Cryptography (crypto) group

Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Wednesday, 26-Jul-2017 18:30:23 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
- Cryptography
At the @UWCrysp seminar with @RossJAnderson, #nerdrockstar of !crypto

In conversation Wednesday, 26-Jul-2017 18:30:23 UTC from sn.jonkman.ca permalink
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Friday, 07-Jul-2017 07:03:52 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
"vulnerability in a GnuPG cryptographic library" does not mean "completely break RSA-1024" http://thehackernews.com/2017/07/gnupg-libgcrypt-rsa-encryption.html !crypto !GnuPG
In conversation Friday, 07-Jul-2017 07:03:52 UTC from sn.jonkman.ca permalink
Attachments
1. Researchers Crack 1024-bit RSA Encryption in GnuPG Crypto Library
  
  from The Hacker News
  
  Researchers Crack 1024-bit RSA Encryption in Libgcrypt cryptographic library of GnuPG (Gnu Privacy Guard)
Kitchener-Waterloo Cryptography Interest Group (kwcrypto@sn.jonkman.ca)'s status on Friday, 07-Jul-2017 01:33:36 UTC Kitchener-Waterloo Cryptography Interest Group
- Cryptography
On 26 July @RossJAnderson is coming to @UWCrysp to speak on "Making Security Sustainable" https://crysp.uwaterloo.ca/speakers/20170726-Anderson !crypto
In conversation Friday, 07-Jul-2017 01:33:36 UTC from sn.jonkman.ca permalink
Attachments
1. Untitled attachment
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Monday, 26-Jun-2017 16:21:19 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
- Cryptography
♻ @caparsons A kindly lesson for you non-techies about encryption http://blog.erratasec.com/2017/06/a-kindly-lesson-for-you-non-techies.html ¶ via #Twitter !crypto
In conversation Monday, 26-Jun-2017 16:21:19 UTC from sn.jonkman.ca permalink
Attachments
1. A kindly lesson for you non-techies about encryption
  
  The following tweets need to be debunked: The answer to John Schindler's question is: every expert in cryptography doesn't know this...
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Sunday, 11-Jun-2017 01:16:14 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
in reply to
- Cryptography
- vinzv
#Dudle looks really interesting, with its !crypto. But I don't want to impose registration on participants.

In conversation Sunday, 11-Jun-2017 01:16:14 UTC from sn.jonkman.ca permalink
@mcscx@quitter.se (mcscx@quitter.se)'s status on Friday, 09-Jun-2017 17:27:12 UTC @mcscx@quitter.se
in reply to
@bob "Russian lawmakers move to ban VPNs and Internet anonymizers" http://qttr.at/1v2z? !anonymity !justice #tor #darknet !crypto
In conversation Friday, 09-Jun-2017 17:27:12 UTC from quitter.se permalink
Attachments
1. Russian lawmakers move to ban VPNs and Internet anonymizers — Meduza
  
  from Meduza
  
  Lawmakers from three different parties in the State Duma have submitted draft legislation to ban technologies that make it possible to circumvent Internet censorship. In the law’s explanatory note, the Duma deputies argue that Russia’s existing system to block illegal content on the Web is “not effective enough.”
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Monday, 13-Mar-2017 18:26:43 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
I'm at the @UWCrysp lecture with Josh Benaloh https://crysp.uwaterloo.ca/speakers/20170314-Benaloh !ElectoralReform !Privacy !crypto
In conversation Monday, 13-Mar-2017 18:26:43 UTC from sn.jonkman.ca permalink
Attachments
1. Untitled attachment
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Thursday, 23-Feb-2017 15:29:02 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
- Cryptography
♻ @dangoodin001 At death’s door for years, widely used SHA1 function is now dead https://arstechnica.com/security/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead/ ¶ via #Twitter !crypto
In conversation Thursday, 23-Feb-2017 15:29:02 UTC from sn.jonkman.ca permalink
Attachments
1. At death’s door for years, widely used SHA1 function is now dead
  
  from Ars Technica
  
  Algorithm underpinning Internet security falls to first-known collision attack.
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Tuesday, 14-Feb-2017 22:38:09 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
I knew that, and I've used OTR on Pidgin. My post was mostly an excuse to get the thread into the !crypto and !XMPP groups.

In conversation Tuesday, 14-Feb-2017 22:38:09 UTC from sn.jonkman.ca permalink
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Sunday, 12-Feb-2017 22:12:14 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
- Cryptography
- Bob Mottram
LOL: bob@social.freedombone.net writes: The goal should be end-to-end encryption which is actually trustable, rather than a fashion accessory. !crypto

In conversation Sunday, 12-Feb-2017 22:12:14 UTC from sn.jonkman.ca permalink
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Monday, 06-Feb-2017 16:53:26 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
- Cryptography
- kat
@kat@quitter.se Are you seeing mechanical failures in those encrypted drives, or media failures (soft errors that irrevocably corrupt the encryption)? !crypto

In conversation Monday, 06-Feb-2017 16:53:26 UTC from sn.jonkman.ca permalink
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Monday, 16-Jan-2017 08:06:13 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
- Cryptography
- Mike Gerwitz
Agreed, the #WhatsApp "issue" is not a bug, it's there by design. But a designer vulnerability is still a vulnerability. https://www.eff.org/deeplinks/2017/01/google-launches-key-transparency-while-tradeoff-whatsapp-called-backdoor !crypto
In conversation Monday, 16-Jan-2017 08:06:13 UTC from sn.jonkman.ca permalink
Attachments
1. Google Launches Key Transparency While A Trade-Off in WhatsApp is Called a Backdoor
  
  from Electronic Frontier Foundation
  
  The Guardian ran a sensational story on Friday claiming a backdoor was discovered in WhatsApp, enabling intelligence agencies to snoop on encrypted messages. Gizmodo followed up saying it's no backdoor at all, but reasonable, intended behavior. So what's really going on here? The lost phone, lost message dilemma The issue at question is WhatsApp's answer to the question of what applications should do when someone's phone number changes (or they reinstall their app, or switch phones). Suppose Alice sends a message to Bob encrypted with Bob's key K1.
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Friday, 13-Jan-2017 17:57:22 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
in reply to
- Cryptography
- Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
But that re-keying attack seems like an easily fixed design flaw. The keys are already separate from the hardware, so a "clean" hardware replacement should include a transfer of key material from the old hardware to the new hardware so that re-keying queued messages is not necessary. Of course, now there's the vulnerability of exposing key material during the transfer, but that could be done requiring physical access, eg. a USB OTG cable, or Bluetooth pairing. No need to store the key material in The Cloud. !crypto

In conversation Friday, 13-Jan-2017 17:57:22 UTC from sn.jonkman.ca permalink
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Friday, 30-Dec-2016 06:31:52 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
- Cryptography
- Arun Isaac (அருண் ஐசக்)
@arunisaac I've used #Silence for a while. Seems to work OK, but I can't verify how secure the !crypto is

In conversation Friday, 30-Dec-2016 06:31:52 UTC from sn.jonkman.ca permalink
pettter ✅ (pettter@social.umeahackerspace.se)'s status on Tuesday, 13-Dec-2016 11:35:34 UTC pettter ✅
Too Cool for PGP, a well-written rant on PGP, e-mail and "alternatives".

https://www.mailpile.is/blog/2016-12-13_Too_Cool_for_PGP.html
!security !infosec !crypto !umehack

In conversation Tuesday, 13-Dec-2016 11:35:34 UTC from social.umeahackerspace.se permalink
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Wednesday, 16-Nov-2016 07:02:59 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
in reply to
Reading the #Slashdot description it appears that encrypted data is not compromised, but, of course, with a root shell the entire drive could be wiped, LUKS partition and all. !crypto !security

In conversation Wednesday, 16-Nov-2016 07:02:59 UTC from sn.jonkman.ca permalink
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Tuesday, 11-Oct-2016 04:28:31 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
- Android Group on StatusNet
- Cryptography
♻ @CopperheadOS: CopperheadOS development will be scaled back to doing work that is funded. This means that there are *temporarily* only security updates. ¶ !crypto !android

In conversation Tuesday, 11-Oct-2016 04:28:31 UTC from sn.jonkman.ca permalink
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Sunday, 09-Oct-2016 07:22:00 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
@zlg Full !GnuPG fingerprints are best, long KeyIDs (8 octets) are still good, short KeyIDs are definitely broken. I wonder how long it will take for an arbitrary 8-octet #KeyID to be easily generated... !crypto

In conversation Sunday, 09-Oct-2016 07:22:00 UTC from sn.jonkman.ca permalink
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Friday, 30-Sep-2016 18:09:50 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
- Cryptography
- F-Droid
♻ @Borisuithetbos #Snowden likes #Signal more than #Whatsapp or #Telegram but better #LibreSignal without Google Play on #CopperheadOS https://fdroid.eutopia.cz/ ¶ via @DarknetJ on #Twitter !crypto !fdroid
In conversation Friday, 30-Sep-2016 18:09:50 UTC from sn.jonkman.ca permalink
Attachments
1. Untitled attachment
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer@sn.jonkman.ca)'s status on Thursday, 08-Sep-2016 15:46:47 UTC Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
@openpgp_conf Will there be video of the presentations? !GnuPG !crypto

In conversation Thursday, 08-Sep-2016 15:46:47 UTC from sn.jonkman.ca permalink

Before

Public

Cryptography (crypto) group

Group actions

Members 0

Admins

Feeds