Cryptography


Lavabit Gives Users Chance to Recover Email Archives

Lavabit, the now-shuttered secure email provider that has become something of a rallying point for privacy advocates and security experts in the ongoing NSA surveillance saga, is giving its former users until Thursday night to change their passwords on the service. They will then have a short window to download their email archives and get […]


There’s been no shortage of discussion and debate in recent week about the possibility that the NSA has intentionally weakened some cryptographic algorithms and cipher suites in order to give it an advantage in its intelligence-gathering operations. If you subscribe to the worst-case scenario line of thinking, then most of the commonly used ciphers are […]

While Congress and the technology community are still debating and discussing the intelligence gathering capabilities of NSA revealed in recent months, the agency’s director, Gen. Keith Alexander, is not just defending the use of these existing tools, but is pitching the idea of sharing some of the vast amounts of threat and vulnerability data the NSA and other agencies possess with organizations in the private sector.

It’s no fun being a cynic, thinking that everything is bad and getting worse. It’s easy–especially in the security community–but it’s not fun. But, in light of the latest in the interminable string of revelations about the NSA’s efforts to eat away at the foundation of the security industry, the only alternative available is the equivalent of believing in unicorn-riding leprechauns.

With all of the disturbing revelations that have come to light in the last few weeks regarding the NSA’s collection methods and its efforts to weaken cryptographic protocols and security products, experts say that perhaps the most worrisome result of all of this is that no one knows who or what they can trust anymore.