Scramblecode, a security-oriented Programming Language

Friends, this looks really interesting…

Adding to the existing portfolio of some 700 programming languages is a new release candidate for Scramblecode, a security-oriented offering from Danish software vendor ProgramPartner ApS.  Scramblecode  is all about encryption and safety.

Scramblecode is an easy to learn programming language based on curly brackets and classes,” the company says on its Web site. “It uses encrypted compilation to secure the code, and protects the execution while working with encrypted variables.

The company today announced release candidate 1 (RC1) for Scramblecode, which is available for download and testing that can be done completely off-line on a variety of machines.  The Scramblecode package comes with its own IDE, including a code editor, test bench and debugger. The company said that because Scramblecode implements memory encryption, ordinary debugging and memory analysis tools aren’t effective. Built for Windows development, Scramblecode lets coders load a virtual machine (VM) into memory to execute private assembler instructions and it individually protects each instruction and works with encrypted variables in memory. Furthermore, an attack that cracks just one instruction (or even one bit) could crash program execution.

SOURCE – ADTMag.com

Email Encryption Service Provider ‘ProtonMail’ Now on Tor

ProtonMail-Tor-ServiceIf you look in the VooDoo Tech section, you’ll see we endorse both ProtonMail and Tor.  Both are excellent services if you value your online privacy and now they work together!  ProtonMail, launched in 2014 by a group of MIT and CERN experts, is the largest email encryption service provider in the world having more than two million users. It is the preferred emailing platform of activists and journalists who need to keep information confidential.  In its latest announcement, ProtonMail’s co-founder Dr. Andy Yen stated that they would allow the users to directly access their email accounts via Tor network so that they could counter steps taken by authoritative governments across the globe to minimize user privacy.

Dr. Yen said that it is inevitable to avoid censorship in some countries and they have been “proactively working to prevent this.” Dr. Yen further acknowledged that the reason why they have chosen Tor is that “Tor provides a way to circumvent certain Internet blocks so improving our compatibility with Tor is a natural first step.”

This perhaps looks like a step taken after the recent actions from the governments to curb the public’s access to encrypted platforms and secure internet usage. Such as Egyptian government blocked encrypted chat application Signal and the UK government’s approval of the Investigatory Powers Bill aimed at tracking the activities of web browsers.  Friends, do yourself a favor… Use Tor and get yourself a ProtonMail account.

SOURCE – Hackread.com

LavaBit Relaunches

LavabitFriends, back in 2013, we told you about how Ladar Levison, founder of the encrypted email service Lavabit, took the defiant step of shutting down the company’s service rather than comply with a federal law enforcement request that could compromise its customers’ communications.  The FBI had sought access to the email account of one of Lavabit’s most prominent users — Edward Snowden. Levison had custody of his service’s SSL encryption key that could help the government obtain Snowden’s password. And though the feds insisted they were only after Snowden’s account, the key would have helped them obtain the credentials for other users as well.  Rather than undermine the trust and privacy of his users, Levison ended the company’s email service entirely, preventing the feds from getting access to emails stored on his servers. But the company’s users lost access to their accounts as well.  Levison, who became a hero of the privacy community for his tough stance, has spent the last three years trying to ensure he’ll never have to help the feds break into customer accounts again.

Lavabit is relaunching with a new architecture that fixes the SSL problem and includes other privacy-enhancing features as well, such as one that obscures the metadata on emails to prevent government agencies like the NSA and FBI from being able to find out with whom Lavabit users communicate. He’s also announcing plans to roll out end-to-end encryption later this year, which would give users an even more secure way to send email.  The new service addresses what has become a major fault line between tech companies and the government: the ability to demand backdoor access to customer data. Last year when the FBI sought access to an iPhone used by the San Bernardino shooter, Apple couldn’t get into the phone because the security scheme the company built in to the device prevented it from unlocking the phone without the shooter’s password. (Eventually, the FBI found another way to access the phone’s data, ending the dispute with Apple.)

SOURCE – The Intercept

Will Quantum Computers mean the end of Unbreakable Encryption?

Friends, first of all no encryption scheme is “unbreakable”; None.  Its simply a function of time and effort.  That being said, there is a computing revolution coming, although nobody knows exactly when. What are known as “quantum computers” will be substantially more powerful than the devices we use today, capable of performing many types of computation that are impossible on modern machines. But while faster computers are usually welcome, there are some computing operations that we currently rely on being hard (or slow) to perform.

Specifically, we rely on the fact that there are some codes that computers can’t break – or at least it would take them too long to break to be practical. Encryption algorithms scramble data into a form that renders it unintelligible to anyone that does not possess the necessary decryption key (normally a long string of random numbers). This is what lets us send information securely over the internet. But will quantum computers mean we can no longer create encryption techniques that can’t be broken?

For one system, known as symmetric encryption, quantum computing doesn’t pose much of a threat. To break symmetric encryption you need to work out which (of many) possible keys has been used, and trying all possible combinations would take an unimaginable amount of time. It turns out that a quantum computer can test all these keys out in one square root of the time it would take existing computers – in other words, slightly less time but not so dramatically that we need to worry.  This, in part, is the reason we have been working hard on OTPSME; unbroken in over two years with over 6000 decryption attempts.

But for another type of encryption system, known as asymmetric or public-key encryption, it doesn’t look so good. Public-key systems are used for things like securing the data that comes through your web browser. They encrypt data using a key that is available to anyone but need another private key for decryption.  Fortunately, we have already foreseen this pending disaster. Researchers across academia, government and industry are currently working hard to develop new public-key encryption techniques that rely on different, harder calculations that will be immune to the powers of a quantum computer. I am confident that these efforts will be successful, particularly since we already know some techniques that appear to work. By the time that quantum computers arrive, we will be ready.  Below is a really good primer on Encryption in general as well as Quantum Encryption:

SOURCE – TheConversation.com

DARPA Wants the Perfect Encryption Application…

DARPAFor a long time, some people have worried about the government eavesdropping on their communications. But, it wasn’t until Edward Snowden showed us how widespread and routinely this was being done that most people began to worry about eavesdropping. The latest global story about the San Bernardino iPhone was interesting because it showed how angry and agitated a government agency became because it could not easily read all of the messaging on one specific device used by one individual. All of the governmental surveillance agencies have expressed great concern over the idea that people can “go dark”.

Now it turns out that DARPA (Defense Advanced Research Projects Agency) wants you to develop a completely secure messaging app. The exact language they use to describe what they want is a “secure messaging and transaction platform”…”that can provide repudiation or deniability, perfect forward and backward secrecy, time to live/self-delete for messages, one time eyes only messages, a decentralized infrastructure to be resilient to cyber-attacks, and ease of use for individuals in less than ideal situations.” This all sounds very “dark” to me. And, not only do they wanted to use the current encryption and security in existing communications apps, they also wanted to incorporate a decentralized backbone (rather than point-to-point) that would make eavesdropping even more difficult. The official technology request from DARPA is here.  BTW, if you’re looking for perfect encryption, look no further than here.  Perhaps the crypto-system used in the VooDoo network will meet DARPA’s needs…

SOURCE – dzone.com

  • Ads