SoylentNews is people
SoylentNews
According to WIRED, a lot of people are about to have a level of encryption that, I imagine, will not please the NSA, CIA, FBI and other three-lettered spooks. As stated in the article:
Growing up in Soviet Ukraine in the 1980s, Whatsapp founder Jan Koum learned to distrust the government and detest its surveillance. After he emigrated to the U.S. and created his ultra-popular messaging system decades later, he vowed that Whatsapp would never make eavesdropping easy for anyone.
WIRED goes on to report that Tuesday, 18 November 2014, Whatsapp announced...
...that it’s implementing end-to-end encryption, an upgrade to its privacy protections that makes it nearly impossible for anyone to read users’ messages—even the company itself.
Nope, the Folks in the Cloaks can't be too happy about this at all.
The FreeBSD has received their largest ever single donation: $1,000,000 USD.
The FreeBSD Foundation received the million dollar gift from Jan Koum, the CEO and co-founder of the WhatsApp messaging application that was acquired by Facebook earlier this year.
They put it another way, I think he's sick of systemd...
(Score: 2) by silverly on Wednesday November 19 2014, @11:37PM
I dont know if this will open up whatsapp abit more but i really wish they would.
Everything is good about whatsapp except they are using a xmpp implementation but you can't use other clients (like desktop) and it only allows you to be logged in into one device at a time.
(Score: 3, Insightful) by frojack on Wednesday November 19 2014, @11:44PM
Whatsapp can no longer be trusted since it fell into Facebook's hands. Sorry, but it had to be said.
Further, he donated to the WRONG BSD distro. Free is a security mess.
No, you are mistaken. I've always had this sig.
(Score: 2) by hendrikboom on Wednesday November 19 2014, @11:59PM
So, what are all the BSDs? What are their reputations? How do they differ? Why are there so many?
(Score: 5, Informative) by Anonymous Coward on Thursday November 20 2014, @12:07AM
Unlike the Linux community, the BSD community has a rich history going back into the 1970s. They are professionals, rather than amateurs. They don't try to cram something like, say, systemd into every frigging different usage scenario that exists. Each of the BSDs focuses on a specific goal or set of goals.
FreeBSD: The most advanced, general-purpose and practical of all of the BSDs. Use this if you want to replace Linux.
OpenBSD: Probably the most secure and robust operating system that has ever existed. It isn't the most user-friendly, though.
NetBSD: Probably the most portable operating system that has ever existed. It runs just about everywhere, yet still manages to be extremely advanced and powerful.
PC-BSD: FreeBSD made even friendlier.
DragonFly BSD: It was originally based on FreeBSD, but it went in its own direction. Has great SMP support, and its HAMMER filesystem is top notch.
You can't go wrong with any of them, really. But then if you really need extra security, you can go with OpenBSD. If you need to run on ancient systems, give NetBSD a try. If you want to get rid of Debian because they went really stupid with systemd, use FreeBSD, PC-BSD or DragonFly BSD.
(Score: 2) by frojack on Thursday November 20 2014, @12:32AM
OpenBSD has ports of KDE4, as well as XFCE, and they are very complete.
The problem with Open is their every 6 month releases, and no back-porting of patches, (security or otherwise). So in order to stay up do date you have to follow the "current" flavor. Its a bit of busy work if you ask me.
On the other hand the every 6month updates go very easy. Download one CD, boot from it, couple of steps at the end, and you are done.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Thursday November 20 2014, @12:54AM
OpenBSD is nowhere near as easy to install as FreeBSD is. FreeBSD is just about as easy as Debian is to install, which means that any moderately competent computer user will be able to do it just by following the steps and going with the sensible defaults that are presented.
It doesn't matter what desktop environments are available on OpenBSD if most users have trouble even getting past OpenBSD's rather ancient disk partitioning step in the installation process. You can't install KDE on an OpenBSD installation that doesn't exist.
(Score: 2) by frojack on Thursday November 20 2014, @01:46AM
I had no such problems. It worked perfectly the first time, and the only tricky bit was getting wifi running.
You DO have to read.
Perhaps you could describe what difficulties you had?
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Thursday November 20 2014, @02:49AM
I didn't find it difficult. But I was an HP-UX and AIX admin back in the day, so I'd seen worse. Most other people haven't, though. OpenBSD needs an installer that's at least as user friendly as FreeBSD's if it's ever going to bring its security goodness beyond just a few rather hardcore devs and sysadmins.
(Score: 2) by tibman on Thursday November 20 2014, @02:39AM
On a scale of 1 to Gentoo, how difficult was it to install OpenBSD?
SN won't survive on lurkers alone. Write comments.
(Score: 0) by Anonymous Coward on Thursday November 20 2014, @03:12AM
It was Xenix.
(Score: 2) by pendorbound on Thursday November 20 2014, @02:38PM
I honestly find Gentoo easier, but I’ve been using it as primary server OS of choice since about 2004.
I wouldn’t expect my mother, or even my relatively savvy teenage son to install either of them though.
(Score: 2) by WillR on Thursday November 20 2014, @03:21PM
(Score: 2) by Arik on Thursday November 20 2014, @11:18AM
Any moderately competent computer user would have no trouble installing OBSD either. And the kind of not-even-barely-competent user that would have trouble with the OBSD install is certainly not competent to install any OS. He's going to pay the kids at one of the stores to do it for him, and they are going to do windows, and that's that.
If laughter is the best medicine, who are the best doctors?
(Score: 2) by edIII on Thursday November 20 2014, @06:04AM
I've been looking into BSD lately as an alternative to Linux for some OEM stuff I'm designing. Your post seems a little confusing in that it restricts OpenBSD to a fair degree.
Having to boot from the device means taking it off line. That only leaves off hours, unless there is redundant and load balanced equipment on site (unlikely). There's no way I'm sending a tech across the country, or hiring locally either. Not for updates. There are use cases where satellite offices have no IT staff to speak of at all. Those offices have to be set up well unless you want downtime. Not much fine trying to explain to a 19 year old secretary how to reboot a local rackmount server in the back.
Which means you are making OpenBSD seem completely incompatible with any OEM use cases like I've outlined.
Is there anyway to mitigate those issues I mentioned, specifically downtime and needing to put a thumbdrive into the OEM unit?
If not, then OpenBSD is useless to me for OEM equipment, which is ridiculous. That's where we need security the most lately. Would appreciate some clarity.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by TheRaven on Thursday November 20 2014, @07:18PM
For an appliance, you almost certainly don't want to do the normal update procedure. The common approach for FreeBSD appliances (from the vendors that I've talked to) is to ship two bootable partitions. You download the update and install it on one, flip the bootloader's configuration to default to the other, and reboot. Then use the old one as a recovery partition if the update fails. With appliances that have enough power to use ZFS, it's a little bit different: the basic idea is the same but you use two ZFS datasets to provide boot environments instead of two partitions.
Oh, and FreeBSD is used a lot in security-critical appliances. TrustedBSD, Capsicum, and so on make this possible.
sudo mod me up
(Score: 2) by edIII on Friday November 21 2014, @12:32AM
God I love this place sometimes.
Thanks.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 1) by crAckZ on Thursday November 20 2014, @01:52PM
sorry i just used my mod points before i got to this thread or i would of modded you up.
very informative and well written
(Score: 2) by DeathMonkey on Thursday November 20 2014, @07:16PM
They don't try to cram something like, say, systemd into every frigging different usage scenario that exists.
That's almost as annoying as trying to cram systemd comments into every frigging story that exists.
(Score: 3, Informative) by frojack on Thursday November 20 2014, @12:12AM
Why take my word for it, after all, I might just be feeding you my bias.
Go look at the web site of a few of them, freebsd, netbsd, openbsd, Dragonfly, etc.
Maybe start here: http://www.junauza.com/2009/04/5-best-bsd-distributions.html [junauza.com] even tho that page is a bit dated.
No, you are mistaken. I've always had this sig.
(Score: 2) by fnj on Thursday November 20 2014, @12:24AM
Bullcrap. And I might add that very rarely do you find members of the BSD community sniping at each other.
(Score: 3, Interesting) by melikamp on Thursday November 20 2014, @05:04AM
(Score: 2) by edIII on Thursday November 20 2014, @06:18AM
What's worse is that it's selling endpoint-to-endpoint encryption which is sorely needed, but pulling a bait and switch.
People will buy this and think they are truly secure from government or Whatsapp, which is sad. They control the binaries, and the US government wholly controls them, which means the NSA controls the binaries. Wait, it's the FBI that controls the binaries, but they use the NSA to modify the binaries. Either way, those Whatsapp people are smoking crack to say this is endpoint-to-endpoint.
It all comes back to CALEA and the FBI anyways. Why be concerned about Whatsapp when Motorola receives newsletters and industry group meeting invitations from the FBI? Motorola is forced to cooperate by law, and them and others, are already in the process of designing and discussing logistics ($$$) for backdoors.
This only works if Whatsapp is fully open source, and absolutely everything is available to be audited. Especially ALL of their cryptographic primitives in use, which CSPRNG's are used, *how* they are used, encryption algorithm *with* parameters used, etc.
Saying it's endpoint-to-endpoint means more than, "the password is entered at your side and we never see it". Where's the document fully detailing their key-exchange process? How is the password stored locally?
It would be beyond cute to have them get their asses handed to him for storing the password locally in plain text on the smartphone somewhere. Not unprecedented....
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by WillR on Thursday November 20 2014, @02:45PM