• Aug 31, 2017
  • Glyn Moody
  • News, Privacy, Programming, Security,

Even encrypted data streams from the Internet of Things are leaking sensitive information; here’s what we can do

As the Internet of Things (IoT) begins to enter the mainstream, concerns about the impact such “smart” devices will have on users’ privacy are growing. Many of the problems are obvious, but so far largely anecdotal. That makes a new paper from four researchers at Princeton University particularly valuable, because they analyze in detail how … Continue reading “Even encrypted data streams from the Internet of Things are leaking sensitive information; here’s what we can do”

2

  • Aug 29, 2017
  • Glyn Moody
  • BitTorrent, Privacy, Programming, Security,

Is this the key to foiling phishing attacks? Spoiler alert: probably

As readers of this blog know, VPNs are a great way to protect your privacy and security. But they address only some of the online threats we all face every day. Another important class of problems are caused by attacks that lead to accounts being taken over, identities being appropriated, data theft and financial losses. … Continue reading “Is this the key to foiling phishing attacks? Spoiler alert: probably”

2

  • Jul 9, 2017
  • Glyn Moody
  • Copyright, News, Programming, Security,

Encrypted Media Extensions: Copyright, DRM and the end of the open Web

The World Wide Web Consortium (W3C), which sets standards for the Web, has released what it calls a “disposition of comments“, designed to address objections to the controversial Encrypted Media Extensions (EME). EME is officially “a common API that may be used to discover, select and interact with content encryption systems”. In practice, for the … Continue reading “Encrypted Media Extensions: Copyright, DRM and the end of the open Web”

3

  • May 11, 2017
  • Caleb Chen
  • Networking, Privacy, Programming, Security,

OpenVPN 2.4 Evaluation Summary and Report

Contents 1 Executive Summary 2 Introduction 2.1 Scope 2.2 Approach 2.3 Classification and Severity Rating 3 Findings 3.1 Summary of Findings 3.2 Static Analysis Results 3.3 Dynamic Analysis Results 3.4 Detailed Findings 3.4.1 OVPN-01: Sensitive authentication token not wiped on certain TLS auth errors 3.4.2 OVPN-02: Potentially flawed TLS control channel encryption 3.4.3 OVPN-03: Insecure … Continue reading “OpenVPN 2.4 Evaluation Summary and Report”

0

  • Apr 10, 2014
  • rasengan
  • News, Privacy, Programming, Security,

Heartbleed: Post Mortem

At Private Internet Access, we consider our customers’ privacy and security to be our highest priority. That is our business. That is our expertise. We wanted to take a brief break from our ongoing research and development to discuss a few of the decisions we made to prepare for attacks like Heartbleed, as well as … Continue reading “Heartbleed: Post Mortem”

9