Researchers show how mass decryption is well within the NSA's $11 billion Budget. Orig. Source: * http://arstechnica.com/security/201...illions-of-encrypted-web-and-vpn-connections/ Research and to understand the article: * https://www.lawfareblog.com/nsa-and-weak-dh * https://weakdh.org/sysadmin.html * http://en.wikipedia.org/wiki/Perfect_forward_secrecy * https://en.wikipedia.org/wiki/Dual_EC_DRBG * http://en.wikipedia.org/wiki/Internet_Message_Access_Protocol * http://en.wikipedia.org/wiki/General_number_field_sieve * http://arstechnica.com/security/201...ns-tens-of-thousands-of-web-and-mail-servers/ * http://www.sigsac.org/ccs/CCS2015/ * https://freedom-to-tinker.com/blog/haldermanheninger/how-is-nsa-breaking-so-much-crypto/ * http://arstechnica.com/security/201...-into-groundbreaking-crypto-cracking-program/ * http://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange * http://www.theatlantic.com/technolo...-nsa-tracks-peoples-physical-location/283745/ Papers: * https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf Protection: * Stay tuned I will write several guides on my gist how to avoid most of all fingerprints.
Seems I was already to slow on it, eff already gave some tips to protect against such attacks. Since this isn't a full protection I still think about it to write a small guide which will explain the following topics, DNS attacks, DOS, chiper attacks via side-channel and how to really use SSH keys to protect against DDOS and Login attacks. Edit: The user.js script I'm working with/on is to harden the Linux/Windows Firefox Version, and also hardens the root certificates. Instead of addons this is much better do the fact it works directly on the first start, which means that this is an benefit over all existent config, besides this aspect it also works for all FF versions and all OS right out-of-the-box by placing this file in your profile folder.
Hello CHEF-KOCH! Should I put this user.js of yours along prefs.js, addons.json, logins.json, etc.? I found these under /home/user/.mozilla/firefox/xxxxx.default
Hello, no need to full qoute me. Yes, the user.js file is, as the name said an user own preferences file which belongs in your profile folder. The benefit of using it is that you can drop that file into your profile folder even before you started the browser the first time. So compared to the addons/plugins it hardens your preferences just from the beginning. Also another benefit is that it works OS independent (except FF on Android since this mostly use other preferences for W-Lan and so on). I think it's a good start especially because the addons/extensions/plugins possible also leaking sensitive information, while such a small .js file doesn't sent anything back. Please enjoy.