No matter how good the code review process is, or how high the standards for acceptance, applications will always have bugs, says Joanna Rutkowska, founder and CEO of Invisible Things Lab. So will drivers. And filesystems.
“Nobody, not even Google Security Team, can find and patch all those bugs in all the desktop apps we all use,” Rutkowska says in the Q&A interview, below.
Called "Pretty Easy Privacy" (PEP), the project's goal is to integrate the technology with existing communication tools on different desktop and mobile platforms. The development team launched a preview PEP implementation Monday for the Microsoft Outlook email client, but plans to build similar products to encrypt communications in Android, iOS, Firefox OS, Thunderbird, Apple Mail, Jabber, IRC (Internet Relay Chat), WhatsApp, Facebook Messenger, Snapchat and Twitter.
Michael Tremer, a developer for the ipfire.org team, has announced that IPFire 2.13 Core 82, a new stable build of the popular Linux-based firewall distribution, is available, bringing quite a few security fixes.
IPFire releases are not usually very big, but this latest update in the series is quite substantial. A number of features and changes have been made and the devs are working to bring even more options to the masses.
The disclosure by NSA contractor Edward Snowden has exposed the ‘out-of-control’ surveillance system of the US and the UK. The more stories we are getting from Guardian and NYTimes, the more people are losing trust in the proprietary solutions offered by the companies which operate from the US and seemingly work closely with the spy agencies.
This is a category of people who don’t yet understand the dangers of breach of privacy, but the more we are moving our lives into the digital world, the more important it is becoming to take control of our communication and privacy from the prying hands of those for whom we are the product.
Then there are those need this privacy, due to the profession they are in or for purely sensible reasons that our privacy should be respected.
There is, apparently, a big demand for commercially available encrypted smartphones perhaps impervious to the data demands of spy agencies and cyber criminals worldwide.
Indeed, Toby Weir-Jones says sales of his new ultra-encrypted smartphone, called the Blackphone, are flying off the shelves since it began officially shipping in June.
Spotting Ubuntu in the wild should be promoted to a sport and records must be set for the most interesting places where the distro has been seen. It looks like NBC and the Today Show have used Ubuntu to illustrate the nefarious practices of the hacker that release some nude pictures of various celebrities.
As to that NSA data, a great deal of confusion about "surveillance" seems to be floating around. In the United Kingdom, questions are being asked about all the data-gathering by the British equivalent of the NSA, GCHQ. In response, Secretary of State Theresa May has responded that "there is no programme of mass surveillance and there is no surveillance state" and labels claims that GCHQ engages in unlawful hacking as "nonsense." Yet clearly, a lot of data is being gathered.
GCHQ, the NSA, and probably every other intelligence agency worth the name is actively gathering data from the Internet. Everything on the Internet is transient, with different decay periods, so gathering information is a constant process. They believe everything that can be gathered without illegal action is fair game, so they gather anything and everything they can, storing it just in case.
They are without doubt capturing and recording all and any email, instant messages, Web pages, social media traffic, and so on. Recent disclosures reveal that the NSA collects "nearly everything a user does on the Internet," then offers analysts tools to search that data. The NSA has a variety of explanations why it's all legally gathered.
Most people know to turn off GPS on their mobiles if they are bothered about being tracked however fewer people know not to leave on Wi-Fi & call service as these also can be used to track you.
A CryptoPhone maker, GSMK, has developed a firewall that tells you if rogue cell towers are trying to connect to your phone. This is the first phone to protects against these attacks but it’s only compatible with one device, a modded Galaxy S3.