2019-08-14 07.39.19

Attorney General Barr and Encryption - Schneier on Security by Bruce Schneier

With this change, we can finally have a sensible policy conversation. Yes, adding a backdoor increases our collective security because it allows law enforcement to eavesdrop on the bad guys. But adding that backdoor also decreases our collective security because the bad guys can eavesdrop on everyone. This is exactly the policy debate we should be having -- not the fake one about whether or not we can have both security and surveillance.

When I break it down, what I think the attorney general is saying to all of us law-abiding citizens, is "in the interest of finding the criminals among you we want the power to stop and frisk". I do not trust these three-letter government agencies with this power. I agree with Bruce: As computers continue…

Continue Reading

In Support of Strong Encryption

In Support of Strong Encryption (globalpolicy.ieee.org)

IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications. We oppose efforts by governments to restrict the use of strong encryption and/or to mandate exceptional access mechanisms such as "backdoors" or "key escrow schemes" in order to facilitate government access to encrypted data. Governments have legitimate law enforcement and national security interests. IEEE believes that mandating the intentional creation of backdoors or escrow schemes -- no matter how well intentioned -- does not serve those interests well and will lead to the creation of vulnerabilities that would result in unforeseen effects as well as some predictable negative consequences.

Continue Reading

Details on a New PGP Vulnerability

Details on a New PGP Vulnerability - Schneier on Security by Bruce Schneier (schneier.com)

Why is anyone using encrypted e-mail anymore, anyway? Reliably and easily encrypting e-mail is an insurmountably hard problem for reasons having nothing to do with today's announcement. If you need to communicate securely, use Signal. If having Signal on your phone will arouse suspicion, use WhatsApp.

Interesting that Bruce things email encryption is a lost cause. For reasons that are mostly about ease of use.

Continue Reading
Image CC0 via Unsplash

Device encryption “Do as I say, not as I do"

Trump’s Android phone has been repealed and replaced (BGR)

Just over one year ago, president Don Trump called upon all Americans to boycott Apple until the company agreed to help investigators unlock an iPhone tied to the tragedy in San Bernardino.

[exif id="21122"] Apparently, POTUS has changed his mind. Trump’s director of social media and senior advisor Dan Scavino Jr. in a tweet in March of 2017. [tweet https://twitter.com/DanScavino/status/846918912793083904 width=1200 align=center] I guess only elected officials are allowed to have the full rights afforded by the United State constitution. Why am I bringing this up? Because…

Continue Reading