men than the one that, if they just tried, they could invent a cipher that no one could break."

An animated Flash demonstration of the Advanced Encryption Standard. [more inside]
posted by grouse on Oct 11, 2010 - 20 comments

Needle program exchange

The Haystack application aims to use steganography to hide samizdat-type data within a larger stream of innocuous network traffic. Thus, civilians in Iran, for example, could more easily evade Iranian censors and provide the world with an unfiltered report on events within the country. Haystack earned its creator Austin Heap a great deal of positive coverage from the media during the 2009 Iranian election protests. The BBC described Heap as "on the front lines" of the protesters' "Twitter revolution", while The Guardian called him an Innovator of the Year. Despite the laudatory coverage, however, the media were never given a copy of the software to examine. Indeed, not much is known about the software or its inner workings. Specialists in network encryption security were not allowed to perform an independent evaluation of Haystack, despite its distribution to and use by a small number of Iranians, possibly at some risk. As interest in the project widens and criticisms of the media coverage and software continue to mount, Heap has currently asked users to cease using Haystack until a security review can be performed.
posted by Blazecock Pileon on Sep 13, 2010 - 31 comments

Position-based quantum cryptography theoretically proved

Our results open a fascinating new direction for position-based security in cryptography where security of protocols is solely based on the laws of physics and proofs of security do not require any pre-existing infrastructure.
posted by Joe Beese on Aug 8, 2010 - 47 comments

AES à la XKCD

A stick figure guide to the Advanced Encryption Standard. [via Bruce Schneier]
posted by Electric Dragon on Sep 26, 2009 - 21 comments

The dry, technical language of Microsoft's October update did not indicate anything particularly untoward.

Its reach is impossible to measure precisely, but more than 3 million vulnerable machines may ultimately have been infected. : The inside story on the Conficker Worm at New Scientist.
posted by The Whelk on Jun 15, 2009 - 84 comments

Clearly unprotected

Clear passenger data stolen. A unencrypted laptop with the personal data, including name, address, SSi number, passport number, date of birth, etc. of every one of the 33,000+ users of the the Clear system has been stolen. The Clear system allows travelers who register and pay an annual fee to bypass airport security lines by using a smart card in some airports. TSA has suspended new registrations until Verified Identity Pass, Inc., a subsidiary of GE, figures out how to install PGP. VIP is the only private contractor allowed to register users to the Clear system. Via
posted by dejah420 on Aug 5, 2008 - 103 comments

Because DRAM doesn't get frostbite.

Whole-disk encryption defeated with canned air. [via.] [more inside]
posted by Skorgu on Feb 21, 2008 - 92 comments

3.14159265itwasthebestoftimesitwastheworstofti...

Ever wondered if and where a specific set of numbers could be found in pi? Maybe you'd like to know where your birthday is? Or maybe just something funny. [prev. here, here] [more inside]
posted by TimeTravelSpeed on Dec 4, 2007 - 68 comments

Want another ID?

New "Hi - tech" passport cracked. Standards for the new passports were set by the International Civil Aviation Organisation (ICAO) in 2003 and adopted by the waiver countries and the US. The UK Home Office has adopted a very high encryption technology called 3DES - that is, to a military-level data-encryption standard times three. However they used non-secret information actually published in the passport to create a 'secret key'. That is the equivalent of installing a solid steel front door to your house and then putting the key under the mat.
posted by adamvasco on Nov 17, 2006 - 53 comments

Quantum Encryption

Quantum Encryption Scientists have created an unbreakable cypher through the use of quantum physics, where a photon is observed and used as the basis for an encryption key. "Uncertainty is the principle we exploit. It's impossible to find the key, because the photon can be measured once and only once. An eavesdropper can't measure it, and so can't get the key." Props to Heisenberg!
posted by PreacherTom on Nov 9, 2006 - 49 comments

Synchronized Chaos

The synchronization of two pendulum clocks was discovered in 1665 by Huygens. Two pendulum clocks mounted on the same wall always fell exactly out of phase with each other no matter what the starting conditions. Regardless of the initial conditions the system always ended up the same. In stark contrast, a chaotic system is extremely sensitive to initial conditions. How can these two seemingly seperate things be tied together? The synchronization of chaos. When two chaotic systems are synchronized together, information can be shared between them. It immediatly brings to mind applications for encryption, but it is still far away from everyday use.
posted by ozomatli on Dec 14, 2005 - 49 comments

technophobia?

Technophobia? or ignorance? or mendacity? A Minnesota appeals court has ruled that the presence of encryption software on a computer may be viewed as evidence of criminal intent. The specific crime here aside, why is encryption - and by extension privacy - viewed as something seedy?
posted by Smedleyman on May 27, 2005 - 10 comments

Homer Simpson: Hack your DVD player.

Homer Simpson: Hack your DVD player. It seems in countries in which the DVD Copy Control Authority doesn't own the government, even the giants of corpmedia don't like the "protection" features the platform foists on consumers. On Fox's Simpsons UK DVD release FAQ page, Homer himself says "I have no idea whatsoever what regional coding means. But it is essential that you buy a multi-regional player. Do it now." Is the DVD region-coding system really only relevant in the United States?
posted by Vetinari on Jul 11, 2002 - 25 comments

Putting free, unencrypted copies on the web increases book sales,

Putting free, unencrypted copies on the web increases book sales, according to science fiction writer Eric Flint.
posted by myl on Apr 29, 2002 - 6 comments

FBI software cracks encryption wall

FBI software cracks encryption wall The FBI is developing software capable of inserting a computer virus onto a suspect’s machine and obtaining encryption keys...
posted by Brilliantcrank on Nov 20, 2001 - 7 comments

The Terrorists Did NOT Use Encryption.

The Terrorists Did NOT Use Encryption. None of the communications, authorities said Sunday, involved the use of encryption or other code to disguise the contents of the messages.
posted by tpoh.org on Oct 1, 2001 - 11 comments

War on Civil Liberties Watch: Usable encryption is in deep doo-doo. A new poll finds 72% of Americans now supporting a ban on unbreakable encryption. (Apparantly breakable, and thus useless, encryption is just fine.) Besides the obvious fact that this stuff is already out there and cannot be taken back, particularly from non-US citizens who don't give a damn about our laws (such as, say, the exact people we're trying to defeat), is there any hope that the courts will find any such new laws unconstitutional?
posted by aaron on Sep 18, 2001 - 36 comments

Terrorism's first win? Bye-Bye crypto.

Terrorism's first win? Bye-Bye crypto. The rubble is still burning and the Republicans are ready to strip of our right to use crypto products. Opportunists feeding off fear. That's how you win at the terrorist game.
posted by skallas on Sep 13, 2001 - 51 comments

The crypto used in 802.11 wireless networking has been cracked.

The crypto used in 802.11 wireless networking has been cracked. The crack is devastating; it's fast and passive. Simply by listening, the 40-bit key can be cracked in 15 minutes. Worse, the crack scales linearly with the number of bits in the key, so raising the key length to 128 bits would raise the crack time to about an hour. 802.11 is used in such products as the Linksys Etherfast Wireless and the Apple Airport. From now on those products should be considered to be completely insecure.
posted by Steven Den Beste on Aug 3, 2001 - 16 comments

A Russian security expert has been arrested for showing how easy it is to crack an e-book.

A Russian security expert has been arrested for showing how easy it is to crack an e-book. All hail the DMCA! Some information is just Too Dangerous to be Revealed! (See also wildly detailed coverage, including the affidavit, from Planet eBook.)
posted by davidchess on Jul 18, 2001 - 6 comments

European Parliament says Echelon exists

European Parliament says Echelon exists and is more or less powerless to stop it. All the more reason for government and industry to create encryption standards.
posted by skallas on Jul 4, 2001 - 6 comments

Future of computing - Light or Molecules?
posted by tiaka on Jun 23, 2001 - 5 comments

Tivo hackers today released the hack that enables you to get MPEG-2 video out of the box and put it on CDs, share it over the net, etc. No details because the AVS Tivo site (registration required) is being slashdotted...but will this precipitate a TiVo crackdown on the hackers?
posted by luser on Jun 7, 2001 - 21 comments

ALL YOUR EMAIL ARE BELONG TO US!

ALL YOUR EMAIL ARE BELONG TO US! How serious is this threat? What precautions do you routinely take? What precautions do you think you *should* be taking? What viable options do we have today, for those of us who aren't computer programmers by profession? And how secure are they, anyway?
posted by rushmc on May 30, 2001 - 12 comments

Wincent Colaiuta has seen and reviewed the new Mac OS

Wincent Colaiuta has seen and reviewed the new Mac OS but you can't read the review. He's encrypted the whole thing using PGP and he's not releasing the key until the OS is released. He says he's done this to avoid law suits from Apple.
I say he's begging for hits.
If he wanted to avoid lawsuits, he could just wait to publish the review...
posted by Jako on Mar 20, 2001 - 6 comments

Descramble DVD encryption in 7 lines of perl code

Descramble DVD encryption in 7 lines of perl code...created by 2 MIT programmers. Will the MPAA threaten to sue you if you include it in your email signature? Yah for civil disobedience.
posted by deftone on Mar 7, 2001 - 9 comments

"Now it's possible to send a verse from the Koran, an appeal for charity and even a call for jihad and know it will not be seen by anyone hostile to our faith, like the Americans." Osama bin Laden and others are reported to be using encryption to post instructions for terrorist activities on sports chat rooms, pornographic bulletin boards and other Web sites.
posted by quirked on Feb 6, 2001 - 28 comments

The battle for unrestricted encryption continues.

The battle for unrestricted encryption continues. Professor Bernstein won't rest; he's not going to let this go. More power to him and let's hope he ultimately wins. [He's challenging the US government restrictions on private encryption on free-speech grounds, and so far he's won in every court where the case has been heard. The government has been using delaying actions, and their relaxation of restrictions may partially have been in hopes he'd give up, leaving them still capable of some control. He's not going to, though. He's got blood in his eye, so to speak.]
posted by Steven Den Beste on Jan 8, 2001 - 0 comments

Spammimic

Spammimic : The novelty wears off quickly, but it's an amusing diversion for a minute or two.
posted by champignon on Dec 12, 2000 - 0 comments

Relaxed encryption exports get green light.

Relaxed encryption exports get green light. See comment inside.
posted by Steven Den Beste on Oct 19, 2000 - 3 comments

For those of you who don't want to violate the law by linking from your website to the DeCSS source code, you can now link to a [semi-]dramatic reading of the source code (3.5MB MP3), and this semi-alternative sort of Dylanesque folk song of the code (6.3MB MP3).

And no, I'm not making *any* of this up. Thanks to Dave at The Stuffed Dog. He can't blog it, but *I* sure can. :-) [Amazingly enough, they're both pretty good, although the song is a bit over driven. ]
posted by baylink on Aug 28, 2000 - 2 comments

In this sendmail.net piece,

In this sendmail.net piece, Greg Knauss (of Winerlog-when-it-was-good fame) asserts, among other things, that if a court subpoenas your email, and it's encrypted, that you can be tossed in jail for contempt if you don't give them the keys. Um, hello? 5th amendment? Does anyone have references either way on this one?
posted by baylink on May 8, 2000 - 6 comments

Page: 1 2