EFF in the News
EFF's most recent scan of the lists revealed 248 instances where certificates had been revoked, because the CA had been compromised. Those instances can be attributed to 14 CAs, or, in other words, 14 CAs were honest enough to disclose that they had been compromised.
"In some cases, if you knew the URL, you can take over the user's session," says Seth Schoen, staff technologist at the Electronic Frontier Foundation, which has advocated the adoption of encrypted Web browsing to thwart eavesdroppers.
But as this reply letter from the Electronic Frontier Foundation explains, they're wrong:
On October 26, the day the Patriot Act turned 10 years old, the Electronic Frontier Foundation and the American Civil Liberties Union filed suit against the U.S. Department of Justice to force the government to clarify its interpretation of Section 215 of the Act, which gives the FBI the power to demand any "tangible thing" related to an investigation (WSJ).
The Electronic Frontier Foundation (EFF), calls SOPA "disastrous" and "the worst piece of IP legislation [they've] seen in the last decade."
Today, EFF sued the Justice Department to turn over records related to the government’s secret interpretation and use of Section 215, regarding which Senator Ron Wyden, like Senator Udall, has offered ominous warnings: "When the American people find out about how their government has secretly interpreted the Patriot Act,” said Wyden on the Senate floor in May, “they are going to be stunned and they are going to be angry.”
The lawsuits, from the Electronic Frontier Foundation and the American Civil Liberties Union, seek to have the DOJ and its U.S. Federal Bureau of Investigation branch turn over all information related to information requests allowed under Section 215 of the Patriot Act.
Two civil-liberties groups–the Electronic Frontier Foundation and the American Civil Liberties Union–are filing suit against the Department of Justice looking to get information on the use of orders under a controversial part of the Patriot Act.
"Google does a better job in a lot of ways than most companies about receipt of government process," the EFF's Matt Zimmerman told TechNewsWorld. Nevertheless, Google could be more transparent, he noted.
The Electronic Frontier Foundation's Peter Eckersley has been monitoring the revocation of SSL certificates as a way of figuring out how often the 600+ certificate authorities are hacked.