• Jul 9, 2017
  • Glyn Moody
  • Copyright, News, Programming, Security,

Encrypted Media Extensions: Copyright, DRM and the end of the open Web




The World Wide Web Consortium (W3C), which sets standards for the Web, has released what it calls a “disposition of comments“, designed to address objections to the controversial Encrypted Media Extensions (EME). EME is officially “a common API that may be used to discover, select and interact with content encryption systems”. In practice, for the … Continue reading “Encrypted Media Extensions: Copyright, DRM and the end of the open Web”

3

  • May 11, 2017
  • Caleb Chen
  • Networking, Privacy, Programming, Security,

OpenVPN 2.4 Evaluation Summary and Report




Contents 1 Executive Summary 2 Introduction 2.1 Scope 2.2 Approach 2.3 Classification and Severity Rating 3 Findings 3.1 Summary of Findings 3.2 Static Analysis Results 3.3 Dynamic Analysis Results 3.4 Detailed Findings 3.4.1 OVPN-01: Sensitive authentication token not wiped on certain TLS auth errors 3.4.2 OVPN-02: Potentially flawed TLS control channel encryption 3.4.3 OVPN-03: Insecure … Continue reading “OpenVPN 2.4 Evaluation Summary and Report”

0

  • Apr 10, 2014
  • rasengan
  • News, Privacy, Programming, Security,

Heartbleed: Post Mortem




At Private Internet Access, we consider our customers’ privacy and security to be our highest priority. That is our business. That is our expertise. We wanted to take a brief break from our ongoing research and development to discuss a few of the decisions we made to prepare for attacks like Heartbleed, as well as … Continue reading “Heartbleed: Post Mortem”

9

  • Dec 12, 2013
  • rasengan
  • News, Privacy, Programming, Security,

Gmail Privacy Proxy: Right Idea, Wrong Execution




Today, Google Mail announced that they will be proxying images received through GMail through their safer, faster proxy servers. At first glance, this appears to be an amazing step in the right direction in terms of privacy. After all, Google has decided to provide a proxy to access images thus masking your IP from remote … Continue reading “Gmail Privacy Proxy: Right Idea, Wrong Execution”

6

  • Nov 18, 2013
  • rasengan
  • Bitcoin, Programming, Security,

An Eventful Morning




TL;DR: Our Vanilla Forum installation was hacked, but our VPN system was completely unaffected.  Forum users should change their passwords if they are used on other sites. Today, on November 18, 2013, on or about 5AM, we discovered a message posted across the top of our offsite forums propositioning visitors to send Bitcoin to an address to receive 10x the Bitcoins in return.  Luckily, visitors of … Continue reading “An Eventful Morning”

11