In a post on Wednesday, researchers Alex Halderman and Nadia Heninger presented compelling research suggesting that the NSA has developed the capability to decrypt a large number of HTTPS, SSH, and VPN connections using an attack on common implementations of the Diffie-Hellman key exchange algorithm with 1024-bit primes. Earlier in the year, they were part of a research group that published a study of the Logjam attack, which leveraged overlooked and outdated code to enforce "export-grade" (downgraded, 512-bit) parameters for Diffie-Hellman. By performing a cost analysis of the algorithm with stronger 1024-bit parameters and comparing that with what we know of the NSA "black budget" (and reading between the lines of several leaked documents about NSA interception capabilities) they concluded that it's likely NSA has been breaking 1024-bit Diffie-Hellman for some time now.
The good news is, in the time since this research was originally published, the major browser vendors (IE, Chrome, and Firefox) have removed support for 512-bit Diffie-Hellman, addressing the biggest vulnerability. However, 1024-bit Diffie-Hellman remains supported for the forseeable future despite its vulnerability to NSA surveillance. In this post, we present some practical tips to protect yourself from the surveillance machine, whether you're using a web browser, an SSH client, or VPN software.
Disclaimer: This is not a complete guide, and not all software is covered.
2More
DIY security: Cool tools you can build yourself | ITworld - 1 views
2More
Microsoft to Linux users: Explain yourself * The Register - 1 views
1More
How to Build an Attractive Business and Personal Brand - 0 views
2More
Readers respond: "What do you love about Linux?" | Opensource.com - 0 views
2More
Which content management system is right for you? | Opensource.com - 0 views
2More
Why You Should (or Shouldn't) Switch to Each Leading Linux Desktop - Datamation [# ! + ... - 0 views
2More
MicroMappers analyzes big data for disaster relief | Opensource.com - 0 views
1More
9 Tips for Running a Successful Crowdfunding Campaign | TuneCore Blog - 0 views
1More
Google's Fallacious Piracy Self-Study (Part 1) | MUSIC * TECHNOLOGY * POLICY - 1 views
1More
How non-programmers can contribute to open source projects | opensource.com - 1 views
1More
FREE COURSE: Hack yourself first (before the bad guys do) | Computerworld [# ! Free for... - 0 views
1More