Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re: Really? (Score 1) 146

It is this easy: Apple closed the backdoors they had left open for your spooks in iOS 8 after the Snowden-files.

Snowden claims that apple does the right things (can't trust their cloud, but there are secure alternatives as caldav, carddav and IMAP for notes are ssupported out of the box). Android is way (!) more insecure, leaving encryption keys on wiped devices and supporting the way more insecure cloud from google.

I do not trust apple, they had their hands in the cookie jar until iOS 8. But I do trust the international hero Snowden. He claims apple is doing the right things at the moment. To my knowledge, he is right.

You are just a random guy. Slashdot is still about credibility. Your carma shows you have none. Maybe you should think about that and why we trust a REAL security expert like snowden with first hand experience in your governments capabilities WAY more than we trust random loser koan?

I gladly sacrifice some carma for this ;)

Comment Re: Really? (Score 1) 146

It is this easy: Apple closed the backdoors they had left open for your spooks in iOS 8 after the Snowden-files.

Snowden claims that apple does the right things (can't trust their cloud, but there are secure alternatives as caldav, carddav and IMAP for notes are ssupported out of the box).

Android is way (!) more insecure, leaving encryption keys on wiped devices and supporting the way more insecure cloud from google and security fixes usually require to buy a new phone or wait indefinitely for the manifacturer after (!) the fix made it in the vanilla android ftom Google, while apple still supports the iphone 4s from 2011.

I do not trust apple, they had their hands in the cookie jar until iOS 8. But I do trust the international hero Snowden. He claims apple is doing the right things at the moment. To my knowledge, he is right.

You are just a random guy.

Slashdot is still about credibility, although it changed a lot. Your carma shows you have none. Maybe you should think about that and why we trust a REAL security expert like snowden with first hand experience in your governments capabilities WAY more than we trust random loser koan?

I gladly sacrifice some carma for this ;)

Comment Re: Torn (Score 1) 405

iPhones are only secure within themselves. If I send you a text, that's open and easily interceptable.

1. Sending a message from one iPhone to another: Not interceptable.
2. Sending a message or calling via Signal from Open Whisper Systems: Not interceptable
3. Using an encrypted carddav- and caldav-provider: Data not accessible as it is encrypted with my long and complex password
4. Using firefox to synch browserdata: Not accessible as it is encrypted end-to-end

So what do you mean by "only secure within themselves"?

Comment Re: Better question (Score 1) 212

I think Apple is right, because this is just the beginning. But what they actually want is a software to circumvent the wiping after 10 tries and the delay between the tries.

They are not yet asking to circumvent the encryption. If the guy used a strong password, the spooks will still have no access.

But of course there is evidence that the government just waits for the next attack to finally get the real backdoor in every device.

We are not banning encryption, we are banning end-to-end encryption as long as there is no accessible server involved and encryption of devices. Just like Skype: The communication is decipherable on the server.

That wouldn't hurt online trade: To access the server of banks or distributors is already legal, so move along, nothing to see here.

Comment My suggestions (Score 1) 192

1. Separate private contacts and public contacts

Use gmail with two-factor authentification for amazon, itunes, netflix, etc. As the government has access to everything you do there having the security compromised, do not try to hide it. At least google does a good job protecting the product (you) from being infiltrated by private crooks, use it to protect against daisy chain attacks against password recovery identity theft. They offer you a big mailbox and unusual usage invokes their automatic protection systems, use it. Do not use outlook.com.

Setup an emailaccount at posteo.de (change to english) using a random emailaddess as your login-name. Do not use that emailaddress for communicating; you have three free aliases. Use an anonymous payment method although they claim that they throw away the payment record right after payment: You can rely on the GCHQ to store information that makes you tracable. Use a very long, very strong password. Use that password to encrypt all your data so that they themselves can not access your data.

Use this account to synch contacts and calendars. Setup aliases to privately communicate with people. Use pgp (you could use your public key to automatically encrypt all incoming messages).

The storage space is 2 GB, so it's a good thing that spammers only know your public emailaddress. Do not ever post the posteo aliases on the internet to avoid spamming.

Check posteos website regulary, because my governemnt also has evil plans up their sleeve, so it is possible that they are required to data retention in the future. At the moment Germany has exempt emailproviders from data retention.

2. If you are sing windows, use true crypt or veracrypt.

If that is not an option due to gpt-formatted hdds or ssds, buy Windows 10 professional. Cheapest way is to buy windows 7 professional and use that key to install windows 10 using the media creation tool. Tone down every data collection as far as possible. Enable bitlocker. Enable strong pin at startup. Enable the best encryption; it is reduced per default. Do not store the recovery key online. Do not use the home edition as it will store the recovery key at microsoft without the chance to avoid that.

Use an local account and if neccessary only use a microsoft account for the store. That is possible.

Do not use cotana, it will only work with american providers for calendar and contacts anyway. Use thunderbird for contacts, calendar and email. Install pgp plugin.

3. Mobile use

On iOS use the standard programs to log into your calendar, email and contacts and notes at posteo, do not use icloud or gmail for calendar, notes or contacts. On android there is a synch tool for calendar and contacts. There are some reliable emailprograms on android, use them.

Use firefox to synch favorites and history. On chrome enable a strong password to encrypt the synching. I'd prefer firefox.

It goes without saying that you use signal for messaging and telephone. So you need a provider allowing voip and messangers. Maybe you should also look for a foreign voip provider that has no data retention and allows zrtp for private calls.

4. Vpn and tracking

As strange as it seems I would use freedome as they simply don't know your login name after the payment if you did not buy it digitally at an american or english company but directly at f-secure. Do not only rely on them to protect against tracking, install fsf privacy badger and https everywere on your favorite browser. A vpn protects against the bulk collection of every website visited as suggested by the british government.

5. What it's worth

All this will only stop the mass collection by the british government, it will not protect you against individual attacks. But as you wrote you are aware of the fact that circumventing big brother npmakes you a target, but you are correct that the goal is to make it costly to track everyone. It is worth the effort: If they cracked the safety precautions of the activists, all they achieve is to get uninteresting information.

Comment Re: Thats a ruling to keep the lawyers happy... (Score 2) 263

Short and simplified answer: Taking paparazzi photos in private situations and publishing them is already illegal in Germany.

Bad for the yellow press, but no big deal for the freedom of press (other laws and decisions are another matter entirely). The decision was made in compliance with basic rights that also apply to celebrities.

Comment Why I will try it (Score 1) 96

For me, using iOS and waiting for Firefox on iOS was a conscious choice, and I will try to explain why I disagree with the majority here that the synching feature is unimportant because FF on iOS is using Gecko:

- On iOS > 8 Apple is encrypting the important files with the user password, so that they can not circumvent the encryption. So I can be shure that when entering a fife eyes state without a resetted device I will only be sent home when asked for my password for my switched of iPhone, not having the content compromised. That is a "best effort" against border bullies, not a solution against the NSA specifically targeting me. IOS throws away the key if the password was entered wrong ten times, leaving the phone unreadable. Workaround is to reboot directly after every attempt, good luck with a complex password. On Android, the encryption key is readable even after factory reset on many devices.

- Safari synch is NOT encrypted end-to-end, making it possible for secret services to mass collect the data of peoples browsing history and bookmarks. Firefox is encrypting the synch end-to-end. That is why I deactivated this feature on Safari and waited for Firefox on iOS. The slow rendering speed is annozing, but every security improvement on standard devices comes with disadvantages. It is a matter of how much convinience could be traded for what gain in security.

- On iOS, I could synch the address book, the calendar and tasks with any standard caldav or carddav service. Like posteo.de, which does not know it's customers and offers me the possibility to encrypt everything with my password. On Android, I will need to install third party software to do that.

Doing the best to protect my privacy including using vpn from time to time does not mean that I am dark to the secret services. But making it harder for them is important. That is why I chose iOS over Android despite the annoying golden cage and that is why I choose Firefox over Safari despite the fact that the rendering time is slower because it needs to use a crippled safari rendering engine. Oh, and I do not trust chrome synch, although it offers password protected synch.

Filtering ads is one thing, I use privacy badger on the desktop and a vpn that only knows my serial number to stop trackers, because this data is collected in large quantities by the secret services.

All of this is best effort to avoid mass collection and Apple has no clean record at all:

- Up until iOS 8, the most interesting data (messages, browsing history, address book) was only encrypted with the cpu-password, so the data was readable once the iPhone was connected to a computer containing the right tools.

- icloud security is a joke. The data is not encrypted with a user specific key, making bulk collection easy. Except for the backup, which can be encrypted, but I won't trust a cloud backup to store the most important passwords.

- icloud is mandatory for notes starting iOS 9, making it risky to use it. I will need to use a third party app and vpn to my personal cloud at home in order to synch. Before that, it could easily be synched with my more trustworthy IMAP-provider.

- Synching photos and safari can only be done with icloud, which is a mess.
Thank you, apple.

Apple over Android, because black phone as an alternative is expensive and the loss in convinience is too big for me. Firefox over Safari because I want to synch on multiple devices without mass collection. I do not think that the world is black and white.

But people have a choice to make it harder for "them". Block trackers so that using services like facebook responsibly is possible without being tracked on multiple sites. Try to synch more secure instead of giving the information freely to the mass collectors or losing any modern convinience. That is not easily possible with safari, but with firefox.

That is why I do not agree with people claiming that the slower rendering of FF on iOS using webkit is a deal breaker. That is why I do not find the choice between Android and iOS so easy, everything comes with a price.

Comment Re:This has always been a big pile of hysteria. (Score 1) 86

How could this possibly be? How could we assume that he is an orwellian Big Brother, conpiring with the USA to build an orwellian, fascist surveillance scheme?

Because of reports like this? https://theintercept.com/2015/...

Because there is nothing holding back the GCHQ from intersepting everything including porn use to denounce any resistance? Because the GCHQ has already infiltrated legal NGOs to undermine and control those "terrorist" NGOs like Amnesty International?

http://www.theguardian.com/uk-...

Because after laying waste to the middle east he leaves the refugees to the other european countries?

Because he already annnounced that if the european human right standards might hinder his orwellian fantasies, he considers abondoning these standards and replace them with his british version?

http://www.huffingtonpost.co.u...

Because he does not even think that UN human right standards might also apply to his government?
http://www.welfareweekly.com/c...

Under which rock have you lived since the release of the Snowden files?

Every european country installed an orwellian surveillance scheme. But this government and his system to me as a foreigner seems to be by far the worst. They stop at nothing.

That is why I highly doubt he will be able to really compromise. He uses 1984 as a how to manual, even going to war with changing coalitions to keep the system going. But even George Orwell was not foreseeing a time when people buy their bugging devices and waiting in line to get their bug.

Comment Re:Bottom line (Score 1) 86

Not true. This Data is not encrypted by the users password or a separate encryption key. iMessage is encrypted end-to-end.

Emails, calendar, notes, address book, photos, unencrypted backup are not encrypted with a key apple has no access to on the icloud. You could encrypt the backup with a special password, the other stuff is NSL-able.

You could use posteo.de or similar services for emails, calendar and address book and encrypt the stored data with the password for login. That is easy because apple uses standards (IMAP, cardDAV, calDAV) for these services.

Notes were stored with IMAP up until iOS 8, so you could rescue it from GCHQ and NSA. This no longer works with iOS 9, icloud is obligatory. So one could only switch the app for taking notes and store ist elsewere.

There is no way to securely stream your photos automatically that I am aware of. Switch it off or make them freely available, because icloud is not secure.

I would not trust the backup to be safe at apple even if it were enrypted, this encryption surely is one of the main targets for the NSA, I am shure.

Comment We are doomed! (Score 0) 421

Ok. So the oceanian slashdotters here in their majority believe the following:

- Renewable energy, despite the fact that solar and wind plants became more and more effective since the 80s (when being "green" became popular over voters from the far left to the far right) and batteries and other means of energy storage became more and more effecient, is doomed from the get go. You are shure of that.
- Germany will not be able to turn it's energy production around. It is doomed!

You know what? We have a lot of denates here on how (!) to change energy production from fossils and nuclear power to renewable energy. We are quite confident it can be done. It won't be cheap, there will be heated debates. But the goal in itself is not really challenged. We want our hippie energy, period. If a nuclear power plant blows up in the highly populated Germany, the results to us are not acceptable.

We will see in 20 years time who was right. But might I suggest that I am quite shure there will be a way.

It will be more expensive than neccessary, because there will be compensations for the nuckear and fossil power plants that are going out of business (lobbying) and the needed additional energy lines buried into the ground because of local governments being egocentric assholes.

There will be debate. But the goal that we want nuclear power plants to go out of business and renewables to be the main energy source is mostly undisputed because - gasp - there was a grass root movement starting in the 80s that was so popular that every party here has to be environmental friendly to some extend (the conservatives struggling to keep up, but if politicians actally start to lose poltical power they tend to get the message eventually).

And 20 years from now we might meet again at whatever slashdot has become and maybe we will concede it was such a bad idea and that we suddenly suck at engeneering and organising and that the oceanean slashdotters were right from the get go. But maybe... not. Maybe we will look back at the struggles and agree it was worth it.

I know that american people have a problem with health insurance, working public transport and a infrastructure that is not rotten from the core because that is socialism. But despite the permanent lobbying from neo liberals the basic fact remains that the constitution states we are a social and federal state and that most people here would not touch your unsolidaric society and wasteful lifestyle with a ten foot pole.

I know it's not accurate, but this preety much sums up how we see the USA http://youtu.be/VMqcLUqYqrs . Unfair, I know. But then again - I am not so super punctual and I never wear lederhosen, so go figure.

Comment Re: Risk Assessment (Score 1) 182

Mod parent more up. Exactly this. It is basic project management. If the danger is "seize to exist", you'll need to avoid that danger, even if the chance is low. Insurance, for instance. You are nat supposed to accept that risk.

Look it up, even his equation is basic project management.

We have the means to avoid this

Slashdot Top Deals

The clash of ideas is the sound of freedom.

Working...