The Guardian Project is an effort to increase the security of Android. A quote from the website:
The Guardian Project aims to create easy to use apps, open-source firmware MODs, and customized, commercial mobile phones that can be used and deployed around the world, by any person looking to protect their communications and personal data from unjust intrusion and monitoring.
Yes, that also raises the question why you read/answer encryption worthy emails via webmail but I would argue it is still an improvement that your key does not need to leave your machine.
Yesterday Tiffany Strauchs Rad who describes herself as a "hacker lawyer" gave a related talk at the 27th Chaos Communication Congress: https://events.ccc.de/congress/2010/Fahrplan/events/4236.en.html Recordings of this talk should be available soon.
At the end of her talk where a similar question was asked and her answer was more or less: "follow me on twitter (TiffanyRad)".
While there have been some commits regarding the RV670 chipset, it's does not seem to be working just yet.
AMD needs to keep it's promise and release more documentation before any 2D/3D acceleration can be implemented. Let's keep our fingers crossed...
Modularity brings flexibility but also introduces new attack vectors. It is quite possible that one of these vectors undermines the whole effort to secure the system because an attacker only needs one succesfull exploit while the "defender" would need to avert and disable every possible attack route.
There are various issues with LSM but one concern is that its symbols are exported. Thus, every rootkit and backdoor writer will will be able to use these hooks.
Honestly, I might be in the classification of people who don't understand, but I resent the implication of "incompetent". I really hate the idea that you have to be an all-knowledgeable ubergeek, or else stay completely away from computers. I understand your reaction but it might be worth noting that this discussion was not lead on some average joe internet forum but on the *rather* technical Linux Kernel Mailing List. It is fair to assume that the audience discussing this patch is able to follow the reasoning that preceded that statement. Alan Cox' reply did not just entail that one sentence. It might be worth to RTFA...
You can do that and much more with an Openmoko-phone http://openmoko.org/. Admittedly the software still needs quite some time to mature but it definitely will open great opportunities.
This has been discussed in the #Openmoko IRC-Channel on Freenode and it seems that Sun is using photoshopped GUI-Mockups. Apparently Sun is not in contact with FIC/OpenMoko-Devs...
*Disclaimer "hear, say" - no "official statement"*
And end-to-end encryption renders it completely useless anyway, unless it actually reads pre-encrypted stuff from memory.
I read the original newspaper article and it contains some more information. Apparently the software is accessing the microphone directly, so encryption will not help. On top of that, the software will be able to record audio by turning on the Mic even if there is no VoIP-Software running, etc.
The newspaper article also said that it was theoretically possible to do the same with Webcams but there are no plans to use this "feature". Not because of privacy concerns or any such thing but because many webcams have a LED that indicates the usage.
I assume this thing only runs on Windows PCs, but this is pure speculation.
It's really distressing how they could put together such a piece of software without even having any "sound legal basis" for it's usage. Usually it takes years to change things here in Switzerland, which is a good thing to a certain degree.
... it's just important for you to figure out what you want to do with your Computer. I've been using Gentoo for the past couple years and I learned a lot from it. You have to take care of all the "Details" (like USE-Flags) etc but as it says in the summary: It does what you tell it to do. So the first step for you is to figure out what you want to do.
There have been times when I wanted to trash my notebook because after I did an "emerge -u world" my config files were all screwed up etc. but because I installed Gentoo with the intention to learn more about computers and linux I asked in the gentoo forums or in the IRC-Channels and sure enough somebody would have an answer for me.
I have never recommended gentoo to people that wanted to see what this hole "linux thing" was all about. I told them to play around with Knoppix or install Ubuntu. If you tell them to try Gentoo because it's the distro "real geeks" use they will be very frustrated and turn their backs on linux etc. It's the same with Programming Languages: it is a tool and you have to choose the one that best satisfies your needs.
Slashdot Mirror
John Carmack mentioned Ada in the 2011 QuakeCon Q&A session: http://www.youtube.com/watch?v=00Q9-ftiPVQ#t=822s
I have been using Ada for the last 5 years professionally and for my personal project. Most of them can be found here http://www.codelabs.ch/ or here http://git.codelabs.ch/.
Google acquired Android Inc in 2005, so development had started before Sun opened up Java, see http://en.wikipedia.org/wiki/Android_(operating_system).
The Guardian Project aims to create easy to use apps, open-source firmware MODs, and customized, commercial mobile phones that can be used and deployed around the world, by any person looking to protect their communications and personal data from unjust intrusion and monitoring.
https://guardianproject.info/
Here is a link to their February project update to give you an idea what they are working on: https://guardianproject.info/2012/02/09/february-2012-project-update/
Yes, that also raises the question why you read/answer encryption worthy emails via webmail but I would argue it is still an improvement that your key does not need to leave your machine.
Encrypting mails you send via webmail without having copy your keys on the server sounds like reasonable usecase.
He makes some interesting points on EFF's SSL Observatory mailinglist: https://mail1.eff.org/pipermail/observatory/2011-March/000138.html
Hi, check out the guardian project http://guardianproject.info/ which is aimed at mobile security for Android.
Yesterday Tiffany Strauchs Rad who describes herself as a "hacker lawyer" gave a related talk at the 27th Chaos Communication Congress: https://events.ccc.de/congress/2010/Fahrplan/events/4236.en.html Recordings of this talk should be available soon. At the end of her talk where a similar question was asked and her answer was more or less: "follow me on twitter (TiffanyRad)".
You get what the subsystem maintainers merge into their trees and what Linus in turn merges into his tree so...
Let's hope TPB have a better plan than to hand over their whites as ransom money...
Yes, officially it's "Linus 2.6.29-rc4" see http://lkml.org/lkml/2009/2/8/129 ;)
The original change was tracked in the debian Bugtracking system at: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363516
The offending patch: http://svn.debian.org/viewsvn/pkg-openssl/openssl/trunk/rand/md_rand.c?rev=141&view=diff&r1=141&r2=140&p1=openssl/trunk/rand/md_rand.c&p2=/openssl/trunk/rand/md_rand.c
The fix: http://svn.debian.org/viewsvn/pkg-openssl/openssl/trunk/crypto/rand/md_rand.c?rev=300&view=diff&r1=300&r2=299&p1=openssl/trunk/crypto/rand/md_rand.c&p2=/openssl/trunk/crypto/rand/md_rand.c
While there have been some commits regarding the RV670 chipset, it's does not seem to be working just yet.
AMD needs to keep it's promise and release more documentation before any 2D/3D acceleration can be implemented. Let's keep our fingers crossed...
those people that don't understand the "private" in "private key" I guess.
nothing for you to see, move along.
Modularity brings flexibility but also introduces new attack vectors. It is quite possible that one of these vectors undermines the whole effort to secure the system because an attacker only needs one succesfull exploit while the "defender" would need to avert and disable every possible attack route.
There are various issues with LSM but one concern is that its symbols are exported. Thus, every rootkit and backdoor writer will will be able to use these hooks.
Here are some interesting statements from security related projects and why they decided against supporting LSM: http://grsecurity.net/lsm.php, http://www.rsbac.org/documentation/why_rsbac_does_not_use_lsmYou can do that and much more with an Openmoko-phone http://openmoko.org/. Admittedly the software still needs quite some time to mature but it definitely will open great opportunities.
This has been discussed in the #Openmoko IRC-Channel on Freenode and it seems that Sun is using photoshopped GUI-Mockups. Apparently Sun is not in contact with FIC/OpenMoko-Devs... *Disclaimer "hear, say" - no "official statement"*
Sign up for the Neo1973 of the Openmoko-Project and implement it yourself! The phone has integrated (A)GPS.
:)
Check out http://openmoko.org/. The only open phone there is
I hate to be pedantic, but the country's name is Switzerland not Swiss.
I read the original newspaper article and it contains some more information. Apparently the software is accessing the microphone directly, so encryption will not help. On top of that, the software will be able to record audio by turning on the Mic even if there is no VoIP-Software running, etc.
The newspaper article also said that it was theoretically possible to do the same with Webcams but there are no plans to use this "feature". Not because of privacy concerns or any such thing but because many webcams have a LED that indicates the usage.
I assume this thing only runs on Windows PCs, but this is pure speculation.
It's really distressing how they could put together such a piece of software without even having any "sound legal basis" for it's usage. Usually it takes years to change things here in Switzerland, which is a good thing to a certain degree.
... it's just important for you to figure out what you want to do with your Computer. I've been using Gentoo for the past couple years and I learned a lot from it. You have to take care of all the "Details" (like USE-Flags) etc but as it says in the summary: It does what you tell it to do. So the first step for you is to figure out what you want to do.
There have been times when I wanted to trash my notebook because after I did an "emerge -u world" my config files were all screwed up etc. but because I installed Gentoo with the intention to learn more about computers and linux I asked in the gentoo forums or in the IRC-Channels and sure enough somebody would have an answer for me.
I have never recommended gentoo to people that wanted to see what this hole "linux thing" was all about. I told them to play around with Knoppix or install Ubuntu. If you tell them to try Gentoo because it's the distro "real geeks" use they will be very frustrated and turn their backs on linux etc. It's the same with Programming Languages: it is a tool and you have to choose the one that best satisfies your needs.
-KensanYou must be from Micro$oft since you clearly posted the Link so it would get slashdotted.