Rel-publickey and Rel-pgpkey Specification

Rel-publickey and Rel-pgp are a simple open format to indicate that a link points to an individual’s or entity’s PGP or other public key.
Specification 6-Sep-2013
Author
Mark Burnett (mb@xato.net)
Copyright
This specification is released into the public domain per the Creative Commons Public Domain License or any later version published by Creative Commons; with a waiver […] Continue Reading…

8 Ways to Prepare for CSP

Cross-Site Scripting (XSS) is a critical threat that, despite widespread training, still plagues a large number of web sites. Preventing XSS attacks can get complicated but even a small effort can go a long way–a small effort that nevertheless seems to evade us. Still, developers are getting better at […] Continue Reading…

So What Exactly Did The US Government Ask Lavabit to Do?

The recent shutdown of Lavabit’s email services prompted a flurry of reporting and speculation about the extent US Government spying, mostly due to the mysterious statement by Lavabit founder Ladar Levison:

Most of us saw this as yet another possibly overhyped government spying issue and didn’t really think too much […] Continue Reading…

Should You Ditch LastPass?

Steve Thomas, aka Sc00bz, has brought up some very interesting issues about the LastPass password monitor that are causing some confusion so I thought I’d give another perspective on the issue.

Summary of Steve’s points:

When you use the LastPass web site to login to your account, your web browser will first send a […] Continue Reading…

Thanks NSA for Ruining the Internet

I know, we have been told for years that the NSA has been spying on us. The revelations in recent months really aren’t that new. We always assumed there was that looming over us and many of us have even greeted various government agencies in our private chats and […] Continue Reading…

Dear NSA, I Don’t Think You Meant Yottabytes

Several media reports claim that the NSA’s Utah data center may ultimately be able to store data on the scale of yottabytes because, you know, they think they’re totally going to need yottabytes. To put this into perspective, a yottabyte would require about a trillion 1tb hard drives and data […] Continue Reading…

Getting Started with PGP in 10 Minutes or Less

Considering recent news about the collecting of data communications, I think its time to bring PGP back to life. PGP is an extremely secure encryption method that is easy to integrate into email messages. Although it has been around since 1991, early efforts to make it a standard largely […] Continue Reading…

Dear NSA, It’s Not Just About the Spying

This not only applies to the NSA, but to Congress and President Obama: You betrayed our trust. That’s why we are angry.

It’s not about spying and it’s not about having anything to hide. The fact is, my life is very boring and it’s kind of sad knowing how many […] Continue Reading…

Grant Edward Snowden Retroactive Immunity

Last week I was struck by the absurdly hypocritical statement by James Clapper, the Director of National Intelligence:

“The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans.”

I suppose that if you live at the top of […] Continue Reading…

Pafwert: Now Open Source

More than 15 years ago I started working on a unique password generator that eventually evolved into a small program I now call Pafwert.

Pafwert is an unique tool to help you to select strong passwords that are easy to remember. Using strong entropy, tens of thousands of seed words, […] Continue Reading…