I've said recently that pervasive surveillance is wrong. I don't think anyone from the NSA should have a leadership position in the development or deployment of Internet communications, because their interests are at odds with the interest of the rest of the Internet. But someone at the NSA is in …
All articles
automatically have uscan check signatures
If you maintain software in debian, one of your regular maintenance tasks is checking for new upstream versions, reviewing them, and preparing them for debian if appropriate. One of those steps is often to verify the cryptographic signature on the upstream source archive.
At the moment, most maintainers do the …
OpenPGP Key IDs are not useful
Fingerprints and Key IDs
OpenPGPv4 fingerprints are made from an SHA-1 digest over the key's public key material, creation date, and some boilerplate. SHA-1 digests are 160 bits in length. The "long key ID" of a key is the last 64 bits of the key's fingerprint. The "short key ID …
The legal utility of deniability in secure chat
This Monday, I attended a workshop on Multi-party Off the Record Messaging and Deniability hosted by the Calyx Institute. The discussion was a combination of legal and technical people, looking at how the characteristics of this particular technology affect (or do not affect) the law.
This is a report-back, since …
getting to TLS (STARTTLS HOWTO)
Many protocols today allow you to upgrade to TLS from within a cleartext version of the protocol. This often falls under the rubric of "STARTTLS", though different protocols have different ways of doing it.
I often forget the exact steps, and when i'm debugging a TLS connection (e.g. with …
Unaccountable surveillance is wrong
As I mentioned earlier, the information in the documents released by Edward Snowden show a clear pattern of corporate and government abuse of the information networks that are now deeply intertwined with the lives of many people all over the world.
Surveillance is a power dynamic where the party doing …
RIP Cookiepuss
Yesterday, i said a sad goodbye to an old friend at ABC No Rio. Cookiepuss was a steadfast companion in my volunteer shifts at the No Rio computer center, a cranky yet gregarious presence. I met her soon after moving to New York, and have hung out with her nearly …
half a minute for science!
A friend is teaching a class on data analysis. She is building a simple and rough data set for the class to examine, and to spur discussion. You can contribute in half a minute! Here's how:
- get a stopwatch or other sort of timer (whatever device you're reading this on …
Support privacy-respecting network services!
Support privacy-respecting network services! Donate to Riseup.net!
There's a lot of news recently about some downright orwellian surveillance executed across the globe by my own government with the assistance of major American corporations. The scope is huge, and the implications are depressing. It's scary and frustrating for anyone who …
gpg --ask-cert-level considered harmful
Occasionally, someone asks me whether we should encourage use of the
--ask-cert-leveloption when certifying OpenPGP keys withgpg. I see no good reason to use this option, and i think we should discourage people from trying to use it. I don't think there is a satisfactory answer to the …