Re: [liberationtech] Securing Email Communications from Facebook offering PGP support
Facebook is an identity provider. GPG is a failed(so far?) system for confidentiality and massively successful system for managing identity(Hello Debian!) For their notification system, FB is leveraging GPG as an identity provider to say only a person who has a certain private key should be able to reset access credentials for this account. It is a totally awesome breakthrough in the use of cryptography for robust, casual attestation of identity over an insecure channel and it leverages an existing toolchain rather than inventing a new one. Initially this is only available to cryptonerds but as the community fulfills the moral imperative to solve the usability problems it will become more widely available. On Mon, Jun 1, 2015 at 3:09 PM, Parker Higgins par...@eff.org wrote: On 06/01/2015 12:35 PM, Thomas Delrue wrote: On 06/01/2015 01:46 PM, Steve Weis wrote: Hi Libtech. Facebook added support to put a PGP public key to your profile and optionally use it to encrypt email notifications that are sent to you: https://www.facebook.com/notes/protect-the-graph/securing-email-communications-from-facebook/1611941762379302 Forgive my ignorance but what is the point of this 'feature'? Wouldn't FB (and thus anyone able to coerce FB as well) still have the unencrypted data? Wooden leg, meet band-aid. Facebook is offering end-to-end encryption. If you don't trust the other end of an end-to-end connection, this won't help that particular problem. But there are plenty of well-attested benefits of end-to-end encryption for all sorts of other threats. Thanks, Parker -- Parker Higgins Director of Copyright Activism Electronic Frontier Foundation https://eff.org 815 Eddy Street San Francisco, CA 94109-7701 I prefer to use encrypted email. Public key: https://www.eff.org/files/2014/11/03/gphkey.txt Fingerprint: 4FF3 AA1B D29E 1638 32DE C765 9433 5F88 9A36 7709 Learn how to encrypt your email with the Email Self Defense guide: https://emailselfdefense.fsf.org/en/ -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] April Privacy Lab - Guest Speaker Melanie Ensign - Thurs, April 23, 4-6pm at Mozilla
Thursday, 23 April 2015 from 16:00 to 18:00 (PDT) Mozilla Office, 2 Harrison Street, San Francisco, CA RSVP https://www.eventbrite.co.uk/e/privacy-lab-and-cryptoparty-a-meetup-for-privacy-minded-people-in-san-francisco-tickets-16327037609 Our April Privacy Lab will include an optional and free Cryptoparty, hosted by Peninsula CryptoParty Volunteers (https://wildbee.org/cryptoparty.html). Cryptoparty participants will leave the event with new tools on their own devices that they'll have learned how to use. At this meeting, our speaker will be *Melanie Ensign*. Melanie's topic is how security/crypto experts can communicate to non-technical audiences, including how she sees consumer demand for privacy and security evolving and how privacy and security products need to be sold and communicated to the public. Her presentation will be 15 minutes followed by 15 minutes of QA. It will be preceded by 30 minutes of socializing as people arrive. Following the speaker and QA, *we will break into two groups*, those who wish to attend the cryptoparty to acquire and learn about new tools to use on their own devices and those who would like to continue with the usual Privacy Lab schedule of networking and talking about general privacy topics. As always, the goal of Privacy Lab is to bring together and others interested in privacy at for-profits, non-profits, and NGOs in an effort to contribute to the state of the ecosystem for privacy. By attending, you'll be able to hear what other people and organizations are working on, share what you're working on, and learn how to get involved. We hope to see you attend and become part of the growing community of privacy advocates in San Francisco. If you can't attend in person, this session will be recorded on https://air.mozilla.org. RSVP https://www.eventbrite.co.uk/e/privacy-lab-and-cryptoparty-a-meetup-for-privacy-minded-people-in-san-francisco-tickets-16327037609 -- For more information, including our code of conduct, see https://wiki.mozilla.org/Privacy/Privacy_Lab. To receive notice of these and other Mozilla privacy events, you can join *privacy-events at mozilla dot org.* More information can be found at: https://mail .mozilla.org/listinfo/privacy-events. -- Stacy Martin Senior Manager, Privacy and Engagement Mozilla 2 Harrison Street, Suite 700, San Francisco, CA 916-390-4845 (cell) st...@mozilla.com -- -- Stacy Martin Senior Manager, Privacy and Engagement Mozilla 2 Harrison Street, Suite 700, San Francisco, CA 916-390-4845 (cell) st...@mozilla.com ___ privacy-events mailing list privacy-eve...@mozilla.org https://mail.mozilla.org/listinfo/privacy-events -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Fwd: A crowdfunding campaign to build a free baseband
The people on Indiegogo project look legit and their comments line up with what I know about the space. An open source 3 or 4g baseband would be huge boon to anonymity and countersurveillance efforts. Anyone have further references on the project creators? On Mon, Apr 6, 2015 at 11:30 AM, Blibbet blib...@gmail.com wrote: FYI Forwarded Message Subject: A crowdfunding campaign to build a free baseband Date: Mon, 6 Apr 2015 05:41:54 GMT From: Spacefalcon the Outlaw fal...@ivan.harhan.org To: replic...@lists.osuosl.org Hello free phone lovers, As we all know, the baseband/modem/radio processor is the big bone in our collective throat: it is the most closed and proprietary part of every currently available phone, no matter how free the rest of the phone might be. Well, without beating further around the bush, I just started a crowdfunding campaign on Indiegogo seeking to change this bleak baseband situation: https://www.indiegogo.com/projects/free-software-cellular-baseband My project seeks to solve the problem of the closed and proprietary baseband by producing a GSM modem module that will run 100% free firmware. And furthermore, I seek to produce such a free baseband not by creating it from scratch, but by re-creating one that was already made by someone else some years ago and later discontinued. Please read the campaign page for the full details. Thanks for reading, SF ___ Replicant mailing list replic...@lists.osuosl.org http://lists.osuosl.org/mailman/listinfo/replicant -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Meetup in Mountain View: How the NSA fought to stop the publication of Diffie Heilman
Henry Corrigan-Gibbs will review the history of Diffie-Hellman key exchange and how the NSA fought to keep the authors from publishing. He will give a bit of information that was not in his Stanford Magazine article on the topic. He will also briefly give an academic's perspective on cryptocurrencies. Henry is a Ph.D. student at Stanford working on cryptography under Dan Boneh. His research has included work on Riposte, an anonymous messaging system for millions of users http://www.meetup.com/EthereumSiliconValley/events/220843961/ -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] mail2tor.com hidden service
Plaintext over Tor to email accounts are probably not safe. We've seen a major round of this where the Feds seize a hosted anonymous email account and then email plain texts appear in indictments. Perhaps the most famous is the TorMail Charlie Shrem case. http://www.forbes.com/sites/runasandvik/2014/01/31/the-email-service-the-dark-web-is-actually-using/ On Thu, Jan 1, 2015 at 12:01 AM, Richard Brooks r...@g.clemson.edu wrote: Does anyone have any info about this hidden service? I've been using it to set up temporary accounts to exchange info as a pgp work-around for people having trouble working with pgp keys. I assume the content can be read by whoever runs the site, but they won't know who I am. If the other side uses the hidden service, too. The mails can be read but the service won't know who either side is. Any faults in this logic? -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.