in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Mobile Data Security: Design School Graduate Releases "NSA-Proof" Font

Sang Mun (no relation), a graduate of the Rhode Island School of Design, has released and made available for free a set of fonts designed to be "more difficult for data collectors... to decrypt," according to vice.com.  While it fails to provide the level of data protection that one expects from mobile device security like AlertBoot, its roots, one could argue, lie in the hacker culture of the 1980s and 1990s, when leet speak flourished.

Confuses Machines, Maybe Even Humans

The creator of the font stated, according to vice.com:
The project started with a genuine question: How can we conceal our fundamental thoughts from artificial intelligences and those who deploy them?" he writes. "I decided to create a typeface that would be unreadable by text scanning software (whether used by a government agency or a lone hacker)—misdirecting information or sometimes not giving any at all. It can be applied to huge amounts of data, or to personal correspondence.
You can check out the font here.  Maybe it's just me, but it seems that some of the individual letters make it hard for people to read it as well.

In fact, I get the feeling that the only reason why I'm able to read the example "Blowing the Whistle on a war crime should not be a crime" without a hitch is because of what's been referred to as typoglycemia.  Basically, one can read a word that has been jumbled as long as the first and last letters of a word are in the correct place.

The creator says he
has no illusions that even a clever cryptographic font—which he says you can use in email messages to shield them from snoops and font-recognition bots—will remain encoded for long. They're not meant to be long-term tools with which to combat the NSA. Rather, he views them as an awareness-raising measure.
The last time I was interested in OCR technology, the field had a long way to go and certain fonts lended themselves to better scanning and conversion than others.  Perhaps Sang Mun's fonts have taken this into account but I wouldn't be surprised if the NSA didn't have already something in place already.  

A "Solution" That's as Old as the Hills

This new font is a not a truly novel idea.  In the 80's and 90's hackers (and hacker wannabes) already explored such tactics, although it didn't involve typography per se.  Rather, they substituted similar looking characters, such as a zero (0) for an oh (o or O) or a five (5) for an es (s or S); in certain cases, whole words were substituted, like "leet" for "elite."

The reasoning behind this was that certain government organizations, like the NSA, had significant processing power (they still do, quite obviously) and using non-standard words would throw a wrench in the works when it came to online communications tapping.

The reality, though, is that leet speak probably didn't slow them down a bit.  In the end, efforts like Sang Mun's might truly be about getting a conversation going.
Related Articles and Sites:
http://motherboard.vice.com/blog/introducing-the-nsa-proof-font
 
<Previous Next>

Full Disk Encryption: Researchers Find Browser's Cache Is Full Of Sensitive Data

Police Encryption: Detective's Stolen Laptop Triggers Data Breach Notification

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.