Skip to main content

Cerca

Elementi taggati con: replicant


 
This week in #InfoSec:

- Hardware implants became fake news, or fake news became hardware implants. We don't know yet but the threat is more real than ever.

- Enigmail/p≡p (-.-)

- #LineageOS is not trustworthy when "GPS". Maybe it never was. Maybe #Replicant is, or not.

- Brett Kavanope. This will become a serious problem for InfoSec and everyone else very soon.

- Netflix uses up 15% of the internet

- Crypto is Cyber, and Cyber is Crypto (fefe)

Fuck everything.

 
Regarding Android replacements...

Just a heads-up -- LineageOS is not geared to be safely free from binary blobs either. Their goal is to provide a replacement; but not a [now-defunct] #CopperheadOS-like secure replacement.

Something may emerge from the Daniel Micay side of the COS break-up; but watch that carefully for a while first.

Micay is skittery.
He had the same type of break up from the #Rust community.

Trust nothing from #COS itself post July 2018.
The official signing keys for CopperheadOS were destroyed by #Micay.

See also #Replicant
https://www.replicant.us/

 
Join our neighbours and #FreeYourAndroid!RT @technoethical@twitter.com Join us at 14:00 in building Platane room B05 for the #Technoethical workshop on "How to completely liberate the main OS of your phone" as part of the @FSFE@twitter.com track at #RMLL2018 in Strasbourg. #Replicant #RMLL

 

Finally, I have deleted my #Google account today!


It was a long an challenging breakup. It started roughly 2 years ago, when I was not able to ignore anymore that Google started switching to the #darkside.

You can easily guess which social network I use instead of #googleplus. [Yes, I use and <3 #diaspora* ;-).]
Instead of #gmail, I use the email account provided by my workplace and #disroot for personal emails.
I chat by using #xmpp (via clients #conversations and #gajim using #omemo for #encryption).
I use #davdroid to synchronize my contact list, calendar and tasklist to my #moblie.
Instead of #chrome, I use #firefox, #torbrowser, #iceweasel, and #icecat.
Instead of #webmail, use #thundebird, #icedove and #k9 email clients.
I use #nextcloud and #syncthing, instead of #googledrive.
For #searching, I sue #duckduckgo and #searx.
Instead of #android, I use #replicant.

Instead of paying with my #privacy, I pay with #donation using #liberapay.


I'm also grateful to @Tiberiu C. Turbureanu (from #technoethical) for helping me fixing my broken replicant install.

 

News on Debian on apexqtmo



Thadeu Lima de Souza Cascardo writes about the state on free software on smartphones.
There are still a lot of things to do, to say the least.

#debian #debianmobile #ryf #halium #ubports #replicant

News on Debian on apexqtmo

News on Debian on apexqtmo

 

"How to Live Without Google" - and getting it all wrong



In a failed attempt to improve users personal privacy, DuckDuckGo jumps from the frying pan straight into the fire. With the motto
Remove Google from your life? Yes, it can be done!
they give ten advices, most of them very bad. Also, they are using inexact wording by calling things free, when they are "free as in beer", but not necessarily "free as in freedom". I comment on their three worst recommendations:
Google Search -> DuckDuckGo (free)
Let's start off with the easiest one! Switching to DuckDuckGo not only keeps your searches private but also gives you extra advantages such as our bang shortcuts, handy Instant Answers, and knowing you're not trapped in a filter bubble.
I understand, that they advertise their own service here. And while I do believe, that DuckDuckGo does not cheat and keeps your searches private, as a user, one cannot prove it. In any case, one just replaces one centralised search machine with another one. Better use a decentralised service, such as meta search engine Searx.
Android -> iOS (paid)
The most popular alternative to Android is of course iOS, which offers easy device encryption and encrypted messaging via iMessage by default. We also have tips to increase privacy protection on your iPhone or iPad.
This is certainly the worst recommendation in their list. I had to check the date of the article, when I read this. Aprils Fool's Day? I'm certainly not a fan of Android and I'm not an Android user anymore, but going for a much more restrictive jail is just stupid. Android has at least relatively free versions, e.g. Replicant. iOS, in contrast, is a carcel with beautifully painted walls. Very high walls with perfectly styled barbed wire on top. Even the most proprietary variants of Android let you at least install free software from F-Droid.org.

If you don't want to use Android anymore, like myself, better go for a free alternative, e.g. support the Librem 5 crowdfunding, or the Pyra handheld or the ZeroPhone, all three running the free Debian operating system.
Google Allo -> Signal (free)
There are several services offering private messaging but, as we've mentioned before, Signal gets our recommendation. It offers free, end-to-end encryption for both messages and private calls. It's also recommended by Edward Snowden and renowned security expert Bruce Schneier, among others.
Again, they recommend to leave one centralised service for another one. And one, that even wants your phone number, otherwise you can't use it. And one, that does not yet have a decent client for Linux. There are messengers around that are federated or completely decentralised, that do not force you give them your phone number, and that have native clients for all major operating systems. My recommendation is XMPP. If you are on Linux, use e.g. Gajim, on Android the best app is probably Conversations, for iOS there is ChatSecure and so on. Alternatives to XMPP are Ring, Matrix and more recently Wire.

Benjamin Franklin wrote in 1755:
Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.
One should also not give up libre software, which is essential in many ways, to purchase a little perceived safety or privacy through non-free or centralised services.

#duckduckgo #google #searx #replicant #fdroid #librem5 #pyra #zerophone #debian #xmpp #gajim #conversations #chatsecure #ring #matrix #wire

How to Live Without Google

Google tracking is more pervasive than most people realize. We show you some alternatives to Google services to limit your exposure.

 



You broke the Internet



Now let's build a GNU one



Details: Yellow is for projects in development while green is for those that are available. Red illustrates brands that lose their monopoly condition once the respective layers are fully operational whereas light red indicates faulty technologies that we must replace.

Strongly recommend checking out the source website: http://youbroketheinternet.org/

Some related tags: #internet #surveillance #freesoftware #gnu #linux #security #netsec #crypto #ipfs #gpg #pgp #encryption #cryptocat #mumble #GNS #guix #nix #bittorrent #faceboogle #tor #I2P #otr #librecmc #libreboot #fsf #eff #ccc #pirateparty #pirates #ricochet #gnunet #freenet #android #replicant #grothoff #signal #libresignal #taler #gnutaler #youbroketheinternet #selfhosting #decentralization #selfhosted #tox #xmpp #jitsi #pond #PSYC #Tahoe-LAFS #retroshare #cjdns #onionshare #cryptocat #briar #maidsafe #coreboot #tribler #axolotl #zeroqm #bitmessage #cloud #skype #twitter #microsoft #rhizome #rina #netsukuku #tails #debian #freedombox #freedombone #ethos #qubes #whonix #guixSD #gentoo #zyre #reproduciblebuilds #openwrt #BMX7 #net2o #ethereum #copperheadOS #federation #dns #smtp #dane #blackadder #globaleaks #redphone #2020 #mesh #pulse #heartbeat

#youbroketheinternet

#youbroketheinternet

 



You broke the Internet



Now let's build a GNU one



Details: Yellow is for projects in development while green is for those that are available. Red illustrates brands that lose their monopoly condition once the respective layers are fully operational whereas light red indicates faulty technologies that we must replace.

Strongly recommend checking out the source website: http://youbroketheinternet.org/

Some related tags: #internet #surveillance #freesoftware #gnu #linux #security #netsec #crypto #ipfs #gpg #pgp #encryption #cryptocat #mumble #GNS #guix #nix #bittorrent #faceboogle #tor #I2P #otr #librecmc #libreboot #fsf #eff #ccc #pirateparty #pirates #ricochet #gnunet #freenet #android #replicant #grothoff #signal #libresignal #taler #gnutaler #youbroketheinternet #selfhosting #decentralization #selfhosted #tox #xmpp #jitsi #pond #PSYC #Tahoe-LAFS #retroshare #cjdns #onionshare #cryptocat #briar #maidsafe #coreboot #tribler #axolotl #zeroqm #bitmessage #cloud #skype #twitter #microsoft #rhizome #rina #netsukuku #tails #debian #freedombox #freedombone #ethos #qubes #whonix #guixSD #gentoo #zyre #reproduciblebuilds #openwrt #BMX7 #net2o #ethereum #copperheadOS #federation #dns #smtp #dane #blackadder #globaleaks #redphone #2020 #mesh #pulse #heartbeat

#youbroketheinternet

#youbroketheinternet

 
General good advice for freedom and privacy/security



Some general good advice to ensure the best possible respect of freedom and privacy/security on mobile devices includes:

Installing only free software applications, from trusted sources such as #F-Droid on #Replicant.
#Encrypting the device's storage, to prevent some unauthorized access to the device's data.
Using software that provides secure peer-to-peer-encrypted communications such as #ChatSecure for instant messaging and #AGP with K-9 Mail for emails on Replicant.
Using #Tor to achieve reliable anonymity, for instance with #Orbot on Replicant.
If the device is telephony-enabled, switching the modem to airplane mode or (when possible) turning it off when not in use, to avoid being tracked at all times.
Browsers using the webview framework (such as the browser shipped with Replicant and Lightning) are subject to various security flaws in Replicant 4.2.

In addition, the #FreeSoftwareFoundation provides a comprehensive guide to help protect freedom and privacy and the Tor project an article entitled Mission Impossible: Hardening Android for Security and Privacy.

 
General good advice for freedom and privacy/security



Some general good advice to ensure the best possible respect of freedom and privacy/security on mobile devices includes:

Installing only free software applications, from trusted sources such as #F-Droid on #Replicant.
#Encrypting the device's storage, to prevent some unauthorized access to the device's data.
Using software that provides secure peer-to-peer-encrypted communications such as #ChatSecure for instant messaging and #AGP with K-9 Mail for emails on Replicant.
Using #Tor to achieve reliable anonymity, for instance with #Orbot on Replicant.
If the device is telephony-enabled, switching the modem to airplane mode or (when possible) turning it off when not in use, to avoid being tracked at all times.
Browsers using the webview framework (such as the browser shipped with Replicant and Lightning) are subject to various security flaws in Replicant 4.2.

In addition, the #FreeSoftwareFoundation provides a comprehensive guide to help protect freedom and privacy and the Tor project an article entitled Mission Impossible: Hardening Android for Security and Privacy.

Replicant

Replicant

 
Or don't use CyanogenMod, but use #Replicant, a fully free android based OS: http://www.replicant.us/supported-devices.php