Privacy Talks | Interview with Josh Aas from Let’s Encrypt

Privacy Talks | Interview with Josh Aas from Let’s Encrypt

Timestamp Links & Questions: [] – Could you tell us what Let’s Encrypt does and what led you to co-found it?[] = Could you give a quick explainer of what HTTPS is and what role Let’s Encrypt plays in enabling HTTPS?Learn more about Let’s Encrypt at:

WhatsApp will eventually delete your account if you don’t accept new privacy policy

WhatsApp will eventually delete your account if you don’t accept new privacy policy

WhatsApp has confirmed that users that don’t accept their controversial new privacy policy will eventually have their accounts deleted.When the privacy policy was first announced, a flurry of users migrated from WhatsApp to other end-to-end encrypted messaging apps such as Signal and Telegram.

The Irrevocable SSL certificates of CloudFlare

The Irrevocable SSL certificates of CloudFlare

The difference is that uses Let’s Encrypt, which would allow me to revoke their SSL certificate for this website.Basically, it is a case of pay CloudFlare $10 per month or they get 100% control over your SSL certificate and will deny your requests to revoke.

The ones who brought you Let's Encrypt, bring you: Tools for gathering anonymized app usage metrics from netizens

The ones who brought you Let's Encrypt, bring you: Tools for gathering anonymized app usage metrics from netizens

The Internet Security Research Group (ISRG) has a plan to allow companies to collect information about how people are using their products while protecting the privacy of those generating the data.

Introducing IOTA Stronghold. Stronghold is a collection of…

Introducing IOTA Stronghold. Stronghold is a collection of…

There are many challenges involved in securely managing digital secrets like passwords, vehicle access codes, and wallet seeds:High-value secrets like private keys need to be encrypted at rest, using modern and secure algorithmsSuch secrets need to be purged from device memory immediately after useUsers must be able to configure systems to their security needsApplications need to run on any type of hardware from phones to cars, where possible leveraging Trusted Execution Environments.

Private Internet Access announces another year of Let’s Encrypt sponsorship

Private Internet Access announces another year of Let’s Encrypt sponsorship

Besides providing free TLS certificates for websites seeking to migrate to HTTPS, Let’s Encrypt also uses its corporate sponsorship money to work on improving the security of their own certificate authority infrastructure.

Private messaging app Signal suggests it could pull out of the US market if draconian EARN IT bill is approved

Private messaging app Signal suggests it could pull out of the US market if draconian EARN IT bill is approved

Lund speculates that as once companies let go of the end-to-end encryption protection, they may potentially lose legal immunity granted to them under section 230 of the Communications Decency Act.

Let's Encrypt Has Issued a Billion Certificates

Let's Encrypt Has Issued a Billion Certificates

Today 81% of page loads use HTTPS globally, and we’re at 91% in the United States!Today we serve nearly 192M websites with 13 full time staff and an annual budget of approximately $3.35M.

Exclusive: Apple dropped plan for encrypting backups after FBI complained - sources

Exclusive: Apple dropped plan for encrypting backups after FBI complained - sources

SAN FRANCISCO (Reuters) - Apple Inc (AAPL.O) dropped plans to let iPhone users fully encrypt backups of their devices in the company’s iCloud service after the FBI complained that the move would harm investigations, six sources familiar with the matter told Reuters.

If You Think Encryption Back Doors Won't Be Abused, You May Be a Member of Congress

If You Think Encryption Back Doors Won't Be Abused, You May Be a Member of Congress

Virtually every tech expert and privacy advocate under the sun has warned virtually every government official in the world that "back doors" that let police bypass encryption has the potential to cause huge harms and actually makes citizens even more vulnerable to crime.

US pushes Facebook for access to WhatsApp messages

US pushes Facebook for access to WhatsApp messages

In an open letter to the company, Attorney General William Barr states that the DOJ is concerned that Facebook’s encryption would be harmful to the investigation and prosecution of offenders of crimes like terrorism, extortion, and the sexual exploitation of children.

The Open Letter from the Governments of US, UK, and Australia to Facebook is An All-Out Attack on Encryption

The Open Letter from the Governments of US, UK, and Australia to Facebook is An All-Out Attack on Encryption

But the letter to Facebook goes much further: law enforcement and national security agencies in these three countries are asking for nothing less than access to every conversation that crosses every digital device.

Attorney General Bill Barr Will Ask Zuckerberg To Halt Plans For End-To-End Encryption Across Facebook's Apps

Attorney General Bill Barr Will Ask Zuckerberg To Halt Plans For End-To-End Encryption Across Facebook's Apps

Signed by Barr, UK Home Secretary Priti Patel, acting US Homeland Security Secretary Kevin McAleenan, and Australian Minister for Home Affairs Peter Dutton, the letter raises concerns that Facebook’s plan to build end-to-end encryption into its messaging apps will prevent law enforcement agencies from finding illegal activity conducted through Facebook, including child sexual exploitation, terrorism, and election meddling.

Weakness in Intel chips lets researchers steal encrypted SSH keystrokes

Weakness in Intel chips lets researchers steal encrypted SSH keystrokes

Now, researchers are warning that, in certain scenarios, attackers can abuse DDIO to obtain keystrokes and possibly other types of sensitive data that flow through the memory of vulnerable servers.

Sending encrypted data with sound

Sending encrypted data with sound

With this question in mind, let’s take a look at the properties of sound and how industry-standard encryption can be applied to acoustic data transfer to render it secure and safe from the risk of prying ears.

Don’t Let Encrypted Messaging Become a Hollow Promise

Don’t Let Encrypted Messaging Become a Hollow Promise

EFF considers the following signs that a messenger is not delivering end-to-end encryption: client-side scanning, law enforcement “ghosts,” and unencrypted backups. But because services like PhotoDNA run on company servers, they cannot be used with an end-to-end encrypted messaging service, leading to the proposal that providers of these services should do this scanning “client-side,” on the device itself.

UK “Ghost Proposal” would allow secret government participation in private calls and chats

UK “Ghost Proposal” would allow secret government participation in private calls and chats

GCHQ (Government Communications Headquarters) is a UK government intelligence organization similar to the U.S. National Security Agency (NSA).The Letter, spearheaded by Sharon Bradford Franklin and Andi Wilson Thompson of New America’s Open Technology Institute, provides insight into how the Ghost Proposal would allow government agents to slip unseen into private encrypted communications:The “ghost key” proposal put forward by GCHQ would enable a third party to see the plain text of an encrypted conversation without notifying the participants.

GitHub - sh-dv/hat.sh: A Free, Fast, Secure client-side File Encryption.

GitHub - sh-dv/hat.sh: A Free, Fast, Secure client-side File Encryption.

AES-GCM - exportKey. async function exportCryptoKey(key) { const exported = await window.crypto.subtle.exportKey( "raw", key ). async function decryptMessage(key) { let encoded = getMessageEncoding(); let decrypted = await window.crypto.subtle.decrypt({ name: "AES-GCM", iv: iv }, key, ciphertext ) .then(function (decrypted) { (new Uint8Array(encrypted)); }) .catch(function (err) { console.error(err); }); }.

Introducing The New Librem Chat

Introducing The New Librem Chat

Let us tell you about the new Librem Chat: the no worries, free end-to-end encrypted chat, VoIP and video-calling service. Librem Chat is built with free software, created by security and privacy experts.

VPNs Are No Privacy Panacea, And Finding An Ethical Operator Is A Comical Shitshow

VPNs Are No Privacy Panacea, And Finding An Ethical Operator Is A Comical Shitshow

VPNs Are No Privacy Panacea, And Finding An Ethical Operator Is A Comical Shitshow Privacy from the ain't-no-magic-bullet dept Given the seemingly endless privacy scandals that now engulf the tech and telecom sectors on a near-daily basis , many consumers have flocked to virtual private networks (VPN) to protect and encrypt their data.

Facebook, WhatsApp and Instagram MERGING into ‘single messaging service’ – as angry staff ‘clash with controlling Zuckerberg’

Facebook, WhatsApp and Instagram MERGING into ‘single messaging service’ – as angry staff ‘clash with controlling Zuckerberg’

"With the integration project currently expected to take a year to complete, and with end-to-end encryption as part of the plan, we should expect the Facebook engineering teams to focus attention on uniform data security both in their platform and in the apps themselves." Worryingly, child safety campaigners have warned that this could make child-grooming even easier for online sickos.

A Roadmap for Exceptional Access Research

A Roadmap for Exceptional Access Research

This article is organized into four parts: (1) reviewing the benefits and risks of an EA encryption system from a policy viewpoint; (2) providing a skeletal definition of the security guarantees that EA encryption should provide in order to mitigate the policy risks; (3) listing several possible capabilities that an EA system might provide in an attempt to identify a minimum viable product together with law enforcement; and (4) constructing policy to revive research into EA’s technology challenges, an area that has been mostly dormant for two decades.

Three years later, Let’s Encrypt has issued over 380 million HTTPS certificates

Three years later, Let’s Encrypt has issued over 380 million HTTPS certificates

That means bloggers, single-page websites and startups alike can get an easy-to-install certificate for free — even news sites like TechCrunch rely on Let’s Encrypt for a secure connection.