- Google Online Security Blog: Further improving digital certificate security — Adam Langley reports on a recent situation where a certificate authority operated by the French government was issuing fake certificates for Google sites. [HN]
- A Few Thoughts on Cryptographic Engineering: How does the NSA break SSL? — a great article by Matthew Green outlining several possible attacks on SSL.
- Cryptographers have been expressing frustration over the recent discussions on the IETF’s TLS working group mailing list.
- Whisper Systems reports that TextSecure will be switching from the (possibly compromised) NIST standard elliptic curve P256 to the more trusted Curve25519 curve. [github]
- Whisper Systems announced the availability of TextSecure v1.0.5 with support for KitKat.
- The Guardian Project announced their upcoming “Orfox” Android app which combines Tor and Firefox into one app. Orfox will supersede their existing Orweb app, which relied on Android’s built-in WebView component and had issues in KitKat. [github]
- The Freedom of the Press Foundation is soliciting donations to support open-source encryption tools for protecting the communications of journalists and their sources.
- Freedom Of The Press Foundation To Release New Version Of Anonymous Whistleblower Submission System — Runa Sandvik reports the latest news on the SecureDrop front.
- Stop Saying Bitcoin Transactions Aren’t Reversible — This blog post by Eli Dourado about multisignature transactions in Bitcoin has been making the rounds this week.
- Bitrated — A new service providing arbitration using Bitcoin multisignature transactions.
- Zerocoin aimed at privacy, not facilitating crime — The ZeroCoin research team, led by Matthew Green at Johns Hopkins University, wrote this reply to the recent negative editorials in the Baltimore Sun.
- [perpass] politics and the ietf — Elijah Sparrow calls for the IETF to be more proactive concerning current issues.