Group items tagged

Very interesting article that begins with the story of Mary, Queen of Scots, and continues to speak about different techniques of encryption that are harder and harder to break. It also deals with the fact that Mary's messages were being intercepted and the article speaks about secure encryption using photons where you would know if your message was intercepted.

Interesting perspective how it's only in the news if someone's secrets are compromised, but not if their secrets are actually kept secret

This is a blog by Bruce Schneier who writes about security in general, under which cryptography falls as a subject.

A security blog created by a multinational software company.

When it turned out that the Firefox JavaScript Tor vulnerability shenanigans were originating from the NSA not the FBI, it was pretty clear that the agency was looking to undermine and access Tor's anonymous internet. It's like a moth to a flame. But now security expert Robert Graham has outlined his reasons for believing that the NSA doesn't even need tricks and paltry exploits to access Tor, because they have the keys to the kingdom. Or can.

When it turned out that the Firefox JavaScript Tor vulnerability shenanigans were originating from the NSA not the FBI, it was pretty clear that the agency was looking to undermine and access Tor's anonymous internet. It's like a moth to a flame. But now security expert Robert Graham has outlined his reasons for believing that the NSA doesn't even need tricks and paltry exploits to access Tor, because they have the keys to the kingdom. Or can.

This video talks about a hack done by a group of Russian hackers that gained access to 1.2 billion records, and discusses the idea that perhaps passwords are no longer the best way to protect our information. It's a quick video, but what was interesting to me was that I hadn't even considered that something other than the current password system could protect our information.

Some advice from security expert Bruce Schneier on how to keep the NSA from snooping on you. "Trust the math. Encryption if your friend."

This article explains a way that credit card information is stored safely without encryption. Tokenization is a completely different way of securing credit card information than encryption because it completely removes the credit card information and replaces it with a "token" that cannot be retraced to retrieve the credit card information. Encryption has the credit card information hidden somewhere, but tokenization erases it completely which makes it very secure.

This is the e-text of a book that discusses online network encryption and application. The chapters cover various encryption methods for the transfer of data online, as well as the application of wireless, email, IP network security

Interesting that ~35% of 1000 surveyed have upped the strength of their passwords, but only 6% turned on two-factor ID, which was a major cause of the iCloud hacks going undetected for so long.

It seems that two-factor authentication would not have prevented those iCloud hacks (according to this piece: http://www.tuaw.com/2014/09/02/think-iclouds-two-factor-authentication-protects-your-privacy/), but since Apple has now changed the triggers for two-factor to include things like iCloud access, two-factor will be more helpful going forward. So it is a little surprising that more people haven't enabled it.

I'm also reminded of the ACLU's Chris Soghoian's point (https://www.aclu.org/blog/technology-and-liberty/lessons-celebrity-icloud-photo-breach) that one reason people have crappy Apple passwords is that Apple makes you use your password so darn often. I know I get frustrated when I have to enter my (crazy long) Apple password on my iPhone just to download a free app.

This source gives a variety of examples in which encryption is used for security everyday, like ATM machines and DVD players. It seems like this is a pretty useful list because it goes into sufficient enough depth to describing the different examples, and specifically explains how encryption comes into play - without making it too long or hard to understand.

This article discusses the recent cloud hacks and security questions in general.

A well-reasoned argument from our favorite security blogger, with plenty of links to help us in writing our final paper. It is also an interesting article as it talks about the debate before Snowden, Wikileaks, and other whistleblowers.

Focusing on the consequences of the Patriot Act and how the US government upped the security on civilians after 9/11, this is a really nice graphic that gives a scary visual on the expanded powers of the national government in the name of security. It's from the ACLU, so this gives a pretty good perspective of, specifically, curbed liberties.

This website discusses procedure and purpose of encrypting sensitive data over the internet. SSL is a protocol which "determines variables of the encryption" being used to protect information from first names to credit card numbers. This website also tells you how to determine whether or not a website is secure or if your information is vulnerable. In addition, there is another page that delves into the mathematics and actual cryptography procedures behind online encryption like RSA and ECC.

Discusses some of the points we brought up in class and provides statistics, but data is from 2013 and could potentially show the effects of events in the past two years when combined with Abbey's post

This article discusses the faults in former deputy director of the CIA Michael Morell's statement that the use of encrypted apps made it difficult to stop terrorists. Claims that encrypted communications put them out of reach was false - there had been no change in al Qaeda tactics. Also, author Howard points out that there isn't a clear dichotomy between privacy and security.

This website provides ample information on not only the ins and outs of public information but it also gives helpful suggestions on how to keep things private and why. One interesting suggestion discussed the risks of posting your birthday as identity thieves can predict your Social Security number based off of your place of birth and birthdate.

This blog is all about privacy, as the title suggests. The majority of the blog posts use actual examples, such as the Ashley Madison hack, in order to reveal important cybersecurity lessons. One particular blog post explains how Passages, a secure virtual browser, is a lot like hand sanitizer for the web. I thought that this blog was particularly interesting because it had a lot of relevant, unique examples about privacy and cryptography in the modern world.

Basic list of school security measures taken from NCES government website