Skip to main content
 
Security Education Companion
A free resource for digital security educators

Security News

Security News is an archive of curated EFF Deeplinks posts for trainers, technologists, and educators who teach digital security.

Issues that we track here include: country-specific policy updates on security and privacy, updates on malware and vulnerabilities, discussions on encryption and privacy-protecting tools, updates on surveillance (corporate surveillance, street-level surveillance, and mass surveillance), device searches by law and border enforcement, tracking via devices, and general digital security tips.

Limitations of ISP Data Pollution Tools

Republicans in Congress recently voted to repeal the FCC’s broadband privacy rules. As a result, your Internet provider may be able to sell sensitive information like your browsing history or app usage to advertisers, insurance companies, and more, all without your consent. In response, Internet users have been asking what they can do to protect their own data from this creepy, non-consensual tracking by Internet providers—for example, directing their Internet traffic through a VPN or...

Read More

Who Has Your Back in Brazil? Second Annual Report Shows Telecom Privacy Slowly Improving

Today InternetLab, Brazil’s leading digital rights organization, released their 2017 report on local telecommunications companies, and how they treat their customer's private information. Brazil’s “Quem defende seus dados?” (“Who Defends Your Data?”) seeks to encourage companies to compete for users by showing who will stand up for their customer privacy and data protection. That is why InternetLab, one of the leading independent research centers on Internet policy in Brazil, has...

Read More

Access Now and EFF Condemn the Arrest of Tor Node Operator Dmitry Bogatov in Russia

This post was written in collaboration with Amie Stepanovich at Access Now.

On April 6, Russian math instructor Dmitry Bogatov was arrested in Moscow and charged with “preparing to organize mass disorder” and making “public calls for terrorist activity” due to a gross misunderstanding about the operation of the Tor internet anonymization service. Bogatov is accused of authoring a series of online posts published to the sysadmins.ru discussion platform on March 29 under the...

Read More

The Bill of Rights at the Border: Fifth Amendment Protections for Account Passwords and Device Passcodes

This is the third and final installment in our series on the Constitution at the border. Today, we’ll focus on the Fifth Amendment and passwords. Click here for Part 1 on the First Amendment or Part 2 on the Fourth Amendment.

Lately, a big question on everyone's mind has been: Do I have to give my password to customs agents?

As anyone who’s ever watched any cop show knows, the Fifth Amendment gives you the right to remain silent and to refuse to provide evidence against...

Read More

EFF Launches Community Security Training Series

EFF is pleased to announce a series of community security trainings in partnership with the San Francisco Public Library. High-profile data breaches and hard-fought battles against unlawful mass surveillance programs underscore that the public needs practical information about online security. We know more about potential threats each day, but we also know that encryption works and can help thwart digital spying. Lack of knowledge about best practices puts individuals at risk, so EFF will...

Read More

Hey CIA, You Held On To Security Flaw Information—But Now It's Out. That's Not How It Should Work

Wikileaks today released documents that appear to describe software tools used by the CIA to break into the devices that we all use at home and work. While we are still reviewing the material, we have not seen any indications that the encryption of popular privacy apps such as Signal and WhatsApp has been broken. We believe that encryption still offers significant protection against surveillance.

The worst thing that...

Read More

Cryptographers Demonstrate Collision in Popular SHA-1 Algorithm

On February 23rd, a joint team from the CWI Amsterdam and Google announced that they had generated the first ever collision in the SHA-1 cryptographic hashing algorithm. SHA-1 has long been considered theoretically insecure by cryptanalysts due to weaknesses in the algorithm design, but this marks the first time researchers were actually able to demonstrate a real-world example of the insecurity. In addition to being a powerful Proof of Concept (POC), the computing power that went into...

Read More
Close tooltip