Previously, we reviewed Google’s Certificate Transparency efforts, and observed that while it does not prevent MITM attacks, it might detect at least some of them. We compared it to blockchains, and described what a Decentralized Public-key Infrastructure (DPKI), which uses blockchains, might look like. Today we compare these approaches with two new systems: Key Transparency […]
Listen up, super-villains and laboratory mice! Outlined in this post is a masterplan for how to “take over the world!” — by compromising Zcash.1
Also see our followup: How To Compromise Zcash And Take Over The World As part of our work, we will sometimes put a new system under scrutiny in order to provide constructive feedback, and/or clear up a widespread misunderstanding that could lead to problems down the road (for example, see our series on Certificate Transparency).
On Monday, the Internet received another reminder about its sad state of security. It was discovered that Dell decided to compromise their users’ Internet security in a way that’s difficult to top. As elaborated further in this post, Dell, in tandem with Google, made it possible for anyone on earth, you or me, to break […]
Blockchains are difficult to run on most end-user devices. Although MITM-proof proxies are a great way to address this problem, they are unlikely to scale well to all Internet users (not everyone will be able to run their own full node). Therefore, most people will need to rely on thin client techniques to reduce the […]
After publishing our Certificate transparency on blockchains we learned of a recently updated IETF draft proposal that updates how Certificate Transparency (CT)1 gossip protocols work.
This week Google learned of another batch of fraudulently issued certificates for several of their domains. At the end of the post they made a renewed call for Certificate Transparency. In this post, we’ll use the acronym CT to refer to Google’s implementation of the general concept of certificate transparency, and we’ll explore other technologies […]
DNSChain 0.5 brings about many new features. It’s important to remember, however, that this project is not really about new bells and whistles. It’s about what kind of a world we want to live in, and for us the answer is clear: we want to live in a free world, and that means addressing these […]
Update: March 25, 2015, see also: Certificate transparency on blockchains Ben Laurie, project lead for Google’s Certificate Transparency (CT), recently published an article wherein he compared CT against various efforts to secure Internet communication world-wide from Man-In-The-Middle Attacks (MITM), including DNSChain. In it, he made several claims about CT and related topics: That CT leads […]
We envision a future were owning and administering your own personal server is simple and commonplace. This vision naturally arises as more and more people begin to use and advocate distributed and decentralized technologies like Bitcoin and our very own DNSChain. Instead of learning to drive, they’ll learn to administrate a server. 🙂 So, along […]