Greg Knaddison has worked for big consulting firms, boutique software firms, startups, professional service firms, and former Drupal Security Team leader. He is currently the director of Engineering at CARD.com and a Drupal Association advisory board member.
Michael Hess works with the University of Michigan School of Information and the UM Medical Center teaching three courses on content management platforms and overseeing the functionality of hundreds of campus websites. He serves in a consulting and development role for many other university departments and is the current Drupal Security Team leader. He also consults with BlueCross on large-scale medical research projects. Hess is a graduate of the University of Michigan School of Information with a master's degree in information.
This week I had a chance to add a NeuG, a True Random Number Generator, to the Free Software Foundation network. The NeuG exclusively uses free software and was developed in Japan by NIIBE Yutaka. A random number generator (RNG) is a device used to generate random numbers for computers. Without getting into a philosophical argument, we humans tend to take the concept of entropy (randomness) for granted. If we wish to produce random data, we simply do so. Computers, on the other hand, do as we tell them to do. They follow a set of instructions provided by a programmer and follow each instruction precisely. So there is no way to ask a computer to give us a random number because we would have to tell the computer in advance what the number is. There are some ways around this. For example, we could use a system's current timestamp as a seed, or starting point, for producing random-seeming numbers by using an algorithm. This approach will create the illusion of entropy, but if someone else knows both the timestamp used for the seed and the algorithm used to generate the random numbers, the sequence of the random number generator can be calculated and predicted.
The Central Bureau of Investigation has got a new specialized forensic lab to decipher and recover data from Apple devices seized from suspects during investigation of cases. The new lab, inaugurated at the CBI academy in Ghaziabad, will be fully equipped with latest workstations and software to decode the digital information stored in Apple devices, said sources.
The Tor Browser Team is proud to announce the first stable release in the 4.5 series. This release is available from the Tor Browser Project page and also from our distribution directory.
The 4.5 series provides significant usability, security, and privacy enhancements over the 4.0 series. Because these changes are significant, we will be delaying the automatic update of 4.0 users to the 4.5 series for one week.
The report also suggests promoting open-source software as a way to build resilience to surveillance, which could be achieved by funding audits of important open-source software. Among several products it highlights is disk encryption software, TrueCrypt, which was recently subjected to a crowd-funded audit that was able to rule out the existence of NSA backdoors in the product.
“TrueCrypt is a typical example of a problem of the commons: worldwide use of software package was probably dependent on two or three developers,” the study notes to highlight why funding open source projects may be valuable.