Wie, Du bist nicht bei Whatsapp?

“Wer Whatsapp liebt, sollte besser nicht weiterlesen, oder vielleicht gerade dann, denn Liebe macht ja bekanntlich oft blind.” Boris Pohler, selbst Lehrer und Vater von zwei Kindern, bennent den Preis für die Verwendung des weit verbreiteten Dienstes und erklärt, warum jeder Nutzer gegen deutsches Recht verstößt.
blog.pohlers-web.de

How not to get phished

“Most humans can tell the difference most of the time, but if they are tired, or stressed, or in a rush, or have any number of other common obstacles to computer use, there’s a good chance they won’t notice the difference, will type their password into the wrong site, and will have their account taken over by bad guys.” Jacob Hoffman-Andrews identifies password managers as the average human’s best defence against phishing attacks.
jacob.hoffman-andrews.com

Conversations

“Welcome to this introduction to Conversations. It is gonna be a great introduction. It’s gonna be fabulous. Other instant messengers have fought Conversations for many years, but they couldn’t beat it. Just couldn’t do it. Total loosers. They’re all dead now. All the other messengers have failed. Forget WhatsApp, okay? Signal …total disaster. Threema is so bad, it’s not even a real messenger. It’s fake. Threema is a fake messenger. Converstations has got to be the best messenger in the world. It’s huge. OMEMO. You’ll love it. Best protocol. Tremendous. Absolutely fantastic. Nobody has messengers better than Conversations. This messenger is so big, you can even see it from the moon. And I am going to make you pay for it. It’s true. Important people tell me that Conversations is so great, it’s unbelievable. So great, it’s beautiful. Conversations is the best instant messenger that God ever created.”
conversations.im

The swedish kings of cyberwar

“Among the many questions posed by Scandinavia’s embrace of mass surveillance is one that has lingered at the margins throughout the Snowden debate: Are advanced democracies any different than their authoritarian counterparts in seeking to gain broad access into the private lives of citizens?” Hugh Eakin shines a light on the underreported activities of Sweden’s FRA in spying on people everywhere.
www.nybooks.com

With thanks to Michael August

WhatsApp backdoor allows snooping on encrypted messages

​“(Tobias) Boelter reported the backdoor vulnerability to Facebook in April 2016, but was told that Facebook was aware of the issue, that it was ‘expected behaviour’ and wasn’t being actively worked on.”
www.theguardian.com

Earlier, I posted two messages for my friends on Facebook. One with my Threema address, the other with the above quote and link to the article critical of Facebook’s conduct. Within hours, the latter had mysteriously disappeared from view. I don’t routinely use Facebook and now I know why: on this evidence, nobody gets to see much of what I post there, anyway…

Corporate censorship is the process by which editors in corporate media outlets intervene to disrupt the publishing of information that portrays their business or business partners in a negative light.”
wikipedia.org

Why I won’t recommend Signal anymore

​“We need to remember that we’re fighting not only against government surveillance, but also against corporate surveillance as well. We need ways to defend against this, and using corporate solutions that create a dependency on these solutions, even if the communications themselves are not readable to them, there’s still the issue of metadata, and of course general availability of Google’s services to Signal.” Sander Venema disagrees on strategy, not cryptography.
sandervenema.ch

What we give away when we log on to a public Wi-Fi network

“Already 20 smartphones and laptops are ours. If he wanted to, Slotboom is now able to completely ruin the lives of the people connected.” Wouter Slotboom is one of the good guys, demonstrating to Maurits Martijn his effortless ability to retrieve people’s passwords, steal their identity, and plunder their bank accounts.
decorrespondent.nl

Signal

“I am regularly impressed with the thought and care put into both the security and the usability of this app. It’s my first choice for an encrypted conversation.”
Bruce Schneier

Signal offers private messaging and calling in one simple app. It is both free and open source. Development is supported by community donations and grants. This means that there are no hidden strings attached. Use Signal as an alternative to WhatsApp or, better still, its replacement.
whispersystems.org

Mail-Dienste sehen alles

“Die elektronische Post kam mit kostenlosen Diensten in Mode. Für sie zahlen Kunden nicht in harter Währung, sondern akzeptieren Werbung und meist auch die Verwertung der aus ihren Daten gespeisten Kundenprofile.” Mittlerweile bekannt gewordene Abhörpraktiken der NSA rücken immer mehr auch Fragen nach der Sicherheit von E-Mails in den Vordergrund. Die Stiftung Warentest hat 14 Provider unter die Lupe genommen: Als Testsieger gehen Mailbox.org und Posteo hervor.
www.test.de

The most wanted man in the world

“The question for us is not what new story will come out next. The question is, what are we going to do about it?” James Bamford interviews Edward Snowden, who regards the use of strong encryption in your everyday communication as a viable means to end mass surveillance.
www.wired.com

Also watch United States of Secrets, a two-part series detailing how the US government came to monitor and collect the communications of millions around the world.

OS X Mavericks forces iOS calendar, contact syncing into iCloud

“Basically, iCloud is appallingly insecure, and Apple has just dramatically increased the volume of information that’s about to start flowing through it—names, email addresses, home addresses, and phone numbers in droves, not to mention your doctor’s visits.” Molly Wood does not regard Apple’s iCloud a safe place for her data.
themolly.com

How the NSA betrayed the world’s trust—time to act

“And whoever tells you that they have nothing to hide simply haven’t thought about this long enough. ‘Cause we have this thing called privacy. And if you really think that you have nothing to hide, please make sure that’s the first thing you tell me because then I know, that I should not trust you with any secrets because obviously, you can’t keep a secret [sic]”
Mikko Hypponen
www.ted.com

The danger of fetishizing BlackBerry Messenger security

“I would suggest that it is more useful to take a holistic democratic accounting of lawful access laws and their implications. Where such laws are prospectively damaging to the fabric of the democracy, perhaps by threatening rights of free speech, association, and limitations of governmental search powers, then those are the areas that we as citizens, journalists, and commentators must focus our attention. Such democratic narrative can be supported by technological and legal facts and opinions, but critically the basic narrative is not on corporate products, whiz-bang technologies, nor legal minutia, but the very principles of a democracy.” Christopher Parsons in 2012, more than one year before Edward Snowden, is right on the money pinpointing the implications of unrestrained government surveillance.
www.christopher-parsons.com

Threema

“Threema is a mobile messaging app that puts security first. With true end-to-end encryption, you can rest assured that only you and the intended recipient can read your messages.” Threema is my favourite instant messaging application and has been described as “a much flasher version of WhatsApp”. Its source code has recently undergone an external security audit and was found to provide a ”security level which compares favourably with the state of the art in similar messaging services“.
threema.ch

Why passwords have never been weaker—and crackers have never been stronger

“The RockYou dump was a watershed moment, but it turned out to be only the start of what’s become a much larger cracking phenomenon. By putting 14 million of the most common passwords into the public domain, it allowed people attacking cryptographically protected password leaks to almost instantaneously crack the weakest passwords. That made it possible to devote more resources to cracking the stronger ones.” Dan Goodin details the many reasons you should choose your passwords even more carefully.
arstechnica.com

How to remain secure against NSA surveillance

“The NSA has turned the fabric of the internet into a vast surveillance platform, but they are not magical. They’re limited by the same economic realities as the rest of us, and our best defense is to make surveillance of us as expensive as possible.” Bruce Schneier works on the assumption that the NSA is able to decrypt most of the Internet.
www.theguardian.com

On the same subject, David Meyer felt moved to pen an open letter titled ‘Dear stupid, stupid NSA’.