Decent piece on the erroneous conflation of "guaranteed backdoored" Windows and "NSA approved" SELinux [url=http://www.market-ticker.org/akcs-www?post=224422]here[/url]. The author is a bit cavalier about the (nonexistent) mathematical "proofs" underlying the (alleged) hardness of common digital crypto methods, but overall still worthwhile.

If the NSA taps and stores everything it can, then that must include quite a lot of copyright material such as films (movies). What is the MPAA's position on these developments?

[QUOTE=Nick;353452]If the NSA taps and stores everything it can, then that must include quite a lot of copyright material such as films (movies). What is the MPAA's position on these developments?[/QUOTE]

Surely they're too smart to get in the way of the steamroller.

[QUOTE=Nick;353452]If the NSA taps and stores everything it can, then that must include quite a lot of copyright material such as films (movies). What is the MPAA's position on these developments?[/QUOTE]

Gee! I wonder how many billions (trillions?) MPAA would have to sue for to cover the size of the infringements. They go after teen-aged file sharers for hundreds of thousands, don't they?

Negative advertising
 

RSA Data Security in has released a warning not to use [URL="http://www.bbc.co.uk/news/technology-24173977"]one of its products.[/URL]

[QUOTE=xilman;353602]RSA Data Security in has released a warning not to use [URL="http://www.bbc.co.uk/news/technology-24173977"]one of its products.[/URL][/QUOTE]

One should never use the raw output of an RNG or a PRNG as input to
any kind of key generation software. Instead, the raw output bits should
first be passed through a non-linear filter (such as Keccak).

[QUOTE=R.D. Silverman;353609]One should never use the raw output of an RNG or a PRNG as input to
any kind of key generation software. Instead, the raw output bits should
first be passed through a non-linear filter (such as Keccak).[/QUOTE]Yup, but we are paranoid.

Others are not and/or are careless (the politically correct term for "incompetent").

Personally, I'd add an extra source of entropy, such as some "random" key strokes or mouse movements, before hashing.

Blackberry knows your email passwords
 

First part in German, second part in English:
[url]http://frank.geekheim.de/?p=2379[/url]

[quote]When you enter your POP / IMAP e-mail credentials into a Blackberry 10 phone they will be sent to Blackberry without your consent or knowledge. A server with the IP 68.171.232.33 which is in the Research In Motion (RIM) netblock in Canada will instantly connect to your mailserver and log in with your credentials. If you do not have forced SSL/TLS configured on your mail server, your credentials will be sent in the clear by Blackberrys server for the connection. Blackberry thus has not only your e-mail credentials stored in its database, it makes them available to anyone sniffing inbetween – namely the NSA and GCHQ as documented by the recent Edward Snowden leaks. Canada is a member of the “Five Eyes”, the tigh-knitted cooperation between the interception agencies of USA, UK, Canada, Australia and New Zealand, so you need to assume that they have access to RIMs databases.[/quote]

The Amsterdam Internet Exchange is one of the biggest in the world:
[URL]http://en.wikipedia.org/wiki/List_of_Internet_exchange_points_by_size[/URL]

It has expanded from Amsterdam to add infrastructure in Africa, Hong Kong and the Caribbean and, from a business point of view, the next logical step would be to expand into the United States.

Several connected parties are seriously worried that this would mean the NSA would be able to insist on having the ability to tap AMS-IX's infrastructure anywhere in the world.
This coming Friday, there is an extraordinary General Meeting of AMS-IX in Amsterdam to address the issue.

[URL]https://www.ams-ix.net/newsitems/103[/URL]

Dilma Rousseff the Brazilian President launches a blistering attack on the NSA snooping in her UNGA speech.

In other news, NSA collected 12.7 billion pieces of metadata in India in one month. And the Indian minister responsible says: "We have been assured by John Kerry that they are not reading the content of these messages." IOW, nothing to see here. Move along. Bozo!

If John Kerry says it, it must be true. AND.....I read it on the Interwebs! QED!