The Ambassador

The Ambassador is both warrior and diplomat. He listens to the words of those who deserve influence and guides those in his care as he guides himself. He acts not selfishly but for the betterment of all.

Terrible Article on Vernam Ciphers

If there's anything that confuses wannabe cryptographers, it's one-time pads....


The Full Story of Yahoo's Fight Against PRISM

In 2008, Yahoo fought the NSA to avoid becoming part of the PRISM program. It eventually lost the court battle, and at one point was threatened with a $250,000 a day fine if it continued to resist. I am continually amazed at the extent of the government coercion....


Identifying Dread Pirate Roberts

According to court documents, Dread Pirate Roberts was identified because a CAPTCHA service used on the Silk Road login page leaked the users' true location....


Tracking People From their Cell Phones with an SS7 Vulnerability

What's interesting about this story is not that the cell phone system can track your location worldwide. That makes sense; the system has to know where you are. What's interesting about this story is that anyone can do it. Cyber-weapons arms manufacturers are selling the capability to governments worldwide, and hackers have demonstrated the capability....


Two New Snowden Stories

New Zealand is spying on its citizens. Edward Snowden weighs in personally. The NSA and GCHQ are mapping the entire Internet, including hacking into Deutsche Telekom and other companies. EDITED TO ADD (9/18): Marcy Wheeler comments on the second story, noting that the NSA uses this capability to map MAC addresses....


Security of the SHA Family of Hash Functions

Good article on the insecurity of SHA-1 and the need to replace it sooner rather than later....


Friday Squid Blogging: 200-Pound Squid Found in Gulf of Mexico

A 200-pound dead giant squid was found near the coast of Matagorda, Texas. This is only the third giant squid ever found in the Gulf of Mexico. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....


The Concerted Effort to Remove Data Collection Restrictions

Since the beginning, data privacy regulation has focused on collection, storage, and use. You can see it in the OECD Privacy Framework from 1980 (see also this proposed update). Recently, there has been concerted effort to focus all potential regulation on data use, completely ignoring data collection. Microsoft's Craig Mundie argues this. So does the PCAST report. And the World...


Tabnapping: A New Phishing Attack

Aza Raskin describes a new phishing attack: taking over a background tab on a browser to trick people into entering in their login credentials. Clever. EDITED TO ADD (9/12): This is not a new attack. The link above is from 2010. Here's another article from 2010....


WikiLeaks Spy Files

WikiLeaks has organized the trove of documents about corporations aiding government surveillance around the world. It's worth wandering around through all this material. EDITED TO ADD (9/12): I made a mistake. WikiLeaksdidn't do the organizing; Silk did....