signaler's comments

As a countermeasure to this, you can 'pepper' your passes or secrets with reserved letters / symbols that only you know about. For example if a pass is

    _SOSECRETOMG!_

You simply omit the exclamation symbol, and reveal the real pass which is:

    _SOSECRETOMG_

That's a very basic example, and can be made as complicated as your brain will allow. The older you are, the harder this gets to do small byte flips like this.

It depends on what you mean by 'key' though. In escrow situations, there is the likelihood of a very strong key provided by Apple, and a horrendously weak key provided by the person. What gets a pickle from me is that Apple have some carte blanche reason to involve themselves remotely in U.S sanctioned soil to then intermediate the decryption.

A mental inventory of bloggers who routinely say they did not hand over their HD unlock keys to Apple haunts my mind after reading this. Apple are one of the few tech companies who could throw money at the crypto debate and win some Internet Points, but they would have to counter the claims of many bloggers who said they don't trust Apple to guard their unlock keys

There's quite a few programs like this, and I've tried them all. What makes this look promising is the peeps behind Cyberduck fame are creating it. I always wanted that feature in Cyberduck, where you can mount any arbitrary legacy file system. All the others I've tried are half-baked attempts and horribly buggy.

A very simple example is that of Google which gives you a Wikipedia summary of a topic, but that's too simple.

In your case you are looking for some way to heatmap certain keywords, or even the tone of a piece of content. You could go further and see the context of the content (which is presumably some form of document which can be parsed).

There are innumerable things online to do this. My first port of call is to trawl Github and find a repo on there which does this.

Just be careful of online services which are hoovering up your query and making off with your data...

My blog http://blog.higg.im/ sits on a private NGINX server and is proxied with a CDN to address traffic spikes. I used to think my blog didn't get that much traffc and a CDN seemed like overkill. I never liked serving a site from the raw Apex IP because it's too easy to boot offline (DDOS'd).

I wrote about this setup on the blog:

"Why I run this blog on MaxCDN and Ghost"

http://blog.higg.im/2015/02/10/why-i-run-this-blog-on-maxcdn...

And very worth it getting a site off the apex too:

http://blog.higg.im/2014/03/10/getting-jque-re-off-the-apex/

"I'm wondering how secure this method is"

Well this depends on whether the firmware has been scrutinized and hardened over time, similar to how Yubikeys just get better and better. FIDO and other initiatives are more secure because they have more eyeballs on them

Fraud filter is my Occam's Razor for this one. When it comes to any sort of e-commerce always use a 'Kosher IP' or an IP which is not tunneled in some way. 3G/4G/5G? Sims are perfect for this.

'Internet' and 'rules' in the same sentence is a contradiction in terms. The web was not designed for the kind of draconian oversight you see in the EU and elsewhere. Anything that resembles some form of rigidity will be made less rigid and force startups to 'think differently' and more fluid. It's a form of present shock (as Rushkoff has coined) which people are not used to that you see in bustling Shoreditch and other tech melting pots. You actually have people who look like The Internet in those places with USB flash drives as necklaces...

Well said. The most industrious are those who live their lives by some form of checklist, and manage to at least check some of the items off. The only problem I have with checklists are those who obsessively try to achieve each task on the list and presuming each item is somehow not complete unless the others are completed.

A little known phrase that should be tattooed inside their skulls is "opportunity cost" which I learned from Mark Manson's blog, and it is a great phrase. Try to read "No you can't have it all".

Clean Links https://addons.mozilla.org/en-US/firefox/addon/clean-links/

Mozilla Addons to the rescue once again. I am always surprised at how under appreciated plugins like these are. If I ever stumbled into money, I would pay it forward to all the developers who feverishly code these plugins for the betterment of humanity and the web.

The reason for that lag is not some campaign which loses to the mainstream media, but a market driver. Think of all the people who were shocked after it was discovered that Samsung TVs could arbitrarily send background voice data back to a C&C. EFF done a good job there, but they always make it some rare thing. Parker Higgins' tweet about that seeped into the consumer space and Samsung probably suffered greatly, and the public were better off.

Now there are stories of Intel chipsets having all kinds of weirdness in them, and it is not sufficient to sit on the fence here. Things are changing

This will still require early stage overhead for many people switching over / 'going dark all the things'. Even though Let's Encrypt's goal is to make the process of encrypting the Transport Layer seamless, ubiquitous and non-commercial.

Take for example my setup. It sits on a private NGINX server, and is proxied through a public facing CDN. Trying to simply 'switch on' TLS involves absorbing academic style tutorials from multiple disparate sources, and requires me to have a background in DevOps and that I have at least tried some technical task like this before. In layman's terms: Unnecessary Early Stage Overhead.

Now give Let's Encrypt a few more years and it will be a lot more seamless; possibly the default. It could possibly be 'baked in' to things like Softaculous, and cPanel, which are brilliant drivers for the success of web software. Digital Ocean staff are probably already working on a droplet with LetsEncrypt baked in...

TLS might as well be SIGINT enabled from the outset, just like many have assumed GSM was weakened from the outset to allow for interception. The key insight from the crypto stories we have been hearing is that the NSA is always one step ahead. Always. That is their business model and modus operandi. If you are looking to stay ahead of them, you need their budget, which is not going to happen unless you have State-like capital like Apple. And yet even Apple can not successfully encrypt without much fanfare and fuss

As a hobbyist coding small projects like Twitter in my spare time, I feel their pain and have consistently had to re-adjust the code base, and the amount of project contributors. This is observable on the micro-scale, and I would loathe to think how this plays out on the scale of Twitter, where unbridled and unchecked scale was allowed to take over the company, causing them to lose focus.

Twitter is essentially one big DevOps success story / failure after another, and I have faith they can start to focus again. One motif / question I have seen in every pundit's post about Twitter as a company is why the market (up until now perhaps) has not decided Twitter's faith? If it really is the case that Twitter is a big data company, then how come 90% (random estimate) of their users are fembots / fake accounts?

"Developing the platform has taken a lot of resources and effort which we will not be able to sustain"

Even with infinite resources it's difficult and requires "effort". It's not entirely about access to resources, but a strong vision of why we are doing something in the first place, and managing complexity better.

Managing complexity always seems effortless to those who achieve it, but is usually the byproduct of years of research and hard graft.

There is a switch in Chromium where one can disable remote fonts entirely. Obviously not for the average user, and more of a power-user thing, but still handy:

    --disable-remote-fonts

You can find a tonne of other optimizations you can do to Chromium here: peter.sh/feed/chromium-command-line-switches

Also if you want fonts that load faster than Google Wenfonts, have a look at http://brick.im/

I use Brick on a tonne of different side projects, and there is a marked decrease in loading time. Brick uses Fastly, which is (arguably) a faster CDN than Google Webfonts and other webfont initiatives like Adobe Webfonts.

Also using Brick is another chance to ban Google from your web traffic as many are doing...Google is like a barnacle that is stuck to the web and is hard to remove entirely without them slurping some of your data

It would be interesting to see how some crypto implementations would respond to a quantum attack. I know some implementations that give you back a different message for each key tried, so with a quantum attack there is the possibility of similar-looking messages been shown. So for example, I encrypt a picture of a sunflower, and when running a quantum attack, I get back two different images of a sunflower, and the attacker must then infer which one is the 'encrypted' one and which one is noise. Also why have time horizon solutions/attacks when we already have stego?

A lot of poaching can be seen at crypto conferences, where attackers like to show off their GPU clusters and arrays of server racks which should have hard-drives and ethernet, but are now packed with custom PS3s for the express purpose of breaking weak keys

If you think AD blocking alone is enough to protect your privacy, think again. I think the real problem is fingerprinting. You are always going to be tracked on the web, and one can tunnel their traffic through a hardware-based TOR router, and surf with Lynx browser and still get tracked. Also blacklisting entire classes of AD networks is not thorough enough as a lot of publishers are doing 'roll your own' ADs. You can't block an 80x80 banner graphic with a link yet (well you could if you block images, but we're not all neckbeards who surf with Lynx). You could thwart low hanging fruit stuff like 1x1 pixel beacons, but AD serving technology is ambiguous and also one of the many hard problems of the web.

Shameless plug, I wrote about how to thwart browser fingerprinting here: http://blog.higg.im/2015/04/29/do-ad-blockers-and-anti-track...

My current solution is use any number of things on privacytools.io and try not to centralize browsing to one device and one network. A bit obvious, but you would be surprised how many people just use their phone to navigate the web.

Like all hard problems, there is no sweeping silver bullet that will solve this. You have to get smarter about your browsing. The 'mixing effect' of cities is a great idea, and cheap $10.00 internet enabled burner devices for surfing the web are awesome too