You don't need encryption keys for
metadata. They are required to read your email.
Declan McCullagh reports:
The U.S.
government has attempted to obtain the master encryption keys that
Internet companies use to shield millions of users’ private Web
communications from eavesdropping.
These demands for
master encryption keys, which have not been disclosed previously,
represent a technological escalation in the clandestine methods that
the FBI and the National Security Agency employ when conducting
electronic surveillance against Internet users.
Read more on CNET.
Think of this as another “I bet I can
get my face on TV!” bill.
From Rep.
Rush Holt:
Today Rep. Rush
Holt introduced legislation to repeal federal surveillance laws that
the government abused by collecting personal information on millions
of Americans in violation of the Constitution, as revealed by a
federal whistleblower and multiple media outlets last month.
… My
legislation would put a stop to that right now.” [Probably
not really Bob]
Holt’s bill, the
“Surveillance State Repeal Act”, would repeal the PATRIOT Act and
the FISA Amendments Act, each of which contains provisions that
allowed the dragnet surveillance.
Rep. Holt had previously
indicated his intent to introduce this legislation.
Minor, but you need to stay curent.
NIST
Releases Updates to Digital Signature Standard
“The National Institute of Standards
and Technology (NIST) has released a revision to the digital standard
used to ensure the integrity of electronic documents, as well as the
identity of the signer. The new document, Federal
Information Processing Standard (FIPS) 186-4, concerns what is
commonly known as the digital signature standard. First published in
1994 and revised several times since then, the standard provides
a means of guaranteeing authenticity in the digital world.
It uses complex math operations to encrypt and unscramble
“signatures” that are all but impossible to forge. Updates to
the standard are still necessary as technology changes. According to
NIST computer scientist Elaine Barker, FIPS 186-4 contains no major
revisions, but rather focuses on keeping the standard consistent with
other NIST cryptographic guidelines. Other than clarifying a number
of terms and correcting typographical errors, most of the changes aim
to align the standard with other publications, such as NIST Special
Publication 131A, so that all NIST documents offer consistent
guidance regarding the use of random number generators. Another
change concerns the use of prime number generators, which requires
random initial values for searching for prime numbers. FIPS 186-3
specifically allowed saving these “seeds” only for use as
evidence that the generated values were determined in an arbitrary
manner; FIPS 186-4 permits saving them for additional purposes, such
as the regeneration of the values.”
For my students...
Online
Survival Kit from Reporters Without Borders
“Reporters Without Borders has
published an Online
Survival Kit on its WefightCensorship.org website that
has tools and practical advice that will allow you to protect your
communications and data. You don’t need to be an IT engineer to
learn how to protect the content of your emails and
remain anonymous online. The tools and techniques
presented in this kit do not require advanced knowledge of computers
and programming.”
For my Computer Security students who
claim they can't find anything relevant.
CRS
– Cybersecurity: Authoritative Reports and Resources
Cybersecurity:
Authoritative Reports and Resources, Rita Tehan, Information
Research Specialist. July 18, 2013
There is no shortage of data on this
topic: government agencies, academic institutions, think tanks,
security consultants, and trade associations have issued hundreds of
reports, studies, analyses, and statistics.”
No comments:
Post a Comment