Micah Lee ๐ @micahflee@mastodon.social
- website
- https://micahflee.com/
I do computer security, open source software development, and journalism at the Intercept
Joined Apr 2017
Pinned toot
ICYMI: In July I presented at the Circle of HOPE about the amazing things that the Qubes operating system makes possible, like
- opening email attachments in "disposable VMs"
- managing anonymous identities with Whonix
- keeping secrets like password databases, PGP keys, and sensitive documents stored in vaults without Internet access
- anonymously connecting to VPNs over Tor
Check it out: https://www.youtube.com/watch?v=f4U8YbXKwog&feature=youtu.be
Hacking Team Hacker Phineas Fisher Has Gotten Away With It
Leaked court documents show that Italian authorities have no idea who hacked the government spyware maker Hacking Team, and a judge ruled the investigation should be shut down.
https://motherboard.vice.com/en_us/article/3k9zzk/hacking-team-hacker-phineas-fisher-has-gotten-away-with-it
Micah Lee ๐
boosted
@lapingvino @micahflee @tuxicoman Signal uses Curve25519, which was developed by Dan Bernstein, who does not work for the US government.
The notion that home-grown crypto is going to be safer than widely analyzed crypto from well-known cryptographers is utter nonsense.
"Thatโs why we atย Twilioย banned not just hate speech, but any organization whose primary purpose is spreading hate. Itโs in our control to decide who uses our product, and from whom we take money. We choose not to profit from this hatred, or those who spread it."
https://medium.com/@jeffiel/words-matter-and-theyre-destabilizing-the-american-tribe-afaba172e4d1
New Signal privacy feature removes sender ID from metadata
https://arstechnica.com/information-technology/2018/10/new-signal-privacy-feature-removes-sender-id-from-metadata/
Mastodons have big mouths
Signal is testing out a new feature that encrypts message metadata. Once it's widely deployed, their server will facilitate delivering messages but without having access to who is sending them
Supermicro hack stickers at BSides PDX lol
Apple CEO Tim Cook calls for Bloomberg to retract their SuperMicro supply chain attack story.
โWe turned the company upside down,โ Cook said. โEmail searches, data center records, financial records, shipment records. We really forensically whipped through the company to dig very deep and each time we came back to the same conclusion: This did not happen. Thereโs no truth to this.โ
https://www.buzzfeednews.com/article/johnpaczkowski/apple-tim-cook-bloomberg-retraction
Wow how lucky am I to get selected?!
Support FBI whistleblower Terry Albury, who is set to be sentenced next week https://freedom.press/news/support-fbi-whistleblower-terry-albury-who-set-be-sentenced-next-week/
History, white supremacy Show more
I don't know how many GPG Sync users there are in the wild, much less ones that also use Qubes and Split GPG. But if that sounds like you, I wrote a wiki thing for you https://github.com/firstlookmedia/gpgsync/wiki/Using-GPG-Sync-in-Qubes-with-Split-GPG
US politics Show more
Check it, I just released a new version of passphraseme: https://github.com/micahflee/passphraseme
Now you can make diceware passphrases uses wordlists scraped from Game of Thrones, Harry Potter, Star Trek, and Star Wars.
pip3 install passphraseme
A good reason to be skeptical of this story https://twitter.com/securelyfitz/status/1049699417840791552
Bloomberg now has a follow-up story claiming that an unnamed "major U.S. telecommunications company" discovered a malicious implant in an Ethernet port on a server manufactured by Supermicro https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom
House Approves the National Quantum Initiative Act https://science.house.gov/news/press-releases/house-approves-national-quantum-initiative-act
Berkeley Police Show more
And here's Amazon's strong denial about the supply chain attack https://aws.amazon.com/blogs/security/setting-the-record-straight-on-bloomberg-businessweeks-erroneous-article/
Apple's longer response to the Bloomberg China supply chain story https://www.apple.com/newsroom/2018/10/what-businessweek-got-wrong-about-apple/
- website
- https://micahflee.com/
I do computer security, open source software development, and journalism at the Intercept
Joined Apr 2017
