Yesterday Jacob Appelbaum discovered an input sanitation bug in OnionShare 0.3. It is now fixed, and you should upgrade to the latest version before using it again. You can download the latest version from https://onionshare.org/.
Our universe is built out of mathematics. Humans have been learning, discovering, and using mathematics for thousands of years because it’s the only thing that can accurately describe what happens around us. The laws of physics are written in mathematics, and they cannot be broken.
One year ago today the Snowden revelations began. Since then there has been a flood of calls for reform. A federal judge called the NSA “almost Orwellian”. Congress and President Obama have admitted that bulk surveillance of Americans is wrong and should end. But so far we haven’t seen real reform in the US, and we might never see it. Even if the US does pass meaningful surveillance reforms the problem won’t be solved. There are billions of people all over the world that rely on the Internet, and their privacy will continue to get violated by governments around the world.
I maintain a piece of software called Tor Browser Launcher. It takes care of downloading Tor Browser Bundle for you, verifying the gpg signature, making sure you’re always using the latest version of Tor Browser, and making it easier to launch.
I originally only made Tor Browser Launcher work in Debian-based distributions, but since the default templates in Qubes are based on Fedora, I recently ported it to RPM-based distributions as well. Here’s how to set it up.
Qubes is my preferred operating system, but occasionally you need to run something else. It’s hard to get certain hardware working the way you expect in Qubes, like webcams or non-disk USB devices. And Qubes VMs don’t support 3D acceleration, which you might occasionally need. You also can’t run VirtualBox inside of Qubes. You normally don’t have any reason to do this, except for very specific cases, like software development with Vagrant.
So here are instructions for how to dual-boot Qubes R2 rc1 and Ubuntu 14.04 LTS, using disk encryption for both. You should be able to adopt this same technique to dual-boot pretty much any two GNU/Linux distros with disk encryption. Keep in mind that if you’re booted into Ubuntu and you get owned, it’s possible for the attacker to then compromise Qubes. (You have to get really, really, really owned for an attacker who compromised Qubes to then compromise Ubuntu.)
This was originally published on the Freedom of the Press Foundation’s blog.
We wrote about the importance of the Tails operating system to all of the NSA journalists last week, but there’s also another little-known operating system that journalists should consider using if they find themselves in high-risk scenarios. It’s called Qubes.
I’ve only been using Qubes for a few weeks, but I feel like my operating system is now a digital fortress. Let me try to explain why, and how Qubes differs from Tails.
If any piece of software gets compromised, your whole computer is compromised. The attacker can look at your files, log your keystrokes, take screenshots, steal your encryption keys, and read the emails that you type before you even have a chance to encrypt them.
Update: A couple people have pointed out that the privacy changes won’t actually take affect in 14.04, which means that fixubuntu.com will still be necessary until at least 14.10, which will be released in October. Oops.
In October 2012, Canonical made a horrible mistake. They included a “feature” in Ubuntu 12.10 that has been widely considered adware and spyware. I blogged about the new Ubuntu’s Amazon ads and data leaks for EFF at the time, with the main ask being that Dash’s online search should be an opt-in feature and not enabled by default.
Thanks to Edward Snowden and journalists at Der Spiegel, today we learned about Tailored Access Operations (TAO), NSA’s world-class hacking team. There was a lot of interesting information in that article (like how they divert shipping of electronics to a secret warehouse where they can modify it to install backdoors!).
But I’m just going to talk about how they use Microsoft error reports to gather private information about Windows computers that can be used to compromise their security — a problem that’s trivially easy for Microsoft to fix.
For those wanting to decentralize the Internet and encrypt all the things, Mailpile is a hot topic.
Mailpile is a web-based email client (like Thunderbird or Outlook, not to be confused with a service, like Gmail) that you install locally and access by opening http://localhost:33411/ in your browser.
The goal of Mailpile is to give everyone all the nice features they’re used to with Gmail but that you don’t get with a traditional email client, like labels, conversations, and really quick search. You can use Mailpile to check any email address (including your @gmail.com one).
I started working at the Electronic Frontier Foundation in March of 2011. I joined the tech team as EFF’s first full-fledged web developer, eventually switching jobs internally to become a staff technologist. After over two and a half years of working with the most inspiring group of people I’ve ever met, I’m moving on to join a startup. Monday is my last day of work at EFF.
Pierre Omidyar, Glenn Greenwald, Laura Poitras, Jeremy Scahill, and a fantastic team of people are starting a media organization that will redefine journalism, and I’m joining its tech team. My focus will be on using technology to ensure that the constitutional rights of journalists cannot be violated by powerful spy agencies or anyone else.
I’m ecstatic about my change in career, and there are so many ideas buzzing around my head about it. But I’ll wait until we launch our website before talking about the new company. Instead I’m going to talk about my time at EFF.