Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Disturbance in the force (Score 1) 456

As a Nerd, I as most of us here refuse to grow up. Period. Getting old is inevitable. Becoming one of those boring "grown ups" that stopped being a silly fanboy for SciFi, Fantasy, Comics is nothing I strive for.

This site is dedicated to Nerds. If you want a site dedicated to boring normal people go elsewhere.

Submission + - Apple engineer reveals Apple tested Flash on the iPhone back in 2008 (bgr.com)

anderzole writes: It all seems like ancient history now, but it really wasn’t all that long ago that Apple and Adobe were engaged a very public and extremely bitter dispute stemming from Apple’s refusal to support Flash on the iPhone. While Adobe was quick to call out Apple out for engaging in anti-competitive behavior, Apple’s party line was that Flash was a security nightmare riddled with a number of performance and security issues.

Apple and Adobe’s battle over flash reached its zenith in 2010 when Steve Jobs penned a widely circulated screed detailing why Apple’s mobile products, which at the time included the iPhone, iPod Touch and iPad, did not support Flash. Titled “Thoughts on Flash” and weighing in at nearly 1700 words, Jobs thoroughly explained Apple’s rationale for completely ignoring, what was then, a very relevant piece of software technology.

That said, a series of tweets from Bob Burrough, a former software development manager at Apple, reveals that Apple at one point actually tested Flash on the iPhone as far back as 2008. What’s more, Burrough relays that Jobs’ vehement refusal to support the technology may have had less to do with security considerations and more to do with the fact that Adobe, as a partner, couldn’t be relied upon to address said security issues.

Submission + - Apple's New MacBook Pro Require a $25 Dongle To Charge Your iOS Device (networkworld.com)

An anonymous reader writes: As Phil Schiller explained during today's event, Apple's new MacBook Pros feature four Thunderbolt 3 USB Type-C ports, and conveniently, each of these can be used to charge the machine. Now, USB-C is incredibly versatile, and Apple will use the advanced port for power charging, HDMI and much more. However, with USB-C the only game in town, you might reasonably be wondering: How in the world do I connect my iPhone to my sleek new MacBook Pro? The frustrating answer is that you won't be able to do so out of the box. Instead, you'll have to buy a dongle. This is especially frustrating because many people use their notebooks for a) charging purposes when an outlet isn't necessarily handy and b) for transferring photos and other data. Now, you might reasonably state that you can just rely upon the cloud for items like data transfer, but there's no getting around the fact that Apple's efforts in the cloud still leave much to be desired. How much will it cost to connect your iPhone to your brand new MacBook Pro? Well, Apple sells a USB-C to Lightning cable on its website for $25. While this is undoubtedly frustrating, we can't say that it's entirely unexpected given Apple gave us a preview of its preference for USB-C when it released its 12-in. MacBook last year. Still, it's a funky design choice for a decidedly Pro-oriented device where the last thing a prospective consumer would want to do is spend some extra cash for a dongle after spending upwards of $2,399. Lastly, while we're on the topic of ports, it's worth noting that the new MacBook Pros also do away with the beloved MagSafe connector.

Comment Re: Really? (Score 1) 146

It is this easy: Apple closed the backdoors they had left open for your spooks in iOS 8 after the Snowden-files.

Snowden claims that apple does the right things (can't trust their cloud, but there are secure alternatives as caldav, carddav and IMAP for notes are ssupported out of the box). Android is way (!) more insecure, leaving encryption keys on wiped devices and supporting the way more insecure cloud from google.

I do not trust apple, they had their hands in the cookie jar until iOS 8. But I do trust the international hero Snowden. He claims apple is doing the right things at the moment. To my knowledge, he is right.

You are just a random guy. Slashdot is still about credibility. Your carma shows you have none. Maybe you should think about that and why we trust a REAL security expert like snowden with first hand experience in your governments capabilities WAY more than we trust random loser koan?

I gladly sacrifice some carma for this ;)

Comment Re: Really? (Score 1) 146

It is this easy: Apple closed the backdoors they had left open for your spooks in iOS 8 after the Snowden-files.

Snowden claims that apple does the right things (can't trust their cloud, but there are secure alternatives as caldav, carddav and IMAP for notes are ssupported out of the box).

Android is way (!) more insecure, leaving encryption keys on wiped devices and supporting the way more insecure cloud from google and security fixes usually require to buy a new phone or wait indefinitely for the manifacturer after (!) the fix made it in the vanilla android ftom Google, while apple still supports the iphone 4s from 2011.

I do not trust apple, they had their hands in the cookie jar until iOS 8. But I do trust the international hero Snowden. He claims apple is doing the right things at the moment. To my knowledge, he is right.

You are just a random guy.

Slashdot is still about credibility, although it changed a lot. Your carma shows you have none. Maybe you should think about that and why we trust a REAL security expert like snowden with first hand experience in your governments capabilities WAY more than we trust random loser koan?

I gladly sacrifice some carma for this ;)

Comment Re: Torn (Score 1) 405

iPhones are only secure within themselves. If I send you a text, that's open and easily interceptable.

1. Sending a message from one iPhone to another: Not interceptable.
2. Sending a message or calling via Signal from Open Whisper Systems: Not interceptable
3. Using an encrypted carddav- and caldav-provider: Data not accessible as it is encrypted with my long and complex password
4. Using firefox to synch browserdata: Not accessible as it is encrypted end-to-end

So what do you mean by "only secure within themselves"?

Comment Re: Better question (Score 1) 212

I think Apple is right, because this is just the beginning. But what they actually want is a software to circumvent the wiping after 10 tries and the delay between the tries.

They are not yet asking to circumvent the encryption. If the guy used a strong password, the spooks will still have no access.

But of course there is evidence that the government just waits for the next attack to finally get the real backdoor in every device.

We are not banning encryption, we are banning end-to-end encryption as long as there is no accessible server involved and encryption of devices. Just like Skype: The communication is decipherable on the server.

That wouldn't hurt online trade: To access the server of banks or distributors is already legal, so move along, nothing to see here.

Comment My suggestions (Score 1) 192

1. Separate private contacts and public contacts

Use gmail with two-factor authentification for amazon, itunes, netflix, etc. As the government has access to everything you do there having the security compromised, do not try to hide it. At least google does a good job protecting the product (you) from being infiltrated by private crooks, use it to protect against daisy chain attacks against password recovery identity theft. They offer you a big mailbox and unusual usage invokes their automatic protection systems, use it. Do not use outlook.com.

Setup an emailaccount at posteo.de (change to english) using a random emailaddess as your login-name. Do not use that emailaddress for communicating; you have three free aliases. Use an anonymous payment method although they claim that they throw away the payment record right after payment: You can rely on the GCHQ to store information that makes you tracable. Use a very long, very strong password. Use that password to encrypt all your data so that they themselves can not access your data.

Use this account to synch contacts and calendars. Setup aliases to privately communicate with people. Use pgp (you could use your public key to automatically encrypt all incoming messages).

The storage space is 2 GB, so it's a good thing that spammers only know your public emailaddress. Do not ever post the posteo aliases on the internet to avoid spamming.

Check posteos website regulary, because my governemnt also has evil plans up their sleeve, so it is possible that they are required to data retention in the future. At the moment Germany has exempt emailproviders from data retention.

2. If you are sing windows, use true crypt or veracrypt.

If that is not an option due to gpt-formatted hdds or ssds, buy Windows 10 professional. Cheapest way is to buy windows 7 professional and use that key to install windows 10 using the media creation tool. Tone down every data collection as far as possible. Enable bitlocker. Enable strong pin at startup. Enable the best encryption; it is reduced per default. Do not store the recovery key online. Do not use the home edition as it will store the recovery key at microsoft without the chance to avoid that.

Use an local account and if neccessary only use a microsoft account for the store. That is possible.

Do not use cotana, it will only work with american providers for calendar and contacts anyway. Use thunderbird for contacts, calendar and email. Install pgp plugin.

3. Mobile use

On iOS use the standard programs to log into your calendar, email and contacts and notes at posteo, do not use icloud or gmail for calendar, notes or contacts. On android there is a synch tool for calendar and contacts. There are some reliable emailprograms on android, use them.

Use firefox to synch favorites and history. On chrome enable a strong password to encrypt the synching. I'd prefer firefox.

It goes without saying that you use signal for messaging and telephone. So you need a provider allowing voip and messangers. Maybe you should also look for a foreign voip provider that has no data retention and allows zrtp for private calls.

4. Vpn and tracking

As strange as it seems I would use freedome as they simply don't know your login name after the payment if you did not buy it digitally at an american or english company but directly at f-secure. Do not only rely on them to protect against tracking, install fsf privacy badger and https everywere on your favorite browser. A vpn protects against the bulk collection of every website visited as suggested by the british government.

5. What it's worth

All this will only stop the mass collection by the british government, it will not protect you against individual attacks. But as you wrote you are aware of the fact that circumventing big brother npmakes you a target, but you are correct that the goal is to make it costly to track everyone. It is worth the effort: If they cracked the safety precautions of the activists, all they achieve is to get uninteresting information.

Comment Re: Thats a ruling to keep the lawyers happy... (Score 2) 263

Short and simplified answer: Taking paparazzi photos in private situations and publishing them is already illegal in Germany.

Bad for the yellow press, but no big deal for the freedom of press (other laws and decisions are another matter entirely). The decision was made in compliance with basic rights that also apply to celebrities.

Slashdot Top Deals

Advertising is a valuable economic factor because it is the cheapest way of selling goods, particularly if the goods are worthless. -- Sinclair Lewis

Working...