Language Selection

English French German Italian Portuguese Spanish

Security

A Bundle of Tor

Filed under
OSS
Security
HowTos

NSA: Linux Journal is an "extremist forum" and its readers get flagged for extra surveillance

Filed under
Linux
Security

A new story published on the German site Tagesschau and followed up by BoingBoing and DasErste.de has uncovered some shocking details about who the NSA targets for surveillance including visitors to Linux Journal itself.

While it has been revealed before that the NSA captures just about all Internet traffic for a short time, the Tagesschau story provides new details about how the NSA's XKEYSCORE program decides which traffic to keep indefinitely. XKEYSCORE uses specific selectors to flag traffic, and the article reveals that Web searches for Tor and Tails--software I've covered here in Linux Journal that helps to protect a user's anonymity and privacy on the Internet--are among the selectors that will flag you as "extremist" and targeted for further surveillance. If you just consider how many Linux Journal readers have read our Tor and Tails coverage in the magazine, that alone would flag quite a few innocent people as extremist.

Read more

Why You Shouldn’t Have To Buy The $630 Super-Secure Blackphone In Order To Protect Your Privacy

Filed under
Android
Security

Privacy focused Blackphone starts shipping

Filed under
Android
Security

Blackphone, an Android-based smartphone developed by Silent Circle, SGP Technologies and Geeksphone, is now shipping. The phone became a sensation during Mobile World Congress as it offered extreme privacy of communication. After the NSA revelations made by Edward Snowden, there is a huge demand for services or devices which offer privacy from NSA and other surveillance agencies. However even the Blackphone doesn’t offer any protection from NSA. Phil Zimmermann, one of the creators of the phone, said that Blackphone doesn’t make you NSA proof.

Read more

Quality Software Costs Money - Heartbleed Was Free

Filed under
OSS
Security

About the only thing GNU Project founder Richard Stallman and I can agree on when it comes to software freedom is that it's "Free as in free speech, not free beer."

I really hope the Heartbleed vulnerability helps bring home the message to other communities that FOSS does not materialize out of empty space; it is written by people. We love what we do, which is why I'm sitting here, way past midnight on a Saturday evening, writing about it; but we are also real people with kids, cars, mortgages, leaky roofs, sick pets, infirm parents, and all kinds of other perfectly normal worries.

The only way to improve the quality of FOSS is to make it possible for these perfectly normal people to spend time on it. They need time to review patch submissions carefully, to write and run test cases, to respond to and fix bug reports, to code, and most of all, time just to think about the code and what should happen to it.

Read more

5 Secure Alternatives to WhatsApp

Filed under
Software
Security

Ever since WhatsApp, a massively popular messaging app was acquired by Facebook, many of its users have started looking for alternatives to the service. Facebook, which itself, doesn't have a good track record when it comes to privacy, is the only reason users are on the lookout for good replacements to the service.

The landmark acquisition deal that happened several months ago shocked many people, especially those who used WhatsApp as a regular chatting tool. As part of the deal, Facebook offered WhatsApp a whopping $4 billion in cash and $12 billion worth of shares. Starting 2014 with a big bang, the deal is one of the biggest deals that have ever happened in the tech industry. Biggies like Google and Microsoft were keen on buying WhatsApp but finally Facebook managed to woo the emergent startup and make history. WhatsApp has over 450 million monthly users, 72% of whom use the app everyday.

Read more

Exclusive: A review of the Blackphone, the Android for the paranoid

Filed under
Android
Reviews
Security

Based on some recent experience, I'm of the opinion that smartphones are about as private as a gas station bathroom. They're full of leaks, prone to surveillance, and what security they do have comes from using really awkward keys. While there are tools available to help improve the security and privacy of smartphones, they're generally intended for enterprise customers. No one has had a real one-stop solution: a smartphone pre-configured for privacy that anyone can use without being a cypherpunk.

Read more

Review: Open source proxy servers are capable, but a bit rough around the edges

Filed under
Server
OSS
Security

Providing a common gateway for web services, caching web requests or providing anonymity are some of the ways organizations use proxy servers. Commercial proxy products, especially cloud offerings, are plentiful, but we wondered if open source or free products could provide enterprise-grade proxy services.

Read more

World’s most secure Android phone finally starts shipping next month

Filed under
Android
Linux
Security
  • World’s most secure Android phone finally starts shipping next month

    Secure communications specialist Silent Circle recently set out to build the most secure Android phone in the world, and some have gone as far as to call the company’s Blackphone an “NSA-proof” smartphone. That statement can’t be confirmed, of course, since the NSA surely still has a few tricks up its sleeve that we don’t know about. What we can say, however, is that people concerned with keeping their mobile communications private will soon have a new option that is more secure than any publicly available Android phone currently on the market.

  • Silent Circle's Blackphone will ship out in three weeks

    Silent Circle in partnership with Geeksphone announced the Blackphone in January this year. The makers of the Blackphone claims that the handset is the world's first smartphone that gives its user total control of privacy.

    The upcoming smartphone is powered by a modified version of Android, PrivatOS, which is believed to be more security-oriented. The Blackphone will be carrier and vendor independent, which will ensure that individuals and businesses are able to make and receive secure phone calls, send texts, store files, browse the internet and more without compromising the privacy of the user.

  • Blackphone is about to sidle stealthily into the mainstream
  • NSA-Proof? Super-Secure Blackphone Shipping by July
  • Super-Secure Blackphone Shipping by July
  • Anti-forensic mobile OS gets your phone to lie for you

    In Android Anti-forensics: Modifying CyanogenMod Karl-Johan Karlsson and William Bradley Glisson present a version of the Cyanogenmod alternate operating system for Android devices, modified so that it generates plausible false data to foil forensic analysis by law enforcement. The idea is to create a mobile phone that "lies" for you so that adversaries who coerce you into letting them take a copy of its data can't find out where you've been, who you've been talking to, or what you've been talking about.

Tails interview

Filed under
Interviews
Security
Debian

Tails was built with two specific things in mind: sustainability and usability.
Sustainability refers to how this is a project that can be relied on by its users. The team goes on to explain the importance of usability: “We believe that the best security tool is of no use if people who really need it on the field cannot use it. Moreover, security tools must be hard to misuse, they should prevent you from doing critical mistakes, or ask you to make security decisions that you are not able to make.”

Tails has been around for a while as previously stated, however its notoriety was elevated after the Snowden revelations: “What really changed is the public awareness regarding those issues,” the team told us. “It is now hard to deny that internet security has to do with politics and not only with technology. The Snowden revelations also made it clear that online privacy is an issue for everyone, and not only for paranoid people. That point was still hard to make, even in the Linux world.”

Read more

Syndicate content

More in Tux Machines

Introducing Gthree

I’ve recently been working on OpenGL support in Gtk+, and last week it landed in master. However, the demos we have are pretty lame and are not very good to show off or even test the OpenGL support. I’ve looked around for some open source demos that used modern GL that we could use, but I didn’t find anything that we could easily use. What I did find though, was a lot of WebGL demos that used three.js. This looked like a very nice open source library for highlevel 3d rendering. At first I had some plans to bind OpenGL to gjs so that we could run three.js, but this turned out to be a hard. Instead I started converting three.js into C + GObject, using the Gtk+ OpenGL support and the vector/matrix library graphene that Emmanuele has been working on recently. Read more

Swiss crowdfund pays for signed PDFs LibreOffice

In just three days, the Swiss open source community Wilhelm Tux reached its crowdfunding target of 10,000 CHF (about 8000 euro) to add support for digital signatures in PDF documents. The feature will be added to LibreOffice, a free and open source suite of office productivity tools. The project is awarded to Collabora, an open source IT service provider, which will deliver the new functionality in April. Read more

Tumbleweed, Factory rolling releases to merge

“With the release of openSUSE 13.2 due in November, we realised this was a perfect opportunity to merge our two openSUSE rolling-releases together so users of Tumbleweed can benefit from the developments to our Factory development process over the last few years,” said Richard Brown, Chairman of openSUSE board. “The combined feedback and contributions from our combined Tumbleweed and Factory users should help keep openSUSE rolling forward even faster, while offering our users the latest and greatest applications on a stable rolling release.” Read more

Fedora 21 Beta to slip

Today at Go/No-Go meeting it was decided to slip Fedora 21 Beta release as we did not have release candidate (RC) available in time. However we will try one day slip. Read more