Hi Francisco,
On 08/13/13 22:37, Francisco Ruiz wrote:
Hi Guido,
This looks very interesting, but I have trouble understanding it. Can
you give me a sample URL where this is being shown in action?
Thank you for your interest.
The protocol is still in the proof-of-concept phase.
I've a
On 9 August 2013 18:16, Seth David Schoen sch...@eff.org wrote:
If you think governments are likely to use their own CAs for spying by
issuing fraudulent certificates, you want to remove trust for those
CAs _in your web browser_. Having a valid, correct, and publicly issued
certificate from
30C3 – 30th Chaos Communication Congress
December 27th–30th 2013, CCH, Hamburg
30C3 is the 2013 edition of the Chaos Communication Congress, the Chaos
Computer Club’s international conference and hacker party.
During the four days between Christmas and New Year’s Eve, thousands of
technology
On 08/14/2013 08:54 AM, Guido Witmond wrote:
It worked quite well for most sites. But big ones, like Google use a
different certificate for each endpoint. And Perspectives registers the
server-certificates it detects when it connects to the servers, not the
CA that signed it.
Can you use
On 14 August 2013 08:54, Guido Witmond gu...@witmond.nl wrote:
On 08/13/13 19:42, Andy Isaacson wrote:
On Mon, Aug 12, 2013 at 11:10:39AM +0200, Guido Witmond wrote:
There is another problem. You rely on HTTPS. Here is the 64000
dollar question:
Q._What is the CA-certificate for your
Hi Tom
Aside from StartCom (free) most CAs have roughly the same price and
service. Since service is equivalent, you're free to choose a CA
based on your political opinion, and not worry about missing out on
'features'. It's basically like voting in an election - elections are
won by tens
On 08/14/13 15:18, Ben Laurie wrote:
On 14 August 2013 08:54, Guido Witmond gu...@witmond.nl
mailto:gu...@witmond.nl wrote:
On 08/13/13 19:42, Andy Isaacson wrote:
On Mon, Aug 12, 2013 at 11:10:39AM +0200, Guido Witmond wrote:
There is another problem. You rely on HTTPS. Here
http://www.democracynow.org/2013/8/13/exclusive_owner_of_snowdens_email_service
also a short follow-up with me:
http://www.democracynow.org/2013/8/13/former_internet_provider_gagged_by_national
-N
--
Nicholas Merrill
Executive Director
The Calyx Institute
287 Spring Street
New York, NY 10013
On 08/14/2013 12:04 PM, Nadim Kobeissi wrote:
The Dalai Lama's Chinese website has been hacked and is now serving
malware to visitors in China:
To be clear, Tibet.net is the website of the Central Tibetan
Adminstration, i.e. the Tibetan government-in-exile.
It is not the Dalai Lama's website,
On Wed, Aug 14, 2013 at 11:20 AM, Nathan of Guardian
nat...@guardianproject.info wrote:
On 08/14/2013 12:04 PM, Nadim Kobeissi wrote:
The Dalai Lama's Chinese website has been hacked and is now serving
malware to visitors in China:
To be clear, Tibet.net is the website of the Central Tibetan
Apologies if you are receiving this mail more than once...
Please disseminate by friends, colleagues, researchers, students, etc. Thanks a
lot!
**
WorldCIST'14
The 2014 World Conference
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/13/2013 05:37 PM, Bernard Tyers - ei8fdb wrote:
Haven't hackers always been portrayed in a way to scare people? *
If it's not dDoSing script kiddies, its zombie network owning
Latvian mafias..
Or SysOPs using their BBSes to move satellites
Zero Degrees of al Qaeda* *
http://www.foreignpolicy.com/articles/2013/08/14/zero_degrees_of_al_qaeda_twitter
How Twitter is supercharging jihadist recruitment*.* BY J.M. BERGER |
AUGUST 14, 2013* *
There's a new jihadist recruiter on the Internet*.* Based in San Francisco
and backed by a
So I set up a proof-of-concept server last Friday, which was far
easier than I had pictured. Special thanks to Moritz for his PGP milter
[1], but I'm also customizing a lot of the other security and spam
filter settings.
Short: It should be up for comment in the next two weeks.
Long: I'm
On 08/14/2013 05:01 PM, Web Admin wrote:
Are there oher services to consider?
We (the Guardian Project) are happily using SparkleShare. Credit to the
Commotion/OTI team for introducing us to it, and for Hans-Christoph on
our team for getting it running.
SparklShare is based on Git, has nice,
I finally tried Bittorrent Sync this week and it seems to work quite nicely
for serverless file-sharing (mostly, as there is a server fallback to get
around firewalls). Too bad it's not FLOSS so I can't actually recommend it
:/
--mark B.
On Aug 14, 2013 2:42 PM, elijah eli...@riseup.net wrote:
On 14 Aug 2013, at 22:01, Web Admin webad...@cpj.org wrote:
Are either of these servics a more secure alternative to 3rd party
services like DropBox? My reasonng is that a hacker would first need to
know you host your own cloud in a articular way to attack it. Is my
thinking too simplistic?
Hah, we all must have read the same article.. ;)
On 14 Aug 2013, at 22:42, elijah eli...@riseup.net wrote:
On 08/14/2013 02:01 PM, Web Admin wrote:
It would be good to be able to advise folks on more secure alternatives, if
they exist.
free software:
* http://seafile.com
*
On 14 Aug 2013, at 22:47, mark burdett mfburd...@gmail.com wrote:
I finally tried Bittorrent Sync this week and it seems to work quite nicely
for serverless file-sharing (mostly, as there is a server fallback to get
around firewalls). Too bad it's not FLOSS so I can't actually recommend it
Hi Steve,
Some answers inline below, and thanks for taking all this time to help me.
I changed my browser's default encoding. That changes the charset in the
html tag, as well as some characters in the body. I tried UTF-8, Arabic,
and Chinese encodings and they all saved with slightly
On 14 Aug 2013, at 20:42, The Doctor dr...@virtadpt.net wrote:
Signed PGP part
On 08/13/2013 05:37 PM, Bernard Tyers - ei8fdb wrote:
Haven't hackers always been portrayed in a way to scare people? *
If it's not dDoSing script kiddies, its zombie network owning
Latvian mafias..
Or
I came across this article outlining historical operation of Lavabit's
services.
http://highscalability.com/blog/2013/8/13/in-memoriam-lavabit-architecture-creating-a-scalable-email-s.html
It mentions in two separate places that they stored users passwords in
plaintext to allow key generation
On 15 Aug 2013, at 00:01, Tom Ritter t...@ritter.vg wrote:
On 14 August 2013 18:29, Bernard Tyers b...@runningwithbulls.com wrote:
I came across this article outlining historical operation of Lavabit's
services.
On 14 August 2013 18:01, Richard r...@linux-m68k.org wrote:
On the other end of the paranoia scale I would like to remind folks of the
the mixmaster remailer chaining technique which does much more than plain
encryption - as far as I can see it is theoretically completely untraceable.
That
On 14 August 2013 19:11, Bernard Tyers - ei8fdb ei8...@ei8fdb.org wrote:
Yes, you're right. My mistake. But is my second question not still valid? If
SSL was compromised would the user not then be compromised?
Is:
…we generate public and private keys for the user and then encrypt the
On 15 Aug 2013, at 00:20, Tom Ritter t...@ritter.vg wrote:
On 14 August 2013 19:11, Bernard Tyers - ei8fdb ei8...@ei8fdb.org wrote:
Yes, you're right. My mistake. But is my second question not still valid? If
SSL was compromised would the user not then be compromised?
Is:
…we generate
On 14 August 2013 19:30, Bernard Tyers - ei8fdb ei8...@ei8fdb.org wrote:
IF, (big IF) my understanding of Lavabit's architecture is correct,
then if you gained access to the user's SSL session, and then also
access to Lavabit's server where the user's data and (encrypted)
private key is stored
For anyone unfamiliar with Curtis's work, many of his documentaries
are streamed here: http://thoughtmaybe.com/by/adam-curtis/
His theme is power in society. His style often borders on theatre,
which he takes to a whirlwind pitch in this 2009 immersive theatre
piece:
Hey Libtech,
Hot on the heels of last week's Bitcoin wallet for Android heist, Google has
confirmed that this was due to a critical crypto flaw in Android, which could
affect security in thousands of apps according to Ars Technica:
Google developers have confirmed a cryptographic vulnerability
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/15/2013 12:07 AM, Nadim Kobeissi wrote:
Hot on the heels of last week's Bitcoin wallet for Android heist,
Google has confirmed that this was due to a critical crypto flaw in
Android, which could affect security in thousands of apps according
30 matches
Mail list logo