The Privacy BlogPrivacy, Security, Cryptography, and Anonymity

Play

Hola logo unhappy

The Hola peer to peer VPN service suffered a number of very damaging security revelations today. Hola claims that there are (or were) about 45 million active users of the service. (more…)

· · · · ·

Play

Young female nurse, wearing blue scrubs, mask, stethoscope aroun
I spent the last week at the RSA security conference in fear of getting sick before my talk on Friday, the last day of the conference. During that time I was nearly obsessive about using hand sanitizer to protect me against any germs I might be getting from shaking hands, or touching surfaces.

(more…)

· · · · · ·

HTTPS Questionmark screenshot

Google warns of unauthorized TLS certificates trusted by almost all OSes Ars Technica

“In the latest security lapse involving the Internet’s widely used encryption system, Google said unauthorized digital certificates have been issued for several of its domains and warned misissued credentials may be impersonating other unnamed sites as well.” (more…)

· ·

Tulips and windmill

DutchNews.nl reports that ISPs in the Netherlands will no longer be required to retain data for law enforcement.

Since 2009, national laws have required keeping records on the activities of all users for a period of one year. In 2014 the EU determined that such mass storage was a violation of fundamental privacy rights.

This court ruling brings the EU and Dutch rules into accord by ending the data retention requirement.

·

Feb/15

19

SuperFish – worst case certificate abuse

HiRes

There is a new “man in the middle” attack against web pages that is significantly worse than I have seen before. Interestingly, it does not even appear to be intended as an attack. (more…)

·

Older posts >>