● NEWS ● #DemocracyNow #California #https ☞ California Recall: Right-Wing Radio Host Who Once Mentored Stephen Miller Could Replace Gov. Newsom https://www.democracynow.org/2021/8/27/california_special_election
#https
Project Gemini
Gemini is a new, collaboratively designed internet protocol, which explores the space inbetween gopher and the web, striving to address (perceived) limitations of one while avoiding the (undeniable) pitfalls of the other.
#gemini #gopher #https #web #internet #browser
via @framasoft@framasphere.org
The EARN IT Act (S.3398) is an attempt to override The Communications Decency Act of 1996 (S230)
Wired: "It’s a Sneak Attack on Encryption--The crypto wars are back in full swing"
https://www.wired.com/story/earn-it-act-sneak-attack-on-encryption/
American Civil Liberties Union and Americans for Prosperity, joint response:
"EARN IT is an attack on encryption masquerading as a blow against underage porn. measure … would lead to a backdoor' in encrypted services, thereby jeopardizing the security of every individual. Technology experts and civil society organizations have repeatedly warned that backdoors could be exploited by bad actors and that no backdoor could guarantee only law-abiding officials have access.”
Media Alliance, a coalition of 25 organizations:
"The bill would fall far short of the goal of protecting children, while at the same time making all Americans less safe and less secure by potentially exposing everyone in society to substantially higher risk from malicious cyber actors, including hostile nation-states.”
ELECTRON FRONTIER FOUNDATION (EFF):
"Imagine an Internet where the law required every message sent to be read by government-approved scanning software. Companies that handle such messages wouldn’t be allowed to securely encrypt them, or they’d lose legal protections that allow them to operate.”
––––– –––––––––––––––––––––––––––––––––––––––––––––––––––
I will be posting more on this. It seems there are good reasons for this bill, lake making internet tech companies (faceBook and Google’s YouTube) responsible for the content they allow on their sites. It also allows and people to sue companies for such content. I’m all for that because it’s long past time we brought some balance back into the battle of individual rights vs. corporate rights. However, there are also serious risks to individual privacy and the potential to ban encryption altogether. That means this Bill is a knock on the door to permanent state surveillance.
Below is the first page of S.3398 which provides the purpose of the Bill and the main players who would ve heading the “Committee. We can stop right there. I have some concerns. They are circled in red.
#mywork #earnit #earnitact #earn_it #privacy #child_exploitation#pluspora #friendica #USPolitics #politics
S.3398 #S.230 #eff #encryption #crypto #cryptography #bitcoin #https #apps #diaspora #federation #thefediverse #thefederation #apps #usa #us #government #nsa #privacy #surveillance #1984 #shelenn_ayers @Shelenn Ayres #ProtonMail #Proton
Congress is trying to pass a bill that will ban encryption.
Protect Encryption and Security Online: REJECT the Graham-Blumenthal Bill
EARN IT Act (S. 3398) Read the Bill, then call your congressperson and object to it.
https://act.eff.org/action/protect-our-speech-and-security-online-reject-the-graham-blumenthal-bill
There is an interactive option on the linked page where you can look up your representative’s telephone and address by entering your state and zip code. Please use it The bill purports to deal with the very serious issue of child exploitation online, but it offers no meaningful solutions.
It doesn’t help organizations that support victims.
*It doesn’t equip law enforcement agencies with resources to investigate claims of child exploitation *
It doesn’t include training in how to use online platforms to catch perpetrators.
Rather, the bill’s authors have used defending children as the shrewd pretense for an attack on our free speech and security online. Apple, Inc. has already folded to FBI pressure and no longer encrypts its cloud services. This bill is in that same vein and an obvious attempt to legalize online surveillance of American citizens. That is ridiculous and an invasion of our right to privacy
Here’s the link to the US Senate
where you can find your Senator’s contact info
Note: If anyone on Diaspora is familiar with this Bill, please share what you know.
Thank you.
#earnit #earnitact #earn_it #eff #encryption #crypto #cryptography #bitcoin #https #apps #diaspora #federation #thefediverse #thefederation #apps #usa #us #government #nsa #privacy #surveillance #1984 #corona #coronavirus #corona_virus #news #wuhanflu #china #S3398 #surveillance #diaspora #pluspora #us_politics
Proof-of-concept exploits published for the Microsoft-NSA #crypto #bug
#CurveBall #CVE-2020-0601 #microsoft #nsa #https #security #code #exploit #patch #windows
Today I Learned.. How to configure TLS (https) server for an A+ rating on sslLabs.
It all started with a simple desire to have #https on my hobby server. Then you launch #letsencrypt, get to know it, and quickly it's done. You have those keys generated on your server and trusted by everyone. And you have it configured on nginx.
For some time you're satisfied, but then you wonder whether it really has any impact, whether it's all secure on practice.
And so (or at least as it was for me), you start with your "B" rating, google/searx for answers the internet, get to understand the basics of modern web security. It's very fun, you get to know a lot of stuff. Some practices work, some are not very pleasant to work with. Some are too paranoid, some are not paranoid enough. A couple of hours one day, a couple of hours another, and you have it done.
I don't know whether it was a fun read and whether it fits in "what interesting have I done today" scenario, but here it is. Thanks to #ssllabs for their fine tool. Thanks #letsencrypt for their free and convenient tool and ideology. And thank god I use #linux and #nginx to get things done.:)
Let's Encrypt Has Issued its First Million Certificates - Participate here
A million certificates is in itself pretty good progress. But a single certificate can cover multiple domain names, and the million certificates Let's Encrypt has issued are actually valid for 2.5 million fully-qualified domain names, over 90% of which had never been reachable by browser-valid HTTPS before.