DanielTux @danielst@librem.one

Spring - Blender Open Movie https://video.blender.org/videos/watch/3d95fb3d-c866-42c8-9db1-fe82f48ccb95

7 days, 7 applications running on the Librem 5 smartphone dev kit (with video).

Web browsing. Taking notes. Playing Solitaire. And that's just for starters.

Check out what's possible. And stay tuned as we showcase something new every single day.

https://puri.sm/posts/runs-on-the-librem-5-smartphone-week-1/

The History of Cellular Network Security Doesn’t Bode Well for 5G

There’s been quite a bit of media hype about the improvements 5G is set to supposedly bring to users, many of which are no more than telecom talking points. One aspect of the conversation that’s especially important to get right is whether or not 5G will bring much-needed security fixes to cell networks. Unfortunately, we will still need to be concerned about these issues—and more—in 5G.

Past security flaws in the design of cell network infrastructure are being used for everything from large scale SMS spamming to enabling dragnet surveillance by law enforcement and spying in DC via cell site simulators (a.k.a. Stingrays, IMSI-catchers). Longtime cell network security researcher Roger Piqueras Jover has recently published a short but comprehensive reflection on the history of the cell security research that uncovered much of those flaws, and with it, his view of the security outlook for 5G.

Jover draws attention to how rapidly the field of cell network security research has been accelerating. It took researchers over 10 years after GSM was first standardized and deployed to find the first security flaws in the GSM (2G) protocol. For LTE (4G), it took approximately 7 years. Fast forward to the 5G standard, which was finalized  in March 2018. While there are currently no commercial implementations of 5G widely in use yet, researchers have already discovered over 6 critical security flaws in this new protocol.

Standardization efforts simply aren’t keeping up with the rapid rise of critical security flaws. The group responsible for maintaining the standards and incorporating security fixes (the 3GPP) primarily consists of big players in the telco industry, who don’t have much incentive to come up with and incorporate the critical user privacy fixes that are needed.

On the positive side, Jover points out that there are increasing efforts from researchers to explore potential fixes for many of the security problems in cell networks. In the recent past Ericsson has stepped up their efforts to fix some of the vulnerabilities in 5G’s identification and authentication procedures (i.e. the process that takes place between a mobile phone and a cell tower when each is verifying the other is who they claim to be). Similarly, researchers recently published a proof-of-concept paper proposing a PKI (public key infrastructure) & digital certificate system for the connection between mobile phones and cell towers (similar to SSL certificates and HTTPS).

Despite these efforts, for real change to take place, it must come from within: the 3GPP’s biggest players need to embrace the work required to fix the fundamental flaws that have plagued cell networks for years. Until then, our mobile devices are still vulnerable to being caught up in dragnet and targeted surveillance attacks. As it stands, 5G won’t be any sort of panacea—for increasing security, for improving wireless accessibility, or for solving the issues of broadband monopolies that contribute to each of these.

@jonw @tastytea @jeroenpraat
I tend to trust whatever is listed here: https://www.kuketz-blog.de/empfehlungsecke/#dns

Want to find your way from A to B?

You should try:
https://maps.openrouteservice.org

I've used it a couple of times today, and it was great.

* Uses OpenStreetMap data
* Service provided by HeiGIT
* Doesn't spy on you
* Maps look great
* Effective routes
* Share with friends
* Add your own tracks
* Export to GPX plus others
* Elevation profile

You can also go to C, D, E and many more. 😉

#OSM #maps #routes #routing #FOSS #FLOSS #CrowdSourced

Will das @IM_NRW@twitter.com wirklich die Fehler von #HessenData wiederholen und die Überwachungssoftware #Gotham von @PalantirTech@twitter.com anschaffen?

Bekommt #Palantir dann auch in #NRW Zugriff auf das eigentlich interne Behördennetz?

https://www.heise.de/newsticker/meldung/LKA-NRW-will-Facebook-Co-durchsuchen-koennen-4454949.html

https://bigbrotherawards.de/2019/behoerden-verwaltung-hessischer-innenminister-peter-beuth

#DAR /c

Hah. Slack is SaaD... Software as a Disservice.

Here's why: https://davelane.nz/why-slack-better-and-why-open-communities-shouldnt-use-it

Read all about how Todd Weaver and Brendan Eich reject Big Tech’s efforts to weaken California’s privacy law.

https://puri.sm/posts/the-new-generation-of-tech-and-stronger-privacy-laws/

"Secure" messaging can mean something different for everyone. Ask these questions when you make choices about which messengers are right for you. https://www.eff.org/deeplinks/2018/03/thinking-about-what-you-need-secure-messenger

Review by our friends at the Denver Post:
Google Chrome has become surveillance software. It’s time to switch. https://t.co/1vEfs1s01j
#privacymatters

Runs on Librem 5, Day 7

Annotated Note Taking with Xournal

https://www.youtube.com/watch?v=34XhhVlmYTU

RT @MartinSonneborn
600 Miilionen in den Sand gesetzt? Andi B. Scheuert kostet den Steuerzahler ja mehr als ich... Smiley! Wäre das nicht ein schöner Anlass für Ihren überfälligen Rücktritt, @AndiScheuer?
#PKWMaut

Do., 27.06.2019 im #Bundestag:
"Abstimmung über Änderungen im #Daten­schutzrecht!"
Voraussichtliche Zeit: Irgendwann nachts!
Liveübertragung dieser "Nacht- und Nebelaktion" vermutlich Freitag, 28. Juni, 1.45 Uhr
Also: Freitag morgens um Viertel vor zwei! www.bundestag.de/dokumente/tex…

RT @openstreetmap
Has your OSM community considered hosting State of the Map 2020? How about upgrading your regional SotM conference to the global one @sotm? Find out why you should do so :) https://blog.openstreetmap.org/2019/06/25/host-sotm/ The call for venues deadline is 30th August 2019.

Even if it were possible to enforce a standard of “neutrality” on social media platforms, it would be deeply foolish for Congress to do it.
https://www.eff.org/deeplinks/2019/06/sen-hawleys-bias-bill-would-let-government-decide-who-speaks

Deprecating a.out Binaries
"The thing that fascinates me about this is the insistence on continuing to support ancient features if even a single user is found who still relies on it. If even one person came forward with a valid use case for a.out, Linus would leave it in the kernel. At the same time, if no users step forward, Linus won't assume they may be lurking secretly out in the wild somewhere—he'll kill the feature." https://www.linuxjournal.com/content/deprecating-aout-binaries

Governments shouldn't be hosting in the public cloud:
⛔️ No control over access to your data
💽 Don’t know where your data is
💥 A single points of failure
🔕 You won’t know if you got hacked
🔪 No control over changes and features

https://nextcloud.com/blog/the-issue-with-public-cloud/

What is Scrabble trying to tell me?

Runs on Librem 5, Day 6 - Evince Document Reader, Opening a PDF

https://www.youtube.com/watch?v=j8YMc06RMrc