Symmetric Encryption Lab Instructions
This video is part of a larger online course, "From Barter to Bitcoin: Society, Technology and the Future of Money" run by Prof. Bill Maurer and Prof. Donald...
By: djp3
Read this article:
Symmetric Encryption Lab Instructions - Video
Using Certificates for Encryption in Windows Store Apps
An in depth discussion on using Certificates to encrypt data in your Windows Store Apps. I #39;ll show you some gotcha #39;s when working with the Windows Runtime an...
By: David Powell
See original here:
Using Certificates for Encryption in Windows Store Apps - Video
Encryption is hard. When NSA leaker Edward Snowden wanted to communicate with journalist Glenn Greenwald via encrypted email, Greenwald couldn't figure out the venerable crypto program PGP even after Snowden madea 12-minute tutorial video.
Nadim Kobeissi wants to bulldoze that steep learning curve. At theHOPE hacker conferencein New York later this month he'll release a beta version of an all-purpose file encryption program called MiniLock, a free and open-source browser plugin designed to let even Luddites encrypt and decrypt files with practically uncrackable cryptographic protection in seconds.
"The tagline is that this is file encryption that does more with less," says Kobeissi, a 23-year old coder, activist and security consultant. "It's super simple, approachable, and it's almost impossible to be confused using it."
Kobeissi's creation, which he says is in an experimental phase and shouldn't yet be used for high security files, may in fact be the easiest encryption software of its kind. In an early version of the Google Chrome plugin tested by Wired, we were able to drag and drop a file into the program in seconds, scrambling the data such that no one but the intended recipient -- in theory not even law enforcement or intelligence agencies -- could unscramble and read it. MiniLock can be used to encrypt anything from video email attachments to photos stored on a USB drive, or to encrypt files for secure storage on Dropbox or Google Drive.
Like the older PGP, MiniLock offers so-called "public key" encryption. In public key encryption systems, users have two cryptographic keys, a public key and a private one. They share the public key with anyone who wants to securely send them files; anything encrypted with that public key can only be decrypted with their private key, which the user guards closely.
Kobeissi's version of public key encryption hides nearly all of that complexity. There's no need to even register or log in -- every time MiniLock launches, the user enters only a passphrase, though MiniLock requires a strong one with as many as 30 characters or a lot of symbols and numbers. From that passphrase, the program derives a public key, which it calls a MiniLock ID, and a private key, which the user never sees and is erased when the program closes. Both are the same every time the user enters the passphrase. That trick of generating the same keys again in every session means anyone can use the program on any computer without worrying about safely storing or moving a sensitive private key.
"No logins, and no private keys to manage. Both are eliminated. That's what's special," says Kobeissi. "Users can have their identity for sending and receiving files on any computer that has MiniLock installed, without needing to have an account like a web service does, and without needing to manage key files like PGP."
In fact, MiniLock uses a flavour of encryption that had barely been developed when PGP became popular in the 90s: elliptic curve cryptography. Kobeissi says that crypto toolset allows for tricks that haven't been possible before; PGP's public keys, which users have to share with anyone who wants to send them encrypted files, often fill close to a page with random text. MiniLock IDs are only 44 characters, small enough that they can fit in a tweet with room to spare. And elliptic curve crypto makes possible MiniLock's feature of deriving the user's keys from his or her passphrase every time it's entered rather than storing them. Kobeissi says he's saving the full technical explanation of MiniLock's elliptic curve feats for hisHOPE conference talk.
Despite all those clever features, MiniLock may not get a warm welcome from the crypto community. Kobeissi'sbest-known previous creation is Cryptocat, a secure chat program that, like MiniLock, made encryptionso easy that a five-year-old could use it. But it also suffered fromseveral serious security flawsthat led many in the security community todismiss it as useless or worse, a trap offering vulnerable users an illusion of privacy.
But the flaws that made Cryptocat into the security community's whipping boy have been fixed, Kobeissi points out. Today the program been downloaded close to 750,000 times, and in asecurity ranking of chat programs by the German security firm PSW Grouplast month it tied for first place.
See original here:
This simple app lets anyone be an encryption expert
Wikileaks Editor Sarah Harrison on Helping Snowden
In the latest revelations from documents leaked by National Security Agency whistleblower Edward Snowden, The Washington Post has revealed the Foreign Intell...
By: freespeechtv
Originally posted here:
Wikileaks Editor Sarah Harrison on Helping Snowden - Video
Splinter Cell Blacklist, Edward Snowden and retro games
Recorded in September 2013, we review Splinter Cell Blacklist and discuss Edward Snowden #39;s revelations about the NSA and how games should portray governments...
By: HatchetJobdotcom
Read the original post:
Splinter Cell Blacklist, Edward Snowden and retro games - Video
By M. Cherif Bassiouni
When Edward Snowden obtained documents as an employee of Booz Allen Hamilton and made them public, the information disclosed was covered by secrecy under US law. That obligation was part of his employment contract, and such disclosure constituted a crime.
He first disclosed this material to Glenn Greenwald of The Guardian in early June of 2013. On 14 June, the Department of Justice filed a complaint against Snowden, charging him with unauthorized disclosure of national defense information under the 1917 Espionage Act, unauthorized disclosure of classified communication intelligence, and theft of government property.
Snowden made these disclosures while in Hong Kong, and it is reported that the United States sought his extradition pursuant to the treaty it has with Hong Kong, which contains a provision for the exclusion of political offenses. This brings into question the nature of Snowdens offence.
The Snowden case is inherently simple, and comes down to whether Snowdens actions were politically motivated or based on social interest. There was no harm to human life, and there was no general social harm. On the contrary, it revealed abuses of secret practices that violate the constitutional right of privacy. Harm to the national security is not only subjective but it is also dependent upon who decides what is and what is not part of national security.
When it comes to extradition, both the nature of the crime and the motive of the requesting state are taken into account. If the crime for which the person is requested is of a political nature and there is no human or social harm, extradition may be denied on the grounds that it is a purely political offense. This theory is extended to what is called the relative political offense exception, when, as incidental to a purely political offense exception an unintended social harm results. For example, if someone exercises freedom of speech by speaking loudly in the middle of a square and is charged with disturbing the peace, flees the country, and is sought for extradition, that is a purely political offense exception. If, in the course of fleeing the park they accidentally knock over an aged person who is injured and the state charges him with assault and battery, which would be a relative political offense exception. But the fact that Snowden himself maintains that he did not make public any information that could put intelligence officers in harms way, or reveal sources to foreign rivals of the United States means that under extradition law, his case is purely political.
Almost all states allow for the purely political offense exception to apply. Those that do not, bypass the exception for political reasons. This explains why Snowden went to Russia, though the UK would have found it difficult to extradite him too. It helps to look back to the case of Julian Assange, who was sought by the United States when in the UK. When the UK could not extradite Assange because of the purely political offense exception doctrine, the United States had Sweden seek his extradition from the UK for what was a criminal investigation into a common crime (sexual assault). This is what led Assange to seek refuge in the Ecuadorian embassy.
The fact that the purely political offence exception doctrine arose with respect to the Snowden case, assuming it would be the subject of extradition proceedings, is curious to say the least. Would a government official of, say, the Comoros Islands be the subject of similar international attention for the disclosure of some secret skullduggery that the government had classified as top secret? The answer is of course no. What makes this case a cause clbre is that it has to do with the United States, because it embarrasses the United States, and because it reveals that the government of the United States and at least one of its most important agencies (the NSA) has engaged in violations of the Constitution and laws on the protection of individual privacy. It has shown abuses of the powers by the executive branch to obtain information from private sector companies, which would not be otherwise obtainable without a proper court order. This of course is what makes the Snowden case so extraordinary since it is about a US citizen doing what he believed was right to better serve his country and whose very government was violating its constitution and laws.
M. Cherif Bassiouni is Emeritus Professor of Law at DePaul University where he taught from 1964-2012, where he was a founding member of the International Human Rights Law Institute (established in 1990), and served as President from 1990-2007, and then President Emeritus. He is also President, International Institute of Higher Studies in Criminal Sciences, Siracusa, Italy since 1989. He is the author of International Extradition: United States Law and Practice, Sixth Edition.
Subscribe to the OUPblog via email or RSS. Subscribe to only law articles on the OUPblog via email or RSS.
Read the original:
For social good, for political interest: the case of ...
By Harmeet Shah Singh and Ben Brumfield, CNN
updated 3:38 PM EDT, Wed July 2, 2014
STORY HIGHLIGHTS
(CNN) -- India has summoned a senior U.S. diplomat over reports the United States authorized its National Security Agency to spy on the ruling party, the BJP, an official said Wednesday.
The official spoke on condition of anonymity.
According to the latest disclosures by NSA leaker Edward Snowden published by the Washington Post on Monday, the NSA obtained legal authorization to spy on the BJP in 2010, when it was the opposition party.
The BJP, or Bharatiya Janata Party, came to national power in May in an electoral landslide.
The Foreign Intelligence Surveillance Court approved a broad certification for spying abroad in 2010, which included a list of 193 countries to concentrate on, the Post reported.
The Post reported that the list was a recommendation and that the agency was not required to spy on all of them.
The approval permitted the NSA to intercept communications through U.S. companies related to targets on the list, the report said.
See the rest here:
India summons U.S. diplomat over report of NSA spying ...
Reuters
EYES CLOSED: Anti-spying protesters outside the US Department of Justice in Washington, DC.
Endorsement of the NSA's internet surveillance programs by a bipartisan privacy board has deeply disappointed civil liberties activists while providing a measure of vindication for beleaguered US intelligence officials.
James Clapper, director of national intelligence, welcomed the conclusion by the independent Privacy and Civil Liberties Oversight Board that the National Security Agency's internet spying on foreign targets in the US has been legal, effective and subject to rigorous oversight to protect the rights of Americans.
Activist groups panned the report as a dud.
It was a dizzying turnabout for a privacy board that in January drew criticism in the other direction for branding the NSA's collection of domestic calling records unconstitutional.
As they unanimously adopted their 190-page report, the five board members - all appointed by President Barack Obama - sought to explain their largely favourable conclusions about surveillance programs that have provoked worldwide outrage since former NSA systems administrator Edward Snowden revealed them last year.
At issue is a spying regime, first definitively disclosed in Snowden documents last year, under which the NSA is using court orders to obtain foreign customers' emails, chats, videos and texts from Google, Facebook and other US tech companies under a program known as PRISM. The documents also showed that the agency is intercepting foreign data as it transits fiber optic lines in the US
Yahoo, Apple, Microsoft, Twitter and Facebook did not immediately respond to requests for comment. Google and LinkedIn declined to comment.
The reputations of American technology companies have suffered abroad over the perception that they cannot protect customer data from US spy agencies. Last week, the German government said it would end a contract with Verizon over concerns about network security.
See the original post:
Privacy group gives NSA spying thumbs-up | Stuff.co.nz
Reuters
EYES CLOSED: Anti-spying protesters outside the US Department of Justice in Washington, DC.
Endorsement of the NSA's internet surveillance programs by a bipartisan privacy board has deeply disappointed civil liberties activists while providing a measure of vindication for beleaguered US intelligence officials.
James Clapper, director of national intelligence, welcomed the conclusion by the independent Privacy and Civil Liberties Oversight Board that the National Security Agency's internet spying on foreign targets in the US has been legal, effective and subject to rigorous oversight to protect the rights of Americans.
Activist groups panned the report as a dud.
It was a dizzying turnabout for a privacy board that in January drew criticism in the other direction for branding the NSA's collection of domestic calling records unconstitutional.
As they unanimously adopted their 190-page report, the five board members - all appointed by President Barack Obama - sought to explain their largely favourable conclusions about surveillance programs that have provoked worldwide outrage since former NSA systems administrator Edward Snowden revealed them last year.
At issue is a spying regime, first definitively disclosed in Snowden documents last year, under which the NSA is using court orders to obtain foreign customers' emails, chats, videos and texts from Google, Facebook and other US tech companies under a program known as PRISM. The documents also showed that the agency is intercepting foreign data as it transits fiber optic lines in the US
Yahoo, Apple, Microsoft, Twitter and Facebook did not immediately respond to requests for comment. Google and LinkedIn declined to comment.
The reputations of American technology companies have suffered abroad over the perception that they cannot protect customer data from US spy agencies. Last week, the German government said it would end a contract with Verizon over concerns about network security.
Original post:
Privacy group gives NSA spying thumbs-up
This is the board's second report on NSA spy programs
A U.S. privacy board recently said that the National Security Administration's (NSAs) data collection methods have been effective for security purposes, but also treading on U.S. citizens' privacy in some instances.
According to Reuters,the Privacy and Civil Liberties Oversight Board -- whichis an independent government agency established in 2004 that advises the U.S. president and Congress on counter-terrorism operations -- said in a recent report thatthedata collection programallowed the government to collect foreign intelligence "quickly and effectively."
However,some parts of the program have pushed into "constitutional unreasonableness" when it comes to the privacy of U.S. citizens, according to the board.
The board also offered some recommendations so that the program could balance privacy, civil rights and national security better than before.
The NSA has had the spotlight ever since former NSA contractor Edward Snowdenblew the cover on its surveillance programs early last year, which consisted of bulk data collection from sources like phone records, where the government took on a "collect now, filter later" approach.The agency has said that the bulk data collection was meant toidentify terrorist threats, but was discovered that the data of Americans has been collected without any clear evidence of terrorist links.
A presidential review panelmade 46 recommendations regarding greater restraint on the NSA's surveillance programs in December 2013, where one of themajor recommendationsinvolved the elimination ofbulk collection of phone call records.
Source: Reuters
Read the original here:
Report: NSA Spying Program Effective But Pushes Into "Constitutional Unreasonableness