Facebook宣布将为其消息传递服务采用OpenPGP加密

近期Facebook宣布将为其消息传递服务采用OpenPGP加密,同时允许用户在他们的Facebook配置文件中张贴公钥。这些改进如何改善Facebook的安全性?其他服务和消息传递应用是否也该依法效之呢?

斯诺登事件增加的人们对网络隐私的担忧,几家大型互联网公司都开始加强其安全控制以保障其用户在线数据和通信安全以防被窥探。举例来说,现在最受欢迎的网站使用数字证书,从而让用户能够查看跨HTTPS的页面,HTTPS加密服务器和浏览器之间的流量。Facebook也使用了这种安全控制,也采用了HTTP严格传输安全机制,是浏览器只能在使用HTTPS连接Facebook。对于哪些想要额外隐私保护的用户,Facebook提供了一个在线Tor。(注意下,这个连接只能在开启Tor的浏览器上运行。)

http://tinyurl.com/prbf6kh
http://tinyurl.com/qbgb7ku
http://tinyurl.com/o8tr3jb
http://tinyurl.com/pg6l2lu
http://tinyurl.com/q2p34sy
http://tinyurl.com/ngxmwq2
http://tinyurl.com/ohmrz49
http://tinyurl.com/p58tcoz
http://tinyurl.com/o7da4al
http://tinyurl.com/nqmjtu4
http://tinyurl.com/nu3pnhx
http://tinyurl.com/pmdpdov
http://tinyurl.com/qh9anlf
http://tinyurl.com/nzhqofu
http://tinyurl.com/pq932ea
http://tinyurl.com/qx4eml2
http://tinyurl.com/ob8kqxx
http://tinyurl.com/pb8v9qb
http://tinyurl.com/p55bm7e
http://tinyurl.com/ppodgrn
http://tinyurl.com/pwjp4yf
http://tinyurl.com/nux7wwt
http://tinyurl.com/pma7n7r
http://tinyurl.com/pdo9mo4
http://tinyurl.com/pao8o6o
http://tinyurl.com/o2j5yw6
http://tinyurl.com/og9s9cn
http://tinyurl.com/qztcde9
http://tinyurl.com/q7oz9fm
http://tinyurl.com/pk5gesd
http://tinyurl.com/pyv89lq
http://tinyurl.com/pmha492
http://tinyurl.com/os2tmfy
http://tinyurl.com/p3lrmvo
http://tinyurl.com/pv384pp
http://tinyurl.com/p7h5bl3
http://tinyurl.com/psvgtdb
http://tinyurl.com/num458t
http://tinyurl.com/oghjjj7
http://tinyurl.com/pxy8bft
http://tinyurl.com/ouy7cvg
http://tinyurl.com/o9ppmtj
http://tinyurl.com/ou4p3fk
http://tinyurl.com/q8oyjay
http://tinyurl.com/nbn4xee
http://tinyurl.com/o6wr5de
http://tinyurl.com/pn9ox26
http://tinyurl.com/njdpaq5
http://tinyurl.com/obxetbw
http://tinyurl.com/q75p899
http://tinyurl.com/pqf2xsp
http://tinyurl.com/pcobqf8
http://tinyurl.com/n9nmrb6
http://tinyurl.com/oz9vbl7
http://tinyurl.com/qbtck3k
http://tinyurl.com/no9motm
http://tinyurl.com/nsc2rk9
http://tinyurl.com/p5lup78
http://tinyurl.com/puhf3jc
http://tinyurl.com/nkarcn6
http://tinyurl.com/pp9565e
http://tinyurl.com/pmg6lm9
http://tinyurl.com/opfu3db
http://tinyurl.com/o9kfkkd
http://tinyurl.com/njycrfo
http://tinyurl.com/q2sdzld
http://tinyurl.com/q4zwvvb
http://tinyurl.com/odwjmxb
http://tinyurl.com/njz676a
http://tinyurl.com/p8ex3rc
http://tinyurl.com/ox8tejr
http://tinyurl.com/q2769hm
http://tinyurl.com/puunppr
http://tinyurl.com/p7pprnl
http://tinyurl.com/pn72fe3
http://tinyurl.com/p26spob
http://tinyurl.com/poulsoy
http://tinyurl.com/oabbec7
http://tinyurl.com/pluku6l
http://tinyurl.com/ntkl6vn
http://tinyurl.com/oh6nyzw
http://tinyurl.com/nhgwmbx


不过Facebook的加密部署间仍有些许空档,比如说,目前Facebook Messenger不提供端到端加密,虽然该公司使用TLS来保障安全连接到用户的电子邮件提供商,它发送给他们的个人电子邮件地址消息是明文的。这意味着尽管从Facebook服务器到用户带女子邮件服务器的消息是加密的,但是一旦传送,就可能被任何取得用户权限的人阅读。Facebook给用户发送各种邮件安全提醒通知,例如密码重置,都包含敏感信息,这需要更好的保护措施。

对于非技术人员,端到端加密是很难理解并使用的,因为它通常需要手动处理来交换发送方和接收方之间的公钥,在任意时间它们发送邮件或任何其他类型的消息。这已为电子邮件加密所广泛采用。


http://tinyurl.com/ost6o46
http://tinyurl.com/p554cgm
http://tinyurl.com/q6pgj2r
http://tinyurl.com/o3amot9
http://tinyurl.com/qyo92n4
http://tinyurl.com/nnmbllw
http://tinyurl.com/pl43zqo
http://tinyurl.com/o8mhcrb
http://tinyurl.com/nn4m32c
http://tinyurl.com/prepkdt
http://tinyurl.com/ofx6eeg
http://tinyurl.com/o2qx69m
http://tinyurl.com/qdvfarv
http://tinyurl.com/o4gjjjk
http://tinyurl.com/nmujmy4
http://tinyurl.com/ndugqev
http://tinyurl.com/oz8kjam
http://tinyurl.com/p5rmduv
http://tinyurl.com/qx92sow
http://tinyurl.com/numzond
http://tinyurl.com/p2dgkb2
http://tinyurl.com/oerepnq
http://tinyurl.com/q393r9c
http://tinyurl.com/opz4yju
http://tinyurl.com/os4x5yr
http://tinyurl.com/oqddoot
http://tinyurl.com/otrjzbp
http://tinyurl.com/ojawngt
http://tinyurl.com/oztrsed
http://tinyurl.com/q77w6fs
http://tinyurl.com/nq2g3d6
http://tinyurl.com/qdxvmgd
http://tinyurl.com/oz52sqz
http://tinyurl.com/pf5ce2g
http://tinyurl.com/pm6y3ze
http://tinyurl.com/nhsuj6u
http://tinyurl.com/ppk6u5a
http://tinyurl.com/o2t3ac9
http://tinyurl.com/pacwng3
http://tinyurl.com/psra9nv
http://tinyurl.com/q9efqkb
http://tinyurl.com/paghex7
http://tinyurl.com/ockv5ja
http://tinyurl.com/opgbmrs
http://tinyurl.com/p2pt3lg
http://tinyurl.com/nc6fqng
http://tinyurl.com/qj2pva8
http://tinyurl.com/nhpcsmq
http://tinyurl.com/peegkam
http://tinyurl.com/onsdr6x
http://tinyurl.com/p27ac5s
http://tinyurl.com/ozdyfnr
http://tinyurl.com/p966mto
http://tinyurl.com/nhabro9
http://tinyurl.com/peavtqz
http://tinyurl.com/pqp7zwk
http://tinyurl.com/oz5wymj
http://tinyurl.com/pbp2qbl
http://tinyurl.com/p5uavjy
http://tinyurl.com/nhyhyuw
http://tinyurl.com/oqg29cw
http://tinyurl.com/q94orvx
http://tinyurl.com/q64ntdk
http://tinyurl.com/nd9o3po
http://tinyurl.com/p4oe3sn
http://tinyurl.com/q9medhk
http://tinyurl.com/pyhaoa2
http://tinyurl.com/qhd2ntb
http://tinyurl.com/oncgkbf
http://tinyurl.com/q5cvtpp
http://tinyurl.com/nl7kanh
http://tinyurl.com/p3f5y62
http://tinyurl.com/ngo2cue
http://tinyurl.com/qyot4mf
http://tinyurl.com/pxt8uo5
http://tinyurl.com/nusufde
http://tinyurl.com/pdomewn
http://tinyurl.com/qj7ca87
http://tinyurl.com/nm6eock
http://tinyurl.com/pb28lxm
http://tinyurl.com/o2u4vq4
http://tinyurl.com/omrwh9m
http://tinyurl.com/opsxfr2
http://tinyurl.com/npzs67e
http://tinyurl.com/ne6vl7j
http://tinyurl.com/ou2nkqs
http://tinyurl.com/ncgc7ul
http://tinyurl.com/ngpromg
http://tinyurl.com/owljo8p
http://tinyurl.com/ptwge32
http://tinyurl.com/pep97ds
http://tinyurl.com/okaspjr
http://tinyurl.com/odfh5d2
http://tinyurl.com/njy3njy
http://tinyurl.com/p7tuk73
http://tinyurl.com/oaybbq6
http://tinyurl.com/pdfrm6d
http://tinyurl.com/oo66e96
http://tinyurl.com/qfnhwx8
http://tinyurl.com/no8hf3v
http://tinyurl.com/p8kqdvu
http://tinyurl.com/pcg42l9
http://tinyurl.com/qel5rry
http://tinyurl.com/qy82ovt
http://tinyurl.com/ouqjezm
http://tinyurl.com/o4ez3us
http://tinyurl.com/ocolbl8
http://tinyurl.com/nb7qsj7
http://tinyurl.com/phfj78u
http://tinyurl.com/plpyoxp
http://tinyurl.com/pktpxsq
http://tinyurl.com/p8mzpnw
http://tinyurl.com/o63c5fo
http://tinyurl.com/q3xehxt
http://tinyurl.com/qynwvqe
http://tinyurl.com/qa2sz8t
http://tinyurl.com/obbm2tm
http://tinyurl.com/ofmfbw2


尽管如此,Facebook宣布其打算通过允许用户上传他们的OpenPGP公钥到他们的配置文件中来支持端到端电子邮件加密。这将允许任何人,包括Facebook通过使用基于PGP的加密来给用户发送加密的邮件。假如用户邮件账户被攻击或消息被拦截,Facebook使用带有用户公钥的加密邮件将呈不可读状态。Facebook也将为对外传至选择使用自己的OpenPGP公钥接收加密通知的用户的消息进行标记。

OpenPGP是一个已存在近20年的开源的端到端加密标准。虽然它使用数字证书,但并不依赖证书认证方来认证其公钥信息。相反,证书经由证书列表上其他支持公钥协会的用户签署。这种分散的信任模型被称作为信任网络。Facebook已选用一个广为使用并自由部署OpenPGP标准的GNU隐私保护(GPG)。该软件需要生成及管理一对儿PGP密钥,其中带有操作指南,可以从GPG网站上下载。

http://tinyurl.com/ocmedem
http://tinyurl.com/n9m2v3v
http://tinyurl.com/ncm3tlb
http://tinyurl.com/o5r2q7u
http://tinyurl.com/nfm4s5o
http://tinyurl.com/ooffqhx
http://tinyurl.com/nuy2bmw
http://tinyurl.com/okup9dx
http://tinyurl.com/pq2sx35
http://tinyurl.com/n9zz7jr
http://tinyurl.com/ppxfstv
http://tinyurl.com/nz9qacn
http://tinyurl.com/qycv7qz
http://tinyurl.com/nwsq7v6
http://tinyurl.com/ouocgc3
http://tinyurl.com/oyca76t
http://tinyurl.com/oq7rzjx
http://tinyurl.com/py93xg3
http://tinyurl.com/os9y3ea
http://tinyurl.com/ocrofns
http://tinyurl.com/p6ds7cu
http://tinyurl.com/qhzws4s
http://tinyurl.com/pbzke9o
http://tinyurl.com/pbbzx8g
http://tinyurl.com/qcla299
http://tinyurl.com/nukh9yl
http://tinyurl.com/q72dx9w
http://tinyurl.com/qagzqts
http://tinyurl.com/obb7gf5
http://tinyurl.com/q69orq3
http://tinyurl.com/n98r8ug
http://tinyurl.com/pdzuq9x
http://tinyurl.com/pm4sqpn
http://tinyurl.com/ornfbvm
http://tinyurl.com/ows7zsg
http://tinyurl.com/o7wn7gc
http://tinyurl.com/ojwryjv
http://tinyurl.com/o7zzcdt
http://tinyurl.com/owe2nqx
http://tinyurl.com/ndb7bl3
http://tinyurl.com/ov85t2m
http://tinyurl.com/papw8ps
http://tinyurl.com/oo274az
http://tinyurl.com/nlcfqz6
http://tinyurl.com/oc23a6w
http://tinyurl.com/nd7ml3w
http://tinyurl.com/pww2q5v
http://tinyurl.com/nlqklkm
http://tinyurl.com/phosjgo
http://tinyurl.com/pzpfbut
http://tinyurl.com/q5g7gd6
http://tinyurl.com/o3as7e3
http://tinyurl.com/ov9v7ro
http://tinyurl.com/pejhzn5
http://tinyurl.com/pzxncay
http://tinyurl.com/p5jen3w
http://tinyurl.com/pao6uxq
http://tinyurl.com/plet5tu
http://tinyurl.com/qzyxt3c
http://tinyurl.com/nwq4na3
http://tinyurl.com/oo7h6jo
http://tinyurl.com/q6mq78q
http://tinyurl.com/obqudzv
http://tinyurl.com/pffg5xd
http://tinyurl.com/q6c62ne
http://tinyurl.com/o824fdn
http://tinyurl.com/qy7dsqk
http://tinyurl.com/plcxbz2
http://tinyurl.com/nwg6eux
http://tinyurl.com/pb2fuoe
http://tinyurl.com/o9bjxl5
http://tinyurl.com/of4zgln
http://tinyurl.com/nhn43a9
http://tinyurl.com/or9wdyf
http://tinyurl.com/ohlm8bz
http://tinyurl.com/oa53cy2
http://tinyurl.com/nwlgh66
http://tinyurl.com/nqx7bxm
http://tinyurl.com/o9vxuwr
http://tinyurl.com/pzh9f9s
http://tinyurl.com/ouv7kmj
http://tinyurl.com/o6dadsr
http://tinyurl.com/ohp6vsm
http://tinyurl.com/ovu2ybm
http://tinyurl.com/omzfsb3
http://tinyurl.com/qf2hwk9
http://tinyurl.com/oqksvyn
http://tinyurl.com/pn7xl85
http://tinyurl.com/q274fbo
http://tinyurl.com/ofytwxk
http://tinyurl.com/pl29cso
http://tinyurl.com/q62f4y3
http://tinyurl.com/nn2ru4c
http://tinyurl.com/p9cpnah
http://tinyurl.com/nv7l2zj
http://tinyurl.com/nno2683
http://tinyurl.com/pzp8274
http://tinyurl.com/qhyw5nh
http://tinyurl.com/q6erkbh
http://tinyurl.com/o4dxytz
http://tinyurl.com/p3w5nkd
http://tinyurl.com/oyr3vel
http://tinyurl.com/oo3p6bs
http://tinyurl.com/ph56cea


目前,Facebook新的OpenPGP加密功能只适用于台式机,尚未支持移动设备,不过通过促进其使用,Facebook可增加加密的使用来保护一些列在线服务的邮件内容安全。加密最好是无处不在且自动的,这也意味着不能从高敏感会话中区分出简单会话。


http://tinyurl.com/nd97n59
http://tinyurl.com/nj99k72
http://tinyurl.com/p3lzj2y
http://tinyurl.com/oeq267a
http://tinyurl.com/okq4393
http://tinyurl.com/nphonkl
http://tinyurl.com/pcyousy
http://tinyurl.com/nw6xtq5
http://tinyurl.com/ns75hjm
http://tinyurl.com/pkva2u3
http://tinyurl.com/px55r8j
http://tinyurl.com/pb9wv76
http://tinyurl.com/qc5k55g
http://tinyurl.com/phfbuz5
http://tinyurl.com/qfav5w2
http://tinyurl.com/ngcbpp9
http://tinyurl.com/pyqwsqf
http://tinyurl.com/qbfkh9n
http://tinyurl.com/qyk7vzz
http://tinyurl.com/nr3yyld
http://tinyurl.com/oscq3m6
http://tinyurl.com/on8xtpc
http://tinyurl.com/nzdzakj
http://tinyurl.com/oudwlhg
http://tinyurl.com/p2wtngq
http://tinyurl.com/qfeftg6
http://tinyurl.com/nmnxrce
http://tinyurl.com/oxkph9q
http://tinyurl.com/o6krebj
http://tinyurl.com/qd5aonk
http://tinyurl.com/oful8k3
http://tinyurl.com/oxugfw4
http://tinyurl.com/pfuvpde
http://tinyurl.com/nog8paf
http://tinyurl.com/p6goyop


Facebook并不是唯一一家添加加密服务的公司。雅虎和谷歌的端到端带女子邮件加密扩展也是基于OpenPGP加密的,同时,Open Whisper Systems、Silent Circle以及苹果公司的iMessage都提供端到端加密。政府忧心该做法会限制其对抗恐怖主义威胁的能力,不过另一些人则认为这是一项保护隐私的技术。这是需要探讨的另外一个话题,不过我们能看到的是越来越多的供应商将加密纳入到其服务和消息传递应用程序当中去。
阅读更多
文章标签: Facebook
个人分类: Facebook
下一篇创业者们还有成为下一个BAT级存在的机会
想对作者说点什么? 我来说一句

C# 支持OpenPGP标准

2009年04月28日 1.41MB 下载

没有更多推荐了,返回首页

关闭
关闭