[liberationtech] Randomize MAC of Android phone?
Hello! Is it possible to randomize wifi MAC of Andorid phone on power up? On notebook I do this and (with tor connection) it is little helpful for lses tracking in cafes, airports + so on. -- Jerzy Łogiewa -- jerz...@interia.eu -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] How to hide hostname from DHCP?
Hello! When my computers (OS X 10.7 + 10.8) connect to DHCP server, it send mac address and hostname. I have solved tracking for mac address by randomizing mac at startup, but hostname is always sent. i know DHCP does not make hostname sending a required, so how to stop it? Randomize hostname is not really good solution :( -- Jerzy Łogiewa -- jerz...@interia.eu -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Announcing Scramble.io
Hello! Also are there any plan for Scramble to be a POP3 o IMAP client, so I can use another email with it? -- Jerzy Łogiewa -- jerz...@interia.eu On Aug 23, 2013, at 2:28 PM, Feross Aboukhadijeh wrote: > This is great work, DC. Congrats on launching! > > > This does not improve on the properties of PGP, fundamentally. Without a > > pre-existing secure channel, knowledge of this public hash is just as > > susceptible to MitM. > > Scramble isn't trying to improve on PGP at the cryptographic level -- it > actually *uses* PGP (specifically, OpenPGP.js) to encrypt the emails. > > The point of Scramble is to make PGP actually usable by humans. PGP's problem > is not that we lack a way to make pre-existing secure channels, it's that > literally no one uses it. Scramble makes PGP usable by the masses. It's > webmail so it's convenient and doesn't require any software configuration. > And it uses a great little trick pioneered by tor hidden services to > eliminate the need for "key signing" parties, which weren't much fun anyways. > > All this usability gain from webmail, but what about attacks like what would > have happened to LavaBit? Some say that webmail can't be made secure. > > We don't know much about what LavaBit was asked to do, but Scramble is > (theoretically) secure against attacks from centralized adversaries like > governments who control root CAs and could take over and even operate the > Scramble servers. The browser treats the server as a "dumb" blob store, > decrypts all data locally, and doesn't ever download new javascript (if > you're use the chrome extension version of Scramble, two click install). An > actively malicious server is not a problem. Mad cool. > > Even if you're *not* using the chrome extension version (i.e. "paranoid > mode"), it's impossible for a central adversary who controls the Scramble > servers to do a targeted attack against you specifically, because the browser > downloads all the javascript upfront and only requests user-specific mailbox > data afterwards. It doesn't download any new code after it's identified you > to the server. Again, mad cool. > > If the attacker served malicious JS to everyone, users would quickly notice > and word would get out. A distributed program could automate this check. > > I recommend you all read the two links DC posted. Scramble is the real deal. > Good news for all of us! > > Feross > feross.org - peercdn.com (make your site faster & reduce your bandwidth > costs!) > > > On Fri, Aug 23, 2013 at 2:12 AM, Ximin Luo wrote: > On 23/08/13 09:53, DC wrote: > > Hi everyone, > > > > I'm DC, and I've been lurking here for a few weeks :) > > > > Since the NSA leaks, I've been inspired to work on an old dream: end-to-end > > encrypted email. > > > > One difficult problem in public-key encryption is key exchange: how to get a > > recipient's public key and know it's really theirs. > > My plan is to make make your email the hash of your public key. > > For example, my address is *nqkgpx6bqscsl...@scramble.io > > <mailto:nqkgpx6bqscsl...@scramble.io>* > > (I borrowed this idea from Tor Hidden Services.) > > > > This does not improve on the properties of PGP, fundamentally. Without a > pre-existing secure channel, knowledge of this public hash is just as > susceptible to MitM. > > You can argue "well my email address is pasted on so many websites, it's > infeasible for an attacker to MitM all of them", but you can say the same > thing > for PGP keys too. > > In some senses it's even worse because a human has to remember the hash > *exactly*, instead of having PGP manage the email<->fingerprint mapping for > you. You could write some address book software to improve on this, however. > > > This lets you build an email system with some nice properties: > > * It's webmail. I want something easy to use and understand, unlike PGP, so > > that nontechnical people can grok it. > > * Webmail has an inherent weakness: if push comes to shove, the NSA can > > compel > > a Scramble server to serve bad Javascript to their users. I want to give > > users > > the option to install the app as a Chrome extension. Same HTML, CSS, and JS, > > but served locally, so the server is untrusted. > > * You can look up someone's public key from an untrusted server, and verify > > that it's actually theirs. > > * Anyone can run a Scramble server > > * It's open source > > * All emai
Re: [liberationtech] Announcing Scramble.io
Sounds very cool yes. But where is the OpenPGP.js stored? -- Jerzy Łogiewa -- jerz...@interia.eu On Aug 23, 2013, at 2:28 PM, Feross Aboukhadijeh wrote: > Even if you're *not* using the chrome extension version (i.e. "paranoid > mode"), it's impossible for a central adversary who controls the Scramble > servers to do a targeted attack against you specifically, because the browser > downloads all the javascript upfront and only requests user-specific mailbox > data afterwards. It doesn't download any new code after it's identified you > to the server. Again, mad cool. -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Android guide?
I read this: http://www.wired.co.uk/news/archive/2013-08/09/recycling-bins-are-watching-you "The unique identifying numbers of over half a million smartphones have been recorded by a network of recycling bins in central London. Hundreds of thousands of pedestrians walking past 12 locations unknowingly had the unique MAC address of their smartphones recorded by Renew London." Maybe also it should be added to this list, some thought about MAC and DHCP randomness? Is this feature included in any of tools recommended? -- Jerzy Łogiewa -- jerz...@interia.eu -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Freedom Hosting, Tormail Compromised // OnionCloud
But this data is not useful for any but most advanced user. TBB should autoupdate for any nongeek user. I hope some safe way of this update exists. -- Jerzy Łogiewa -- jerz...@interia.eu On Aug 6, 2013, at 5:11 PM, CodesInChaos wrote: > When the user's version is outdated you already display an update notice. > You could add those items from > https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html > that apply to the current version. Listing particular vulnerabilities makes > it clear that you actually should > update and that it isn't just a superfluous notice that's just for annoying > the user. > > I wouldn't duplicate the actual advisories, but listing them is a good idea > IMO. > > Perhaps something like: > > --- > This version of TOR Browser is based on Firefox ESR 17.0.6. You need to > upgrade to fix the following security issues: > > Fixed in Firefox ESR 17.0.7 > MFSA 2013-59 XrayWrappers can be bypassed to run user defined methods in a > privileged context > MFSA 2013-56 PreserveWrapper has inconsistent behavior > MFSA 2013-55 SVG filters can lead to information disclosure > MFSA 2013-54 Data in the body of XHR HEAD requests leads to CSRF attacks > MFSA 2013-53 Execution of unmapped memory through onreadystatechange event > MFSA 2013-51 Privileged content access and execution via XBL > MFSA 2013-50 Memory corruption found using Address Sanitizer > MFSA 2013-49 Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7) > - -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Secure Android guide?
Cooper this video is so good! Thank you! -- Jerzy Łogiewa -- jerz...@interia.eu On Jul 15, 2013, at 9:04 PM, Cooper Quintin wrote: > Jerzy, > I gave a talk a while ago on pragmatic smartphone security. The video > can be found here: > http://vimeo.com/46044290 > And more up to date slides can be found here: > https://github.com/cooperq/spiders > > Enjoy! Please feel free to contact me directly if you have other questions. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] WeChat
I can say with surely that WeChat has some market here in Poland. Unfortunately I get a few invitation each week that I must decline. -- Jerzy Łogiewa -- jerz...@interia.eu On Jul 16, 2013, at 12:03 AM, Paul Holden wrote: > I think part of it is a language problem. But even when the software is > translated, as has been done with Wechat (微信)and Weibo, it doesn't > seem to get far outside China. The Weibo English version is a completely > different site and doesn't seem to have been marketed much in the west. > I don't know why they made those choices. Based on what I've sen with > WeChat, its largest markets outside China are Thailand and Malaysia. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Bring some UX/UI help to open secure apps
I believe that the attention of anyone would be some great help. This is also great direction. How about it, kind of "Google Summer of Code" for UX students? Amazing idea. -- Jerzy Łogiewa -- jerz...@interia.eu On Jul 15, 2013, at 7:14 PM, Michael Oren wrote: > I am a UX person (more heavily on the research end than the design end, > although I've done both). I'm not sure I can commit to working on this, but > I'm also teaching an HCI course in the Fall and can present something to the > students as an option for their projects. It's an introductory course though > so their skill levels will likely be low. > > -Mike -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Bring some UX/UI help to open secure apps
Okay great! So there are some in support to this, how to start? * Choose 1 project * Get author approval * Find designer * Get estimate * Research crowdfund sites * Build campaign Should we vote this first one? My hand goes up to the Jitsi! -- Jerzy Łogiewa -- jerz...@interia.eu -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Secure Android guide?
Thank you Julian! Can you tell me about this "largely" Google-free experience? Is it about the OS being Google, or are some more components still there? -- Jerzy Łogiewa -- jerz...@interia.eu On Jul 13, 2013, at 4:30 PM, Julian Oliver wrote: > You can install CyanogenMod - and not install the Google suite - for a > pleasant > and largely Google-free experience. To be safer, don't install a nightly > build. > Take out the SIM card. Flash CyanogenMod using the simple instructions for > your > device on their website. Encrypt the file-system once the device is installed. > Set up a 6-or-more line swipe pattern without visual feedback (and keep your > screen clean!). Disable developer mode and MTP browsing, until you need it. > Connect the device to a wireless network you control. Install DroidWall (or > similar open source firewall) and lock down any unknown and/or promiscuous > processes (vastly less with CyanogenMod than Android). Don't use Google Play. > Download and install OopenVPN client and tunnel to your favourite trusted > OpenVPN server. Put on OrBot and run the OrWeb Tor browser. Edit your exit > nodes to those that suit. Install Firefox and requisite extensions that > protect > against cookie tracking etc. Use StartPage instead of Google as your default > search engine. Don't install any random games or other software. If you need > something like a PDF reader, be sure it's open source and the APK you download > checksums out (SHA256). > > I've done the above, more or less, with my last two Android phones. My SIII is > especially good to work with. I've audited it on the wire and I trust working > with it so far. How you use it is another thing. If you rarely need to make > calls over the cellular network then use Airplane Mode until you need to call > - > that'll get you off the grid where cell provider location tracking/logging is > concerned. Better still, don't use a SIM card at all and tunnel/ZRTP VoIP with > something like RedPhone. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Bring some UX/UI help to open secure apps
Hello! There are some talks here about new Heml.is. Let us be real: The messenger is one of many like it and without full source we cannot trust! But many have made this true point that looks and design matter. So, I propose crowdfund of UX and UI man salary for this apps: * Jitsi (many nice features but needs many helps for UI) * Pidgin + OTR plugin (maybe a new installer?) * RedPhone * TextSecure I would like to recommend for example Jitsi to grandma, but it is now a bad experience for even me. So why not crowdfund the help? When secure versions are not used because they are so-called ugly, there is a total waste of possibilities! Has it ever tried before? -- Jerzy Łogiewa -- jerz...@interia.eu -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Secure Android guide?
Hello! If I want Android phone and have it be most secure, how to do it? Is there some guide with steps? Like this: 1- Buy some handset such as X, Y 2- Re-flash to Z firmware 3- Change P settings to J ... 4- Install OrBot, RedPhone, and so on What is recommended here by experts? PS: I am willing to have device ONLY for secure communications. -- Jerzy Łogiewa -- jerz...@interia.eu -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Want to shield text, photos from government? Wickr says it has an app for that | SiliconBeat
And you know Windows 3.1/NT/2000/XP is used in military for many year! -- Jerzy Łogiewa -- jerz...@interia.eu On Jun 8, 2013, at 5:11 PM, Griffin Boyce wrote: > It's kind of ironic that so many apps refer to themselves as > "military-grade," when the intelligentsia on this list has better security > than military intelligence. To be "military-grade" at this stage is to take > a step backward. > -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Users flock to Japan student's firewall-busting thesis project - Network World
Why not to just support Tor with new node? -- Jerzy Łogiewa -- jerz...@interia.eu On Mar 14, 2013, at 10:27 PM, Yosem Companys wrote: > This story appeared on Network World at > https://www.networkworld.com/news/2013/031313-users-flock-to-japan-student39s-267650.html > > Users flock to Japan student's firewall-busting thesis project > 'VPN Gate,' designed by Ph.D. student Daiyuu Nobori to circumvent > government firewalls, has drawn 77,000 users in less than a week > > By Jay Alabaster, IDG News Service > March 13, 2013 07:05 AM ET > > IDG News Service - If you're not sure about the purpose behind Daiyuu > Nobori's online thesis project, perhaps the large picture of the > collapse of the Berlin Wall will help. > > Nobori created VPN Gate to help individuals in countries that restrict > Internet use to beat government firewalls. The service encourages > members of the public to set up VPN (virtual private network) servers > and offer free connections to individual users, aiming to make the > technology more accessible. > > "Today's VPN software is very complex. They are not easy to use. Some > VPN services around the world are expensive for people in other parts > of the world," Nobori said in an interview with IDG News Service. > > His service maintains a public, real-time list of freely available VPN > servers for users to choose from. It also offers downloadable server > software to run the VPN, and a client that greatly simplifies the > process of finding and connecting to one of the free servers, for the > less technically inclined. > > The 28 year-old doctoral student at Tsukuba University, about 30 miles > northeast of Tokyo, wasn't sure what the reaction would be when he > launched last Friday. He did little to advertise it outside of the > home page and a few mentions on tech forums. > > Five days later, the service has drawn 77,000 users and served nearly > 4 terabytes of data. > > "There are a lot of users from around the world, so I'm very happy," > he said, but "the large amount of data transfer charges are a problem. > This is coming from my credit card." > > Nobori had originally planned to host the service on his university's > servers, but they have been down recently so he switched it to the > Windows Azure cloud platform. He has spent about US$9,000 keeping it > up so far, and will move it back to the university as soon as he can. > He also operates his own VPN company, income from which has helped > with expenses. > > The service is based on "SoftEther," open-source VPN software he > built. He says most of it will be released as open source in the next > few months. He said he plans to keep certain small portions related to > custom protocols private, for security reasons. > > He was motivated to create VPN Gate when he learned about the > firewalls imposed on people living in Middle East countries such as > Egypt and Libya. The Web page is currently offered in English, Chinese > and his native Japanese, but he says that is more based on the number > of language speakers worldwide than any political feelings about a > particular country. > > "I'm an engineer, I don't have any interest in politics," he said. "If > people somewhere want to study and can't use services like Wikipedia > or Google, this is a big problem. Wikipedia has political articles, > but also articles about science and other topics." > > The service's public access logs show that the vast majority of > connections are coming from China. He had friends at his university > help him translate his materials into Chinese, but they asked that he > not credit them by name for fear of repercussions. > > Nobori said that while few people in countries like Japan feel > threatened by government firewalls, he remains concerned. In Japan, > police have publicized a plan to block access to a genre of sites that > give advice on how to kill yourself, to cut down on the country's high > suicide rate. > > "It is probably acceptable to block the suicide sites, but you don't > know what happens next. There is always a chance it will expand." > > The IDG News Service is a Network World affiliate. > > All contents copyright 1995-2013 Network World, Inc. > http://www.networkworld.com > -- > Too many emails? Unsubscribe, change to digest, or change password by > emailing moderator at compa...@stanford.edu or changing your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Mega
More danger with Mega because more users. A hot subject means security researcher also get noticed by bloggers and newspaper :-) -- Jerzy Łogiewa -- jerz...@interia.eu On Jan 21, 2013, at 11:52 PM, micah anderson wrote: > I've always wondered why something like Mega gets a lot of attention and > people audit it pretty much immediately, but something like Retroshare, > which has been around for a while never has the eye of Sauron pass over > it. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Modern FIDONET for net disable countries?
Also is easy for spam :( But now that I think, fidonet would also be easy for spam. Or (about my first idea) attacker could make many mails with huge attachments to destroy efficiency. -- Jerzy Łogiewa -- jerz...@interia.eu On Jan 6, 2013, at 10:57 PM, Rich Kulawiec wrote: > I'll second this. Usenet is still the most successful experiment in > distributed communication, it's resource-frugal (after all, it was > developed at a time when we thought 1200 baud modems were speedy), > it's highly resilient, it's delay-tolerant, it's scalable, it's agnostic > about transport, and it supports undirected broadcast communication -- > something useful when trying to evade traffic analysis. It supports > bidirectional mail<->news gateways, it runs on minimal hardware, and > among other things, it could be used to provide prolific news feeds > (albeit with some delay) into areas that are heavily censored. > > ---rsk -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Modern FIDONET for net disable countries?
Who have tried SplinterNet? It sounds like very strong activist tool and maybe works like as described. https://github.com/megamattron/SplinterNet#readme -- Jerzy Łogiewa -- jerz...@interia.eu -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Safe app like Dropbox?
Hm Jake, can you tell more about this? Was this data publish? -- Jerzy Łogiewa -- jerz...@interia.eu On Jan 6, 2013, at 10:47 PM, Jacob Appelbaum wrote: > I also think most disk images are not actually that difficult to brute > force - I was involved in a project to perform FileVault bruteforcing > accelerated by an FPGA a few years ago. With a modern GPU, I think > things are pretty slanted toward the attacker. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Safe app like Dropbox?
Hm it only solve 1 part of problem. Still have to trust Dropbox binary. -- Jerzy Łogiewa -- jerz...@interia.eu On Jan 6, 2013, at 11:35 AM, Brad Beckett wrote: > Or better yet -- encrypt your data with CloudFogger, it's free: > http://www.cloudfogger.com/en/ -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Travel without drive
Yes, one extreme method (ending: destroy stick) but about cloning and shipping stick not much. And I still like to know Jake's method. Maybe not worth another thread, sorry. -- Jerzy Łogiewa -- jerz...@interia.eu On Jan 6, 2013, at 2:47 PM, Julian Oliver wrote: > I think many of these questions were addressed in the previous thread. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Travel without drive
Hello! This is "branch" to "Travel with notebook habit". I am interested in discussing travel notebook- without drive. Again I have read Jake Appelbaum travels without any drive. It presents some question however: 1: How to move data? - mail in some crypted booting USB stick, ship back out? - config and system files cloned to remote service + downloaded at location? - operate 100% from remote session?? 2: Make data redundant? - if mailing USB stick, what happens if lost or confiscated? - 2 sticks, ship to 2 address (how to easily clone sticks? standart dd?) Other ideas? If Jake reads here then I would like to know his method. And, for OS/booting on USB stick: Does some tool or method exist where removal boot USB stick immediate clears all of RAM (prevention notebook RAM being read + encryption key captured!) -- Jerzy Łogiewa -- jerz...@interia.eu -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Safe app like Dropbox?
Hello! Dropbox is completely convenient, but source is closed and I do not really want storing my data on their server. What other app exist? Anything truly open and support own remote storage, but working as: drop into folder, auto syncro happens on a supported platform? Thanks! -- Jerzy Łogiewa -- jerz...@interia.eu -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Certificate authority and email
So then Convergence would be best as whole-system helper, not just FF addon? Is this possible to do like HTTPS proxy? -- Jerzy Łogiewa -- jerz...@interia.eu On Dec 29, 2012, at 5:10 PM, Michael Rogers wrote: > Yes, SSL-based email uses the same CA system as HTTPS. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Certificate authority and email
Hello! I just watch the Moxie Marlinspike talk about Convergence system- http://www.youtube.com/watch?v=Z7Wl2FW2TcA Great work! Do any system besides WWW use the CA? SSL-guarded email in some case for ęxample? Is HTTPS all to worry about? -- Jerzy Łogiewa -- jerz...@interia.eu -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Google Hangout the new, better skype? Was Re: Skype redux
Supports, but doesn't mean uses for default! SRTP also supports "NULL CIPHER"... -- Jerzy Łogiewa -- jerz...@interia.eu On Dec 28, 2012, at 6:14 PM, Adam Fisk wrote: > I sympathize with your frustration about Google and other companies' > unwillingness to talk about their interception capabilities. In the > particular case of Hangouts, it seems clear that the Hangout data is > encrypted only between the user and Google, and not end-to-end. > > That doesn't appear to be the case, Seth. See: > > https://developers.google.com/talk/call_signaling#Encryption -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Travel with notebook habit
I am just reading this, http://www.schneier.com/blog/archives/2012/12/breaking_hard-d.html Can we start some discussion about good notebook travel habit? I have read Jacob Appelbaum say he does not travel with _ANY_ drive in notebook, and this seem to be extreme. Without removing drive, what is the best habit for FDE for prevent attacks as Schneier describe? Full power-down? No hibernate file? Any other things? -- Jerzy Łogiewa -- jerz...@interia.eu -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Modern FIDONET for net disable countries?
Hello! I wonder, is some FIDONET type service existing for countries where all telecom is disabled? Kind of "sneakernet" for large packets of messages to be delivered. 1- I write message to [username, address or hash], encrypt with public/private pair. 2- Trusted "sneakernet" collector with some software physically arrives and grabs my message, updates my 'ball' (or blob?) of crypted messages, in case other sneakernet collector comes. 3- Maybe when delivery is 100% confirmed this gets added to ball so it can be pruned? And so on. Bitcoin style blockchain confirmation seems useful? Does any service like this existing now? -- Jerzy Łogiewa -- jerz...@interia.eu -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Google Hangout the new, better skype? Was Re: Skype redux
Jitsi looks like promising tool, but video chat always crash my mac. Even preference for video setting! -- Jerzy Łogiewa -- jerz...@interia.eu On Dec 21, 2012, at 8:23 PM, KheOps wrote: > We have tried to push Jitsi forward as a replacement to Skype, notably > with Syrian people. In the first tries we did, it appeared really not > easy to use from Syria, mainly because of the poor bandwidth there which > seemed to prevent video calls to work correctly and NAT issues. > > We however haven't had time to dig more in Jitsi settings, and I wonder > if someone had a good URL for documentation/tutorial? > > Thank you :) > KheOps -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] EFF position on Bitcoin?
Hello, Does someone know why EFF has taken a neutral stand with Bitcoin crypto-currency, why they do not support it? I am new to list, sorry if this is not a right topic. Thank you -- Jerzy Łogiewa -- jerz...@interia.eu -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
