Seeing many running to take the intelligence test using dueling, laughably extreme, perceptions of government:
(a) it is composed of technically illiterate idiots who must be saved by the brilliant short-timers who will "parachute in" from [insert cool internet/start-up company name here] by the application of open-source/devops/agile/lean/user-centered design, or (b) it is composed of machiavellian intellects building and directing sophisticated orwellian systems vacuuming up all digital data for nefarious purposes.
++ Trying to figure out where the Great SIM Crypto Heist fits. Perpetrated by machiavellian idiots?
+++ When stealing a car, it is probably easier to steal the keys than break in and hotwire it. Or you can resort to carjacking. The crypto version: Surreptitiously Weakening Cryptographic Systems by Bruce Schneier and Matthew Fredrikson and Tadayoshi Kohno and Thomas Ristenpart.
++ Trust us, we'll protect your information from everyone ... (fine print: just not from us!).
Tips, Tools and How-tos for Safer Online Communications from the Electronic Frontier Foundation.
++ Tutorial on switching your website to HTTPS now, for free.
+++ Even marketers are now promoting the use of HTTPS for SEO benefits!
cyberforge: random and relevant
Shared secrets are a fundamental building block of the current approach to authentication. With all the breaches that are happening these days, "killing passwords dead" and 2FA could potentially end up being a band-aid in the long run.
++ If you believe Albert Einstein, insanity is defined as doing the same thing over and over again and expecting different results. An alternative proposal from someone who wants to kill shared secrets dead.
+++ A practical application of Magic Crypto by the EU funded ABC4Trust Project which uses Microsoft’s U-Prove technology and IBM’s Idemix technology to implement both “Minimal disclosure for a constrained use” and “User control and consent” (a la Seven Laws of Identity).