Several members of Congress have stepped up and started working on bills to place limits on NSA powers. I thought I’d propose some points that I think at a minimum any surveillance bill should cover.
Rel-publickey and Rel-pgp are a simple open format to indicate that a link points to an individual’s or entity’s PGP or other public key. Specification 6-Sep-2013 Author Mark Burnett (firstname.lastname@example.org) Copyright This specification is released into the public domain per the Creative Commons Public Domain License or any later version published by Creative Commons; with a waiver of […]
Handling input and output aren’t the only strategies available for preventing Cross-Site Scripting (XSS). Content Security Policy (CSP) is a new HTTP response header that–when correctly implemented–significantly reduces exposure to XSS attacks. This what you can do to prepare for it.
Most of us saw the shutdown of Lavabit as yet another possibly overhyped government spying issue and didn’t really think too much of it. Much of the media coverage is already starting to die down but there still is some question as to exactly what the government required of Levison that left him with only one option: shutting down his entire business he built from ground up. I wondered if there were enough clues out there to get some more insight into this case. I was surprised by what I found.
Steve Thomas, aka Sc00bz, has brought up some very interesting issues about the LastPass password monitor that are causing some confusion so I thought I’d give another perspective on the issue. Summary of Steve’s points: When you use the LastPass web site to login to your account, your web browser will first send a hash with a single […]
I know, we have been told for years that the NSA has been spying on us. The revelations in recent months really aren’t that new. We always assumed there was that looming over us and many of us have even greeted various government agencies in our private chats and emails (i.e, “I want to blow […]
Several media reports claim that the NSA’s Utah data center may ultimately be able to store data on the scale of yottabytes because, you know, they think they’re totally going to need yottabytes. To put this into perspective, a yottabyte would require about a trillion 1tb hard drives and data centers the size of both Rhode […]
Considering recent news about the collecting of data communications, I think its time to bring PGP back to life. PGP is an extremely secure encryption method that is easy to integrate into email messages. Although it has been around since 1991, early efforts to make it a standard largely failed. Even I eventually stopped installing […]
This not only applies to the NSA, but to Congress and President Obama: You betrayed our trust. That’s why we are angry. It’s not about spying and it’s not about having anything to hide. The fact is, my life is very boring and it’s kind of sad knowing how many terabytes of data might be […]
Last week I was struck by the absurdly hypocritical statement by James Clapper, the Director of National Intelligence: “The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans.” I suppose that if you live at the top of the intelligence food chain […]