I'm trying to get my head round HTTP Signatures as they're used extensively in the Fediverse. Conceptually, they're relatively straightforward. You send me a normal HTTP request. For example, you want to POST something to https://example.com/data You send me these headers: POST /data Host: example.com Date: Sat, 24 Feb 2024 14:43:48 GMT Accept-Encoding: gzip Digest: […]
Continue reading →
I recently saw Robin Moisson's method of password protecting a statically served HTML page. It's quite neat! But it does rely on JavaScript. That got me wondering if there was a way to encrypt a static page only using CSS? And... I think I've done it! I'll warn you now, this is a deeply stupid […]
Continue reading →
Messaging app Signal is launching a payment service in the UK. This will allow users to send each other money cryptocurrency. Many people have written about why this is a daft idea. But they've mostly talked about why cryptocoins corrupt everything they touch. I want to talk about why this is a shitty idea from […]
Continue reading →
I'm not sure if I'm the first person to do this - but I'm going to claim credit anyway! Hello! This Tweet has been signed with my PGP Key. pic.twitter.com/ed4rcldlvw — Terence Eden is on Mastodon (@edent) May 14, 2020 You can verify by pasting the alt text into keybase.io/verify - or by using your […]
Continue reading →
This is a quick tutorial on how to encrypt your Twitter messages using PGP with the help of Keybase.io. I read an article yesterday which seemed to imply that Twitter was mangling PGP encrypted messages (albeit unintentionally). There is a minor bug in Twitter's web interface - but PGP seems to work perfectly in apps. […]
Continue reading →
(An adaptation of my earlier blog post on the same topic1.) This is a case study focusing on the usability of encryption systems as used by political dissidents in Apartheid era South Africa. Background - South Africa Between 1948 and 1994, the nation of South Africa was ruled by an ethnically white minority. They set […]
Continue reading →
In 1987 MI5's former Assistant Director, Peter Wright, released his autobiography. Spycatcher: The Candid Autobiography of a Senior Intelligence Officer. It was immediately banned by the British Government. Although the Internet wasn't around to facilitate its distribution, it was trivial to obtain copies imported from Australia. As a boy, I remember seeing the publicity about […]
Continue reading →I have been reading a wonderful account of how The ANC in South Africa developed and used encryption to avoid persecution by the Apartheid regime. The article is a good 15,000 words and will take you some time to read. It is a fascinating account of how an ersatz encryption technology was developed by enthusiastic […]
Continue reading →
You should visit Bletchley Park. Seriously. It's the most amazing museum - dedicated to the wartime effort to crack Enigma; the Nazi cryptographic machines. The tour guides of Bletchley Park are full of fascinating stories. They can tell you how all the primitive computers work, about the history of each building, they know all the […]
Continue reading →
As Shakespeare said... "[Blog posts are] a tale told by an idiot, full of sound and fury, signifying nothing." Today Ofcom published the responses it had for its consultation on plans for the BBC to encrypt its HD broadcasts. The blogosphere went nuts! DRM? Not on our watch. Boing Boing mobilised its army of commentators, […]
Continue reading →
· ActivityPub CyberSecurity encryption fediverse http · 10 comments · 500 words