DanielTux @danielst@librem.one

Sort of inspired by the results of a poll @fribbledom did regarding Free Software donations and a comment I made about an easy way to keep yourself on track with that, I started this simple project.

https://fosscan.org

I have to #dogfood the project so including a pic of my own (rapidly filling) #FOSScan

Runs on Librem 5, Day 8 - Clock, Stopwatch, Timer

https://www.youtube.com/watch?v=GbLHlS0-q9k

Der heutige Workshop zur Digitalisierung von Jugendarbeit, beim #DBJR, war interessant und konstruktiv. Wir konnten interessante Einblicke in die Themenbereiche Verbandsstrukturen und Jugendarbeit nehmen.

Die Themen Open Source und Datenschutz sind natürlich, als Begleitthemen, auch nicht unter den Tisch gefallen. Tolles Gesprächsklima.

Im nächsten Logbuch gibt es ein wenig mehr dazu. Bis dahin, eine geruhsame Nacht!

Spring - Blender Open Movie https://video.blender.org/videos/watch/3d95fb3d-c866-42c8-9db1-fe82f48ccb95

7 days, 7 applications running on the Librem 5 smartphone dev kit (with video).

Web browsing. Taking notes. Playing Solitaire. And that's just for starters.

Check out what's possible. And stay tuned as we showcase something new every single day.

https://puri.sm/posts/runs-on-the-librem-5-smartphone-week-1/

The History of Cellular Network Security Doesn’t Bode Well for 5G

There’s been quite a bit of media hype about the improvements 5G is set to supposedly bring to users, many of which are no more than telecom talking points. One aspect of the conversation that’s especially important to get right is whether or not 5G will bring much-needed security fixes to cell networks. Unfortunately, we will still need to be concerned about these issues—and more—in 5G.

Past security flaws in the design of cell network infrastructure are being used for everything from large scale SMS spamming to enabling dragnet surveillance by law enforcement and spying in DC via cell site simulators (a.k.a. Stingrays, IMSI-catchers). Longtime cell network security researcher Roger Piqueras Jover has recently published a short but comprehensive reflection on the history of the cell security research that uncovered much of those flaws, and with it, his view of the security outlook for 5G.

Jover draws attention to how rapidly the field of cell network security research has been accelerating. It took researchers over 10 years after GSM was first standardized and deployed to find the first security flaws in the GSM (2G) protocol. For LTE (4G), it took approximately 7 years. Fast forward to the 5G standard, which was finalized  in March 2018. While there are currently no commercial implementations of 5G widely in use yet, researchers have already discovered over 6 critical security flaws in this new protocol.

Standardization efforts simply aren’t keeping up with the rapid rise of critical security flaws. The group responsible for maintaining the standards and incorporating security fixes (the 3GPP) primarily consists of big players in the telco industry, who don’t have much incentive to come up with and incorporate the critical user privacy fixes that are needed.

On the positive side, Jover points out that there are increasing efforts from researchers to explore potential fixes for many of the security problems in cell networks. In the recent past Ericsson has stepped up their efforts to fix some of the vulnerabilities in 5G’s identification and authentication procedures (i.e. the process that takes place between a mobile phone and a cell tower when each is verifying the other is who they claim to be). Similarly, researchers recently published a proof-of-concept paper proposing a PKI (public key infrastructure) & digital certificate system for the connection between mobile phones and cell towers (similar to SSL certificates and HTTPS).

Despite these efforts, for real change to take place, it must come from within: the 3GPP’s biggest players need to embrace the work required to fix the fundamental flaws that have plagued cell networks for years. Until then, our mobile devices are still vulnerable to being caught up in dragnet and targeted surveillance attacks. As it stands, 5G won’t be any sort of panacea—for increasing security, for improving wireless accessibility, or for solving the issues of broadband monopolies that contribute to each of these.

@jonw @tastytea @jeroenpraat
I tend to trust whatever is listed here: https://www.kuketz-blog.de/empfehlungsecke/#dns

Want to find your way from A to B?

You should try:
https://maps.openrouteservice.org

I've used it a couple of times today, and it was great.

* Uses OpenStreetMap data
* Service provided by HeiGIT
* Doesn't spy on you
* Maps look great
* Effective routes
* Share with friends
* Add your own tracks
* Export to GPX plus others
* Elevation profile

You can also go to C, D, E and many more. 😉

#OSM #maps #routes #routing #FOSS #FLOSS #CrowdSourced

Will das @IM_NRW@twitter.com wirklich die Fehler von #HessenData wiederholen und die Überwachungssoftware #Gotham von @PalantirTech@twitter.com anschaffen?

Bekommt #Palantir dann auch in #NRW Zugriff auf das eigentlich interne Behördennetz?

https://www.heise.de/newsticker/meldung/LKA-NRW-will-Facebook-Co-durchsuchen-koennen-4454949.html

https://bigbrotherawards.de/2019/behoerden-verwaltung-hessischer-innenminister-peter-beuth

#DAR /c

Hah. Slack is SaaD... Software as a Disservice.

Here's why: https://davelane.nz/why-slack-better-and-why-open-communities-shouldnt-use-it

Read all about how Todd Weaver and Brendan Eich reject Big Tech’s efforts to weaken California’s privacy law.

https://puri.sm/posts/the-new-generation-of-tech-and-stronger-privacy-laws/

"Secure" messaging can mean something different for everyone. Ask these questions when you make choices about which messengers are right for you. https://www.eff.org/deeplinks/2018/03/thinking-about-what-you-need-secure-messenger

Review by our friends at the Denver Post:
Google Chrome has become surveillance software. It’s time to switch. https://t.co/1vEfs1s01j
#privacymatters