Podcasts about open whisper systems

Thinking and creativity require privacy. In this data-intensive age, what does ”privacy“ mean for a tool for thought? Mark and Adam discuss product decisions in the context of digital privacy for the tech industry and society overall. @MuseAppHQ hello@museapp.com Show notes US Supreme Court oral arguments live The Right to Privacy (1890) LiveJournal GDPR Brave, Duck Duck Go, ProtonMail, Fathom Signal, Telegram TLS Clipper Chip Alan Turing and the Enigma Machine Local-first software Open Whisper Systems web of trust Signal contact verification Zoom end-to-end encryption whitepaper PGP telemetry PII cookie warnings browser fingerprinting Tor TikTok iOS 14 clipboard notifications Designing for Pragmatists and Fundamentalists Edward Snowden, Citizenfour Tails The Stasi The Lives of Others

Kindle Unlimited is bad for authors? Living machines? Also, thoughts on life, stupid patents, the dangers of the cloud, and much, much more… Special Guest: None Stories of the Week:--Rapidfire Stories: Signal from Open Whisper Systems, Amazon releasing a Square competing device and also an Amazon sellers app, the USB firmware and Tor dilemma, Hangouts can now be done without a Google+ account and soon photos too, Facebook forcing people to use the Messenger app, Stanford has devised a new battery.--”Kindle Unlimited and Subscription Services” Tech Roulette:--”Electric Aliens” Link: goo.gl/ChsJzv --”Synthetic Leaves” Link: goo.gl/xaNnRs Game of Choice:--”Battlestation” Link: battlestation.fi/ Important Email:--”Intelligent animals? Personal worth?” Website of the Week:--”EFF’s Stupid Patent of the Month Blog” Link: goo.gl/bcH087 Hacksec:--”The Danger of the Cloud” Link: goo.gl/IkC2o1 Software of the Week:--”Flock” Link: goo.gl/sBuPtr The Climax:--”Dawn of the Planet of the Apes” --------------------------------------------------------------------------------------------------------------------NXT: NXT-4V3J-VA4W-4EY3-GUWV2BLACKCOIN: BP88JtwY9xLev5RKbxpZVuwyhtVdChrADNAMECOIN: NHfN1kpj8G9aUCCHuummBKa8mPvppN1UFaLITECOIN: LLUXwfWrKDpuK38ZnPD14K6zc6rUaRgo9WBITCOIN: 1AEiTkWiF8x6yjQbbhoU89vHHMrkzQ7o8d---------------------------------------------------------------------------------------------------------------------Don’t forget you can e-mail the show at: sovryntech@riseup.netYou can also visit our IRC channel on Freenode: #SovrynBalnea---------------------------------------------------------------------------------------------------------------------Brian Sovryn prefers RetroShare! Below is the certificate to find and connect with the show on RetroShare (Username: SovrynTech) Af8AAAJbxsBNBFOcuC4BCACpKFnd9cS2LBoLSsRfbVdt9rPVxyDbi0YsV06WGGlkfuXtbJNDFVw8ckhaQeVQk+6Mk7m2WsbG/CpRSA9jfezXYqPv4433gTVQVSQA+od9K4dpXKOWhsk2OPDDlrqFvisGlW1gcM7SWwoX0LQhbnkzhYMh2wQIZjpKU0iSYVmVDEe0ukSnV/NdPzsZmqd+dSFTkjiPtGVRsYKoOBz86mub9vxUKsItGioB8ag/qqEpOHaBRmGhRePSfSUe9IbLX1wz8PBvLnZsyH154cCnVkSTMoHk0hgSJWzXrW0XyjQQAfruLDNlKMYlNnNWCUU9eZ3jVDqtBoaLM2LRlT/Sxm+DABEBAAHNJ1NvdnJ5blRlY2ggKEdlbmVyYXRlZCBieSBSZXRyb1NoYXJlKSA8PsLAXwQTAQIAEwUCU5y4LgkQ0wM5pbKbGccCGQEAAEYAB/0YKCpXZCU6A1/yEjSmvIePbBh5tFgv4966+QbOTtQArGwBiqMxkXwNfG8o6OZBD/5tuoPZbSdaPLU5pEY1b8HA0dYGYmGaATSnEN96KfKVrJPE2AYfNwSIrWj/9EWxfTJLozbO74/IIGOrOxy5iNAG6f3sk1Y4mBxESbNpWxdtAlk9n1Asp9f7Zs3/K8dyrLam3xThq4n3xA9ZqUTOLQEzBubTcvsTA0+1hzvf/tkOd+hJvTp9PeCWr5kJzV5+uEA2IdYSvBh8iqHwFQAFBKqgA1NXmhE6VuAn1UQ2myARpDt8M0EIpwbcgJeRHD5HMmaKE450uv8l5eu2ZQqNta7dAgZCV3ye46YDBsCoKj/jpgQABghMYXB0b3AgMQUQBLtrCoMIoacOKhFsx7KIvw==---------------------------------------------------------------------------------------------------------------------You can also contact the show through BitMessage at the address: BM-NBMFb4W42CqTaonxApmUji1KNbkSESki---------------------------------------------------------------------------------------------------------------------And we are on Twister! The P2P microblogging platform: @sovryntech ---------------------------------------------------------------------------------------------------------------------If you wish to send me a PGP-encrypted e-mail, the public key is below, and please send your e-mail to: brian@freetalklive.com (note: this also works for KryptoKit) -----BEGIN PGP PUBLIC KEY BLOCK-----Version: SKS 1.1.4Comment: Hostname: pgp.mit.edu mQENBFKYHJoBCADYLMoFR5/6Je/vViGjbdRobuDXQjGlUP7dGcp8Sh+V4pCkTcpLc0eSrGCzBSverUDtHYe/sAWAINwW3NxB5P/0LgXpt+fZSTe0kdPtrxfmi6tjOCLQHSXoaI4baXVUdZma2ww0QtPY9lS+v5oLEZV74m183JQvtsjTuCnrT9LGN/JIlLZ+FHnox1iMgfcJHhIn0WJgHsYEQrP7Y4GW4lIVWO7FHdREGM9Uf2/syT79fObNthqEv5OdeIaTItpBQpd7yhEY6OyB5ed8Oxh7/iAN+BlNMf2/CfRYN0EPioZGosv/4h42NV+vuDEvEo8KjxgK+3ESO7X4Z0PjIBr8SN6nABEBAAG0JUJyaWFuIFNvdnJ5biA8YnJpYW5AZnJlZXRhbGtsaXZlLmNvbT6JARwEEAEIABAFAlKYHJ0JEBT+3jU4bu7EAAAwewf/dDzv2oTi7WLBm4QJjmuc+7BAFJFkk585SC4pcq/Lp5T/DhMChIWnLbvqki+JdezbCrYJH5rOLUMlAWxiyPvxNps2RC0U4TTbv2zSsqjSw7riQo0gBtoJv9TwqvMAjQzHOOgQKpX25Quk+3ViCd52XtE1MKzzq8n5grcGTlsXjacLTCB41vMQjRRBGxlTIbFdba+GTHkkPZzgtXiIcIRf8s1wxZWYvWy8mlNPgRfq5OmSRwlhLCpj6qtkYZBztmuyuSbrVIcC+5L0kdld0If6ryW2P8m4DRYvlC/dQ7hvn4XrBBZwWf5UvTkJaUeWUwkw7tGmTk4gpqV1aPZRJuWsag===aZrF-----END PGP PUBLIC KEY BLOCK--------------------------------------------------------------------------------------------------------------------------www.sovryntech.comwww.twitter.com/sovryntechplus.google.com/+BrianSovryn1i/liberty.me/members/briansovryn/

Kindle Unlimited is bad for authors? Living machines? Also, thoughts on life, stupid patents, the dangers of the cloud, and much, much more… Special Guest: None Stories of the Week:--Rapidfire Stories: Signal from Open Whisper Systems, Amazon releasing a Square competing device and also an Amazon sellers app, the USB firmware and Tor dilemma, Hangouts can now be done without a Google+ account and soon photos too, Facebook forcing people to use the Messenger app, Stanford has devised a new battery.--”Kindle Unlimited and Subscription Services” Tech Roulette:--”Electric Aliens” Link: goo.gl/ChsJzv --”Synthetic Leaves” Link: goo.gl/xaNnRs Game of Choice:--”Battlestation” Link: battlestation.fi/ Important Email:--”Intelligent animals? Personal worth?” Website of the Week:--”EFF’s Stupid Patent of the Month Blog” Link: goo.gl/bcH087 Hacksec:--”The Danger of the Cloud” Link: goo.gl/IkC2o1 Software of the Week:--”Flock” Link: goo.gl/sBuPtr The Climax:--”Dawn of the Planet of the Apes” --------------------------------------------------------------------------------------------------------------------NXT: NXT-4V3J-VA4W-4EY3-GUWV2BLACKCOIN: BP88JtwY9xLev5RKbxpZVuwyhtVdChrADNAMECOIN: NHfN1kpj8G9aUCCHuummBKa8mPvppN1UFaLITECOIN: LLUXwfWrKDpuK38ZnPD14K6zc6rUaRgo9WBITCOIN: 1AEiTkWiF8x6yjQbbhoU89vHHMrkzQ7o8d---------------------------------------------------------------------------------------------------------------------Don’t forget you can e-mail the show at: sovryntech@riseup.netYou can also visit our IRC channel on Freenode: #SovrynBalnea---------------------------------------------------------------------------------------------------------------------Brian Sovryn prefers RetroShare! Below is the certificate to find and connect with the show on RetroShare (Username: SovrynTech) Af8AAAJbxsBNBFOcuC4BCACpKFnd9cS2LBoLSsRfbVdt9rPVxyDbi0YsV06WGGlkfuXtbJNDFVw8ckhaQeVQk+6Mk7m2WsbG/CpRSA9jfezXYqPv4433gTVQVSQA+od9K4dpXKOWhsk2OPDDlrqFvisGlW1gcM7SWwoX0LQhbnkzhYMh2wQIZjpKU0iSYVmVDEe0ukSnV/NdPzsZmqd+dSFTkjiPtGVRsYKoOBz86mub9vxUKsItGioB8ag/qqEpOHaBRmGhRePSfSUe9IbLX1wz8PBvLnZsyH154cCnVkSTMoHk0hgSJWzXrW0XyjQQAfruLDNlKMYlNnNWCUU9eZ3jVDqtBoaLM2LRlT/Sxm+DABEBAAHNJ1NvdnJ5blRlY2ggKEdlbmVyYXRlZCBieSBSZXRyb1NoYXJlKSA8PsLAXwQTAQIAEwUCU5y4LgkQ0wM5pbKbGccCGQEAAEYAB/0YKCpXZCU6A1/yEjSmvIePbBh5tFgv4966+QbOTtQArGwBiqMxkXwNfG8o6OZBD/5tuoPZbSdaPLU5pEY1b8HA0dYGYmGaATSnEN96KfKVrJPE2AYfNwSIrWj/9EWxfTJLozbO74/IIGOrOxy5iNAG6f3sk1Y4mBxESbNpWxdtAlk9n1Asp9f7Zs3/K8dyrLam3xThq4n3xA9ZqUTOLQEzBubTcvsTA0+1hzvf/tkOd+hJvTp9PeCWr5kJzV5+uEA2IdYSvBh8iqHwFQAFBKqgA1NXmhE6VuAn1UQ2myARpDt8M0EIpwbcgJeRHD5HMmaKE450uv8l5eu2ZQqNta7dAgZCV3ye46YDBsCoKj/jpgQABghMYXB0b3AgMQUQBLtrCoMIoacOKhFsx7KIvw==---------------------------------------------------------------------------------------------------------------------You can also contact the show through BitMessage at the address: BM-NBMFb4W42CqTaonxApmUji1KNbkSESki---------------------------------------------------------------------------------------------------------------------And we are on Twister! The P2P microblogging platform: @sovryntech ---------------------------------------------------------------------------------------------------------------------If you wish to send me a PGP-encrypted e-mail, the public key is below, and please send your e-mail to: brian@freetalklive.com (note: this also works for KryptoKit) -----BEGIN PGP PUBLIC KEY BLOCK-----Version: SKS 1.1.4Comment: Hostname: pgp.mit.edu mQENBFKYHJoBCADYLMoFR5/6Je/vViGjbdRobuDXQjGlUP7dGcp8Sh+V4pCkTcpLc0eSrGCzBSverUDtHYe/sAWAINwW3NxB5P/0LgXpt+fZSTe0kdPtrxfmi6tjOCLQHSXoaI4baXVUdZma2ww0QtPY9lS+v5oLEZV74m183JQvtsjTuCnrT9LGN/JIlLZ+FHnox1iMgfcJHhIn0WJgHsYEQrP7Y4GW4lIVWO7FHdREGM9Uf2/syT79fObNthqEv5OdeIaTItpBQpd7yhEY6OyB5ed8Oxh7/iAN+BlNMf2/CfRYN0EPioZGosv/4h42NV+vuDEvEo8KjxgK+3ESO7X4Z0PjIBr8SN6nABEBAAG0JUJyaWFuIFNvdnJ5biA8YnJpYW5AZnJlZXRhbGtsaXZlLmNvbT6JARwEEAEIABAFAlKYHJ0JEBT+3jU4bu7EAAAwewf/dDzv2oTi7WLBm4QJjmuc+7BAFJFkk585SC4pcq/Lp5T/DhMChIWnLbvqki+JdezbCrYJH5rOLUMlAWxiyPvxNps2RC0U4TTbv2zSsqjSw7riQo0gBtoJv9TwqvMAjQzHOOgQKpX25Quk+3ViCd52XtE1MKzzq8n5grcGTlsXjacLTCB41vMQjRRBGxlTIbFdba+GTHkkPZzgtXiIcIRf8s1wxZWYvWy8mlNPgRfq5OmSRwlhLCpj6qtkYZBztmuyuSbrVIcC+5L0kdld0If6ryW2P8m4DRYvlC/dQ7hvn4XrBBZwWf5UvTkJaUeWUwkw7tGmTk4gpqV1aPZRJuWsag===aZrF-----END PGP PUBLIC KEY BLOCK--------------------------------------------------------------------------------------------------------------------------www.sovryntech.comwww.twitter.com/sovryntechplus.google.com/+BrianSovryn1i/liberty.me/members/briansovryn/

This week, William Budington chats with Bursts about the recent exposé published by Yael Grauer at The Intercept about research by Exodus and Yale Research Group leading to the findings that hundreds of common apps available from the Android Google Play Store contain clandestine tracking apps, allowing for the scooping up of the data a phone user gives off throughout their use of the device.  Ever wonder why a free flashlight app needs permission to access your microphone?  Here's why! We also chat a bit about F-Droid, a platform for free and open-source apps outside of the Play Store, many designed at increased transparency of device usage. At one point, Bursts brings up criticisms aired about the F-Droid repository by Moxie Marlinspike, a founder of Open Whisper Systems, which makes the Signal App for free end-to-end encryption. William is kind enough to explain what the concerns come from and his views on the subject. Like this show?  Rate us on I-Tunes or dop us an email, check out other Error451 episodes or our regular feature, The Final Straw Radio. Oh, and you should know better than to be on social media, but if you are willfully ignorant, we are findable on fedbook, instagram and twitter. track heard: Ugh! Your Ugly Houses! by Chumbawamba from the album "Swingin' With Raymond"

For a 59 minute long, radio clean version for syndication purposes, please visit the archive.org collection. Interview This week Bursts spoke with Kevin Tucker, anarcho-primitivist, author and publisher of Black & Green Review. We had a rather lengthy conversation, so we've split the conversation up. This is the first portion, in which Kevin talks about anarcho-primitivism, domestication, civilization, anthropology and the scientific method, human development, agriculture and more. In the future episode you can hear his views about tribal-bro-ism in the white supremacist approach to historical misappropriation, upcoming issues of Black & Green Review, Collapse, Rewilding versus Revolution and more. For a free look at some of Kevin's writings, visit theanarchistlibrary.org, and to check out his publishing project, journals and books you can visit blackandgreenpress.org Other Audio Today's episode premiers October 1st, which is the date of the #CatalanReferendum for independence in that northern region within the bounds of Spain. In the leadup, the Spanish government has violently repressed the efforts to hold this election and the news we're seeing today is no different. If you'd like to hear a chat I had earlier this week with an English-speaking anarchist who has long resided in Catalunya about Catalan nationalism, autonomy, cultural differences between that region and central Spain, some history and some forecasts of where this referendum and repression may go (always critical of the State and Capital), check out our downloadable podcast. Also, keep an ear out for an upcoming series of podcast miniepisode ‘s featuring William Budington and Bursts chatting about digital security and safer practices with our devices. We've got a couple coming out about practices with Burner Phones and strengths and weaknesses of wrangling with the Signal app for end to end encrypted texts from Open Whisper Systems. Announcements Defend J20: Call in Day for US Attorney Liu This Monday October 2nd is the last day for a concerted call in effort to urge the US Attorney to drop the charges against the J20 defendants. You can join the defend j20 crew in welcoming brand new US Attorney Liu to office with a flood of phone calls demanding that the J20 charges be dropped! Sign up at call.usattorneyliu.org to reserve your time slot. The fine folks there will send you an email with more details and a suggested call script. Her number is 202-252-7566, or if you cannot call in you can send a letter to the Judiciary Center Building, 555 Fourth Street, NW, Washington, DC 20530. October 19th Call for Solidarity There has been a formal call for solidarity from antifascists around the south to oppose an appearance by the by now internationally infamous white supremacist Batman villan Richard Spencer. It has been officially confirmed that this piece of white bread is going to be spewing pseudo intellectual and only marginally intelligible xenophobic racism at University of Florida in Gainesville on October 19th, which is in just over 2 and a half weeks from now. You can see the entire formal call for solidarity, plus some important context that includes recent history and what to be prepared for, at It's Going Down. You can get in touch if you want to endorse this call and are planning on being there in solidarity by emailing oct19endorse@riseup.net Support Herman Bell! “Black Panther Party political prisoner Herman Bell was viciously assaulted by guards at Great Meadow Correctional Facility (Comstock) on September 5, 2017. While being “escorted” by a guard back to his housing unit, a guard struck Herman, age 69, in the face causing his glasses to drop to the floor. He pushed Herman against the wall, Herman stumbled and fell to the ground. The guard then continued viciously hitting and kicking Herman. Very soon about 5 other guards arrived and joined in the violent attack, hitting and kicking Herman all over his body. Herman Bell has now been charged with “assault on staff.” Defying common sense, they allege that Herman, for no apparent reason, slapped the guard escorting him. He did this, they claim, in a location out of the view of all inmates but in the presence of other guards. He is now in the Special Housing Unit (box) at Five Points Correctional Facility where he was transferred after the incident. Herman Bell has not had a disciplinary violation in over 20 years. He had been scheduled to begin a three day family visit with his wife a few days after the incident, their first such visit in over 2 1/2 years. In addition he is to appear before the parole board, for the 8th time, in February 2018. At this time, we are encouraging everyone to take the time to write to Herman or send him a get-well card, so that the authorities know we are concerned for Herman. Further requests for actions of support will be posted soon. His new address is: Herman Bell 79 C 0262 Five Points CF 6600 State Route 96 Caller Box 119 Romulus, N.Y. 14541 Friends and family are also encouraging supporters to email Commissioner Anthony Annucci, to let him know that folks are keeping tabs on Mr. Bell's situation. Commissioner Annucci's email address is: Anthony.Annucci@doccs.ny.gov You can see a sample letter and a bunch more information at this article here: Political Prisoner Herman Bell Assaulted by Guards Comrade Malik Washington Comrade Malik, a tireless writer and organizer who's been very active in exposing unsafe conditions at the Eastham Unit in Texas, is facing retaliation from prison staff, and is asking supporters to email the Texas Ombudsman to prevent any further action being taken against him. You can find out more information at Action Needed to Fight Retaliation at the Eastham Unit! Support Shaka Shakur and Angaza Bahar At the Wabash Valley Correctional Institute in Indiana, Shaka Shakur, who is a political prisoner, defended himself against mistreatment by guards, and another, Angaza Iman Bahar (Jimmy Jones), who helped alert the outside world to the situation, are both facing disciplinary charges. Wabash Valley Correctional has been getting a reputation for “a culture of sadism [in which] guards take pride and find humor in their mistreatment of inmates, especially Black and New Afrikan inmates whom they expose to every kind of abuse and humiliation.” IDOC Watch are asking people to call in so the prison knows that they both have outside support. It is urgent that the security of Shaka Shakur and Angaza Bahar be ensured, but the only way is through mass pressure from the outside. IDOC Watch asks that people call Wabash Valley warden Richard Brown at 812-398-5050 and IDOC Commissioner Robert E. Carter Jr. at 317-232-5711. You can also email IDOC officials at rcarter@idoc.in.gov, rbrown@idoc.in.gov, mauxier@idoc.in.gov, jbasinger@idoc.in.gov, and lsalinas@idoc.in.gov You can see the entire call, which includes helpful context and analysis, and sample letters and emails at incarceratedworkers.org.

The O’Reilly Security Podcast: Designing for security and privacy, noteworthy tools, and the real-world consequences of design.In this episode, O’Reilly’s Mary Treseler talks with Ame Elliot, design director at Simply Secure. They discuss designing for security and privacy, noteworthy tools, and the real-world consequences of design.Here are some highlights: Designing for usable security and privacy Privacy and security are tightly interrelated. Privacy, or confidentiality, is one technical goal of security. Other technical goals of security include integrity and non-reputability. As a UX designer, I’m coming at this from a human-centered design perspective. I care about what end users experience, and privacy feels like the quality that people are looking for in an interaction. I would like to see designers working together with some of the fantastically talented cryptographers to make security usable and delightful so that end users can experience privacy. In order to do that, there's a real need to help users understand that privacy and security aren't necessarily the same. There can be opportunities for new interactions and new product messages to make it clear to end users who is accessing their data and to what purpose. That could be everything from privacy being a feature that a cloud service company promotes, to a secure system for end-to-end encryption in a messaging application. I would like to see a new class of interfaces that give people confidence and power about how their data is accessed and used. Promising open source options and other tools Right now at Simply Secure, we're choosing to partner with open source development efforts. There are a lot of things that are special and exciting about open source. I think designers who take a human-centered approach can benefit by being empathetic with their partners and empathetic toward the other people in their efforts, so it's not just a matter of how you can understand the needs and priorities of end users, but how you can understand the needs and priorities of the teams that you're working with so that you can come together toward a common goal. The Electronic Frontier Foundation has a score card out right now around secure messaging. There are some tools on there that are very rightly being called out and celebrated. For example, the Signal iOS app has been recommend by Laura Poitras, Citizenfour, and The Wall Street Journal. I have a ton of respect for what the Open Whisper Systems team is doing, including integrating into WhatsApp. I'm also just excited about mass market tools. Apple's iMessage is doing some really interesting things. The hope in using a variety of tools is that we can come up with solutions that are globally inclusive and can give a huge mass of people worldwide the ability to communicate securely and privately. Design has real-world consequences I've learned a lot from successes in health care and banking, and in transforming previously complex, off-putting, technical, irrelevant information into exciting and actionable information for end users. The thing that unlocked that change was design. I am optimistic about the role design can play in solving similar systematic challenges, like those found in security and privacy. One of the things that really influenced me in my journey toward working on security and privacy was Mike Monteiro’s 2013 Webstock talk, How Designers Destroyed the World. He gave examples of the ways Facebook users can make decisions that have drastic, real-world consequences to people's lives. That was pretty eye-opening for me and made me think, ‘Hey, these aren't just pixels on a screen. There are people behind these systems, and where designers are making questionable choices, there can be drastic consequences.’ I think designers do have a responsibility. User experience is critical. Design leadership needs to empower designers so they feel they have a voice and the agency to change the shape of a product and get the right values out in the world.

The O’Reilly Security Podcast: Designing for security and privacy, noteworthy tools, and the real-world consequences of design.In this episode, O’Reilly’s Mary Treseler talks with Ame Elliot, design director at Simply Secure. They discuss designing for security and privacy, noteworthy tools, and the real-world consequences of design.Here are some highlights: Designing for usable security and privacy Privacy and security are tightly interrelated. Privacy, or confidentiality, is one technical goal of security. Other technical goals of security include integrity and non-reputability. As a UX designer, I’m coming at this from a human-centered design perspective. I care about what end users experience, and privacy feels like the quality that people are looking for in an interaction. I would like to see designers working together with some of the fantastically talented cryptographers to make security usable and delightful so that end users can experience privacy. In order to do that, there's a real need to help users understand that privacy and security aren't necessarily the same. There can be opportunities for new interactions and new product messages to make it clear to end users who is accessing their data and to what purpose. That could be everything from privacy being a feature that a cloud service company promotes, to a secure system for end-to-end encryption in a messaging application. I would like to see a new class of interfaces that give people confidence and power about how their data is accessed and used. Promising open source options and other tools Right now at Simply Secure, we're choosing to partner with open source development efforts. There are a lot of things that are special and exciting about open source. I think designers who take a human-centered approach can benefit by being empathetic with their partners and empathetic toward the other people in their efforts, so it's not just a matter of how you can understand the needs and priorities of end users, but how you can understand the needs and priorities of the teams that you're working with so that you can come together toward a common goal. The Electronic Frontier Foundation has a score card out right now around secure messaging. There are some tools on there that are very rightly being called out and celebrated. For example, the Signal iOS app has been recommend by Laura Poitras, Citizenfour, and The Wall Street Journal. I have a ton of respect for what the Open Whisper Systems team is doing, including integrating into WhatsApp. I'm also just excited about mass market tools. Apple's iMessage is doing some really interesting things. The hope in using a variety of tools is that we can come up with solutions that are globally inclusive and can give a huge mass of people worldwide the ability to communicate securely and privately. Design has real-world consequences I've learned a lot from successes in health care and banking, and in transforming previously complex, off-putting, technical, irrelevant information into exciting and actionable information for end users. The thing that unlocked that change was design. I am optimistic about the role design can play in solving similar systematic challenges, like those found in security and privacy. One of the things that really influenced me in my journey toward working on security and privacy was Mike Monteiro’s 2013 Webstock talk, How Designers Destroyed the World. He gave examples of the ways Facebook users can make decisions that have drastic, real-world consequences to people's lives. That was pretty eye-opening for me and made me think, ‘Hey, these aren't just pixels on a screen. There are people behind these systems, and where designers are making questionable choices, there can be drastic consequences.’ I think designers do have a responsibility. User experience is critical. Design leadership needs to empower designers so they feel they have a voice and the agency to change the shape of a product and get the right values out in the world.

La collecte de données en Europe, l'avenir sombre des mots de passe et la bataille des hackbots

This week on the show, we will be interviewing GNN of the FreeBSD project to talk about the new TeachBSD initiative. That plus the latest BSD headlines, all coming your way right now! This episode was brought to you by Headlines FreeBSD 10.3-RELEASE Announcement (https://www.freebsd.org/releases/10.3R/announce.html) FreeBSD 10.3 has landed, with extended support until April 30, 2018 This is likely to be the last extended support release, as starting with 11, the new support model will encourage upgrading to the latest minor version by ending support for the previous minor version approximately 2 months after each point release. The Major version / stable branch will still be supported for the same 5 year term. This will allow the FreeBSD project to move forward more quickly, while still providing the same level of long term support The UEFI boot loader is much improved, and now supports booting root-on-ZFS, and the beastie menu The beastie menu itself has been updated with support for ZFS Boot Environments The CAM Target Layer (CTL) now supports High Availability, allowing the construction of much more advanced storage systems The 64bit Linux Emulation Layer was backported Reroot support was added, allowing the system to boot off of a minimal image, such as a mfsroot and then reload all of userland from a different root file system (such as iSCSI, NFS, etc) The version of xz(1) has been updated to support multi-threaded compression sesutil(8) has been introduced, making it easier to manage large storage nodes Various ZFS updates As usual, a huge number of driver updates are also included *** How to use OpenBSD with Libreboot: detailed instructions (https://lists.nongnu.org/archive/html/libreboot/2016-04/msg00010.html) This tutorial covers installing OpenBSD on a Thinkpad X200 using Libreboot, a replacement for the traditional BIOS/firmware that comes from the manufacturer “Since 5.9, OpenBSD supports EFI boot mode, which means that it also have had to support framebuffer out of the box, so lack of proprietary VGA BIOS blob is no longer a problem and you can boot it with unmodified Libreboot binary release 20150518.” “In order to install OpenBSD on such a machine you will need someadditional preparations, since regular install59.fs won't work because bsd.rd doesn't have a framebuffer console.” A few extra steps are required to get it going, but they are outlined in the post This may be very interesting to those who prefer not to depend on binary blobs *** Linking the FreeBSD base system with lld -- status update (http://lists.llvm.org/pipermail/llvm-dev/2016-March/096449.html) The FreeBSD Foundation's Ed Maste provides an update on the LLVM mailing list about the progress of replacing the GNU linker with the lld in the FreeBSD base system “I'm pleased to report that I can now build a runnable FreeBSD system using lld as the linker (for buildworld), with a few workarounds and work-in-progress patches. I have not yet extensively tested the result but it is possible to login to the resulting system, and basic sanity tests I've tried are successful. Note that the kernel is still linked with ld.bfd.” Outstanding Issues Symbol version support (PR 23231). FreeBSD uses symbol versioning for backwards compatibility Linker script expression support (PR 26731). The FreeBSD kernel linker scripts contain expressions not currently supported by lld Library search paths. GNU LD automatically searches /lib, and lld does not the -N flag makes the text and data sections RW and does not page-align data. It is used by boot loader components. The -dc flag assigns space to common symbols when producing relocatable output (-r). It is used by the /rescue build, which is a single binary assembled from a collection of individual tools (sh, ls, fsck, ...) -Y adds a path to the default library search path. It is used by the lib32 build, which provides i386 builds of the system libraries for compatibility with i386 applications. With the ongoing work, it might be possible for FreeBSD 11 to use lld by default, although it might be best to wait to throw that particular switch *** Your favorite billion user company using BSD just flipped on encryption for all their users -- and it took 15 Engineers to do it (http://www.wired.com/2016/04/forget-apple-vs-fbi-whatsapp-just-switched-encryption-billion-people/) With the help of Moxie Marlinspike's Open Whisper Systems, WhatsApp has integrated the ‘Signal' encryption system for all messages, class, pictures, and videos sent between individuals or groups It uses public key cryptography, very similar to GPG, but with automated public key servers It also includes a system of QR codes to verify the identity of individuals in person, so you can be sure the person you are talking to is actually the person you met with WhatsApp runs their billion user network, using FreeBSD, with only about 50 engineers Only 15 of those engineers we needed to work on the project that has now deployed complete end-to-end encryption across the entire network The Wired article is very detailed and well worth the read *** Interview - George Neville-Neil - gnn@freebsd.org (mailto:gnn@freebsd.org) / @gvnn3 (https://twitter.com/gvnn3) Teaching BSD with Tracing News Roundup Faces of FreeBSD 2016: Scott Long (https://www.freebsdfoundation.org/blog/faces-of-freebsd-2016-scott-long/) It's been awhile since we've had a new entry into the “Faces of FreeBSD” series, but due to popular demand it's back! This installment features developer Scott Long, who currently works at NetFlix, previously at Yahoo and Adaptec. Scott got a very early start into BSD, first discovering i386BSD 0.1 on a FTP server at Berkeley, back at 1992. From there on it's been a journey, following along with FreeBSD since version 1.0 in 1993. So what stuff can we blame Scott for? In his own words: I've been a source committer since 2000. I got my start by taking over maintainership of the Adaptec ‘aac' RAID driver. From 2002-2006 I was the Release Engineer and was responsible for the 5.x and 6.x releases. Though the early 5.x releases were not great, they were necessary stepping stones to the success of FreeBSD 6.x and beyond. I'm exceptionally proud of my role in helping FreeBSD move forward during that time. I authored and maintained the ‘mfi' and ‘mps' storage drivers, the ‘udf' filesystem driver, and several smaller sound and USB drivers. I've maintained, or at least touched, most of the storage device drivers in the system to some extent, and I implemented medium-grained locking on the CAM storage stack. Recently I've been working on overall system scalability and performance. ASCII Flow (http://asciiflow.com/) A website that lets to draw and share ASCII diagrams Great for network layout maps, rack diagrams, protocol analysis etc Use it in your presentations and slides Sample (https://drive.google.com/open?id=0BynxTTJrNUOKeWxCVm1ERExrNkU) *** System Under Test: FreeBSD (http://lowlevelbits.org/system-under-test-freebsd/) Part of a series looking at testing across a number of projects Outlines the testing framework of FreeBSD Provides a mini-tutorial on how to run the tests There are some other tests that are now covered, but this is due to a lack of documentation on the fact that the tests exist, and how to run them There is much ongoing work in this area *** Worst April Fools Joke EVER! (http://www.rhyous.com/2016/04/01/microsoft-announces-it-is-acquiring-freebsd-for-300-million/) While a bad April Fool's joke, it also shows some common misconceptions The FreeBSD Foundation does not own the source repository, it is only the care taken of the trademark, and other things that require a single legal entity OpenBSD and NetBSD are not ‘sub brands' of FreeBSD Bash was not ported to Windows, but rather Windows gained a system similar to FreeBSD's linux_compat It would be nice to have ZFS on Windows *** Beastie Bits Credit where credit's due... (https://forums.freebsd.org/threads/55642/) M:Tier's OpenBSD packages and binpatches updated for 5.9 (https://stable.mtier.org/) NYC BUG Meeting (2016-04-06) - Debugging with LLVM, John Wolfe (http://www.nycbug.org/index.cgi) Need to create extremely high traffic loads? kq_sendrecv is worth checking out (http://lists.dragonflybsd.org/pipermail/commits/2016-March/459651.html) If you're in the Maryland region, CharmBug has a meetup next week (http://www.meetup.com/CharmBUG/events/230048300/) How to get a desktop on DragonFly (https://www.dragonflybsd.org/docs/how_to_get_to_the_desktop/) Linux vs BSD Development Models (https://twitter.com/q5sys/status/717509675630084096) Feedback/Question Paulo - ZFS Setup (http://pastebin.com/raw/GrM0jKZK) Jonathan - Installation (http://pastebin.com/raw/13KCkhMU) Andrew - Career / School (http://pastebin.com/wsx90L2m)

This week Chris wanted to talk about privacy so he and Paul invited Jacob Cook the father of arkOS to talk about the importance of confidentiality and better ways to protect yourself online. Subtle Reminder: We have a chat channel on the freenode IRC network you can join during live shows on Thursday nights to interact with us. Or jump in on other days and maybe you run into Chris or Paul. Look for #montrealsauce on freenode or hit the live page on our site. We discuss the spotted history of online payments where Elon Musk’s Paypal was the only choice. Paul & Jacob prefer using stripe when they are developing. Edward Snowden has exposed a number of things about government data collection. The truth is that they cannot provide one case where mass surveillance has stopped an actual terrorist act. Last Week Tonight has an excellnt video on the subject. It’s NSFW. Jacob’s arkOS has a number of ways for you to host your own data. Jacob tells us there are great alternatives out there for every popular app and service, but there’s a learning curve. arkOS is his answer to having an easy solution for everyone, like apps on the app store. Speaking of alternatives, Chris and Paul have had success with Baïkal for syncing contacts and calendars. Chris is excited to try Mumble as an alternative to Skype. Jacob had a Jolla phone to increase his privacy, but recently moved to a new carrier where it wasn’t supported. Jacob & Chris use apps from Open Whisper Systems for encrypted communication on their devices. You can get TextSecure for Android or Signal for iPhone in the various app stores. Encrypting e-mail sounds complex, but there are tutorials everywhere. Read more on ars technia. Chris & Jacob chat a bit about using xdadevelopers forum to try new ROMs on Android and the “hackable nature” of the ecosystem vs. iOS. MightyText Allows you to text from your computer or tablet after syncing with your Android phone. iMessage and WhatsApp are other messaging alternatives they discussed. HTTPS Everywhere is a browser extension/add-on to protect you online. Jacob also uses Ghostery to block all the trackers following you online. Chris cautions that Ghostery will send data to advertisers. Thus, he uses Disconnect. Wait, what do these do? Is Adblock Plus any good or are companies paying ABP not to block? Homeland Security is setting up an office in Silicon Valley. The gents talk SSL encryption. To secure your own sites you can make SSL certificates, but browsers only recognize certificates from a “trusted” authority (in other words a company that takes your money for the certificate). Let’s encrypt is a free service coming in September. arkOS is about being decentralized, your data on your hardware without having to trust some data center. However, ISPs don’t want you to host your own services and some do not give you a static IP address. So, Skylark was born. arkOS on centralized connection. There are now data centers using the micro boards like the Raspberry Pi. You can host things on these microservers. Mininodes is one such service. Special thanks to Jacob for once again coming on to share his time and genius with Paul & Chris. Next episode will be the continuation of the conversation about privacy, sausage and your dXXk pics. Support Montreal Sauce on Patreon

Moxie Marlinspike is the founder of Open Whisper Systems which is both a large community of Open Source contributors, as well as a small team of dedicated developers. Together, the members of Open Whisper Systems is working to advance the state of the art for secure communication, while simultaneously making it easy for everyone to use. Moxie works on secure protocols, Android clients, and server software. He has been contributing to Open Whisper Systems since it was Whisper Systems, formerly ran the product security team at Twitter, started the first cloud-based password cracking service. He has also published a number of attacks on secure protocols like SSL and MS-CHAPv2. He has been a keynote speaker at past OWASP and other security conferences.