Defiance - Silicon Valley and Encryption
Finally a release date for the new map expansion. Encrypted weapons and jump to clanmates as well.

By: combo65

Read more here:
Defiance - Silicon Valley and Encryption - Video

The creator of Cryptocat, Nadim Kobeissi, is back with another easy-to-use encryption tool. This time it's a Chrome app that aims to make it easy to create and share single encrypted files with others. Called miniLock, the app is freely available on the Chrome Web Store.

Similar to other encryption tools, miniLock relies on public key cryptography. Under this scheme you have to share your public key with others so they can encrypt files meant for you and only you. But unlike many encryption toolswhich are often difficult to useminiLock is very easy to understand and takes away a lot of the pain typically associated with encryption tools.

The public key itself, dubbed your miniLock ID, is relatively short at around 45 characters. That's long enough to easily fit in a tweet, as the miniLock site says. But it's still too long to easily remember, so you'll have to write it down or save it in a password manager like LastPass or KeePass.

For encryption, miniLock uses Curve25519 elliptic curve cryptography, which is the same cryptography used in Kobeissi's Cryptocat. The problem with encryption tools, however, often isn't the strength of their encryption but how well it's implemented.

On the miniLock site you can find a recent miniLock security auditby penetration testing firm Cure53. The report gives miniLock a clean bill of health stating that "MiniLock is a one-purpose app offering this one particular feature [encryption] and appears to be doing that as well as possible...The code is soundly and neatly written, well structured, minimal and therefore offers no sinks for direct exploitation."

That's just one report, however, and others will no doubt sink their teeth into miniLock and try to find exploits. Judging the quality of the cryptography is beyond the scope of this article. But as it's a new app, miniLock may not yet be the best choice for anyone encrypting documents in a high-stakes environment (political oppression, corporate secrecy). That said, it's definitely worth keeping tabs on to see what the security community has to say about miniLock in the future.

For anyone that wants to dive in right away, here's a quick hands-on with miniLock on a Windows 8.1 PC.

miniLock after a public key is generated.

To get started, visit the Chrome Web Store and install miniLock as you would any other Chrome app. Once it's installed you can either launch it right from the Chrome Web Store or the Chrome App Launcher in your taskbar, if you've installed that.

When it starts up, miniLock will ask you to sign in with your email address and a passphrase. These two pieces will be used to generate your miniLock ID, which should take only a second or two.

Read the rest here:
Hands-on: miniLock's powerful file encryption is dead simple to use

DEEP S-ECE-1 (9th July 2014) Module 11 Compound ciphers, Public Key Encryption
We build on our basic cryptography to create compound ciphers and understand public-key encryption.

By: Al Leon-Garcia

Read the rest here:
DEEP S-ECE-1 (9th July 2014) Module 11 Compound ciphers, Public Key Encryption - Video

By Stewart Baker August 3 at 9:39 PM

The evidence is mounting that Edward Snowden and his journalist allies have helped al Qaeda improve their security against NSA surveillance. In May, Recorded Future, a predictive analytics firm, publisheda persuasive timelineshowing that Snowdens revelations about NSAs capabilities were followed quickly by a burst of new, robust encryption tools from al-Qaeda and its affiliates:

This is hardly a surprise for those who live in the real world. But it was an affront to Snowdens defenders, whove long insisted that journalists handled the NSA leaks so responsibly that no one can identify any damage that they have caused.

In damage control mode, Snowdens defenders first responded to the Recorded Future analysis by pooh-poohing the terrorists push fornew encryption tools. Bruce Schneierdeclared that the change might actually hurt al Qaeda: I think this will help US intelligence efforts. Cryptography is hard, and the odds that a home-brew encryption product is better than a well-studied open-source tool is slight.

Schneier is usually smarter than this. In fact, the product al Qaeda had been recommending until the leaks, Mujahidin Secrets,probably didqualify ashome-brew encryption.Indeed, Bruce Schneier dissedMujahidin Secretsin 2008 on precisely that ground, saying No one has explained why a terrorist would use this instead ofPGP.

But as a secondRecorded Future postshowed,the products that replacedMujahidin Secretsrelied heavily on open-source and proven encryption software.Indeed, one of them uses Schneiers own, well-tested encryption algorithm, Twofish.

Faced with facts thatcontradicted his original defense of Snowden, Schneier was quick tooffer a new reason why Snowdensleaks and al Qaedas response to them still wouldnt make any difference:

Whatever the reason, Schneier says, al-Qaidas new encryption program wont necessarily keep communications secret, and the only way to ensure that nothing gets picked up is to not send anything electronically. Osama bin Laden understood that. Thats why he ended up resorting to couriers.

Upgrading encryption software might mask communications for al-Qaida temporarily, but probably not for long, Schneier said.It is relatively easy to find vulnerabilities in software, he added. This is why cybercriminals do so well stealing our credit cards. And it is also going to be why intelligence agencies are going to be able to break whatever software these al-Qaida operatives are using.

So, if you were starting to think that Snowden and his band of journalist allies might actually be helping the terrorists, theres no need to worry, according to Schneier, becauseall encryption software is so bad that NSA will still be able to break the terrorists communications and protect us. Oddly, though, thats not what he says when he isnt on the front lines with the Snowden Defense Corps. Ina 2013 Guardian articleentitled NSA surveillance: A guide to staying secure, for example, he offers very different advice, quoting Snowden:

More here:
Volokh Conspiracy: As evidence mounts, it’s getting harder to defend Edward Snowden