During Jacob Applebaum's talk at DebConf15, he noted that Debian should TLS-enable all services, especially the mirrors.

His reasoning was that when a high-value target downloads a security update for package foo, an adversary knows that they are still using a vulnerable version of foo and try to attack before the security update has been installed.

In this specific case, TLS is not of much use though. If the target downloads 4.7 MiB right after a security update with 4.7 MiB has been released, or downloads from security.debian.org, it's still obvious what's happening. Even padding won't help much as the 5 MiB download will also be suspicious. The mere act of downloading anything from the mirrors after an update has been released is reason enough to try an attack.

The solution, is, of course, Tor.

SQLCipher is an open source library that provides transparent, secure 256-bit AES encryption of SQLite database files.

On this page, you will find a listing of various email service providers with specific information around security and privacy.

Farah crushes the bedcovers around her head, postponing her morning march through breakfast and homework. Her eyes snap open as she remembers today’s plans. Today, she will receive what is perhaps a preadolescent’s most desired technology and will find herself winging her way to another country. Were she attuned to such things, she might also recognize that her day will demonstrate how visible her life and the lives of those around her have become.

The NSA has nothing on the ed tech startup known as Knewton.

The data analytics firm has peered into the brains of more than 4 million students across the country. By monitoring every mouse click, every keystroke and every split-second hesitation as children work through digital textbooks, Knewton is able to find out not just what individual kids know but how they think. It can tell who has trouble focusing on science before lunch — and who will struggle with fractions next Thursday.

A group of Rad Ref librarians recently put together a zine for librarians about surveillance. Includes "know your rights" info; suggestions for applications, browser plug-ins, and other tech tools for online privacy; and, of course, a reading list!

Whisper Systems provides security and management solutions that transform consumer phones and tablets into enterprise-ready devices.

KeePassDroid is a port of the KeePass Password safe for the Android platfor

There's no public key encryption for Android yet, but that's an important feature for many of us. APG tries to fill that void, with new features quickly being added. Hopefully APG will grow into a fully functional OpenGPG implementation of GPG or PGP calibre.

SSHTunnel is a SSH tunnel app for Android System, based on Connectbot and Dropbear / OpenSSH (Beta Branch). With this app and a configured server (typically configured with sshd and nginx / squid), you can easily browse internet through a SSH tunnel on your android devices.