12/2014 - 31C3: What is still safe (Truecrypt, SSL, ssh, ...)
On the 31st Chaos Communication Congress (31C3) in Hamburg (Germany), Snowden's confidants Jacob Appelbaum and Laura Poitras reported on which cryptographic applications one may arguably still trust. Besides protocols like for instance SSL and PPTP, IPsec and SSH are also on the Western secret services' hit list (e.g. NSA and GCHQ). Protocols like for instance OTR, ZRTP seem to be besides the possibilities. The intelligence authorities evaluate a combination of these systems with the anonymisation service 'Tor' as being 'catastrophic'. Mail encryption with PGP or GnuPG will also stay beyond the reach of NSA and Co. Additionally, the crypto software 'Truecrypt' had been classed as being almost insurmountable before the development team surprisingly quit working on it. This results from Edward Snowden's new documents published amongst others by Jacob Appelbaum and Laura Poitras ('Citizenfour') in cooperation with the German news magazine 'Spiegel'. In terms of contents they deal with the NSA's and their partners' strategies to circumvent, decrypt, subvert, and hack data encryption both on the internet and on PCs. During the 31C3 the above mentioned presented new details regarding the projects 'Bullrun' and 'Edgehill'. It should always be remembered that even the NSA does not possess super powers, though having backdoors and listening devices at its disposal. Nevertheless, it may subvert platforms, standards and random number generators, as well as legally 'synchronise' the IT business; resistance is possible, however, and a 'duty' for the technically skilled hacker community [source: heise.de ].
Tag-Filter
28.01.2021 - Choosing your own cloud - GDPR-compliant and without compromises [more...]
30.11.2020 - OnlyOffice - Working without Microsoft and Google [more...]
02.11.2020 - Digital policy and state trojans [more...]
30.09.2020 - Online events – more than a room [more...]
28.08.2020 - Consent-free tracking with Matomo as an alternative to Google Analytics [more...]
22.07.2020 - Privacy Shield Judgement - Privacy vs mass surveillance [more...]
17.06.2020 - Data protection-compliant work from home: decentralized and open source [more...]
26.05.2020 - GDPR-compliant e-learning with BigBlueButton, Moodle and Nextcloud - data protection begins with the little ones [more...]
24.04.2020 - [more...]
20.04.2020 - Home office tools: not everything that glitters is gold ... [more...]