Today, Google took the wraps off a new security tool for Chrome users. Currently available as an alpha release, End-To-End is an extension for Google's browser that offers... well... end-to-end encryption for data arriving in and departing from Chrome. As this is only an alpha version, the extension is not currently available in the Chrome Web Store, but Google has made the code available so the privacy-conscious and security-minded can take it for a test drive.

Based on OpenPGP and a newly developed, JavaScript-based crypto library, End-to-End can be used to encrypt, decrypt, digitally sign, and verify signed messages. Google is keen to receive feedback -- discover a problem and you could cash in, thanks to the Vulnerability Reward Program. In a post on the Google Online Security Blog, Stephan Somogyi, Product Manager, Security and Privacy explains that "we recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection. But we hope that the End-To-End extension will make it quicker and easier for people to get that extra layer of security should they need it".

Continue reading →

Internet heavyweights such as Reddit, Imgur, BoingBoing and the WikiLeaks Party are joining forces to encourage internet users to take control of their privacy. Reset The Net is a campaign that flips the virtual bird at the NSA by inviting people to make use of privacy and encryption tools to keep themselves protected online. Also involved are such names as Greenpeace, Amnesty International and the Electronic Frontier Foundation, and the campaign is gathering momentum as internet citizens find themselves increasingly disillusioned by the post-Snowden world.

We have already seen an upsurge in the use of online encryption, but this has been largely employed by those who are more technically minded. The Reset the Net website asks web users to make a pledge: "On June 5, I will take strong steps to protect my freedom from government mass surveillance. I expect the services I use to do the same". Reset the Net is not an end in itself, but more of an awareness-raising campaign that aims to educate people as much as send a message to the NSA and its ilk.

Continue reading →

No week would be complete without a little Windows news, and this week was no different. A registry hack emerged that should make it possible to receive updates for the no-longer-supported Windows XP right up until 2019. Microsoft later spoiled the fun by pointing out that it could lead to problems as the updates that would be made available as a result of implementing the hack would not be designed for regular desktop versions of Windows XP.

Last week we were wondering why it took eBay quite so long to warn users to update their passwords after a security breach earlier in the year. This week we discovered that it was because the company was under the impression that no user data had been accessed. Apple forgot to renew its SSL certificate, and in another Apple-related security story, a hacker managed to take control of iOS and Mac devices, and hold them ransom. To console itself, the company then splashed the cash on Beats Music -- Joe pondered whether this was just another indication of Apple's lack of innovation.

Continue reading →

A couple of weeks ago, a European court ruling said that internet users had a "right to be forgotten". Google was at the center of the test case, and the internet giant expressed disappointment at the court's decision that individuals should be able to request that their details be removed from search results. Now a removal request form has been created for those looking to clear their name from search queries.

In order to use the form, individuals are required to provide a "valid form of photo ID". It is then possible to request that information that is "inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed" be removed. Google has already made it clear that it found the court ruling "disappointing", and the company says that submitting a request is no guarantee of having details removed from search results.

Continue reading →

In an interview with NBC earlier in the week, Edward Snowden -- ever a thorn in the side of the NSA -- defended his decision to leak documents to the press, saying "Sometimes to do the right thing, you have to break a law". The whistleblower has long insisted that his revelations were born of a desire to help his country, and claims that he previously tried to voice his concerns about the US government's surveillance tactics through official channels.

Speaking in Wednesday's interview, Snowden said "I actually did go through channels, and that is documented. The NSA has records, they have copies of emails right now to their Office of General Counsel, to their oversight and compliance folks, from me raising concerns about the NSA’s interpretations of its legal authorities". This is something disputed by the NSA who released details of a brief email exchange between Snowden and the Office of General Counsel.

Continue reading →

LulzSec is an infamous, famous and notorious name in the technology world. The small collective made a name for itself by attacking high-profile websites such as Fox.com and government sites, but all of this was interrupted when founding member Sabu (or Hector Xavier Monsegur to his mother) was arrested three years ago. Originally facing a jail sentence of more than 26 years for his hacking work, Sabu is now a (relatively) free man having earned himself a get-out-of-jail-free card by working with the FBI since his arrest to help identify other hackers.

Although a judge in New York passed a sentence of seven months, Sabu had already spent this length of time incarcerated so all that is left is one year's supervision. The leniency comes thanks to the fact that Monsegur agreed to continue to work undercover in the hacking community, supplying the FBI with information about activities and individuals. Among those he helped authorities to prosecute were Jeremy Hammond -- one of the most-wanted cybercriminals in the sights of the FBI -- who was jailed for leaking emails to WikiLeaks.

Continue reading →

In the world of politics, the wheels of change move slowly; very slowly indeed. Parties and those in power have a vested interest in maintaining the established order, and any attempts to buck the status quo are usually fairy fiercely opposed. Contrast this with the technological world where there are new innovations made every single day -- even at the weekend! Technology doesn’t run out of money and leave an entire nation on the verge of collapse. Technology is not interested in race, class, sex, sexuality or other characteristics. It is certainly true that technology is largely driven by a desire to generate profit -- we are, for the time being, living in a capitalist world, after all -- but it is profit born of fulfilling people's needs and desires.

Can the same be said of politics? To a large extent politics is self-serving. There's still an interest in generating a profit, but it is for the benefit of the few. Technology serves the masses, and has the potential to serve and benefit all. Of course, the term "technology" is rather broad. For the purposes of this article, I'm going to use it to refer to computers, the internet, smartphone, the cloud, electronic/connected devices, robots and the like. For all the gestures to democracy and choice, politicians are, for the most part, interested in serving certain sections of society. There are of course those parties and politicians who are able to take a wider view, have an interest in helping those at the bottom as much as those at the top, and value all people equally.

Continue reading →

It should come as no surprise that this week's big news was Microsoft's Surface Pro 3 unveiling. Brian had been looking forward to the NYC event and was at the event to get hands on with the new device. There's certainly a lot to love about Microsoft's third generation tablet, but there is that price to consider. If you like the look of what you see, the device is available for pre-order right now -- and if you're undecided between the Surface and a MacBook Air, Mihaita compared the two. Maybe you're one of those who thinks it’s a niche product.

The Surface Mini failed to make an appearance, but there are still lots of other tablets to choose from -- although they are yet to make much of an impression in higher education, unlike Chromebooks which have found their way into Welsh schools. Will Microsoft's tablet manage to attain the longevity of Apple's iPad? You'd be forgiven for thinking that hell itself had frozen over at the news that work is underway that will make it possible to run Android and iOS apps side by side on the same device.

Continue reading →

Privacy. It's something that we're all concerned about, particularly online. Facebook is one of many companies that comes in for scrutiny and criticism for the way it handles user privacy, and there have long been complaints about the fact that statuses and uploaded photos are made publicly accessible by default. Today that changes. After years of pestering, Facebook has listened to its user base and changed the default visibility setting to "Friends only". At least this is the case for brand new users.

Anyone signing up for a new Facebook account -- can there be many people left who do not yet have one? -- will be able to avoid accidentally sharing private photos with the world. "Going forward, when new people join Facebook, the default audience of their first post will be set to Friends. Previously, for most people, it was set to Public," says Facebook in a blog post. The first time a post is made, users will be asked whether it should be made public or limited to a smaller audience. If no selection is made, it will default to Friends.

Continue reading →

Reverse engineering apps is an interesting field of work. On one hand, it can be used by software engineers to determine how an app works so they can copy it. On the other, the method can be used by those with malicious intent to track down weaknesses that can then be exploited. But there's also a third hand. Reverse engineering can also be used to highlight security problems with a view to not only alerting those affected, but also addressing the problem.

Researchers at Include Security, whilst practicing their reverse engineering skills, turned their attention to the Outlook.com app for Android and discovered a potentially worrisome security issue.

Continue reading →

After Edward Snowden’s many (and on-going) revelations, it’s easy to think there’s not much you can really do to avoid being spied upon or prevent your communications potentially being monitored. Of course you probably don’t have much to hide, and therefore what you say isn’t likely to be of major interest to the NSA or other snoopers, but that doesn’t mean you shouldn’t at least try to maintain a degree of privacy where possible.

SRD Wireless has today announced the launch of PQChat, a free app for iOS based on SRD’s own Never-The-Same (NTS) encryption which protects data using the McEliece cryptosystem, the strongest currently known, and which has never been broken (as far as anyone is aware, at least).

Continue reading →

Self-Destructing Cookies is a Firefox add-on which does a great job of controlling cookie use, without any of the complexity you’ll see in other tools.

Install the add-on and it takes immediate effect, automatically deleting a site’s regular cookies -- and its LocalStorage data -- just as soon as you close its tab.

Continue reading →

It may seem as though Google feels the sharp end of many tongues -- be it about problems with Glass, for shaping the content of the internet, or the way it handles advertising. But more often than not, the big G finds itself on the receiving end of criticism for being in bed with the NSA for the way it handles user privacy. In spite of all of the ammunition unleashed in Google's direction, the company has -- incredibly -- been awarded a full six stars out of six by the Electronic Frontier Foundation for protecting user data from government requests.

The EFF's Who Has Your Back? report ranks and rates the performance of some of the biggest names in the world of tech for handling user privacy in the face of government data requests. Finding ourselves in a world now tainted by the activities of the NSA, privacy and accountability have become more important to internet users than ever before. The Electronic Frontier Foundation prides itself on "defending your rights in the digital world", and its annual report looks at the performance and promises of 26 companies who handle your data.

Continue reading →

Google is reportedly readying an online tool which people will be able to use to request that search results pertaining to them are removed from Google's search engine.

This follows a ruling by an EU court earlier this week on the "right to be forgotten", which decided in favor of a Spanish man who had requested that Google remove links (not web content, but search links) which pointed to articles concerning his house repossession for debt repayments. The man claimed that because the incident occurred in the late nineties, it was now "irrelevant", and for it to be made publicly viewable by Google was a violation of his privacy rights.

Continue reading →

The past week was one dominated by privacy and security related stories. A court ruling in Oracle's favor means that the company is able to claim copyright protection for APIs subsequently used by Google in Android. The long term effects of the ruling are yet to be understood, but they could certainly be far-reaching. Privacy hit the headlines again as SanDisk works on a self-encrypting SSD, and Google was told that users can request that information about them be removed from search results -- of course it didn't take long for the requests to start rolling in.

New research shows that there has been an increase in online suspicion, indicated by a huge increase in the levels of encryption used. The UK government approved the use of Samsung KNOX devices which could help to allay fears about BYOD. Google announced GAME -- Google Apps Message Encryption -- to provide end-to-end encryption for email outside of the Gmail ecosystem.

Continue reading →