recentpopularlog in


« earlier   
Apple to Start Putting Sensitive Encryption Keys in China - WSJ
Until now, Apple has stored the codes only in the U.S. for all global users, the company said, in keeping with its emphasis on customer privacy and security.
While Apple says it will ensure that the keys are protected in China, some privacy experts and former Apple security employees worry that moving the keys to China makes them more vulnerable to seizure by a government with a record of censorship and political suppression.

“Once the keys are there, they can’t necessarily pull out and take those keys because the server could be seized by the Chinese government,” said Matthew Green, a professor of cryptography at Johns Hopkins University. Ultimately, he says, “It means that Apple can’t say no.”

Apple says it is moving the keys to China as part of its effort to comply with a Chinese law on data storage enacted last year. Apple said it will store the keys in a secure location, retain control over them and hasn’t created any backdoors to access customer data. A spokesman in a statement added that Apple advocated against the new laws, but chose to comply because it “felt that discontinuing the [iCloud] service would result in a bad user experience and less data security and privacy for our Chinese customers.”
apple  crittografia  cina  problemi  spunti  icloud  privacy 
8 weeks ago by nicoladagostino
Secure Token and FileVault on Apple File System | Der Flounder
As part of Apple File System’s FileVault encryption on mac OS High Sierra, Apple introduced Secure Token. This is a new and undocumented account attribute, which is now required to be added to a user account before that account can be enabled for FileVault on an encrypted Apple File System (APFS) volume. To help make sure that at least one account has a Secure Token attribute associated with it, a Secure Token attribute is automatically added to the first account to log into the OS loginwindow on a particular Mac.
filevault  macos  mac  macintosh  highsierra  mh  mhie  crittografia 
january 2018 by nicoladagostino
ProtonMail Bridge brings the encrypted email service to Apple Mail | 9to5Mac
After months of beta testing, ProtonMail has unveiled official support for their encrypted mail service within email clients Apple Mail, Microsoft Outlook, and Mozilla Thunderbird. The support comes by way of a custom application that connects mail clients securely with a user’s ProtonMail account. Paying users can download ProtonMail Bridge today to get started.
forpupina  crittografia  sicurezza  linux  windows  mac  macintosh  email  spunti  software  privacy 
december 2017 by nicoladagostino
APFS encryption status check script | Der Flounder
[The script] checks to see if a Mac is running 10.13.x or higher. If the Mac is question is running 10.13.x or higher, the script reports if it is using encryption on an APFS drive and gives the encryption or decryption status.
crittografia  strumenti  terminale  highsierra  mac  macintosh  filesystem  apfs  mh  mhie 
november 2017 by nicoladagostino
Unlock an encrypted APFS boot drive using Disk Utility | Der Flounder
In the event that you need to unlock an unbootable boot drive using Apple File System (APFS) encryption, it’s possible to do so using Disk Utility and one of the following authentication credentials:
1) The password to a FileVault-enabled account on the drive
2) A personal recovery key
apfs  filesystem  crittografia  tutorial  mac  macintosh  mh  mhie 
november 2017 by nicoladagostino
Pirate-Friendly Coinhive's DNS Hacked, User Hashes Stolen - TorrentFreak
Coinhive, the cryptocurrency mining service that has proven a hit with 'pirate' sites, has been hacked. After failing to update a password that was at least three years old and potentially part of an earlier breach, the platform's DNS records were manipulated, allowing hackers to "steal" hashes from Coinhive users.
spunti  blockchain  crittografia  bitcoin  pirateria  hack  sicurezza 
october 2017 by nicoladagostino
Police Just Found Phone & USB Stick Belonging To Paris Suicide Bomber, After Misplacing It For Almost Two Years | Techdirt
Remember how, right after the Paris bombings, people started blaming encryption for the attacks, despite the fact it was later revealed that most of the planning was done in the open and communication occurred via unencrypted SMS messages? As we noted, it seemed pretty clear that the bombings were an intelligence and law enforcement failure rather than an encryption problem.

Now, just to add more evidence to that conclusion in the most ridiculous way possible, apparently Brussels police just found a mobile phone and USB stick that had belonged to one of the suicide bombers in the Paris attacks, Brahim Abdeslam. The police had seized the phone and USB stick during a drug raid back in February of 2015... and promptly misplaced them entirely. They were found under a stack of papers.
crittografia  terrorismo  sorveglianza 
december 2016 by dp
The Cryptopals Crypto Challenges
Quick plug: set 8 is out. It's all about attacks on elliptic curves and GCM.

This set is huge. There's as much content as in any two or three other sets.

This set is tough. It's easily the toughest set so far. And there is some math. But it's fascinating stuff and (I hope) pretty approachable.

This set is OG cryptopals. That means we're (for now) distributing it via email. If you want to check it out, send a mail to with subject "Crazy Flamboyant for the Rap Enjoyment"
crittografia  esercizi 
november 2016 by dp
French, German ministers demand new encryption backdoor law • The Register
In the lead-up to the meeting and in subsequent public comments from the ministers, they both made repeated mention of the issue of data encryption, even calling out the app Telegram as an example of a problem they wish to find a solution to.
French interior minister Bernard Cazeneuve even went so far as to argue that the European Commission (EC) should draft a new law that would require companies to work with the authorities to decrypt secure communications on demand and help track down terrorist suspects.

This proposed law would "impose obligations on operators who show themselves to be non-cooperative, in particular when it comes to withdrawing illegal content or decrypting messages as part of an investigation," Cazeneuve said to reporters.

Predictably, those remarks have led to concerns that the European Union will pass new legislation that would effectively ban secure end-to-end-encryption, and hence outlaw the use of apps such as Whatsapp and Telegram.
privacy  crittografia  problemi  europa  buffoni  spunti  panorama  cwi 
august 2016 by nicoladagostino

Copy this bookmark:

to read