Internet and e-mail policy and practice including Notes on Internet E-mail

←2024→ Months Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Click the comments link on any story to see comments or add your own. Subscribe to this blog RSS feed

Home :: Security 24 Oct 2019 Crypto back doors are still a bad idea Security In the always interesting Lawfare blog, former FBI counsel Jim Baker in a piece called Rethinking Encryption reiterates his take on the encrpytion debates. There's a certain amount that makes me want to bang my head against the wall, e.g. After working on the going dark problem for years, I'm confident that this problem can be addressed from a technical perspective. In most cases, it's just software, and software can be rewritten. But it's worth reading to remind us of what the other side is thinking, even with a lot of motivated reasoning that makes him conclude that Congress can pass some laws and the going dark problem will be solved. A reader who is relatively new to this fight asked me is there's a short and accessible explanation of why crypto back doors can't work. See more ...   posted at: 12:05 :: permanent link to this entry :: 0 comments Stable link is https://jl.ly/Security/noback.html 21 May 2018 Schneier and Kerr on Encryption Workarounds Security Bruce Schneier is a famous cryptography expert and Orin Kerr a famous cyberlaw professor. Together they've published a law journal article on Encryption Workarounds. It's intended for lawyers so it's quite accessible to non-technical readers. See more ...   posted at: 15:27 :: permanent link to this entry :: 1 comments Stable link is https://jl.ly/Security/encwork.html 26 Aug 2017 Not quite two factor, or is your phone number really something you have? Security A recent article in the New York Times Dealbook column reported on phone number hijacking, in which a bad guy fraudulently takes over someone's mobile phone number and used it to reset credentials and drain the victim's account. It happens a lot, even to the chief technologist of the FTC. This reminds us that security is hard, and understanding two factor authentication is harder than it seems. The usual definition of two-factor is to pick two different items from a list of security types: See more ...   posted at: 20:49 :: permanent link to this entry :: 0 comments Stable link is https://jl.ly/Security/2fphone.html

Topics Copyright Law - 29 Email - 228 ICANN - 127 Internet - 73 Money - 31 Security - 3 My other sites Who is this guy? Airline ticket info Taughannock Networks Other blogs CAUCE It turns out you don’t need a license to hunt for spam. 34 days ago A keen grasp of the obvious Italian Apple Cake 592 days ago Related sites Coalition Against Unsolicited Commercial E-mail Network Abuse Clearinghouse My Mastodon feed

© 2005-2020 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.