Zoom Finally Has End-to-End Encryption.

from Wired ZOOM HAS GONE from startup to verb in record time, by now the de facto video call service for work-from-home meetings and cross-country happy hours alike. But while there was already plenty you could do to keep your Zoom sessions private and secure, the startup has until now lacked the most important ingredient in a truly safe online interaction: end-to-end encryption. Here’s how to use it, now that you can, and why in many cases you may not actually want to. It’s been a long road to get here. This spring, as Zoom rode the pandemic to video […]

Continue reading

Study Shows Which Messengers Leak Your Data, Drain Your Battery, And More

from ars technica Link previews are a ubiquitous feature found in just about every chat and messaging app, and with good reason. They make online conversations easier by providing images and text associated with the file that’s being linked. Unfortunately, they can also leak our sensitive data, consume our limited bandwidth, drain our batteries, and, in one case, expose links in chats that are supposed to be end-to-end encrypted. Among the worst offenders, according to research published on Monday, were messengers from Facebook, Instagram, LinkedIn, and Line. More about that shortly. First a brief discussion of previews. More here.

Continue reading

Taking Back Our Privacy

from The New Yorker Walking down Abbot Kinney Boulevard, the retail strip in Venice, California, can feel like scrolling through Instagram. One afternoon this July, people sat at outdoor tables beneath drooping strings of fairy lights, sipping cocktails and spearing colorful, modestly dressed salads. The line for Salt & Straw, a venture-funded, “chef-driven” ice-cream shop, stretched up the block, and athleisure-clad twentysomethings photographed themselves eating waffle cones, fabric masks pulled down around their chins like turkey wattles. A month earlier, Abbot Kinney had become a central gathering place for protesters during the mass demonstrations against police brutality and systemic racism. […]

Continue reading

The Untold Story of the Man That Made Mainstream Encryption Possible

from One Zero Bailey Whitfield Diffie, born June 5, 1944, was always an independent sort. As one early friend remarked, “The kid had an alternative lifestyle at age five.” Diffie didn’t read until he was 10 years old. There was no question of disability, he simply preferred that his parents read to him, which seemingly they did, quite patiently. Finally, in the fifth grade, Diffie spontaneously worked his way through a tome called The Space Cat, and immediately progressed to the Oz books. Later that year his teacher at P.S. 178 — “Her name was Mary Collins and if she […]

Continue reading

Signal Is Finally Bringing Its Secure Messaging to the Masses

from Wired Last month, the cryptographer and coder known as Moxie Marlinspike was getting settled on an airplane when his seatmate, a Midwestern-looking man in his sixties, asked for help. He couldn’t figure out how to enable airplane mode on his aging Android phone. But when Marlinspike saw the screen, he wondered for a moment if he was being trolled: Among just a handful of apps installed on the phone was Signal. Marlinspike launched Signal, widely considered the world’s most secure end-to-end encrypted messaging app, nearly five years ago, and today heads the nonprofit Signal Foundation that maintains it. But […]

Continue reading

New Ransomware Doesn’t Just Encrypt Data. It Also Meddles With Critical Infrastructure

from ars technica Over the past five years, ransomware has emerged as a vexing menace that has shut down factories, hospitals, and local municipalities and school districts around the world. In recent months, researchers have caught ransomware doing something that’s potentially more sinister: intentionally tampering with industrial control systems that dams, electric grids, and gas refineries rely on to keep equipment running safely. A ransomware strain discovered last month and dubbed Ekans contains the usual routines for disabling data backups and mass-encrypting files on infected systems. But researchers at security firm Dragos found something else that has the potential to […]

Continue reading

Encrypted DNS Could Help Close the Biggest Privacy Gap on the Internet. Why Are Some Groups Fighting Against It?

from EFF Thanks to the success of projects like Let’s Encrypt and recent UX changes in the browsers, most page-loads are now encrypted with TLS. But DNS, the system that looks up a site’s IP address when you type the site’s name into your browser, remains unprotected by encryption. Because of this, anyone along the path from your network to your DNS resolver (where domain names are converted to IP addresses) can collect information about which sites you visit. This means that certain eavesdroppers can still profile your online activity by making a list of sites you visited, or a […]

Continue reading