Vendors must start adding physical on/off switches to devices that can spy on us

Vendors must start adding physical on/off switches to devices that can spy on us

A device equipped with a hardware “off” switch for the camera and microphone isn’t yet on the market, as far as I know.

How to make Your Router More Secure on the Internet

How to make Your Router More Secure on the Internet

Michael Horowitz, a router security expert, wrote, "I think it is a mistake to use a consumer router. Horowitz says that manufacturers of consumer-grade routers are concerned with making a profit, not with making secure routers.

Apple's New MacBook Disconnects Microphone "Physically" When Lid is Closed

Apple's New MacBook Disconnects Microphone "Physically" When Lid is Closed

Apple's custom T2 security chip in the latest MacBooks includes a new hardware feature that physically disconnects the MacBook's built-in microphone whenever the user closes the lid, the company revealed yesterday at its event at the Brooklyn Academy of Music in New York.

Facebook’s latest mishap involves bizarre messages printed on Oculus controllers

Facebook’s latest mishap involves bizarre messages printed on Oculus controllers

Oculus cofounder Nate Mitchell, whose company is of course owned by Facebook, acknowledged on Twitter Friday that weird secret messages were “accidentally” hidden in “tens of thousands” of the virtual reality controllers.

Malware and Firmware Trojans

Malware and Firmware Trojans

1 Malware 1.1 The Importance of a Malware Free System 1.2 The Utility of Antivirus Tools 1.3 Preventing Malware Infections 1.4 Detecting Malware Infections 1.5 Watering Hole Attacks 2 Firmware Trojans 2.1 Virtualizers and Hardware Compromise 2.2 The Promise of Libre Firmware 3 References Malware[edit ].

US government claims to have found evidence against Huawei via secret surveillance

US government claims to have found evidence against Huawei via secret surveillance

The news comes as the US government has urged its allies around the world to bar Huawei from public communications networks, claiming that the company's hardware poses a national security risk.

The 5 Best Phones for Privacy & Security

The 5 Best Phones for Privacy & Security

All five phones use the AES encryption standard, with BlackBerry being the only one on our list to opt for the less secure (but easier to process) 128-bit key.

DARPA Is Building a $10 Million, Open Source, Secure Voting System

DARPA Is Building a $10 Million, Open Source, Secure Voting System

“Galois and DARPA have just stepped up and filled a vacuum of leadership at the federal level to address the well-documented vulnerabilities in US voting machines that constitute a national security crisis.” But even so, the secure designs are expected to change how new CPUs are architected going forward.

Open Source Hardware Could Defend Against Next Generation Hacking

Open Source Hardware Could Defend Against Next Generation Hacking

Shane Oberloier and Joshua Pearce , CC BY-ND The future of distributed manufacturing Making open-source hardware systems more available increases regular people’s security by giving them verifiably secure options.

Why do they think they have rights to your data

Why do they think they have rights to your data

And you don’t care?’ Today, every digital service you use (like application or mobile app) and every smart piece of hardware you buy (smart TV, your mobile phone or that fancy gym gadget…), is almost surely watching you.

Profs prep promising privacy-protecting proxy program... Yes, it is possible to build client-server code that safeguards personal info

Profs prep promising privacy-protecting proxy program... Yes, it is possible to build client-server code that safeguards personal info

In a paper scheduled to be presented on Thursday at the USENIX Networked Systems Design and Implementation conference , co-authors Frank Wang (MIT), Ronny Ko and James Mickens (Harvard) describe a system called Riverbed – not to be confused with an identically named IT company – that consists of a proxy service to oversee the handling of data locally and on remote servers.

These Android apps have been tracking you, even when you say stop

These Android apps have been tracking you, even when you say stop

The company said its policies allow for the collection of hardware identifiers and the Android ID for some purposes, like fraud detection, but not for the targeting of ads.

Maqp/tfc: Tinfoil Chat

Maqp/tfc: Tinfoil Chat

Transmitter Program encrypts and signs plaintext data and relays the ciphertexts from Source Computer to her Networked Computer through a serial interface and a hardware data diode.

If Google and LG Like Smart TVs, So Should the Privacy Police

If Google and LG Like Smart TVs, So Should the Privacy Police

If Google and LG Like Smart TVs, So Should the Privacy Police (Bloomberg Opinion) -- The world’s tech police have the opportunity to succeed in televisions where they initially failed with the rest of the connected world, and ensure that users retain a firm grasp on their data.

Purism 'PureOS Store' will be for both desktop and mobile apps, and that's a mistake

Purism 'PureOS Store' will be for both desktop and mobile apps, and that's a mistake

"Purism is pleased to announce PureOS Store, a secure alternative to proprietary app stores that respects your privacy and freedom. PureOS Store will be a vibrant hub for both mobile and desktop apps.

Digital Safety: Using security keys to secure accounts against phishing

Digital Safety: Using security keys to secure accounts against phishing

Two-step verification is an extra layer of security used to protect accounts. The most secure way to protect accounts is by using a security key. A security key is a hardware device that you can either plug into your computer via USB or connect to wirelessly via your phone.

2019 will be the year of privacy

2019 will be the year of privacy

Emerging privacy-preserving technology can help provide a win-win solution, offering unprecedented user privacy protections while enabling new applications for data. Privacy-preserving techniques combined with blockchain can enable new decentralized applications that protect data while providing users with transparency and control over how data is used.

Librem 5 – Purism

Librem 5 – Purism

Purism PureOS Apple iOS Google Android User Controls Device Yes No No Trackers Disabled by Default Yes No No Privacy Protection By Default Yes No No Does Not Track You Yes No No Layered Security Protection Yes No No User Controlled Source Code Yes No No Runs GNU+Linux Yes No No Separates CPU from Cellular Baseband Yes No No IP-Native Communication First Yes No No Decentralized Communication by Default Yes No No

How Does a Firewall Work?

How Does a Firewall Work?

A firewall is software or hardware that uses predetermined rules to monitor incoming and outgoing network traffic. Traditional firewalls, known as packet filters, examine data for information such as its source and destination IP address.

Facebook Still Doesn't Understand What Privacy Means

Facebook Still Doesn't Understand What Privacy Means

Midway through his missive, Zuckerberg offers a defense of his internal emails regarding the idea of quite literally selling access to user data: “we decided on a model where we continued to provide the developer platform for free and developers could choose to buy ads if they wanted.

Split Key Cryptography is Back… Again – Why Government Back Doors Don’t Work

Split Key Cryptography is Back… Again – Why Government Back Doors Don’t Work

3. Security Impact – The creation of EXPORT grade ciphers led to software that would support both regular cryptography and weakened cryptography in order to support legacy systems, which persisted long after governments decided that regulating crypto was a bad idea and dialed back their rules.

Microsoft's Android launcher now tracks your digital health

Microsoft's Android launcher now tracks your digital health

As The Verge notes, the Microsoft Launcher runs on devices running Android 4.2 and later. This gives people with older devices a major digital health option without having to buy new hardware.

Librem 5 Development Kits: we are getting there! – Purism

Librem 5 Development Kits: we are getting there! – Purism

So once the PCBs finally arrived, on the same day we set up all the machines and worked until 5 a.m. to make the first 10 “golden sample” prototypes of the development base boards:

Doh! What My Encrypted Drive Can Be Unlocked By Anyone?

Doh! What My Encrypted Drive Can Be Unlocked By Anyone?

The paper outlines that some SSD drives (including Samsung and Crucial) do not actually encrypt the data properly, and that they can be easily by-passed without a system password.

Apple says its T2 chip can prevent hackers from eavesdropping through your MacBook mic

Apple says its T2 chip can prevent hackers from eavesdropping through your MacBook mic

In a new security document published today, and reported on first by TechCrunch, Apple is giving us a glimpse at some of the chip’s capabilities, specifically its ability to prevent hackers from eavesdropping through your laptop microphone.

Ledger Nano S Limited Edition Review – CryptoLauren

Ledger Nano S Limited Edition Review – CryptoLauren

This company has created software devices specially designed for the safe storage of popular cryptocurrencies. Ledger provides the most robust devices for the secure storage of your cryptocurrency. They have developed a remarkably secure structure, placing themselves at the top of the digital wallet options.

The Titan M Chip Powers Up Pixel 3 Security

The Titan M Chip Powers Up Pixel 3 Security

In order to use it to protect keys, that’s a reasonable thing to do, but you know there’s still going to be the risk of attacks like Spectre, Meltdown, and Rowhammer,” says Will Drewry, principle software engineer at Google, referring to prominent examples of pernicious hardware-based attacks.

Cyborg Unplug

Cyborg Unplug

2.4Ghz detectorDetects and disconnects (disconnection feature outside US only) most common classes of wireless surveillance deviceLED alertSends email alerts to an account you configureUS plug standard, with Euro adaptor for travellersWirelessly tunnel multiple devices (phones, laptops, tablets) through a VPN you configure, no need for extra software on any deviceShare files from a USB stick over the network, with no need for third-party apps (like DropBox)With no settings applied, functions as pocket-sized travel routerFree, 24/7 high-speed VPN service.

You Gave Facebook Your Number For Security. They Used It For Ads.

You Gave Facebook Your Number For Security. They Used It For Ads.

They found that Facebook harvests user phone numbers for targeted advertising in two disturbing ways: two-factor authentication (2FA) phone numbers, and “shadow” contact information. However, until just four months ago, Facebook required users to enter a phone number to turn on any type of 2FA, even though it offers its authenticator as a more secure alternative.

Librem 5, the world’s first ethical, user-controlled smartphone, makes steady progress for initial shipping beginning April 2019 – Purism

Librem 5, the world’s first ethical, user-controlled smartphone, makes steady progress for initial shipping beginning April 2019 – Purism

With all the advancements Purism is making with the hardware, software, development kits, and services, during testing two silicon bugs were discovered in the Librem 5’s CPU, manufactured by NXP, that affects power management and power consumption.

More