application aims to use steganography
to hide samizdat
-type data within a larger stream of innocuous network traffic. Thus, civilians in Iran, for example, could more easily evade Iranian censors and provide the world with an unfiltered report
on events within the country. Haystack earned its creator Austin Heap
a great deal of positive coverage from the media during the 2009 Iranian election protests. The BBC described Heap as "on the front lines"
of the protesters' "Twitter revolution", while The Guardian called him an Innovator of the Year
. Despite the laudatory coverage, however, the media were never given a copy of the software to examine. Indeed, not much is known about the software or its inner workings. Specialists in network encryption security were not allowed to perform an independent evaluation of Haystack, despite its distribution to and use by a small number of Iranians, possibly at some risk. As interest in the project widens
and criticisms of the media coverage and software continue to mount
, Heap has currently asked users to cease using Haystack
until a security review can be performed.
posted by Blazecock Pileon
on Sep 13, 2010 -
Clear passenger data stolen.
A unencrypted laptop with the personal data, including name, address, SSi number, passport number, date of birth, etc. of every one of the 33,000+ users of the the Clear
system has been stolen. The Clear system allows travelers who register and pay an annual fee to bypass airport security lines by using a smart card in some airports. TSA has suspended new registrations until Verified Identity Pass, Inc.
, a subsidiary of GE, figures out how to install PGP. VIP is the only private contractor allowed to register users to the Clear system. Via
posted by dejah420
on Aug 5, 2008 -
New "Hi - tech" passport cracked.
Standards for the new passports were set by the International Civil Aviation Organisation (ICAO)
in 2003 and adopted by the waiver countries and the US. The UK Home Office has adopted a very high encryption technology called 3DES
- that is, to a military-level data-encryption standard times three. However they used non-secret information actually published in the passport to create a 'secret key'. That is the equivalent of installing a solid steel front door to your house and then putting the key under the mat.
posted by adamvasco
on Nov 17, 2006 -