In a post on Wednesday, researchers Alex Halderman and Nadia Heninger presented compelling research suggesting that the NSA has developed the capability to decrypt a large number of HTTPS, SSH, and VPN connections using an attack on common implementations of the Diffie-Hellman key exchange algorithm with 1024-bit primes. Earlier in the year, they were part of a research group that published a study of the Logjam attack, which leveraged overlooked and outdated code to enforce "export-grade" (downgraded, 512-bit) parameters for Diffie-Hellman. By performing a cost analysis of the algorithm with stronger 1024-bit parameters and comparing that with what we know of the NSA "black budget" (and reading between the lines of several leaked documents about NSA interception capabilities) they concluded that it's likely NSA has been breaking 1024-bit Diffie-Hellman for some time now.
The good news is, in the time since this research was originally published, the major browser vendors (IE, Chrome, and Firefox) have removed support for 512-bit Diffie-Hellman, addressing the biggest vulnerability. However, 1024-bit Diffie-Hellman remains supported for the forseeable future despite its vulnerability to NSA surveillance. In this post, we present some practical tips to protect yourself from the surveillance machine, whether you're using a web browser, an SSH client, or VPN software.
Disclaimer: This is not a complete guide, and not all software is covered.
Group items matching
in title, tags, annotations or url
2More
1More
Search Engines Need Regulating to Reduce Piracy, Russia Says - TorrentFreak - 0 views
1More
Tor Just Launched the Easiest App Yet for Anonymous, Encrypted IM | WIRED - 0 views
1More
Free DoS Attack Tools - blackMORE Ops - 0 views
1More
If You Hate the Safe Harbor for Internet Piracy, Sign This Petition. - Digital Music Ne... - 0 views
1More
Deep into Drupal, Cisco starts to give back to open source community | ITworld - 0 views
1More
Panopticlick can tell if your browser is protected against online tracking | LinuxBSDos... - 1 views
1More
Comcast customer discovers huge mistake in company's data cap meter | Ars Technica UK - 1 views
1More
Lurkers prohibited: Human rights apply to social media monitoring - Access Now - 0 views
1More
Secure File Transfer | Linux Journal - 0 views
1More
EFF Warns Against Broad "Stay Down" Anti-Piracy Filters - TorrentFreak - 0 views
1More
The-Speculative-Invoicing-Handbook.pdf - 0 views
1More
Was Destructive 'Slingshot' Malware Deployed by the Pentagon? | The American Conservative - 0 views
« First
‹ Previous
901 - 920 of 958
Next ›
Last »
Showing 20▼ items per page