The Mobile Developers Guide to the Galaxy

Another one from my research… awesome work: The Mobile Developers Guide to the Galaxy | (now powered by Open-Xchange

“More than twenty writers from the mobile community share their know-how in dealing with topics such as accessibility in mobile apps, UX design, mobile analytics, prototyping, cross-platform development, native development, mobile web and app marketing.”

I love Wikipedia – Great Article on Messengers with lots of details

While I am writing on an article on COI (Chat over Imap), OpenXchange’s latest hot new stuff, I found a wonderful Wikipedia page: (German) Wikipedia has a great article about messenger services like Whatsapp, Threema, Signal and such. Although the article called “list of mobile instant messenger services” seems to be available only in German, its content is great. Here’s the huge table on functions that might explain why I like to stick with Snowden’s recommendation, Signal.:

Messengers and their Functions

By now, I am pretty sure COI will shake this chat world, the concept of using standard mail, mail servers and such as a basis looks very promising against the silos run by American data corporations.

The Military-Malware-Complex. An Article I recently published in Linux Magazine US.

Pretty Complex » Linux Magazine

“… this military-industrial complex has advanced into a new domain: If data is the new oil [3], then access to data is crucial for corporate and national prosperity…. There is a huge market of software developers, admins, hackers, and surveillance technology orbiting US military as well it’s affiliated industries “

Krypto-pr – Do you Legally “own” with Bitcoin?

Things I read…: ” Short introduction to krypto-property by Preston Byrne”

https://prestonbyrne.com/2018/11/23/krypto_property/

Wrapping up, the reason that the matter of Bitcoin’s ultimate classification as property hasn’t come up yet is because, in common practice, ownership  disputes are resolved at a higher conceptual level than inquiring about the “nature of a bitcoin itself” – when I deposit coins at an exchange, e.g., it ought to be pretty clear from the exchange’s TOS that if I have a balance on the exchange, I can ask the exchange to spend an amount equal to that balance back to me on request and, if they fail to do so, I can ask a court to force the exchange to render specific performance or pay damages. A dispute of that kind, of which there have been many, doesn’t ask at what point title transferred and what the fundamental nature of that title is, because it doesn’t have to. It looks instead at the contractual obligations between the counterparties and whether those obligations were satisfactorily performed.

One could write chapter and verse comparing these two jurisdictions and their treatment of Bitcoin as an asset. That said, it’s a Friday night and I have places to be, so for now it will have to suffice to say only that the question has no answer and at some point, probably sooner rather than later, there is going to be a case that explores these fundamental issues (I am frankly shocked that Oxford v. Moss hasn’t been raised yet in any of the UK-based Bitcoin fraud prosecutions).

I look forward to reading those decisions.”

Do you trust this computer?

… Do You Trust This Computer? … :

Science fiction has long anticipated the rise of machine intelligence. Today, a new generation of self-learning computers has begun to reshape every aspect of our lives. Incomprehensible amounts of data are being created, interpreted, and fed back to us in a tsunami of apps, personal assistants, smart devices, and targeted advertisements. Virtually every industry on earth is experiencing this transformation, from job automation, to medical diagnostics, even military operations. Do You Trust This Computer?  explores the promises and perils of our new era. Will A.I. usher in an age of unprecedented potential, or prove to be our final invention?

New kind of computer memory: Not RAM, not ROM, and an optional End-of-life-date for your data

A New Kind of Memory Could Make RAM and ROM Obsolete … :

The Chinese researchers say their new type of computer memory is not only the best of both worlds, but an improvement on the pair: It lets you decide how long you want the memory to hold data. “People in the future may receive a disc in which the data is only effective for, say, three days, which elevates the security of the information,” lead researcher Zhang Wei told China Daily. “People can also have tailor-made flash drives with the new storage technology. The data stored inside will be regularly emptied at an appointed time.”

Iridium – the safer way of browsing privately

I am very sure you are great in breaking things? Iridium Browser, a project of +OSBA ev  and many supporters, needs help in testing, QA – and even developers. I have been a user for many years, and I can recommend this Google-Free-Chrome.

Iridium Browser | A browser securing your privacy. That’s it. … :

A BROWSER SECURING YOUR PRIVACY. THAT’S IT.” 

“Iridium Browser is based on the Chromium code base. All modifications enhance the privacy of the user and make sure that the latest and best secure technologies are used. Automatic transmission of partial queries, keywords and metrics to central services is prevented and only occurs with the approval of the user. In addition, all our builds are reproducible and modifications are auditable, setting the project ahead of other secure browser providers.

Hacking the aquarium’s thermometer to enter the Casino…

Reality update: Casino Gets Hacked Through Its Internet-Connected Fish Tank Thermometer … :

Nicole Eagan, the CEO of cybersecurity company Darktrace, told attendees at an event in London on Thursday how cybercriminals hacked an unnamed casino through its Internet-connected thermometer in an aquarium in the lobby of the casino. According to what Eagan claimed, the hackers exploited a vulnerability in the thermostat to get a foothold in the network. Once there, they managed to access the high-roller database of gamblers and “then pulled it back across the network, out the thermostat, and up to the cloud.”

QR Codes: Apple messed it up (again)

… For years I have been talking about the dangers of QR codes…. well here’s one of the convenient Apple preload functions, I assume, messing it up: The Hacker News — Online Cyber Security News & Analysis … :

You need to open the Camera app on your iPhone or iPad and point the device at a QR code. If the code contains any URL, it will give you a notification with the link address, asking you to tap to visit it in Safari browser. However, be careful — you may not be visiting the URL displayed to you, security researcher Roman Mueller discovered. According to Mueller, the URL parser of built-in QR code reader for iOS camera app fails to detect the hostname in the URL, which allows attackers to manipulate the displayed URL in the notification, tricking users to visit malicious websites instead.

The City of Atlanta, Georgia has been hacked.

Reality update: Hackers Are Holding The City of Atlanta Hostage … :
“This is much bigger than a ransomware attack, this really is an attack on our government,” Atlanta Mayor Keisha Lance Bottoms said at a news conference, Reuters reports. “We are dealing with a (cyber) hostage situation.”

(…)

Experts have warned that cybersecurity is likely the next great security threat for governments and companies around the world, and that most systems are simply not prepared. Indeed, Atlanta isn’t the first U.S city to be hit by ransomware — the Colorado Department of Transportation has already been hit twice in 2018. However, the Atlanta attack seems to the most thorough, city-wide cybersecurity breach yet. And though some companies have ramped up security following attacks, as Atlanta plans to do, it seems that most cities aren’t adapting their security before an attack happens.

(…)

It’s not yet clear at what point Atlanta will give in and pay the ransom to get its data back. But as more cities rely on digital processes, the dangers to both citizen privacy and security are going to multiply. Imagine a hack that takes out not just a city’s computer systems, but also its electrical power, plumbing, and even control of your own car.

Microsoft is now censoring its users, scanning all content for “inappropriate” stuff

Reality update: Microsoft to ban ‘offensive language’ from Skype, Xbox, Office | CSO Online … I doubt this is fine with German data protection laws:

Better watch out if you are playing Xbox, get ticked, and cuss. Microsoft might ban you for the “offensive language.” If they do, then say bye-bye to your Xbox Gold Membership and any Microsoft account balances.

Thanks to Snowden: “Security, Safety and fair market: Access by Openness and Control of the supply chain.” By KIT

KIT (Karlsruhe Institute of Technology, Institut für Technikfolgenabschätzung und Systemanalyse) has published a great study that I haven’t read completely, but though it’s worth sharing: KIT – ITAS – Research – Project overview – Quattro S: Security, Safety, Sovereignty, Social Product … Especially regarding:

This project will provide solutions for multiple problems. The first one is the security of information technology. The range of issues addressed includes zero-day exploits (e.g., WannaCry ransomware), denial of service attacks (e.g., Mirai), hardware attacks (e.g. based on the Meltdown and Spectre CPU flaws) up to novel types of hardware Trojans. The possibilities for these attacks originate from weaknesses in the long IT supply chains and threaten the confidentiality, integrity and availability of systems. The second problem is that these attacks can also threaten the safety of products, e.g., in energy infrastructures or in the automotive industry. The third problem consists of a loss of value added because of a migration of production and competences towards competing economies (e.g. US and China). Sovereignty would mean to have full control of the characteristics of information technology, to be sure that no hidden features are implemented, that no business secrets can be stolen, and to benefit economically from such control.

Live hacking – a demonstration for military and politicians

… recently, at the german military’s reservist’s club VdRBw :
Veranstalter: Kreisgruppe Oberpfalz-Süd

Thema: Sicheres Surfen durchs Internet

Wie ich meinen PC besser schützen kann

Bedrohung und Abwehrstrategien für den heimischen Rechner mit Live-Demonstration typischer AngriffeIm Rahmen der Freiwilligen Reservistenarbeit führt die Kreisgruppe Oberpfalz-Süd in Zusammenarbeit mit der Friedrich-Ebert-Stiftung und dem Markt Donaustauf eine Sicherheitspolitische Veranstaltung in Donaustauf als Verbandsveranstaltung in UTE durch.
(…)
Anzug: Dienstanzug gem ZDv 37/10 oder gedecktes Zivil

Sir! Yes, Sir!

Cryptojacking. How Hackers use your browser for Crypto-Currency Mining

Reality update: [1803.02887v1] A first look at browser-based Cryptojacking …:

In this paper, we examine the recent trend towards in-browser mining of cryptocurrencies; in particular, the mining of Monero through Coinhive and similar code- bases. In this model, a user visiting a website will download a JavaScript code that executes client-side in her browser, mines a cryptocurrency, typically without her consent or knowledge, and pays out the seigniorage to the website.

A german university claims there’s child pornography in bitcoin’s blockchain

Looks like Child abuse imagery found within bitcoin’s blockchain | Technology | The Guardian is a good read …

“Researchers from the RWTH Aachen University, Germany found that around 1,600 files were currently stored in bitcoin’s blockchain. Of the files least eight were of sexual content, including one thought to be an image of child abuse and two that contain 274 links to child abuse content, 142 of which link to dark web services.”

DIVSI – a matter of Trust ?

Welcome to the DIVSI, the “German Institute for Trust and Security on the Internet”. This is what the website looks like in my browser, with Javascript, Cookies and all Trackers turned off. Would you trust them? It’s a government project, but still: Would you trust such a website? For once, working with experts would be nice. #sigh. I know, I am using wordpress here, but at least I am not pretending. #plonck.

DIVSI

Really Safer? Or just a feeling?

security theater meets bike

What people feel and what is actually true – that’s often not quite the same. Expecially when it comes to security, merely feeling safe sometimes seems to be more important than reality. As the blog “Erich sieht” shows that is true cycling as well. The British National Health Service NHS puts it in a very short sentence:

“Official figures taken from the NTS suggest that the general risk of injury from cycling in the UK is just 1 injury per 19,230 hours of cycling.”

“Erich sieht” does the math for you: A typical bycicle courier would need to work for ten years, 40 hours per week to suffer his first injury – statistically.

https://erichsieht.wordpress.com/2018/01/04/so-ungefahrlich-ist-radfahren/