Tags: encryption



Monday, January 22nd, 2018

We need more phishing sites on HTTPS!

All the books, Montag.

If we want a 100% encrypted web then we need to encrypt all sites, despite whether or not you agree with what they do/say/sell/etc… 100% is 100% and it includes the ‘bad guys’ too.

Friday, March 24th, 2017


Steps you can take to secure your phone and computer. This is especially useful in countries where ubiquitous surveillance is not only legal, but mandated by law (such as China, Australia, and the UK).

Monday, December 26th, 2016


An Enigma machine of one’s own.

Monday, October 10th, 2016

Your Private Encrypted Browser | Tenta Browser

A browser for Android that specifically touts privacy and security as its key features.

Saturday, May 14th, 2016


For your information, the Let’s Encrypt client is now called Certbot for some reason.

Carry on.

Monday, October 26th, 2015

From Radio to Porn, British Spies Track Web Users’ Online Identities

This profile of GCHQ’s “Karma Police” programme is as maddening as it is insightful: the sheer unashamed brazenness of these bastards deserves our collective anger …not the collective apathy which has been the UK’s response so far.

There is one glimmer of hope in this litany of affronts to decency:

In recent years, the biggest barrier to GCHQ’s mass collection of data does not appear to have come in the form of legal or policy restrictions. Rather, it is the increased use of encryption technology that protects the privacy of communications that has posed the biggest potential hindrance to the agency’s activities.

Wednesday, January 21st, 2015


Tracking the state of TLS support on prominent websites. It doesn’t look great, particularly in the States.

Tuesday, November 18th, 2014

Let’s Encrypt

This is a great development! The EFF are working on a creating a new certificate authority that will issue certs for free.

I am so happy that the certificate authority racket is getting this shake-up.

Tuesday, September 30th, 2014

Introducing Universal SSL

Great news from Cloudflare—https endpoints by default!

This means that if you’re planning on switching on TLS for your site, but you’re using Cloudflare as a CDN, you’ve got one less thing to change (and goodness knows you’re going to have enough to do already).

I really like their reasoning for doing this, despite the fact that it might mean that they take a financial hit:

Having cutting-edge encryption may not seem important to a small blog, but it is critical to advancing the encrypted-by-default future of the Internet. Every byte, however seemingly mundane, that flows encrypted across the Internet makes it more difficult for those who wish to intercept, throttle, or censor the web. In other words, ensuring your personal blog is available over HTTPS makes it more likely that a human rights organization or social media service or independent journalist will be accessible around the world. Together we can do great things.

Tuesday, August 13th, 2013

Friday, June 7th, 2013

The thing and the whole of the thing: on DRM in HTML

A great post by Stuart on the prospect of DRM-by-any-other-name in HTML.

The argument has been made that if the web doesn’t embrace this stuff, people won’t stop watching videos: they’ll just go somewhere other than the web to get them, and that is a correct argument. But what is the point in bringing people to the web to watch their videos, if in order to do so the web becomes platform-specific and unopen and balkanised?

Tuesday, February 26th, 2013

Alice and Bob in Cipherspace

A clear explanation of the current state of homomorphic encryption.