Re: [liberationtech] "Securing Email Communications from Facebook" offering PGP support

[z...@manian.org]

Facebook is an identity provider.

GPG is a failed(so far?) system for confidentiality and massively
successful system for managing identity(Hello Debian!)

For their notification system, FB is leveraging GPG as an identity provider
to say" only a person who has a certain private key should be able to reset
access credentials for this account".

It is a totally awesome breakthrough in the use of cryptography for robust,
casual attestation of identity over an insecure channel and it leverages an
existing toolchain rather than inventing a new one.

Initially this is only available to cryptonerds but as the community
fulfills the moral imperative to solve the usability problems it will
become more widely available.




On Mon, Jun 1, 2015 at 3:09 PM, Parker Higgins  wrote:

> On 06/01/2015 12:35 PM, Thomas Delrue wrote:
> > On 06/01/2015 01:46 PM, Steve Weis wrote:
> >> Hi Libtech. Facebook added support to put a PGP public key to your
> >> profile and optionally use it to encrypt email notifications that are
> >> sent to you:
> >>
> https://www.facebook.com/notes/protect-the-graph/securing-email-communications-from-facebook/1611941762379302
> > Forgive my ignorance but what is the point of this 'feature'?
> > Wouldn't FB (and thus anyone able to coerce FB as well) still have the
> > unencrypted data?
> >
> > Wooden leg, meet band-aid.
>
> Facebook is offering end-to-end encryption. If you don't trust the other
> end of an end-to-end connection, this won't help that particular
> problem. But there are plenty of well-attested benefits of end-to-end
> encryption for all sorts of other threats.
>
> Thanks,
> Parker
>
> --
> Parker Higgins
> Director of Copyright Activism
> Electronic Frontier Foundation
> https://eff.org
>
> 815 Eddy Street
> San Francisco, CA 94109-7701
>
> I prefer to use encrypted email.
>
> Public key: https://www.eff.org/files/2014/11/03/gphkey.txt
> Fingerprint: 4FF3 AA1B D29E 1638 32DE C765 9433 5F88 9A36 7709
>
> Learn how to encrypt your email with the Email Self Defense guide:
> https://emailselfdefense.fsf.org/en/
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] April Privacy Lab - Guest Speaker Melanie Ensign - Thurs, April 23, 4-6pm at Mozilla

[z...@manian.org]

Thursday, 23 April 2015 from 16:00 to 18:00 (PDT)

Mozilla Office, 2 Harrison Street, San Francisco, CA

RSVP


Our April Privacy Lab will include an optional and free Cryptoparty, hosted
by Peninsula CryptoParty Volunteers (https://wildbee.org/cryptoparty.html).
Cryptoparty participants will leave the event with new tools on their own
devices that they'll have learned how to use.

At this meeting, our speaker will be *Melanie Ensign*.  Melanie's topic is
how security/crypto experts can communicate to non-technical audiences,
including how she sees consumer demand for privacy and security evolving
and how privacy and security products need to be sold and communicated to
the public.  Her presentation will be 15 minutes followed by 15 minutes of
Q&A. It will be preceded by 30 minutes of socializing as people arrive.

Following the speaker and Q&A, *we will break into two groups*, those who
wish to attend the cryptoparty to acquire and learn about new tools to use
on their own devices and those who would like to continue with the usual
Privacy Lab schedule of networking and talking about general privacy
topics.

As always, the goal of Privacy Lab is to bring together and others
interested in privacy at for-profits, non-profits, and NGOs in an effort to
contribute to the state of the ecosystem for privacy. By attending, you'll
be able to hear what other people and organizations are working on, share
what you're working on, and learn how to get involved.

We hope to see you attend and become part of the growing community of
privacy advocates in San Francisco. If you can't attend in person, this
session will be recorded on https://air.mozilla.org.

RSVP


-- 

For more information, including our code of conduct, see
https://wiki.mozilla.org/Privacy/Privacy_Lab.

To receive notice of these and other Mozilla privacy events, you can
join *privacy-events
at mozilla dot org.*  More information can be found at: https://mail
.mozilla.org/listinfo/privacy-events.
-- 
Stacy Martin
Senior Manager, Privacy and Engagement
Mozilla
2 Harrison Street, Suite 700, San Francisco, CA
916-390-4845 (cell)
st...@mozilla.com



-- 
-- 
Stacy Martin
Senior Manager, Privacy and Engagement
Mozilla
2 Harrison Street, Suite 700, San Francisco, CA
916-390-4845 (cell)
st...@mozilla.com

___
privacy-events mailing list
privacy-eve...@mozilla.org
https://mail.mozilla.org/listinfo/privacy-events
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Fwd: A crowdfunding campaign to build a free baseband

[z...@manian.org]

The people on Indiegogo project look legit and their comments line up with
what I know about the space.

An open source 3 or 4g baseband would be huge boon to anonymity and
countersurveillance efforts.

Anyone have further references on the project creators?


On Mon, Apr 6, 2015 at 11:30 AM, Blibbet  wrote:

> FYI
>
>  Forwarded Message 
> Subject: A crowdfunding campaign to build a free baseband
> Date: Mon, 6 Apr 2015 05:41:54 GMT
> From: Spacefalcon the Outlaw 
> To: replic...@lists.osuosl.org
>
> Hello free phone lovers,
>
> As we all know, the baseband/modem/radio processor is the big bone in
> our collective throat: it is the most closed and proprietary part of
> every currently available phone, no matter how free the rest of the
> phone might be.
>
> Well, without beating further around the bush, I just started a
> crowdfunding campaign on Indiegogo seeking to change this bleak
> baseband situation:
>
> https://www.indiegogo.com/projects/free-software-cellular-baseband
>
> My project seeks to solve the problem of the closed and proprietary
> baseband by producing a GSM modem module that will run 100% free
> firmware.  And furthermore, I seek to produce such a free baseband not
> by creating it from scratch, but by re-creating one that was already
> made by someone else some years ago and later discontinued.  Please
> read the campaign page for the full details.
>
> Thanks for reading,
> SF
> ___
> Replicant mailing list
> replic...@lists.osuosl.org
> http://lists.osuosl.org/mailman/listinfo/replicant
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Meetup in Mountain View: How the NSA fought to stop the publication of Diffie Heilman

[z...@manian.org]

Henry Corrigan-Gibbs will review the history of Diffie-Hellman key exchange
and how the NSA fought to keep the authors from publishing. He will give a
bit of information that was not in his Stanford Magazine article on the
topic. He will also briefly give an academic's perspective on
cryptocurrencies.

Henry is a Ph.D. student at Stanford working on cryptography under Dan
Boneh.  His research has included work on Riposte, an anonymous messaging
system for millions of users

http://www.meetup.com/EthereumSiliconValley/events/220843961/
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] mail2tor.com hidden service

[z...@manian.org]

Plaintext over Tor to email accounts are probably not safe.

We've seen a major round of this where the Feds seize a hosted anonymous
email account and then email plain texts appear in indictments. Perhaps the
most famous is the TorMail & Charlie Shrem case.

http://www.forbes.com/sites/runasandvik/2014/01/31/the-email-service-the-dark-web-is-actually-using/


On Thu, Jan 1, 2015 at 12:01 AM, Richard Brooks  wrote:

> Does anyone have any info about this hidden service?
>
> I've been using it to set up temporary accounts to
> exchange info as a pgp work-around for people having
> trouble working with pgp keys. I assume the content
> can be read by whoever runs the site, but they won't
> know who I am.
>
> If the other side uses the hidden service, too. The mails
> can be read but the service won't know who either side is.
>
> Any faults in this logic?
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.