1. Kicking RC4 out the door

    I've been arguing with my web hosting company about their use of RC4.  Like many enterprise networks they aren't consistent across all their servers with respect to available ciphers and such.  It appears that all customer servers support TLS_RSA_WITH_CAMELLIA_256_CBC_SHA and TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, in addition to TLS_RSA_WITH_RC4_128_SHA (although the latter is preferred …

    read more
  2. Encrypting SMS messages and phone calls on Android

    Much of our daily lives are contained within our smartphones and computers.  Email, text messages, and phone calls all contain bits and pieces of information that, in the wrong hands, could harm our privacy. Unfortunately many people either don't understand how vulnerable their data is when sent across the Internet …

    read more
  3. FiSH IRC Encryption

    A few friends and I have been playing with IRC encryption courtesy of FiSH.  This extremely simple program is a plugin for irssi, XChat, and mIRC and provides symmetric encryption for channels and asymmetric encryption for private messages.

    While not really useful for open source project communication it might be …

    read more
  4. Securing Instant Messaging

    More and more sensitive communications are occurring over unsecure instant messaging (IM) systems. These messages go through a third-party and can be read anywhere along the way. An easy, open-source solution does exist to help protect these communications, however.

    First you need the IM client called Pidgin. This client works …

    read more