Viewing posts for the category Privacy

Privacy violations in Blind-Carbon-Copy mail

Posted by: Subreption LLC in Security Privacy Cryptography 10 months, 1 week ago Barth and Boneh published in 2005 a great academic paper on the privacy concerns found in BCC mail distribution when deploying cryptography solutions such as PGP/GPG. The issue boils down to the fact that most of the time public key material is publicly available (such as in websites and key servers), thus rendering the entire purpose of BCC useless, especially when contacts being mailed have public key material from other BCC recipients in their key rings.For organizations distributing sensitive information across multiple recipients with complex confidentiality and privacy inter-relationships, the usual (and extremely cumbersome) solution is to create recipient-specific keys or certificates, and carefully selecting these either manually or through mail aliases. Ultimately this approach has several weaknesses and is prone to human error.From their excerpt: Tags: gpg pgp
read more / Comments

08.06.2011

The Blue Hat Prize: A late April Fools joke

07.16.2011

Privacy violations in Blind-Carbon-Copy mail

07.05.2011

Mac OS X Lion: Did security mitigations manage to squeeze in?

03.13.2011

Virtual machine series: Lightweight embeddable languages

10.24.2009

Why Linux security has failed (for the past 10 years)

• bluehat (1)
• microsoft (1)
• stunts (1)
• mitigations (3)
• macosx (1)
• pax (1)
• nx (1)
• gpg (1)
• pgp (1)
• vm (1)
• embedded (1)
• linux (3)
• mls (1)
• selinux (1)
• grsecurity (1)
• kernheap (1)