Turtle Status Letter #2 — Group Income + DPKI + More!

This is our second yearly status letter. It covers all news-worthy updates since our previous letter. Inside This Year’s Letter: Group Income Voting systems research research education Victor Morrow Joins Group Income! development Group Income Shorts! education San Francisco Basic Income Create-A-Thon education development New York Meetup! education DPKI: Decentralized Public-key Infrastructure ID2020 – Rebooting […]

CONIKS vs Key Transparency vs Certificate Transparency vs Blockchains

Previously, we reviewed Google’s Certificate Transparency efforts, and observed that while it does not prevent MITM attacks, it might detect at least some of them. We compared it to blockchains, and described what a Decentralized Public-key Infrastructure (DPKI), which uses blockchains, might look like. Today we compare these approaches with two new systems: Key Transparency […]

How To Compromise Zcash And Take Over The World

Listen up, super-villains and laboratory mice! Outlined in this post is a masterplan for how to “take over the world!” — by compromising Zcash.1 Potential Consequences The potential consequences of compromising Zcash’s trusted setup range from the fairly benign (someone buys themselves a private island) to the cartoonishly evil. The worst-case scenario is literally people […]

The Zcash Catch

Also see our followup:  How To Compromise Zcash And Take Over The World As part of our work, we will sometimes put a new system under scrutiny in order to provide constructive feedback, and/or clear up a widespread misunderstanding that could lead to problems down the road (for example, see our series on Certificate Transparency). Today, […]

Five Open-Source Slack Alternatives

Translations: 中文 Update: We made a huge mistake in forgetting to review Riot — the only Slack alternative based on an open protocol, and the only Slack alternative to support end-to-end encrypted group chats. Slack is a popular team communications application for organizations that offers group chat and direct messaging for mobile, web, and desktop platforms. While Slack offers […]

Proof of Transition: New Thin Client Technique for Blockchains

Blockchains are difficult to run on most end-user devices. Although MITM-proof proxies are a great way to address this problem, they are unlikely to scale well to all Internet users (not everyone will be able to run their own full node). Therefore, most people will need to rely on thin client techniques to reduce the […]

Certificate transparency on blockchains

This week Google learned of another batch of fraudulently issued certificates for several of their domains. At the end of the post they made a renewed call for Certificate Transparency. In this post, we’ll use the acronym CT to refer to Google’s implementation of the general concept of certificate transparency, and we’ll explore other technologies […]

The Trouble with Certificate Transparency

Update: March 25, 2015, see also: Certificate transparency on blockchains Ben Laurie, project lead for Google’s Certificate Transparency (CT), recently published an article wherein he compared CT against various efforts to secure Internet communication world-wide from Man-In-The-Middle Attacks (MITM), including DNSChain. In it, he made several claims about CT and related topics: That CT leads […]

okTurtles Demo at SOUPS 2014 (EFF CUP Crypto Usability Prize)

Oh boy! Lots of news to share about okTurtles and DNSChain in the upcoming days: These projects are now officially under the stewardship of a new non-profit organization called the okTurtles Foundation (more on this coming soon). We’re going to be moving the site from okturtles.com ➜ okturtles.org We gave a very successful demo at SOUPS 2014’s EFF CUP […]