An entire article's worth of lip service?
“I’m agnostic about this,” he says, “I don’t really care if Silent Circle
captures this market, just as long as somebody does.”
I spent the entire interview with the Verge writer complaining about the
crappy security delivered by the wireless carriers,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
micah anderson:
I can't wait for the day when Google accidentally pushes an update
out that actually bricks their devices, because when that happens,
there is no way to simply reinstall the OS from scratch. --
Unsubscribe, change to digest,
On 02/07/2013 04:42 AM, Nadim Kobeissi wrote:
Actual headline.
http://www.extremetech.com/mobile/147714-cryptography-super-group-creates-unbreakable-encryption-designed-for-mass-market
NK
Notionally there is no unbreakable encryption.
Practically there is a unbreakable encryption (AES,
On Thu, Feb 7, 2013 at 11:41 AM, Andreas Bader noergelpi...@hotmail.de wrote:
Notionally there is no unbreakable encryption.
Practically there is a unbreakable encryption (AES, SHA-3); our
standarts are more than adequate.
The risk with encryptions is more the possibility of a hardware hack.
Am 07.02.2013 00:30, schrieb André Rebentisch:
Hi,
Tomorrow, Thursday, a proposal for an EU Cyber Directive is supposed to
get released. To be known as a proposed NIS (network and information
security) Directive.
Here is the fish:
On 02/07/2013 11:58 AM, Jens Christian Hillerup wrote:
On Thu, Feb 7, 2013 at 11:41 AM, Andreas Bader noergelpi...@hotmail.de
wrote:
Notionally there is no unbreakable encryption.
Practically there is a unbreakable encryption (AES, SHA-3); our
standarts are more than adequate.
The risk with
Ali-Reza Anghaie a...@packetknife.com wrote:
A VZW employee was nice enough to reach out off list - wanted to remain
anonymous - says that the international SIMs they send for you to put in
overseas Nexus devices won't tether. Ever. No matter what I'm told
otherwise.
Anyhow.. enough of
Small follow-up:
Maybe it's true I look like my goal here is just to foam at the mouth at
Silent Circle. Maybe it looks like I'm just here to annoy Chris, and I'm
truly sorry. These are not my goals, even if my method seems forced.
I've tried writing multiple blog posts about Silent Circle,
Hello all,
I'm no sec expert but to me, it's so obvious that Nadim is right on this.
Perhaps the form is not perfect, but if he's the only one fighting for our
own sanity here, as he says, that's no surprise.
We should all be asking Silent Circle to commit to their statement and show
us the
On Thu, Feb 7, 2013 at 10:31 AM, Nadim Kobeissi na...@nadim.cc wrote:
I've tried writing multiple blog posts about Silent Circle, contacting
Silent Circle, asking journalists to *please* mention the importance of
free, open source in cryptography, and so on. All of this has failed. It
has
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Nadim Kobeissi:
Small follow-up: Maybe it's true I look like my goal here is just
to foam at the mouth at Silent Circle. Maybe it looks like I'm just
here to annoy Chris, and I'm truly sorry. These are not my goals,
even if my method seems
Brian Conley:
Micah,
Perhaps you can tell us the secret to convince all family members and
colleagues to become Linux hackers able to be completely self-sufficient
managing their own upgrades and modifications indefinitely?
Stop supporting the use of non-free software? We're all part of the
T N:
The word Linux doesn't refer to anything, other than maybe the kernel.
Chrome OS is linux. But it's a massively stripped down distribution that
has a radical design, including the fact that it will ONLY run if all of
the cryptographic checks are verified from the root of trust. That
On Wed, Feb 6, 2013 at 5:16 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
Most of arguments I've heard here boil down to privileged wealthy people
complaining that learning and mutual aid or solidarity is simply too
hard. The worst is when people who train people in risky situations make
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jens Christian Hillerup:
Hear-hear. They don't need to open-source their software to
convince me, as long as they are open about their protocol at
least.
And what if there's a second set of decryption master keys? You're
willing to trust them
On Wed, Feb 6, 2013 at 5:16 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
This is hilarious.
I would *never* use a laptop that lacks a way to protect all your
traffic (eg: VPN/Tor/SSH tunnel/etc) in a place with serious
surveillance as an at risk person. Not only because the remote
Can Silent Circle promoters explain why Zimmerman is excused from
Kerckhoffs's principle?
Is it because something unverifiable is allegedly better than nothing?
Even if we had divine knowledge to tell us Silent Circle is secure,
isn't it an overriding problem to encourage lock-in of closed source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Douglas Lucas:
Is it because something unverifiable is allegedly better than
nothing? Even if we had divine knowledge to tell us Silent Circle
is secure, isn't it an overriding problem to encourage lock-in of
closed source being acceptable for
On Wed, Feb 6, 2013 at 5:16 PM, Jacob Appelbaum ja...@appelbaum.netwrote:
A persistent backdoor on your Chromebook is not actually impossible.
As Nate (?) pointed out, hardware backdoors wouldn't be all that
difficult to implement, especially for someone who travels a lot. A ten
minute delay
On Thu, Feb 7, 2013 at 8:36 AM, Douglas Lucas d...@riseup.net wrote:
Can Silent Circle promoters explain why Zimmerman is excused from
Kerckhoffs's principle?
Is it because something unverifiable is allegedly better than nothing?
Even if we had divine knowledge to tell us Silent Circle is
Jake, you absolutely cannot equivocate your situation with most at-risk
people for several reasons.
Er, correction, I meant that you cannot treat the situations equally. And
by jettison software, I meant jettison Hardware.
Sorry, I can't brain today, I have the dumb.
best,
Griffin
--
Chris,
You have repeatedly stood up asking VoIP software to be more transparent
about their encryption. You have repeatedly stood up when the media
overblew coverage into hype.
I've never asked Skype to release the source code to their products, nor
have I berated Apple, Facebook or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
scarp:
Douglas Lucas:
Is it because something unverifiable is allegedly better than
nothing? Even if we had divine knowledge to tell us Silent
Circle is secure, isn't it an overriding problem to encourage
lock-in of closed source being
On Thu, Feb 7, 2013 at 9:12 AM, Christopher Soghoian ch...@soghoian.net wrote:
My area of research is the intersection of law, policy and technology. As
such, I am most interested in companies' surveillance policies, their
commitment to transparency, and their stated willingness to tell the
On Thu, Feb 7, 2013 at 12:12 PM, Christopher Soghoian ch...@soghoian.netwrote:
What I resent though, is Nadim's repeated, malicious attempts to drag my
name through the mud, simply because I will not join his witch hunt against
Silent Circle. Since he cannot find a single example of me saying
Alchemy is to chemistry, astrology is to astronomy, as closed-source
is to open source.
Closed-source is intellectual fraud. It is the equivalent of an academic
paper which has a synopsis and conclusions -- but nothing else. No honest
reviewer would ever approve such tripe for publication in a
*Call for papers: Special issue on ICT and Development in Africa*
(Information Technology for Development)
*Deadline:* March 1, 2013
*More:* Submission
Inline below..
On Thu, Feb 7, 2013 at 11:34 AM, scarp sc...@tormail.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jens Christian Hillerup:
Hear-hear. They don't need to open-source their software to
convince me, as long as they are open about their protocol at
least.
Douglas, I'm not sure many people are disagreeing with the end-goals and
even Zimmerman acknolwedges the window for verifiable source proof is
closing fast (longer than many would have liked as-is).
My comments to Nadim are coming from a tact perspective - if the goal is to
gain wider adoption
Nadim Kobeissi:
On Wed, Feb 6, 2013 at 5:16 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
This is hilarious.
I would *never* use a laptop that lacks a way to protect all your
traffic (eg: VPN/Tor/SSH tunnel/etc) in a place with serious
surveillance as an at risk person. Not only because
Griffin Boyce:
On Wed, Feb 6, 2013 at 5:16 PM, Jacob Appelbaum ja...@appelbaum.netwrote:
A persistent backdoor on your Chromebook is not actually impossible.
As Nate (?) pointed out, hardware backdoors wouldn't be all that
difficult to implement, especially for someone who travels a
Just as a reminder, please let's all try to refrain from engaging in any
personal attacks. We're all build and use liberationtech to make a
difference in various ways, and we're bound to have disagreements. But
let's not forget that we're all working toward the same broad goal of
making people's
And even the proponents already have. Here, elsewhere, .. Nobody is happy
at technically ignorant gee-whiz journalism.
The discussion has been, a few times now, how we tend to speak out about
it. And what busses people on the same side seem willing to throw each
other under. Gods know why. -Ali
On Thu, Feb 7, 2013 at 5:34 PM, scarp sc...@tormail.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jens Christian Hillerup:
Hear-hear. They don't need to open-source their software to
convince me, as long as they are open about their protocol at
least.
And what if there's a
The latest unbreakable even by a supercomputer article includes artistic,
black and white photographs of Phil Zimmermann and John Callas:
“I tell them go ahead and use Skype — I don’t even want to talk to you.
This is for serious people interested in serious cryptography,” Zimmermann
said. “We are not Facebook. We are the opposite of Facebook.”
I do have to wonder why they've twice mentioned embargoes countries they
couldn't sell to legally anyway.
Is there something I'm missing about ~selling~ dissidents solutions in Iran
and NK? US Government have an exception for that? -Ali
On Feb 7, 2013 4:38 PM, Nadim Kobeissi na...@nadim.cc wrote:
On Wed, Feb 6, 2013 at 2:16 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
It runs software that is in Debian, the GNU/Linux operating system. I
know, I've written some of it (eg: tlsdate). They do a good job of
locking things down but it is basically just another distribution of Linux.
I
The other things I meant to add:
Most Linux distro's are not running with their executable code on a
readonly filesystem, and it takes some effort to convert to a RO
configuration.
Also you can not login to a stock Chrome OS device as root. That account
has logins disabled. You have to flip to
Is there something I'm missing about ~selling~ dissidents solutions in
Iran and NK? US Government have an exception for that? -Ali
There is a Favorable Licensing Policy for Iran on Internet Freedom that
specifically mentions Fee-Based Internet Communication Services, although
since published in
UAE - Etisalat, nexus 4 - tethering was easy once the data plan was procured.
That, however, ain't simple - took time and some significant documentation.
Only thing they did not ask for was my first-born son.
On Feb 6, 2013, at 15:31, Brian Conley bri...@smallworldnews.tv wrote:
What
T N:
On Wed, Feb 6, 2013 at 2:16 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
It runs software that is in Debian, the GNU/Linux operating system. I
know, I've written some of it (eg: tlsdate). They do a good job of
locking things down but it is basically just another distribution of Linux.
T N:
The other things I meant to add:
Most Linux distro's are not running with their executable code on a
readonly filesystem, and it takes some effort to convert to a RO
configuration.
If someone has root on the machine or physical access, I guess that it
won't matter as much as we'd
See Inline
On Thu, Feb 7, 2013 at 12:15 PM, Andy Isaacson a...@hexapodia.org wrote:
Silent Circle may be an excellent privacy app. It might not have any
significant security problems. It might even do a good job of
mitigating important platform-based attacks and supporting important new
Christopher Soghoian ch...@soghoian.net wrote:
Twitter's official client and server code are not open source
Much of Google's code, including all of the Gmail backend code is not open
source
That's a bit of a false equivalency, don't you think? Silent Circle's
whole premise is
Brian Conley bri...@smallworldnews.tv writes:
Perhaps you can tell us the secret to convince all family members and
colleagues to become Linux hackers able to be completely self-sufficient
managing their own upgrades and modifications indefinitely?
I never suggested that all family members
Chris,
Nicely put. Agree with your comments 100%
Robert
--
On 2013-02-07, at 8:14 PM, Christopher Soghoian wrote:
See Inline
On Thu, Feb 7, 2013 at 12:15 PM, Andy Isaacson a...@hexapodia.org wrote:
Silent Circle may be an excellent privacy app. It might not have any
significant
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Ali-Reza Anghaie:
Inline below..
On Thu, Feb 7, 2013 at 11:34 AM, scarp sc...@tormail.org wrote:
The fact you can't buy into this service anonymously, so at least
payment credentials will be available. Even if Phil says he won't
be bad
+1.
I wish I could say otherwise, but now after a few years working as a
journalism trainer and in the journalism field I've been led to recognize
that, whether I like it or not, and whether it is ethical or not:
1. headlines are used to grab readers and generate buzz. I'd not read the
article
On Wed, Feb 6, 2013 at 2:16 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
Brian Conley:
Micah,
Perhaps you can tell us the secret to convince all family members and
colleagues to become Linux hackers able to be completely self-sufficient
managing their own upgrades and modifications
snip
My point was for something off the shelf, I know of nothing better and as
far as it goes... I'd say it's a step up for a lot people who should be
using more secure IT technologies and methods than they are (such as some
journalists), and they can take that step with minimal
51 matches
Mail list logo
