"In short: there are a lot of ways to break HTTPS/TLS/SSL today, even when websites do everything right. As currently implemented, the Web's security protocols may be good enough to protect against attackers with limited time and motivation, but they are inadequate for a world in which geopolitical and business contests are increasingly being played out through attacks against the security of computer systems."But you can trust PGP.
"A new article in the Huffington Post describes the communications between whistleblower Snowden and journalist Greenwald: "Snowden only wanted to communicate securely using PGP encryption…" Now, if Snowden is what he says he is and knows what he says he knows, that's a hell of an endorsement of PGP. And more importantly, it indicates that the NSA does not have the ability to decrypt by brute-force. So Snowden's reported preference--together with Slide 4's $20M budget number--even more strongly indicates a CA-spoofing approach as the likeliest explanation of the "as-you-type" claim."Sounds good to me, and this another endorsement for Silent Circle. This story contains a good list of tools for protecting privacy and security on the internet.
Tor comments on PRISM. Includes a list of tools that augment Tor.
More privacy and security tools.
No comments:
Post a Comment