Language Selection

English French German Italian Portuguese Spanish

Muktware

Syndicate content
A complete web-magazine for a geek!
Updated: 2 hours 12 min ago

Electronic Frontier Foundation release secure messaging scorecard to help identify the messengers you should be using

Tuesday 11th of November 2014 01:04:01 PM

It’s not true to say that everyone has become more wary of their communications data since we heard the news of the capabilities of the spy agencies. However many more are concerned. For those that are the EFF have released a score card outlining the most secure messaging services. On top in the chart are relative newcomers to the encryption market, Silent Phone and Silent Text. Also on top is RedPhone and Text Secure aka Signal on iOS devices. Also scoring perfect points was CryptoCat and ChatSecure + Orbot (both of them running together.)

Each program has been tested against a list of requirements and for each it passed it got a green tick otherwise they’re given a red strike through. The different requirements were:
-Encrypted in transit?
-Encrypted so the provider can’t read it?
-Can you verify contacts’ identities?
-Are past comms secure if your keys are stolen?
-Is the code open to independent review?
-Is the security design properly documented?
-Has there been any recent code audit?

That’s a pretty stringent set of requirements to meet however I can see some potential caveats, one is that TextSecure currently requires Google Play services to run correctly, if you have this installed you are sending data to Google so although your communications through TextSecure will be perfectly safe you may be sending more data to Google where as if you were running a custom ROM without the Google additions with ChatSecure + Orbot you may be more secure if you take the entirety of the data that leaves your device into account. This ‘caveat’ however is mostly hypothetical however and may only pander to the someone slightly more cautious about Google.

Speaking of Google, their Hangouts protocol does very poorly in this test, the only items it passes on are: Encrypted in transit? Has there been a recent code audit? Even Apple’s iMessage beats it, only failing to get a pass mark on: Can you verify contacts’ identities? and Is the code open to independent review?

Worryingly the most popular services used did extremely poorly, although not unexpected by a long shot. These services include WhatsApp, Viber, Yahoo! Messenger, SnapChat, Skype, QQ, Kik, Facebook chat, BBM and AIM. If you use any of these services and want to see where they fall down then check the scorecard for more details. Most however do fall on: Encrypted so the provider can’t read it? There is a simple solution to this if you can rope your mates in to do the same as you. Use Pidgin or Adium and install the OTR plugin, then sign in to your accounts, they both support a ton of protocols and then you can send encrypted messages, but the recipient must be also running Pidgin or Adium with the OTR plugin.

Source: EFF

The post Electronic Frontier Foundation release secure messaging scorecard to help identify the messengers you should be using appeared first on The Mukt.

Obama trying to push FCC to enforce tough rules to ensure Net Neutrality

Tuesday 11th of November 2014 01:03:53 PM

For those not following net neutrality, it’s the concept where all users can access any website online at an equal speed, like we can now. However there is a subset of people who say that what we have today isn’t fair to ISPs and argue for a model where you pay more for certain services. If you look at services like Netflix, it’s what the average person uses the most and the content is bandwidth heavy. On the other hand you might have someone who never uses Netflix and other streaming services. Both of these people using the internet for one hour non-stop will have widely different data usages in that time and so some people argue for the person using more bandwidth to pay more for their service.

Despite this, Obama, the tech community and most users of the Internet see the loss of net neutrality as a threat as it could potentially limit access to anything. Many critics worry that ISPs will abuse this new power to make people pay extra to use social media or news websites and so on, making the internet more like Pay TV where you can buy sports bundles and movie bundles, which is downright terrible.

In the past Obama has been a vocal critic of the erosion of net neutrality and has recently said that a free and open Internet was as critical to Americans’ lives as electricity and telephone service and should be regulated like those utilities to protect consumers. He went on to say “For almost a century, our law has recognized that companies who connect you to the world have special obligations not to exploit the monopoly that enjoy over access into and out of you home or business, it is common sense that the same philosophy should guide any service that is based on the transmission of information – whether a phone call or a packet of data.”

If you want to add your name to Obama’s statement directed at the FCC you can add your name here.

The post Obama trying to push FCC to enforce tough rules to ensure Net Neutrality appeared first on The Mukt.

Raided for hosting a Tor node? New precedent set

Friday 7th of November 2014 02:29:15 PM

Over the last 48 hours the alleged owner of Silk Road 2.0 has been arrested in San Francisco and named as Blake Benthall, a former SpaceX employee who left the firm in February. I got alerted to this event via the Tor subreddit where an eastern European (he didn’t disclose what country) said his house had been raided, two computers seized and told he is an ‘international suspect of fraud and money laundering’ and could face a maximum sentence of fourteen years in prison although no charges have been pressed at this point.

It’s unclear whether he was running and exit relay or not and said he followed a tutorial to get things setup so it’s normal to think he was unsure of the fine details. However this incident seems to have set a dangerous precedent: running a Tor node can potentially land you in hot water with law enforcement.

There are various Tor nodes a person can run, these include exit and non-exit nodes. The Tor legal FAQ is quite insistent that if you host a non-exit relay you are safe from law enforcement however you should be ready to get legal help if you run an exit node because that is the node the server will see the IP address of.

The details of the raid are quite sparse and it’s not known if the raid was directly connected to the arrests regarding the Silk Road founder. The person in question said that the country they reside have ‘anti-gay’ laws, of course Russia pops to mind but other countries in the region have similar discriminatory laws or have thought about implementing them. On the take down page of Silk Road are flags of the countries involved, the Lithuanian and Bulgarian flags are included amongst them.

Rexirtnium, the user in question says he’s ‘broke’ and therefore may be unable to get adequate legal support, he petitioned users on the subreddit asking what to do and if he should get try and get press attention. Hopefully he gets the help he needs and feel free to contact him if you can help, providing they keep logged into the account, it seems to have been setup for that particular post.

This turn of events is a wake up call to people running exit nodes. Make sure that you have the EFF or other similar groups and a lawyer on speed dial just in case you wind up in the same situation.

The post Raided for hosting a Tor node? New precedent set appeared first on The Mukt.

US National Security Agency probably has your Windows Bitlocker recovery keys

Wednesday 5th of November 2014 01:24:25 AM

Cryptome recently published a page on their site explaining how the NSA could technically gain access to your encrypted machine if it has Bitlocker drive encryption enabled. If you are using a PC with a fresh install of Windows RT 8.1 then drive encryption is switched on.

Cryptome highlight that the Windows FAQs on drive encryption says that a recovery key for your encrypted device is uploaded to your SkyDrive (now named OneDrive) account to make sure that you have a means of logging into your device should you forget your password. This would be a reasonable expectation as the encryption was passively turn on, however it goes on to remind us that Microsoft’s SkyDrive/OneDrive was a target/collaborator of the NSA’s PRISM program which means tha NSA have keys to decrypt your computer.

The write up also mentions that device encryption is “supported by Bitlocker for all SKUs and that support connected standby. This would include Windows Phones” it follows with “Bitlocker provices support for device encryption on x86 and x64-based computers with TPM that supports connected stand-by. Previously this form of encryption was only available on Windows RT devices.” So it may mean that newer Windows 8.1 PCs come with this ‘feature’ enabled.

If you have data that you want to secure on your machine it’s better to check out whether TCnext the resurrected TrueCrypt suits your needs (they use the last good build of TrueCrypt and plan to release new version in future I believe). Obviously there are more reasons than paranoia to encrypt your disks, for instance you could have your device stolen, luckily your data would be encrypted. As for Windows Phone there really is no way around this predicament.

Linux allows you to encrypt your computer during the installation and does not backup keys to any online sources by default so this is likely a better option if you have data that you want keeping safe too.

Source: Cryptome

The post US National Security Agency probably has your Windows Bitlocker recovery keys appeared first on The Mukt.

Facebook launches hidden service for Tor users

Wednesday 5th of November 2014 01:24:16 AM

I woke up today to news that Facebook, the biggest violater of it’s users online next to Google, has started it’s own hidden service for Tor users to connect to. The new address is: https://facebookcorewwwi.onion/

By connecting to the new address Tor users will get a greater amount of anonymity as your data and identity is protected all the way to Facebook’s data centres using cryptography offered by Tor. Lately Cloudflare has launched full out war on Tor with annoying captchas, I’m unsure whether Facebook still uses captchas for Tor users but hopefully connecting to their hidden services will make using Facebook decent again for Tor users.

As a warning to novice Tor users, logging into Facebook and then going on drug websites is a very terrible idea, if you want to remain anonymous using Tor make sure you reopen the browser if you don’t want evil Facebook cookies following your everywhere, by shutting down and reopening the browser you will have cleared the cookies.

The Tor Project mailing list contains an entry from Alex Muffet, a Facebook employee, who said that they got the incredibly easy-to-remember onion URL by using brute force techniques until they found a URL they liked.

If you take away anything from this is should be that the only anonymity you gain by visiting the onion address instead of the normal facebook address is that you hide who you are from Facebook’s ISP (a Tor user connecting to facebook.com will be identified as a Tor user by fb’s ISP.) The Tor Project Blog has a detailed piece on Facebook’s new adventures in Torland that goes into much more technical aspects of using onion addresses.

Source: The Tor Project Blog

The post Facebook launches hidden service for Tor users appeared first on The Mukt.

Sony Xperia devices are sendng your data to China

Thursday 30th of October 2014 11:53:53 PM

If you are using a Sony Xperia device running either Android 4.4.2 or 4.4.4 it’s advised (by me) that you install a custom ROM on your device. Several reports have appeared online that the stock firmware on these devices contains Baidu spyware that is discreetly sending data back to servers in China, you do not need to have installed any software on your phone as it’s bundled into the firmware.

With this spyware, a user named ‘Elbird’, on the Sony forums, claims that the Chinese Government can:
– Read status and identity of your device
– Make pictures and videos without your knowledge
– Get your exact location
– Read the contents of your USB memory
– Read or edit accounts
– Change security settings
– Completely manage your network access
– Couple with bluetooth devices
– Know what apps you’re using
– Prevent your device from entering sleep mode
– Change audio settings
– Change system settings

You can check to see if you have the spyware by using a file manager and checking for a folder called ‘Baidu’, some reports on Reddit also claim that their none Sony devices also have the folder so it’s worth making sure you’re not infected by checking your files. Some people have offered more complicated solutions to the problem by just blocking a service running on the device that creates the folder, but with this method it’s not safe to assume that your device will remain virus free so doing a clean ROM install is best.

Sony says that the problem will be fixed in Lollipop however Sony devices won’t get that release for a few months yet, the best course of action if you have an infected device is to research CyanogenMod to check if your device is supported, if it’s not then check the XDA forums for a ROM that does work on your phone.

Source: The Hacker News

The post Sony Xperia devices are sendng your data to China appeared first on The Mukt.

LibreOffice based document editor comes to the iPad

Thursday 30th of October 2014 04:51:13 PM

LibreOffice is enjoying some serious adoption. CloudOn, a US-based company has launched a document editor for Apple’s iPad which is based of free and open source LibreOffice. The company says in a press statement that the app offers a, “…new experience for creating and editing mobile documents with a gesture-first doc editor that removes all the clutter, overload and lag of yesterday’s tools. Now people can intuitively create and collaborate on thoughts, ideas and information in ways that fits with the way they work.”

“CloudOn was the first company to bring Microsoft Office to mobile devices, delivering mobile productivity to millions of people,” said Milind Gadekar, CEO and co-founder of CloudOn. “We are excited to transform this space once again with the launch of our new doc editor. Users will benefit from the intuitive, designed-for-mobile experience, without loosing the functionality of Word documents.”

The key features of the app include:

– Gesture-first design: Made for ease and speed. Just tap, type, pinch and swipe to create, edit, style and more.
– Compatible: Works with Microsoft Word, so you can read, edit and share without worrying about formatting or compatibility.
– Open: Works with Dropbox, Box, Google Drive and Microsoft OneDrive, so you can access all your existing files without moving anything.
– Offline ready: Work on docs from anywhere, even on a plane.

The app doesn’t, unfortunately, fully support the ISO approved ODF format. By fully I mean it can open and edit .odt files, but can’t create new files in odt.

The Document says in a press statement:

CloudOn’s new iPad app is powered by LibreOffice, the best free office suite ever. CloudOn has leveraged LibreOffice advanced features for this new gesture-first mobile editor, and has contributed back the extensive DOCX interoperability improvements, which have been integrated in LibreOffice 4.2 and LibreOffice 4.3.

CloudOn’s new iPad app also supports the LibreOffice native Open Document Format (ODF), the only true open document standard. Because of this unique feature, it has better interoperability performances than any other mobile document editor.

Another area is integration with cloud services. Even if you have Dropbox or Google Drive installed on your iPad you can’t give access to the app by clicking on the icon, you will need to give your account details. If you want to work on Google Docs, the app will create a docx version of the document so you won’t be able to work on the same copy between Google Docs app and CloudOn.

The app, from the first hand experience, looks quite neat on the iPad. You can download and try it out now.

The post LibreOffice based document editor comes to the iPad appeared first on The Mukt.

China will upgrade a “significant” number of PCs to Linux by 2020

Thursday 30th of October 2014 02:08:31 AM

China have announced a new time frame in which they will move to a new operating system. It will consist of 15% of government computers being switched to Linux per year. The report by Ni Guangnan outlining the transition won government approval and by 2020 the Chinese Government’s transition to Linux should be complete.

Earlier this year the Chinese Government decided that they would ban the use of Windows 8 and upwards on Government computers due to security concerns about the operating system, it was assumed that China would seek to move to a Linux distribution for government computers, this has been confirmed and they plan to make the complete switch by 2020.

An alternative OS has not yet been finalised although it is likely to be a home-grown Linux distribution a likely choice might be Ubuntu Kylin as the government in China have been promoting the distribution for those looking to move away from XP.

The timetable to replace the Microsoft product also extends to servers, chips and software. The China Banking Regulatory Commission has already informed banks to swap to domestic operating systems too.

Microsoft is not in a good position in China, they are currently being investigated for monopolistic behaviour similar to what happened in Europe which led to the browser ballot box being distributed in the OS a few years ago.

[Update]: The news originated from Chinese news sources and has been picked up by many western news sites such as Reuters and the Guardian and Forbes. One discrepancy that has been noted in the comments is the fact that the Chinese news sites who reported the news did not include a source for the report. Also the details regarding the distro that will be used are vague at this point, currently China has three prominent distribution of Linux which include Red Flag Linux, Kylin and Ubuntu Kylin. The latter seems the most well supported at the moment although nothing has been finalised. I’ve also changed the wording of the title from “China will upgrade all PCs to Linux by 2020″ to “China will upgrade a “significant” number of PCs to Linux by 2020″ to reflect the translation in Forbes’ article.

Source: Softpedia

The post China will upgrade a “significant” number of PCs to Linux by 2020 appeared first on The Mukt.

W3C now endorses HTML5

Tuesday 28th of October 2014 06:38:43 PM

The World Web Consortium, the body for body which decides on web standards has elevated the HTML5 specification to ‘recommendation’ status which is the highest endorsement level and is therefore standardised.

Since around 2010 web browsers have been implementing support for HTML5 features, now most of the browsers support most HTML5 features and it comes just in time for W3C recommendation for the technology. To check your browsers HTML5 support go to HTML5Test, which will give you the run down of all the supported features in your browser, you can also compare your browser to multiple versions of a wide range of browsers across different devices.

End users will now be able to expect even more dynamic web pages that resize themselves to fit to your device’s screen size, contain videos that require no plugins to view and the same for audio.

In addition HTML5 will see much more better games get developed for the web, Mozilla using various technologies have shown off desktop-like games in terms of graphics, if this were to become mainstream we may see a shift from people using traditional desktop and laptop to devices like Chromebooks, although post-Snowden privacy concerns make this a more distant reality than it was before. HTML5 also brings with it native support for scalable vector graphics (SVG) and math (MathML), anotations important for East Asian typography and features to enable accessibility of rich applications.

The post W3C now endorses HTML5 appeared first on The Mukt.

Civilization: Beyond Earth to land on Linux & Mac around Holiday Season!

Friday 24th of October 2014 04:24:48 PM

An official confirmation from Aspyr Media today confirms Sid Meier’s Civilization: Beyond Earth to be slated for a Linux and Mac release later this holiday season. The latest entrant into the acclaimed series of 4X Turn based strategy, will be available on both the Mac and Linux versions of Steam as well as on the Mac App Store.

Aspyr Media, in collaboration with 2K and Firaxis will be bringing the new game to Linux. They were also the company for porting the previous versions of Civilization to Linux, with the latest Civilization V ported over to Linux earlier this year. As always, the Linux port will be a native port and will retain all the features of the game that is available on Windows. Additionally, the game will also support cross-multiplayer with the other platforms through Steam, so that you can enjoy those grand multiplayer sessions that only a Sid Meier’s game can provide.

The Windows version of the game is being launched this Friday. Users are already able to preload the game ahead of the launch. Although the Linux version is being a bit delayed, I personally think that rather than just make a superficial port like the Witcher 2, taking a bit of a time and making a native port that runs better is worth the wait. At least the company confirmed that there will be one.

The Linux and Mac versions are up for Pre-Order on Asper Media’s sister site GameAgent.com. The pre-order from the site entitles users to a redeemable Steam key when the game launches on the platforms later this year. Users who order the game from this site will also get access to the Exoplanets Map Pack as a free bonus.

A series of Dev Diaries will be put up on GameAgent’s blog, which we will keep an eye out for interesting bits. So stayed tuned for more on the game here.

Source: Aspyr Media Press News

The post Civilization: Beyond Earth to land on Linux & Mac around Holiday Season! appeared first on The Mukt.

More in Tux Machines

Barbie the Debian Developer

Some people may have seen recently that the Barbie series has a rather sexist book out about Barbie the Computer Engineer. Fortunately, there’s a way to improve this by making your own version. Thus, I made a short version about Barbie the Debian Developer and init system packager. Read more

Automotive Grade Linux Adds Industry Partners for Open Source Cars

Cars may still not be the first thing that comes to mind when one thinks of Linux and open source, but the Linux Foundation's Automotive Grade Linux (AGL) project continues to expand. This week, it announced three new members, bringing the total number of industry partners and academic collaborators to 46. Read more

Kubuntu CI: the replacement for Project Neon

Many years ago Ubuntu had a plan for Grumpy Groundhog, a version of Ubuntu which was made from daily packages of free software development versions. This never happened but Kubuntu has long provided Project Neon (and later Project Neon 5) which used launchpad to build all of KDE Software Compilation and make weekly installable images. This is great for developers who want to check their software works in a final distribution or want to develop against the latest libraries without having to compile them, but it didn't help us packagers much because the packaging was monolithic and unrelated to the packages we use in Kubuntu real. Read more

How SanDisk is Becoming an Open Source Player

Earlier this year SanDisk committed to becoming an open source player, created an open source strategy office and joined the Linux Foundation. Since then, the flash storage company has begun contributing to open source projects in the three main areas of its business: mobile, enterprise and hyperscale computing, and consumer products, said Nithya Ruff, director of the open source strategy office at SanDisk in an online presentation yesterday. Read more