TSA Sentry Locks and the Analogs with Cryptography

After several months of speculation and chatter, the pictures originally posted as part of a Washington Post article on the TSA and subsequently removed, has resulted in key templates posted on GitHub.  This example of government controlled keys aligns with the September Wired magazine article by Matt Jancer regarding TrueCrypt and how it is one of the few (Jancer suggests only) cryptographic programs provably (through the Open Crypto Audit Project) without a backdoor. Although not directly correlated at first blush, there is a significant lesson to be learned.

While there are multiple methods of creating a second entryway, including “not telling” anyone [...]

Share

Making Communications Safe & Accessible

Although it’s a popular buzzphrase, “usable cryptography” includes two ideas that might belong to completely separate camps. This article looks at what it would take to make crypto tools useful to the end [...]

Share

NASA’s Series of Data Breaches

This article takes a look at NASA data breaches since 2011, most of which have involved stolen laptops which contained sensitive or personally identifiable information (PII) that were not protected by encryption technology. The most recent data breach was announced on October 31, 2012, and resulted in agency-wide changes to the handling and protection of PII. NASA’s Chief Information Officer has since ordered that all agency laptops be encrypted by December 21, [...]

Share

Search Engine Marketing & Privacy Concerns

Professional search engine optimization (SEO) companies amass an astounding amount of information. Unsurprisingly, Google is at the top of the totem pole of collecting and organizing search engine marketing campaign data. As SEO grows as an industry, the number of privacy concerns and legal battles around them has increased as [...]

Share

Ontario’s Privacy-Protective Facial Recognition System

Efficient and accurate authentication of individuals is a growing challenge across a number of sectors. There are currently three main forms of authentication, based on something you know, something you have and something you are. The third form is especially interesting in light of biometric technologies as a means of verification. This article explores some recent applications of biometrics in Ontario.

OLG and OIPC Announcement
On November 12, 2010, Tom Marinelli, the Acting CEO of the Ontario Lottery & Gaming Corporation (OLG) and Dr. Ann Cavoukian, the Ontario Information & Privacy Commissioner (OIPC), announced a new development in privacy-protective facial recognition technology. [...]

Share