Language Selection

English French German Italian Portuguese Spanish

Security

Another Tor router crowdfunding project nixed by Kickstarter

Filed under
Android
Linux
Security

Kickstarter is apparently not the place to go if you’re trying to crowdfund privacy hardware. Just days after the Anonabox project, a highly criticized effort to package the Tor privacy protection service into a portable miniature Wi-Fi router, was suspended by the crowdfunding site, another similar project has met its demise—and its founder’s account has been deleted.

TorFi, which Ars mentioned in a report on October 21, was a project by Jesse Enjaian and David Xu of Berkeley, California aimed at creating home routers with turnkey Tor protection and support for OpenVPN connections—allowing users to route all their Internet traffic either through Tor's "onion router" network or a virtual private network provider of their choice. The project’s initial pitch was dependent on repurposing routers from TP-Link purchased through retail and re-flashing them with a customized version of the OpenWRT embedded operating system.

Read more

On the Security of Containers

Filed under
Linux
Security

I agree that the security of a container isn’t any better than a well-secured application using sys_setcap(), a custom suite of SeLinux labels, and a roll-your-own use of Linux namespaces. However, that’s precisely what Linux containers are. Containers are not contradictory to other, existing best-practices. They’re not contradictory to VMs, but work well with them. It’s not contradictory to SeLinux or AppArmor, but works with them. In fact, when you come down to it, once you start tweaking and configuring all of the security tunables in Linux to secure your application as much as possible, you’ll realize that you’ve simply rolled your own container solution.

Read more

Feeling Scammed After Anonabox? Android-Based Project Sierra Claims To Be The Real Deal

Filed under
Android
Linux
Security

In the wake of former NSA contractor Edward Snowden's big reveal on government spying, there's been a concerted effort by companies big and small to try and make our lives truly private. One seemingly promising solution was Anonabox, a little plug-and-play device that routes traffic through Tor to keep our online activities anonymous. Unfortunately, we were all misled on a number of levels, prompting Kickstarter to remove the project forever. Hot on its heels is Project Sierra, a network encryption device that's supposedly the real deal.

Read more

Linux Container Security

Filed under
Linux
Security

Hypervisors present a smaller attack surface than containers. This is somewhat mitigated in containers by using seccomp, selinux and restricting capabilities in order to reduce the number of kernel entry points that untrusted code can touch, but even so there is simply a greater quantity of privileged code available to untrusted apps in a container environment when compared to a hypervisor environment[1].

Read more

NSA recommends several Samsung smartphones

Filed under
Android
Security

The list of allowed smartphones, which US officials may share confidential information has become a bit longer. The National Information Assurance Partnership (NIAP) - a product tester under the supervision of the NSA - announced Tuesday the green light for the S5 Galaxy, Galaxy Note 4 and the tablet Galaxy Note 10.1 (2014 Edition).

Read more

Free and Open Source Electronic Signature in Costa Rica

Filed under
LibO
OSS
Security

The LibreOffice component designed by the University of Costa Rica (UCR) is similar to similar software enhancements currently used for electronic signatures in other countries.

Read more

TOR GUI `SELEKTOR` SEES NEW MAJOR RELEASE

Filed under
OSS
Security

SelekTOR, an open source Java-based GUI front-end for Tor, was updated to version 3.12 (now 3.12e) recently and it includes new advanced options as well as a new Tor Monitor panel that shows the Tor client startup info and its current status.

Read more

UNITY PRIVACY INDICATOR 0.4 RELEASED WITH NEW PRIVACY SETTINGS

Filed under
Security
Ubuntu

For those not familiar with Privacy Indicator, this is an Ubuntu AppIndicator especially created for Unity, which allows you to control various privacy aspects.

Until this release, the indicator could be used to enable / disable Dash online search results and Zeitgeist logging (and also clear the Zeitgeist log), clear recently used files (which show up in the Nautilus or Nemo "Recent" sidebar item for instance) and to show or hide your real name on the Unity panel.

Read more

Kickstarter pulls Anonabox, a Tor-enabled router that raised over $585,000

Filed under
Development
Security

The Anonabox, which was created by August Germar, of Chico, California, aimed to be an “open source embedded networking device designed specifically to run Tor.” Its fundraising goal was $7,500, and in five days, it raised $585,549 from nearly 9,000 backers—including three Ars editors.

Germar told Ars that he was not aware that it had been suspended until Ars forwarded him an e-mail from Kickstarter outlining the possible reasons why it could have been cancelled.

Read more

Tor Browser 4.0 is released

Filed under
Security
Web

This release also features an in-browser updater, and a completely reorganized bundle directory structure to make this updater possible. This means that simply extracting a 4.0 Tor Browser over a 3.6.6 Tor Browser will not work. Please also be aware that the security of the updater depends on the specific CA that issued the www.torproject.org HTTPS certificate (Digicert), and so it still must be activated manually through the Help ("?") "about browser" menu option. Very soon, we will support both strong HTTPS site-specific certificate pinning (ticket #11955) and update package signatures (ticket #13379). Until then, we do not recommend using this updater if you need stronger security and normally verify GPG signatures.

Read more

Syndicate content

More in Tux Machines

Librem 15 Is a Beast of a Linux Laptop with a Gorgeous Finish

Librem 15 aims to be the only laptop coming with completely free software and its makers are looking to get some funding through a crowdfunding campaign. You might think that if a laptop ships with any Linux distribution, then it would stand to reason that it would be loaded with free and open source software, but the truth is that it's not that simple or even intuitive. For example, it's true that the Linux kernel is an open source project and that it's freely distributable, but there are some people in the community that say it's not enough. Read more

Google and Facebook feel the wrath of German open source advocate

Open-Xchange CEO Rafael Laguna has hit out at the closed nature of services offered by Silicon Valley giants like Google and Facebook. Speaking in Paris earlier this month, Laguna said many of Silicon Valley's largest companies, and others like them, need to open up their proprietary systems to comply with laws around the world and uphold many of the citizen’s rights that people have fought for over the last several hundred years. Read more

Best of open hardware in 2014

Open hardware is the physical foundation of the open movement. It is through understanding, designing, manufacturing, commercializing, and adopting open hardware, that we built the basis for a healthy and self-reliant community of open. And the year of 2014 had plenty of activities in the open hardware front. Read more

Open Source Online Game Gets Students Excited About Linux

When Razvan Rughinis began teaching the introductory operating systems course at University Politehnica of Bucharest in Romania 10 years ago, he was challenged to get students interested in Linux and keep them interested for the entire three-month course. Many first-year computer science students have no experience with Linux, and they have no interest in learning it, said Rughinis a professor in the Computer Science and Engineering Department. And those students who do know Linux are regarded as unusual and treated as social outcasts, he said. “They wouldn't pay attention to the first experience to see what Linux has to offer; not just the desktop, but how the services work and the depth of the system,” he said. “It's a steep learning curve for students coming from high school. Their first encounter was too difficult.” Read more