There’s a common internet meme: “pics or it didn’t happen”
I’d like to start a new security meme: “code or it’s not secure”
This can be a short and effective response to any company that is selling the newest “secure” <insert product here>.
If you can’t see the code you have no idea what it’s doing. Whether it’s using encryption properly, encrypting anything at all or sending plain text copies of your data to a third party.
You should own your tech. Your tech shouldn’t own you.
I’m calling bullshit on this:
“Blackphone includes a unique combination of operating system and application tools which offer unparalleled security and privacy to information workers, executives, public figures, and anyone else unwilling to cede ownership of their privacy to other authorities.”
“…and secure cloud file storage” this is the first big problem. Real security cannot be obtained via the “cloud”.
Also, I don’t see links to the source code, for anything, anywhere on the site. Like the popular saying “pics or it didn’t happen” the analogous security rule is “source code or it isn’t secure”.
Visual Cryptography, using the human eye to decode messages.
Also talks about an interesting way to mask answers to embarrassing survey questions while still receiving useful results from large groups.
If this article is accurate then the criminals are way ahead of the “good guys” when it comes to writing cutting edge, durable software.
Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps | Ars Technica
How Safe is Mexico? A Traveler’s Guide to Safety Over Sensationalism is an excellent illustration of people’s inability to rationally judge risk as frequently discussed by Bruce Schneier.
Quark : A Web Browser with a Formally Verified Kernel.
It’s about time someone did this for a web browser. It sounds similar to Wombat Linux that runs on the seL4 microkernel.
Lion’s Whole-Disk Encryption talks about how to make other disks (besides startup) encrypted in Mac OS X 10.7 Lion.
The NSA which monitors the email, phone calls, and other communications of all Americans (~3 million) and many foreign nationals (~7 billion) says that it can’t search the internal emails of its own employees (~30 thousand). I’m guessing they’re being a bit modest.