The Private Internet Access Android app is being open sourced

The Private Internet Access Android app is being open sourced

Private Internet Access (PIA) is open sourcing its Android VPN app and dependencies code to the public as part of its commitment to open sourcing all clients in the name of transparency and privacy.

Technical analysis of client identification mechanisms

Technical analysis of client identification mechanisms

The other versioning scheme, Last-Modified, suffers from the same issue: servers can store at least 32 bits of data within a well-formed date string, which will then be echoed back by the client through a request header known as If-Modified-Since.

Let’s Reverse Engineer Discord

Let’s Reverse Engineer Discord

After encrypting the entire stream and sending with an RTP header, we can see this packet received and decrypted by our remote Discord client which is in a debugger.

Private internet owner mulling plans for privacy suite in 2020

Private internet owner mulling plans for privacy suite in 2020

This comprehensive plan which we have started implementing we hope will lead the way to other companies in this space to follow suite and create a “no need for trust” echo system where all our stakeholders will be able to verify how our system works and handles information.

Private Internet Access updates Linux desktop client to prevent against [CVE-2019-14899]

Private Internet Access updates Linux desktop client to prevent against [CVE-2019-14899]

[CVE-2019-14899] affects many different types of VPN protocols including OpenVPN, WireGuard, and IKEv2/IPSec. Private Internet Access has released an update to its Linux client that mitigates [CVE-2019-14899] from being used to infer any information about our users’ VPN connections.

Why Adding Client-Side Scanning Breaks End-To-End Encryption

Why Adding Client-Side Scanning Breaks End-To-End Encryption

Let’s say that when the client-side scan finds a hash match, it sends a message off to the server to report that the user was trying to send a blocked image.

Dnscrypt-protocol/ANONYMIZED-DNSCRYPT.txt at master · DNSCrypt/dnscrypt-protocol · GitHub

Dnscrypt-protocol/ANONYMIZED-DNSCRYPT.txt at master · DNSCrypt/dnscrypt-protocol · GitHub

While the communications themselves are secure, and while the stateless nature of the DNSCrypt protocol helps against fingerprinting individual devices, DNS server operators can still observe client IP addresses.

Android Users: Update Signal Now to Prevent Eavesdropping

Android Users: Update Signal Now to Prevent Eavesdropping

Photo: ShutterstockAccording to a late-September bug report from Google’s Project Zero team, an issue with the popular covert messaging app Signal, on Android, allowed any attacker to essentially eavesdrop on a person’s device (via audio, not video).

TSA: Forced Strip-Search No More Offensive Than Voluntarily Using a Locker Room

TSA: Forced Strip-Search No More Offensive Than Voluntarily Using a Locker Room

What we do know from the TSA’s 24-page reply to the lawsuit (.pdf), a motion to dismiss filed Friday in U.S. District Court for the Northern District of Oklahoma, is that they don’t think they should be held responsible.

How to stop Superhuman and other apps from tracking your emails

How to stop Superhuman and other apps from tracking your emails

Even if you disable external images, Boxy Suite will tell you when an email has a tracking pixel anyway , so you'll be able to decide if you want to load images or not based on that.

Digital ID Verification – The Key to Developing Intelligent Security Systems

Digital ID Verification – The Key to Developing Intelligent Security Systems

With the increased advancement in intelligent systems, businesses can now implement systems that are able to verify users in real-time, all the while lending better security to transactions.

Disclosing Tor users' real IP address through 301 HTTP Redirect Cache Poisoning

Disclosing Tor users' real IP address through 301 HTTP Redirect Cache Poisoning

The fact that it is possible to achieve certain persistency in browsers cache, by injecting poisoned entries, can be abused by an attacker to disclose real IP address of the Tor users that send non-TLS HTTP traffic through malicious exit nodes.

Librem One Campaign Wants to Help De-Google Your Life

Librem One Campaign Wants to Help De-Google Your Life

TweetShare 0 Purism, the privacy-orientated Linux device company, has launched a “bundle” of mobile apps and services for Android and iOS. Purism, perhaps best known for the Librem 5 Linux phone crowdfunding campaign , has launched a new initiative offering “privacy protecting, no-track, no-ads” apps and services for mobile users.

Research: Classification of attacks on Tor clients and Tor hidden services

Research: Classification of attacks on Tor clients and Tor hidden services

This message will be routed from the entry node of the hidden service, which is controlled by the adversary, to the central server and will include information such as the circuit ID, the cell timestamp, the source IP address, and the circuit ID.

How To Stop Using Free Email

How To Stop Using Free Email

So for most free services like Gmail, Yahoo, or Hotmail, you're not going to be able to use your existing email address with a different email provider. The next thing you want to do is update all your online accounts that use your old address to contact you.

Fairfax Judge Ruled in Our Favor Against Mass Surveillance of Virginia Drivers

Fairfax Judge Ruled in Our Favor Against Mass Surveillance of Virginia Drivers

A Fairfax judge has granted our petition for injunctive relief in our case Neal v. This case demonstrates that random mass surveillance by law enforcement agencies is not exempt from the requirements of Virginia's Government Data Collection and Dissemination Act (the Data Act).

Fingerprinting TLS clients with JA3

Fingerprinting TLS clients with JA3

This article is a short guide to using JA3 for fingerprinting TLS clients, with possible use cases and a simple demo. At the implementation level this can translate to: advertising dummy future ciphers each time in order to create unique fingerprints.

Add Stretch-Hash-and-Truncate option for extreme DNS privacy · jedisct1/dnscrypt-proxy@2d1dd7e

Add Stretch-Hash-and-Truncate option for extreme DNS privacy · jedisct1/[email protected]

Step 2: in case the Argon2id algorithm has a vulnerability, or, since this is a popular function used for hashing passwords and for cryptocurrencices, and people may have built rainbow tables already, we use a hash function over the result of the previous function.

EFF Backs Redditor in Fight to Stay Anonymous

EFF Backs Redditor in Fight to Stay Anonymous

San Francisco—The Electronic Frontier Foundation (EFF) is representing an anonymous Reddit commenter who is facing an abusive copyright claim from the Watchtower Bible and Tract Society, a group that publishes doctrines for Jehovah’s Witnesses.

Self-host your very own strongSwan IKEv2/IPsec state-of-the-art VPN server for iOS and macOS

Self-host your very own strongSwan IKEv2/IPsec state-of-the-art VPN server for iOS and macOS

Self-host your very own strongSwan IKEv2/IPsec state-of-the-art VPN server for iOS and macOS. Step 3: Create a SSH key pair for vpn-server.

EM Client

EM Client

Most folks usually write something when they want to complain - I do as well (LOL) - but I also like to say Thank You when you get a real good and well supported piece of software. Neil Martin Just a note to say thanks for building a damn good email client to replace Outlook.

Profs prep promising privacy-protecting proxy program... Yes, it is possible to build client-server code that safeguards personal info

Profs prep promising privacy-protecting proxy program... Yes, it is possible to build client-server code that safeguards personal info

In a paper scheduled to be presented on Thursday at the USENIX Networked Systems Design and Implementation conference , co-authors Frank Wang (MIT), Ronny Ko and James Mickens (Harvard) describe a system called Riverbed – not to be confused with an identically named IT company – that consists of a proxy service to oversee the handling of data locally and on remote servers.

Confessions of a private spy

Confessions of a private spy

Of course, Weinstein hired Black Cube - an organisation staffed by ex-Mossad operatives and a favoured plaything of some of the less savoury individuals stalking the planet - to spy on McGowan.

How I’m (slowly) moving off the cloud with Nextcloud

How I’m (slowly) moving off the cloud with Nextcloud

Now, open up the ddclient configuration file: sudo nano /etc/ddclient.conf Next, replace the content of the file with the following: protocol=dyndns2 use=web server=domains.google.com ssl=yes login= generated_username password=' generated_password ' test.example.com Replace generated_username and generated_password with the username and password you copied down earlier.

University Buys 14.4 Petabyte Bandwidth to Boost ‘Anonymous’ Torrent Client

University Buys 14.4 Petabyte Bandwidth to Boost ‘Anonymous’ Torrent Client

The Tribler lab at Delft University of Technology has sold part of its Bitcoin stash to purchase bandwidth for its anonymous torrent client. Professor Johan Pouwelse, leader and founder of the Tribler project, informs us that his lab at Delft University of Technology has bought 14.4 petabytes of Internet bandwidth.

Distributed PKI: Development and Use Cases

Distributed PKI: Development and Use Cases

Cryptography, the black box we believe can help The REMME team came up with the open source PKI (d) protocol concept to secure communications, we were sure that the primary use case would be human authentication.

What if Facebook was a brick and mortar company

What if Facebook was a brick and mortar company

This only comes to about 50 people so to avoid looking like a loner in front of Darren you start listing people who aren't really friends but rather people you know.

[Thread] dnscrypt-proxy on iOS · Issue #42 · jedisct1/dnscrypt-proxy

[Thread] dnscrypt-proxy on iOS · Issue #42 · jedisct1/dnscrypt-proxy

I’m a dev and I want to spend my time on development, not on fighting with copycats. The mentioned Mike’s OB and many other devs that were making opensource projects for iOS stucked with exactly the same problem.

Assistance and Access Bill

Assistance and Access Bill

Please use the contact details on this page to email your Senators and Representatives in the Australian Parliament. It is recommended that you use your own email client to send submissions as anything sent from here could potentially be marked as spam.

Secure P2P chat

Secure P2P chat

Here I will show you how to setup encrypted peer-to-peer chat and make your communication private and secure with use of Husarnet, Avahi and Pidgin.