SoylentNews is people
SoylentNews
Submitted via IRC for TheMightyBuzzard
With slick marketing, catchy taglines and some pretty bold claims about their security, nomx claim to have cracked email security.
This thorough article tells all about the device, and it doesn't measure up at all to its marketing.
It would be very easy to conclude that this is a scam. The device is running standard mail server software running on a Raspberry Pi, most of which is outdated. They have presented at countless tech shows and can be constantly found making bold statements of 'absolute security' yet didn't pick up a CSRF vulnerability in their web interface.
Source: https://scotthelme.co.uk/nomx-the-worlds-most-secure-communications-protocol/
Nomx has issued a reply on their main page in a post titled 'nomx Passes Security Tests After Blogger Claims to Have Penetrated nomx'. In that reply nomx states the following results:
No nomx user was affected by this threat. No nomx user could be affected by this threat in the future. No nomx data was compromised, and the blogger has (finally) reluctantly verified this. He still has not publicly shared these statements, except via an email response to the BBC when directly asked on April 25 the response was:
From the BBC to nomx: "I understand from your replies that you state categorically that no nomx accounts have been affected by this hack. I have put your questions to [blogger] who has confirmed to me that he cannot say that any have."
While nomx is no longer based on Raspberry devices, we still maintain that the users' data is secured as we've demonstrated to the blogger, the media and our customers.
Also at Ars Technica
(Score: 3, Insightful) by Anonymous Coward on Sunday April 30 2017, @04:27AM (9 children)
Barely anyone uses it nor heard of it.
(Score: -1, Troll) by Ethanol-fueled on Sunday April 30 2017, @04:48AM (7 children)
Nihgers. Niggers.
(Score: 0) by Anonymous Coward on Sunday April 30 2017, @04:50AM (1 child)
Shut it, vato.
(Score: 0) by Anonymous Coward on Sunday April 30 2017, @04:54AM
viiiiiiiagra
(Score: 1, Interesting) by Anonymous Coward on Sunday April 30 2017, @11:58AM (4 children)
Ethanol, I've noticed lately that a lot of your posts seem to be peppered with gratuitous racial slurs (e.g., "nigger", "jew", etc.) Have you been drinking excessively? Off your meds? It is especially grating because it adds nothing of value to the discussion.
(Score: 2, Insightful) by Anonymous Coward on Sunday April 30 2017, @02:41PM (1 child)
Have you been drinking excessively? Off your meds?
Sadly, that's just who Ethanol-fueled is: a raging racist who adds nothing to the conversation.
(Score: 1, Informative) by Anonymous Coward on Sunday April 30 2017, @09:29PM
Well, you may not remember but there was a time when he actually would make reasonable contributions to the conversation. Sadly, those days seem to be fading into the twilight.
(Score: 2, Touché) by Anonymous Coward on Sunday April 30 2017, @04:10PM
His name is literally "Ethanol Fueled" and yet you still need to ask if he has been drinking?
(Score: 1) by Ethanol-fueled on Monday May 01 2017, @01:03AM
Vacation. Though there shoulkd be a dropoff of shitposts because i injured my hand and have ti type one handed for a week or so.
(Score: 2) by driverless on Sunday April 30 2017, @12:16PM
No nomx user was affected by this threat.
We take our customers security seriously. Security is the number 1 priority at Gnomex. In the meantime, everyone gets six months free credit monitoring from Equifax. Please move along.
(Score: 1, Informative) by Anonymous Coward on Sunday April 30 2017, @04:52AM (2 children)
I never talk to anyone anymore. It's ironic that my entire career has been concerned with communication in general and computer networks specifically. I built a makeshift email server in grammar school before I even knew what email was. All of my authored software is socket code of some form or other. I've written and debugged kernel level network drivers. My wires are constantly swimming with sharks. I implement protocols for fun. Hardware that can't be networked is worth less to me than a brick. And yet I never use email and I don't blog and I avoid social media like a plague. My life's work has been to facilitate communication between people who aren't me. Nobody ever communicates with me. I am a loser nerd and I live for binary code. I have the world's most secure communication protocol inside my head and it's called thinking to myself.
(Score: 0) by Anonymous Coward on Sunday April 30 2017, @05:49AM (1 child)
You should try Tinder. Or Grindr.
(Score: -1, Offtopic) by Anonymous Coward on Sunday April 30 2017, @07:15PM
Or suicide.
(Score: 1, Insightful) by Anonymous Coward on Sunday April 30 2017, @08:21AM (3 children)
Here I came to think it would be about some new secure open source protocol... yet, it is a about an obscured hardware/software solution. That's at least 2 things to not trust their security for: 1) outdated software (even if there are no security issues there yet, how is their update policy?) and 2) Raspberries use closed blobs and even the hardware could contain unknown backdoors in various chips inside the device.
(Score: 2) by The Mighty Buzzard on Sunday April 30 2017, @10:29AM
Yeah, me and everyone else who can sudo -i on production systems had a huge laugh reading it so it had to go in the sub queue.
My rights don't end where your fear begins.
(Score: 1, Offtopic) by TheB on Sunday April 30 2017, @11:55AM (1 child)
https://github.com/raspberrypi/firmware/issues/791 [github.com]
When they take a month and still have no answer to a serious question like this, I loose faith in raspberry pi developers.
(Score: 0, Offtopic) by noneof_theabove on Sunday April 30 2017, @02:46PM
or forgot when just be silent.
Microsoft Closes Word/Wordpad Hole—6 Months after Report
https://soylentnews.org/article.pl?sid=17/04/29/1353210 [soylentnews.org]
Something about rocks, houses and glass.
The Tao of Programming states: Although the program is only 3 lines long, eventually it will have to be maintained.