Technology

A sad loss for security

Monday, July 20, 2015

Whisper systems wrote the very useful TextSecure app for Android. It had a great feature of encrypting text messages, a standard communication modality in much of the world and one I rely on often. I have previously suggested it is a good tool.

The last “update” removed the ability to establish new encrypted chats over SMS and, it appears, the next will remove the function entirely. For me, this change substantially reduces the utility of the app.

Reading their arguments for doing so, I find myself disagreeing with their justifications. I understand there was some complexity in establishing encrypted SMS, but frankly initiating a one-time key exchange was about as easy as encrypted communication gets. That iOS users can’t play along is pretty irrelevant: iOS isn’t exactly the platform for secure communications anyway, you carry iOS devices when you want to impress people with your brand awareness, not get things done. That people occasionally end up with a conversation that is half-encrypted seems annoying but hardly all that problematic. The person that uninstalled the app will try to send messages in the clear, not the person who is still running it and a partial session. I can see the annoyance, but not any security leak.

I think the final result is somewhat dangerous. The first incarnation used SMS as the starting point, and once a secure communications were established, if available, coms moved transparently to the data channel. If not, it stayed with SMS. As I work in a place where data service is frequently disabled, this was the most reliable non-voice communication protocol.

Now SMS is unencrypted and data-mode communication is encrypted. You have to remember which is which and that is dangerous.

If they don’t restore encrypted SMS functionality, I will switch back to the standard SMS app, which is insecure SMS only and so not confusing and use chat secure or xabber for encrypted data communications so the difference is clear. You’re probably going to run a jabber-based chat tool anyway chat secure’s Tor integration makes it a better choice for data-mode chat while text secure no longer does anything particularly useful over the default app for SMS-mode nor anything particularly unique for data mode.

Posted at 00:53:41 GMT-0700

Category: Cell phones • Security

Better Cabling May Fix The Internet

Sunday, February 8, 2015

Do you find that the internet seems harsh? Do you find Facebook unclear and that it lacks dynamic contrast? Is there less detail than there should be? Do you notice a loss of energy from the Internet?

It might all come down to the network cables themselves.

Well designed cables like these have perfect-surface extreme-purity silver conductors minimizing distortion caused by grain boundaries in inferior OFHC, OCC, or 8N conductors for better clarity and reduced harshness. Explanations and arguments will be both more clearly constructed and less confrontational.

Noise and other distractions are reduced by a 3-layer noise dissipation system, not just shielding your data but preventing modulation of your ground plane by noisy RFI. Even more problematically for those doing research on the web, the untested orientation of standard network cables results in inferior data quality.

Standard network cables either don’t enforce orientation of the pairs at all (Cat 5e and below) or merely segregate pairs with a flexible spacer (Cat 6 and above). These cables use solid polyethylene insulation to ensure critical geometry is preserved to minimize phase errors. Phase errors can easily result in Doppler shifts manifest in either an unnaturally shrill tone or affected bass (sometimes manifest as “mansplaining”).

Most remarkably, the dielectric bias system puts a 72V bias on the insulation and thus organizes the molecules of the insulation to minimize energy loss which creates a surprisingly black background, more essential than ever in the wake of Ferguson.

Only $10,521 for a 12m cable. Now that the internet has become our primary source of information, understanding, and personal communication this is a tiny price to pay for clear, undistorted data.

Posted at 19:24:18 GMT-0700

Category: Odd • Technology

Cordless Mice?

Tuesday, April 19, 2011

Apparently the FAA has decided that cordless mice with their nanowatts of transmit power represent a risk to airplanes. Discussion forums contemplate that the FAA is concerned they could be used to trigger explosives in the hold (when they outlaw cordless mice, only outlaws will have cordless mice). Perhaps they found a cordless mouse that used a spark gap transmitter and so banned the whole class.

BTW, this is being posted via gogo inflight, the wireless radio on my laptop also uses 2.4ghz unregulated and could be 200mw and who knows who made it (same frequency band, 3 or 4 orders of magnitude more RF power).

While I’ve dealt with worse, I am on occasion reminded of just how awesome the air bureaucracy in this country really is.

On the plus side, the new digEplayers on the PS flights are pretty nice and a big improvement. Plus they actually run on battery now.

Posted at 05:24:22 GMT-0700

Category: Planes • Travel

Welcome Home

Tuesday, February 15, 2011

After flying out of dusty airports with bullet holes in the windows on time, after passing through gauntlets of guards for whom “ankle holster” is an acceptable excuse for setting off the metal detector – all of whom were pleasant, and a few ear protectors put on “habibe” terms, it is a bit of a shock to land in the US where DHS shouts at passengers angrily, despite having run zero risk of IEDs to get to work and potable water running out of their taps at home, and flights delayed by 30 minutes on the runway for bad traffic management, not rockets.

Appreciate it, people are still dying for it.

Posted at 06:54:24 GMT-0700

Category: Mil • Politics

Fixed Graphics Card

Sunday, January 9, 2011

Seven New Capacitors, some desoldering (one replacement solder sucker), and a little soldering back and the card is better than new. Note the 10V upgrade too. They’re a little tall, but AGP cards usually have plenty of room. The extra headroom cost several cents.

If you discover that your silvery FZ (saicon) caps are blown up, just replace em. It’s part of the adventure of modern computing.

Posted at 23:27:31 GMT-0700

Category: Fabrication

Opting Out for Privacy

Friday, December 3, 2010

There’s a great story at the wall street journal describing some of the techniques that are being used to track people on line that I found informative (as are the other articles listed in the series in the box below). EFF is doing some good work on this; your browser configuration probably uniquely identifies you and thus every site you’ve ever visited (via data exchanges). Unique information about you is worth about $0.00_1. Collecting a few hundred million 1/10ths of a cent starts to add up and may end up raising your insurance premiums.

One of the more entertaining/disturbing tricks is to use “click jacking” to remotely enable a person’s webcam or microphone. Is your computer or network running slowly? Maybe it is the video you’re inadvertently streaming back (and maybe you just have way too many tabs open…)

A few things you can do to improve your privacy include:

Opt out of Rapleaf. Rapleaf collects user information about you and ties it to your email address. You have to opt out with each email address individually, which almost certainly confirms to them that all your email addresses belong to the same person. You might want to use unique Tor sessions for each opt out if you don’t want them to get more information than they already have via the process.
Opt out at NAI. This is a one stop shop for the basic cookie tracking companies that are attempting to be semi-compliant with privacy requests. If you enable javascript for the site (which would be disabled by default if you’re using scriptblocker) then you can opt out of all of them at once. Presumably you have to return and opt out again every time a new company comes along.
Use Tor for anything sensitive. If you care about privacy, learn about Tor. It does slow browsing so you have to be very committed to use it for everything. But the browser plug in makes it pretty easy to turn it on for easy browsing.
Don’t use IE for anything personal or important.
Run SpyBot Search and Destory regularly. Spybot helps block BHOs and toolbars that seem to proliferate automagically and helps remove tracking cookies. You’ll be amazed at how many are installed on your system. I have used or not used TeaTimer. I’m less excited about having a lot of background tools, even helpful ones than I used to be. Spybot currently starts out looking for 1,359,854 different known spywares. Yikes.
Check what people know about you: Google will tell you, so will Yahoo. Spooky.
Use firefox. If for no other reason than the following plugins (personally, it is my favorite, but I know people who favor chrome or even rockmelt, but talk about tracking!) Just don’t use IE.
Use the private browsing mode in your browser (CTRL-SHIFT-P in FireFox). It’d be nice if you could enable non-private browsing on a whitelist basis for sites you either trust or have to trust. We’ll get there eventually…
TACO should help block flash cookies.
Install noscript to block scripts by default. You can add all your favorite sites as you go so things work. It is a pain in the ass for a while, but security requires vigilance.
Install adblock plus. It helps keep the cookies away. It also reduces ad annoyance. You can enable ads for your favorite sites so they can pay their colo fees.
Add HTTPS Everywhere from EFF. The more your connections to sites are encrypted, the less your ISP (and others) can see about what you’re doing while you’re there. Your ISP still knows every site you visit, and probably sells that information, but if your sessions are encrypted they don’t see the actual text you type. It also makes it harder for script kiddies to grab your passwords at the cafe.

Posted at 02:44:43 GMT-0700

Category: Politics • Privacy • Security • Technology

Recent Posts
- A one page home/new tab page with random pictures, time, and weather 2024 April 11
- Putting ccache on a backed RAM disk to speed compiles 2024 March 16
- Audio File Analysis With Sox 2024 February 07
- Manually Update Time Zone Data on Android 10 2023 October 31
- Autodictating to self using Whisper to preserve privacy 2023 August 17
- Projecting Qubit Realizations to the Cryptopocalpyse Date 2023 August 04
- AI PSYOPS are changing strategic messaging 2023 July 29
- Convert A Slideshow/Presentation into HTML 5 Video 2023 July 23
- Mobotix Notifier in Python – get desktop messages from your cameras 2023 June 06
- Get a desktop alert when Thunderbird gets constipated 2023 May 29
Categories
Categories
Links
Search
Search for:
Archives
Archives
Post History
April 2024

M T W T F S S

1 2 3 4 5 6 7

8 9 10 11 12 13 14

15 16 17 18 19 20 21

22 23 24 25 26 27 28

29 30

« Mar