Skip to main content

Home/ Future of the Web/ Group items matching "As,"open source",technology" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
Gary Edwards

Should you buy enterprise applications from a startup? - 0 views

  • The biggest advantage of startups, in Mueller's opinion? "They have no technical historical burden, and they don't care about many technical dependencies. They deliver easy-to-use technology with relatively simple but powerful integration options."
  • "The model we've used to buy on-premises software for 20-plus years is shifting," insists Laping. "There are new ways of selecting and vetting partners."
  • Part of that shift is simple: The business side sees what technology can do, and it's banging on IT's door, demanding ... what? Not new drop-down menus in the same-old ERP application, but rather state-of-the-art, cutting-edge, ain't-that-cool innovation. The landscape is wide open: Innovation can come in the form of new technologies, such as the Internet of Things, or from mobility, the cloud, virtualization -- in fact, from anywhere an enterprise vendor isn't filling a need. The easiest place to find that? Startups.
  • ...5 more annotations...
  • "The number one reason to consider a startup is that the current landscape of Magic Quadrant vendors is not serving a critical need. That's a problem."
  • Ravi Belani is managing partner at Alchemist Accelerator, a Palo Alto, Calif.-based venture-backed initiative focused on accelerating startups whose revenue comes from enterprises rather than consumers. He says, "The innovation that used to come out of big software houses isn't there anymore, while the pace of innovation in technology is accelerating."
  • He acknowledges that there has been a longtime concern with startups about the ability of their applications to scale, but given startups' ability to build their software on robust infrastructure platforms using IaaS or PaaS, and then deploy them via SaaS, "scalability isn't as big a deal as it used it be. It costs $50,000 today to do what you needed $50 million to do ten years ago. That means it takes less capital today to create the same innovation. Ten years ago, that was a moat, a barrier to entry, but software vendors don't own that moat anymore."
  • he confluence of offshore programming, open source technologies and cloud-based infrastructures has significantly lowered the barriers to entry of launching a new venture -- not to mention all those newly minted tech millionaires willing to be angel investors.
  • "In the new paradigm, [most software] implementations are so much shorter, you don't have to think about that risk. You're not talking about three years and $20 million. You're talking about 75 days and $50,000. You implement little modules and get big wins along the way."
  •  
    "The idea of buying an enterprise application from a startup company might sound like anathema to a CIO. But Chris Laping, CIO of restaurant chain Red Robin, based in Greenwood Village, Colo., disagrees. He believes we're in the middle of a significant shift that favors startups -- moving from huge applications with extensive features to task-based activities, inspired by the apps running on mobile devices. Featured Resource Presented by Scribe Software 10 Best Practices for Integrating Data Data integration is often underestimated and poorly implemented, taking time and resources. Yet it Learn More Mirco Mueller concurs. He is an IT architect for St. Gallen, Switzerland-based Helvetia Swiss Life Insurance Co., which -- having been founded in 1858 -- is about as far from a startup as possible. He recently chose a SaaS tool from an unnamed startup over what he calls "a much more powerful but much more complex alternative. Its list of features is shorter than the feature list of the big companies, but in terms of agility, flexibility, ease of use and adjustable business model, it beat" all of its competitors. The biggest advantage of startups, in Mueller's opinion? "They have no technical historical burden, and they don't care about many technical dependencies. They deliver easy-to-use technology with relatively simple but powerful integration options." There's certainly no lack of applications available from new players. At a recent conference focusing on innovation, Microsoft Ventures principal Daniel Sumner noted that every month for the last 88 months, there's been a $1 billion valuation for one startup or another. That's seven years and counting. But as Silicon Valley skeptics like to point out, those are the ones you hear about. For every successful startup, there are at least three that fail, according to 2012 research by Harvard Business School professor Shikhar Ghosh. So why, then, would CIOs in their right mind take the risk of buying enterprise applic
Paul Merrell

Building the Technology Stack for Internet Freedom - 1 views

  • Hillary Clinton called for the U.S. to promote Internet freedoms earlier this week and introduced a $25 million fund for technology companies that might help with the task. The New America Foundation has already applied for a grant under the program, which includes a $3.5 million proposal, of which $500,000 will be funded by the New America Foundation itself. The mission? To build the technology stack for a distributed, open-source telecommunications system. The project would combine well-known projects — such as the open source voice projects Asterisk and OpenBTS – with new projects for mesh networking known as The Serval Project — which Kevin covered earlier this month — and Commotion, open-source firmware to enable routers to create an open mesh network. Dan Meredith, a technologist at New America, broke it down for me, and said the hope is to deliver communications in areas where Internet access is scarce, but also among populations unable to use communications because of government interference.
Gary Edwards

Cocoa for Windows + Flash RiA Killer = SproutCore JavaScript Framework - RoughlyDrafted Magazine - 0 views

  • SproutCore brings the values of Leopard’s Cocoa to the web, domesticating JavaScript into a functional application platform with lots of free built-in support for desktop features. Being based on open web standards and being open source itself means SproutCore will enable developers to develop cross platform applications without being tied to either a plugin architecture or its vendor. Sitting on top of web standards will also make it easy for Apple and the community to push SproutCore ahead without worrying about incompatible changes to the underlying layers of Windows, a significant problem for the old Yellow Box or some new Cocoa analog. SproutCore also lives in a well known security context, preventing worries about unknown holes being opened up by a new runtime layer.
  •  
    The story of Javascript and the browser as a RiA competitor continues to unfold. This lengthy summation from roughlydrafed is perhaps the best discussion 'i've ever seen of technologies that will drive the Future of the Open Web. Roughly believes that Apple and Google are fighting for an Open Web Future, with Adobe and Microsoft RiA jousting for a broken web where they dominate the application development. For usre the web is moving to become an application platform. The question is one of who will own the dominant API, and be in position to impose a global platform tax. This is a great summary demanding a careful read. It also confirms my belief that the WebKit layout and document model is the way forward. It's by far and away the best (X)HTML-CSS-DOM-JavaScript model out there. The W3C alternatives do not include JavaScript, and that pretty much seals their fate. And while there are many JavaScript libraries and frameworks to chose from, i would pay close attention to three initiatives: WebKit SproutCore, Gecko jQuery, and Google GWT. ~ge~
  •  
    Live Roulette from Australia, Fun and Free! Now you can play Real "www.funlivecasino.com.au" Live Roulette for Fun in Australia on a brand new website, FunLiveCasino.com.au. Using the latest internet streaming technologies, Fun Live Casino lets you join a real game happening on a real table in a real casino, all broadcast Live! You can see other real players in the casino betting on the same results you do giving you ultimate trust in the results as they are not generated 'just for you', like other casino gaming products such as 'live studios' or computer generated games. Its amazing to think next time your really in the casino that you might be on camera, and people online might be watching! The future is scary! Imagine that one day soon this will be the only way people would gamble online because the internet is full of scams, you have to be super careful, and why would you play Online Roulette any other way except from a Real Casino you can visit, see, hear and trust! Amazingly this site is completely Free and has no registration process, no spam, no clicks and no fuss. Just Instant Fun "www.funlivecasino.com.au" Free Live Roulette! Give it a try, its worth checking out! "www.funlivecasino.com.au" Australia's Online Fun Live Casino! Backlink created from http://fiverr.com/radjaseotea/making-best-156654-backlink-high-pr
Paul Merrell

Internet privacy, funded by spooks: A brief history of the BBG | PandoDaily - 0 views

  • For the past few months I’ve been covering U.S. government funding of popular Internet privacy tools like Tor, CryptoCat and Open Whisper Systems. During my reporting, one agency in particular keeps popping up: An agency with one of those really bland names that masks its wild, bizarre history: the Broadcasting Board of Governors, or BBG. The BBG was formed in 1999 and runs on a $721 million annual budget. It reports directly to Secretary of State John Kerry and operates like a holding company for a host of Cold War-era CIA spinoffs and old school “psychological warfare” projects: Radio Free Europe, Radio Free Asia, Radio Martí, Voice of America, Radio Liberation from Bolshevism (since renamed “Radio Liberty”) and a dozen other government-funded radio stations and media outlets pumping out pro-American propaganda across the globe. Today, the Congressionally-funded federal agency is also one of the biggest backers of grassroots and open-source Internet privacy technology. These investments started in 2012, when the BBG launched the “Open Technology Fund” (OTF) — an initiative housed within and run by Radio Free Asia (RFA), a premier BBG property that broadcasts into communist countries like North Korea, Vietnam, Laos, China and Myanmar. The BBG endowed Radio Free Asia’s Open Technology Fund with a multimillion dollar budget and a single task: “to fulfill the U.S. Congressional global mandate for Internet freedom.”
  • Here’s a small sample of what the Broadcasting Board of Governors funded (through Radio Free Asia and then through the Open Technology Fund) between 2012 and 2014: Open Whisper Systems, maker of free encrypted text and voice mobile apps like TextSecure and Signal/RedPhone, got a generous $1.35-million infusion. (Facebook recently started using Open Whisper Systems to secure its WhatsApp messages.) CryptoCat, an encrypted chat app made by Nadim Kobeissi and promoted by EFF, received $184,000. LEAP, an email encryption startup, got just over $1 million. LEAP is currently being used to run secure VPN services at RiseUp.net, the radical anarchist communication collective. A Wikileaks alternative called GlobaLeaks (which was endorsed by the folks at Tor, including Jacob Appelbaum) received just under $350,000. The Guardian Project — which makes an encrypted chat app called ChatSecure, as well a mobile version of Tor called Orbot — got $388,500. The Tor Project received over $1 million from OTF to pay for security audits, traffic analysis tools and set up fast Tor exit nodes in the Middle East and South East Asia.
  •  
    But can we trust them?
Gary Edwards

How the Web was almost won ... Tim O'Reilly 1998 | Salon - 0 views

  •  
    The Justice Department's antitrust suit and Judge Jackson's finding of fact have focused on how Microsoft used its operating system dominance to wrest control of the Web browser market from Netscape. Perhaps even more significant is the untold story of Microsoft's attempts to corner the Web server market. As someone whose company competes directly with Microsoft, (we sell a Web server called WebSite that runs on Windows NT, and we are active in promoting Perl, Linux and other open-source technologies), I've been privy to some of the not-so-small details that have guided the course of this recent history. And, it seems to me that if it weren't for the work of a small group of independent open-source software developers, the Justice Department intervention might have come too late not just for Netscape but the Web as a whole.
Gonzalo San Gil, PhD.

The Linux desktop battle (and why it matters) - TechRepublic - 2 views

  •  
    Jack Wallen ponders the problem with the ever-lagging acceptance of the Linux desktop and poses a radical solution.
  •  
    "Jack Wallen ponders the problem with the ever-lagging acceptance of the Linux desktop and poses a radical solution. Linux desktop I have been using Ubuntu Unity for a very long time. In fact, I would say that this is, by far, the longest I've stuck with a single desktop interface. Period. That doesn't mean I don't stop to smell the desktop roses along the Linux path. In fact, I've often considered other desktops as a drop-in replacement for Unity. GNOME and Budgie have vied for my attention of late. Both are solid takes on the desktop that offer a minimalistic, modern look and feel (something I prefer) and help me get my work done with an efficiency other desktops can't match. What I see across the Linux landscape, however, often takes me by surprise. While Microsoft and Apple continue to push the idea of the user interface forward, a good amount of the Linux community seems bent on holding us in a perpetual state of "90s computing." Consider Xfce, Mate, and Cinnamon -- three very popular Linux desktop interfaces that work with one very common thread... not changing for the sake of change. Now, this can be considered a very admirable cause when it's put in place to ensure that user experience (UX) is as positive as possible. What this idea does, however, is deny the idea that change can affect an even more efficient and positive UX. When I spin up a distribution that makes use of Xfce, Mate, or Cinnamon, I find the environments work well and get the job done. At the same time, I feel as if the design of the desktops is trapped in the wrong era. At this point, you're certainly questioning the validity and path of this post. If the desktops work well and help you get the job done, what's wrong? It's all about perception. Let me offer you up a bit of perspective. The only reason Apple managed to rise from the ashes and become one of the single most powerful forces in technology is because they understood the concept of perception. They re-invented th
  •  
    Jack Wallen ponders the problem with the ever-lagging acceptance of the Linux desktop and poses a radical solution.
Gonzalo San Gil, PhD.

Estimating the Total Development Cost of Linux Foundation's Collaborative Projects - 0 views

  •  
    "In the past ten years, open source has taken over the software industry. As the speed and requirements of innovation are changing, technology companies have realized that to keep pace and be cost effective they must leverage external R&D in the form of open source projects."
Paul Merrell

BitTorrent Sync creates private, peer-to-peer Dropbox, no cloud required | Ars Technica - 6 views

  • BitTorrent today released folder syncing software that replicates files across multiple computers using the same peer-to-peer file sharing technology that powers BitTorrent clients. The free BitTorrent Sync application is labeled as being in the alpha stage, so it's not necessarily ready for prime-time, but it is publicly available for download and working as advertised on my home network. BitTorrent, Inc. (yes, there is a legitimate company behind BitTorrent) took to its blog to announce the move from a pre-alpha, private program to the publicly available alpha. Additions since the private alpha include one-way synchronization, one-time secrets for sharing files with a friend or colleague, and the ability to exclude specific files and directories.
  • BitTorrent Sync provides "unlimited, secure file-syncing," the company said. "You can use it for remote backup. Or, you can use it to transfer large folders of personal media between users and machines; editors and collaborators. It’s simple. It’s free. It’s the awesome power of P2P, applied to file-syncing." File transfers are encrypted, with private information never being stored on an external server or in the "cloud." "Since Sync is based on P2P and doesn’t require a pit-stop in the cloud, you can transfer files at the maximum speed supported by your network," BitTorrent said. "BitTorrent Sync is specifically designed to handle large files, so you can sync original, high quality, uncompressed files."
  •  
    Direct P2P encrypted file syncing, no cloud intermediate, which should translate to far more secure exchange of files, with less opportunity for snooping by governments or others, than with cloud-based services. 
  • ...5 more comments...
  •  
    Hey Paul, is there an open source document management system that I could hook the BitTorrent Sync to?
  •  
    More detail please. What do you want to do with the doc management system? Platform? Server-side or stand-alone? Industrial strength and highly configurable or lightweight and simple? What do you mean by "hook?" Not that I would be able to answer anyway. I really know very little about BitTorrent Sync. In fact, as far as I'd gone before your question was to look at the FAQ. It's linked from . But there's a link to a forum on the same page. Giving the first page a quick scan confirms that this really is alpha-state software. But that would probably be a better place to ask. (Just give them more specific information of what you'd like to do.) There are other projects out there working on getting around the surveillance problem. I2P is one that is a farther along than BitTorrent Sync and quite a bit more flexible. See . (But I haven't used it, so caveat emptor.)
  •  
    There is a great list of PRISM Proof software at http://prism-break.org/. Includes a link to I2P. I want to replace gmail though, but would like another Web based system since I need multi device access. Of course, I need to replace my Google Apps / Google Docs system. That's why I asked about a PRISM Proof sync-share-store DMS. My guess is that there are many users similarly seeking a PRISM Proof platform of communications, content and collaborative computing systems. BusinessIndiser.com is crushed with articles about Google struggling to squirm out from under the NSA PRISM boot-on-the-back-of-their-neck situation. As if blaming the NSA makes up for the dragnet that they consented/allowed/conceded to cover their entire platform. Perhaps we should be watching Germany? There must be tons of startup operations underway, all seeking to replace Google, Amazon, FaceBook, Microsoft, Skype and so many others. It's a great day for Libertyware :)
  •  
    Is the NSA involvement the "Kiss of Death"? Google seems to think so. I'm wondering what the impact would be if ZOHO were to announce a PRISM Proof productivity platform?
  •  
    It is indeed. The E.U. has far more protective digital privacy rights than we do (none). If you're looking for a Dropbox replacement (you should be), for a cloud-based solution take a look at . Unlike Dropbox, all of the encryption/decryption happens on your local machine; Wuala never sees your files unencrypted. Dropbox folks have admitted that there's no technical barrier to them looking at your files. Their encrypt/decrypt operations are done in the cloud (if they actually bother) and they have the key. Which makes it more chilling that the PRISM docs Snowden link make reference to Dropbox being the next cloud service NSA plans to add to their collection. Wuala also is located (as are its servers) in Switzerland, which also has far stronger digital data privacy laws than the U.S. Plus the Swiss are well along the path to E.U. membership; they've ratified many of the E.U. treaties including the treaty on Human Rights, which as I recall is where the digital privacy sections are. I've begun to migrate from Dropbox to Wuala. It seems to be neck and neck with Dropbox on features and supported platforms, with the advantage of a far more secure approach and 5 GB free. But I'd also love to see more approaches akin to IP2 and Bittorrent Sync that provide the means to bypass the cloud. Don't depend on government to ensure digital privacy, route around the government voyeurs. Hmmm ... I wonder if the NSA has the computer capacity to handle millions of people switching to encrypted communication? :-) Thanks for the link to the software list.
  •  
    Re: Google. I don't know if it's the 'kiss of death" but they're definitely going to take a hit, particularly outside the U.S. BTW, I'm remembering from a few years back when the ODF Foundation was still kicking. I did a fair bit of research on the bureaucratic forces in the E.U. that were pushing for the Open Document Exchange Formats. That grew out of a then-ongoing push to get all of the E.U. nations connected via a network that is not dependent on the Internet. It was fairly complete at the time down to the national level and was branching out to the local level and the plan from there was to push connections to business and then to Joe Sixpack and wife. Interop was key, hence ODEF. The E.U. might not be that far away from an ability to sever the digital connections with the U.S. Say a bunch of daisy-chained proxy anonymizers for communications with the U.S. Of course they'd have to block the UK from the network and treat it like it is the U.S. There's a formal signals intelligence service collaboration/integration dating back to WW 2, as I recall, among the U.S., the U.K., Canada, Australia, and New Zealand. Don't remember its name. But it's the same group of nations that were collaborating on Echelon. So the E.U. wouldn't want to let the UK fox inside their new chicken coop. Ah, it's just a fantasy. The U.S. and the E.U. are too interdependent. I have no idea hard it would be for the Zoho folk to come up with desktop/side encryption/decryption. And I don't know whether their servers are located outside the reach of a U.S. court's search warrant. But I think Google is going to have to move in that direction fast if it wants to minimize the damage. Or get way out in front of the hounds chomping at the NSA's ankles and reduce the NSA to compost. OTOH, Google might be a government covert op. for all I know. :-) I'm really enjoying watching the NSA show. Who knows what facet of their Big Brother operation gets revealed next?
  •  
    ZOHO is an Indian company with USA marketing offices. No idea where the server farm is located, but they were not on the NSA list. I've known Raju Vegesna for years, mostly from the old Web 2.0 and Office 2.0 Conferences. Raju runs the USA offices in Santa Clara. I'll try to catch up with him on Thursday. How he could miss this once in a lifetime moment to clean out Google, Microsoft and SalesForce.com is something I'd like to find out about. Thanks for the Wuala tip. You sent me that years ago, when i was working on research and design for the SurDocs project. Incredible that all our notes, research, designs and correspondence was left to rot in Google Wave! Too too funny. I recall telling Alex from SurDocs that he had to use a USA host, like Amazon, that could be trusted by USA customers to keep their docs safe and secure. Now look what i've done! I've tossed his entire company information set into the laps of the NSA and their cabal of connected corporatists :)
Gary Edwards

Is Google Chrome a dud? Or the second coming? | Google Finally Advertising The Dud Known As "Chrome" - Henry Blodget - 0 views

  •  
    Gary Edwards (URL) said: Mar. 05, 8:17 PM +1 Chrome! It's excellent, but not for the reasons most would insist are important. Neither is Chrome a disruptive technology. It's not. The real revolution is underneath Chrome in the open source WebKit engine. An engine shared with iPhone, Android, Safari, Palm Pre, Nokia, Iris, RiMM 's Blackberry Storm and KDE. Crossplatform WebKit IDE's now include QT, 280Atlas and Eclipse. It is the Apple iPhone that put WebKit on the map, demonstrating a revolutionary document/application model capable of leveraging and pushing the Open Web to be competitive with proprietary initiatives from Adobe and Microsoft. The WebKit engine is driving most of the smart devices at the edge of the Web, providing a consistent document rendering and application runtime layer that is highly visual, multi-dimensionally interactive, and fully competitive with the proprietary rich interactive application engines (RiA) provided by Adobe and Microsoft. Near 80% of these edge of the Web devices are based on WebKit.
Matteo Spreafico

Google Redefines Disruption: The "Less Than Free" Business Model - 0 views

  • In the summer of 2007, excitement regarding the criticality of map data (specifically turn-by-turn navigation data) reached a fever pitch.  On July 23, 2007, TomTom, the leading portable GPS device maker, agreed to buy Tele Atlas for US$2.7 billion. Shortly thereafter, on October 1, Nokia agreed to buy NavTeq for a cool US$8.1 billion. Meanwhile Google was still evolving its strategy and no longer wanted to be limited by the terms of its two contracts. As such, they informed Tele Atlas and NavTeq that they wanted to modify their license terms to allow more liberty with respect to syndication and proliferation. NavTeq balked, and in September of 2008 Google quietly dropped NavTeq, moving to just one partner for its core mapping data. Tele Atlas eventually agreed to the term modifications, but perhaps they should have sensed something bigger at play.
  • Rumors abound about just how many cars Google has on the roads building it own turn-by-turn mapping data as well as its unique “Google Streetview” database. Whatever it is, it must be huge. This October 13th, just over one year after dropping NavTeq, the other shoe dropped as well. Google disconnected from Tele Atlas and began to offer maps that were free and clear of either license. These maps are based on a combination of their own data as well as freely available data. Two weeks after this, Google announces free turn-by-turn directions for all Android phones. This couldn’t have been a great day for the deal teams that worked on the respective Tele Atlas and NavTeq acquisitions.
  • Google’s free navigation feature announcement dealt a crushing blow to the GPS stocks. Garmin fell 16%. TomTom fell 21%. Imagine trying to maintain high royalty rates against this strategic move by Google. Android is not only a phone OS, it’s a CE OS. If Ford or BMW want to build an in-dash Android GPS, guess what? Google will give it to them for free.
  • ...2 more annotations...
  • I then asked my friend, “so why would they ever use the Google (non open source) license version.”  (EDIT: One of the commenters below pointed out that all Android is open source, and the Google apps pack, including the GPS, is licensed on top.  Doesn’t change the argument, but wanted the correct data included here.)  Here was the big punch line – because Google will give you ad splits on search if you use that version!  That’s right; Google will pay you to use their mobile OS. I like to call this the “less than free” business model.
  • “Less than free” may not stop with the mobile phone. Google’s CEO Eric Schmidt has been quite outspoken about his support for the Google Chrome OS. And there is no reason to believe that the “less than free” business model will not be used here as well. If Sony or HP or Dell builds a netbook based on Chrome OS, they will make money on every search each user initiates. Google, eager to protect its search share and market volume, will gladly pay the ad splits. Microsoft, who was already forced to lower Windows netbook pricing to fend off Linux, will be dancing with a business model inversion of epic proportion – from “you pay me” to “I pay you.”  It’s really hard to build a compensation package for your sales team on those economics.
Gonzalo San Gil, PhD.

Red Hat To Be First $2 Billion Open Source Company - InformationWeek - 0 views

  •  
    "Red Hat reports 13% growth in the second quarter, improved cloud and emerging technology sales, and an expanded revenue estimate for third quarter."
Paul Merrell

Testosterone Pit - Home - The Other Reason Why IBM Throws A Billion At Linux (With NSA- Designed Backdoor) - 0 views

  • IBM announced today that it would throw another billion at Linux, the open-source operating system, to run its Power System servers. The first time it had thrown a billion at Linux was in 2001, when Linux was a crazy, untested, even ludicrous proposition for the corporate world. So the moolah back then didn’t go to Linux itself, which was free, but to related technologies across hardware, software, and service, including things like sales and advertising – and into IBM’s partnership with Red Hat which was developing its enterprise operating system, Red Hat Enterprise Linux. “It helped start a flurry of innovation that has never slowed,” said Jim Zemlin, executive director of the Linux Foundation. IBM claims that the investment would “help clients capitalize on big data and cloud computing with modern systems built to handle the new wave of applications coming to the data center in the post-PC era.” Some of the moolah will be plowed into the Power Systems Linux Center in Montpellier, France, which opened today. IBM’s first Power Systems Linux Center opened in Beijing in May. IBM may be trying to make hay of the ongoing revelations that have shown that the NSA and other intelligence organizations in the US and elsewhere have roped in American tech companies of all stripes with huge contracts to perfect a seamless spy network. They even include physical aspects of surveillance, such as license plate scanners and cameras, which are everywhere [read.... Surveillance Society: If You Drive, You Get Tracked].
  • Then another boon for IBM. Experts at the German Federal Office for Security in Information Technology (BIS) determined that Windows 8 is dangerous for data security. It allows Microsoft to control the computer remotely through a “special surveillance chip,” the wonderfully named Trusted Platform Module (TPM), and a backdoor in the software – with keys likely accessible to the NSA and possibly other third parties, such as the Chinese. Risks: “Loss of control over the operating system and the hardware” [read.... LEAKED: German Government Warns Key Entities Not To Use Windows 8 – Links The NSA.
  • It would be an enormous competitive advantage for an IBM salesperson to walk into a government or corporate IT department and sell Big Data servers that don’t run on Windows, but on Linux. With the Windows 8 debacle now in public view, IBM salespeople don’t even have to mention it. In the hope of stemming the pernicious revenue decline their employer has been suffering from, they can politely and professionally hype the security benefits of IBM’s systems and mention in passing the comforting fact that some of it would be developed in the Power Systems Linux Centers in Montpellier and Beijing. Alas, Linux too is tarnished. The backdoors are there, though the code can be inspected, unlike Windows code. And then there is Security-Enhanced Linux (SELinux), which was integrated into the Linux kernel in 2003. It provides a mechanism for supporting “access control” (a backdoor) and “security policies.” Who developed SELinux? Um, the NSA – which helpfully discloses some details on its own website (emphasis mine): The results of several previous research projects in this area have yielded a strong, flexible mandatory access control architecture called Flask. A reference implementation of this architecture was first integrated into a security-enhanced Linux® prototype system in order to demonstrate the value of flexible mandatory access controls and how such controls could be added to an operating system. The architecture has been subsequently mainstreamed into Linux and ported to several other systems, including the Solaris™ operating system, the FreeBSD® operating system, and the Darwin kernel, spawning a wide range of related work.
  • ...1 more annotation...
  • Among a slew of American companies who contributed to the NSA’s “mainstreaming” efforts: Red Hat. And IBM? Like just about all of our American tech heroes, it looks at the NSA and other agencies in the Intelligence Community as “the Customer” with deep pockets, ever increasing budgets, and a thirst for technology and data. Which brings us back to Windows 8 and TPM. A decade ago, a group was established to develop and promote Trusted Computing that governs how operating systems and the “special surveillance chip” TPM work together. And it too has been cooperating with the NSA. The founding members of this Trusted Computing Group, as it’s called facetiously: AMD, Cisco, Hewlett-Packard, Intel, Microsoft, and Wave Systems. Oh, I almost forgot ... and IBM. And so IBM might not escape, despite its protestations and slick sales presentations, the suspicion by foreign companies and governments alike that its Linux servers too have been compromised – like the cloud products of other American tech companies. And now, they’re going to pay a steep price for their cooperation with the NSA. Read...  NSA Pricked The “Cloud” Bubble For US Tech Companies
Gonzalo San Gil, PhD.

Canonical, Microsoft, and Apple Want OS Convergence - Who Will Get There First? - 0 views

  •  
    "- The Ubuntu Family The idea of OS convergence is starting to take a hold in the world and major companies like Microsoft, Apple, and Canonical are working hard to achieve it. There seems to be a race going on and all the players want to reach the finish as soon as possible." [# ! It's #not a #Race... # ! It should be seen -and promoted- more than #mountaineering: # ! T@gether -as a '(Dream) Team'- to Reach The Same Top: # ! An #Open, #Free, #Fast, #Secure & #Reliable #OperatingSystem for #Everyone # ! Leave the #business for #differentiated #hardware & #specialized #services...]
Gonzalo San Gil, PhD.

An Open Web - 0 views

  •  
    " "As much as we love the open Web, we're abandoning it." -Chris Anderson, WIRED Magazine"
Gary Edwards

Out in the Open: Hackers Build a Skype That's Not Controlled by Microsoft | Enterprise | WIRED - 0 views

shared by Gary Edwards on 04 Sep 14 - No Cached
  • The main thing the Tox team is trying to do, besides provide encryption, is create a tool that requires no central servers whatsoever—not even ones that you would host yourself. It relies on the same technology that BitTorrent uses to provide direct connections between users, so there’s no central hub to snoop on or take down.
  • Tox is trying to roll both peer-to-peer and voice calling into one.
  • Actually, it’s going a bit further than that. Tox is actually just a protocol for encrypted peer-to-peer data transmission.
  • ...2 more annotations...
  • Tox is just a tunnel to another node that’s encrypted and secure,” says David Lohle, a spokesperson for the project. “What you want to send over that pipe is up to your imagination.”
  • For example, one developer is building an e-mail replacement with the protocol, and Lohle says someone else is building an open source alternative to BitTorrent Sync.
  •  
    "The web forum 4chan is known mostly as a place to share juvenile and, to put it mildly, politically incorrect images. But it's also the birthplace of one of the latest attempts to subvert the NSA's mass surveillance program. When whistleblower Edward Snowden revealed that full extent of the NSA's activities last year, members of the site's tech forum started talking about the need for a more secure alternative to Skype. Soon, they'd opened a chat room to discuss the project and created an account on the code hosting and collaboration site GitHub and began uploading code. Eventually, they settled on the name Tox, and you can already download prototypes of the surprisingly easy-to-use tool. The tool is part of a widespread effort to create secure online communication tools that are controlled not only by any one company, but by the world at large-a continued reaction to the Snowden revelations. This includes everything from instant messaging tools to email services. It's too early to count on Tox to protect you from eavesdroppers and spies. Like so many other new tools, it's still in the early stages of development and has yet to receive the scrutiny that other security tools, such as the instant messaging encryption plugin Off The Record has. But it endeavors to carve a unique niche within the secure communications ecosystem."
Gonzalo San Gil, PhD.

5 Best Open Source Web Browser Security Apps - 0 views

  •  
    "The Web browser acts as the gateway for a myriad of online services these days. Computer security problems are far from solved, and technology advances provide new ways for malware to infect our devices and enter our business networks. For example, smartphones and tablets offer fresh new fields for malware-and its malicious cousin, "malvertising"-to exploit" [# ! And don't miss... # ! ... the ( 'my' ;) ) Favorite: # http://noscript.net/ (suggested in the article's readers' comments...)]
  •  
    "The Web browser acts as the gateway for a myriad of online services these days. Computer security problems are far from solved, and technology advances provide new ways for malware to infect our devices and enter our business networks. For example, smartphones and tablets offer fresh new fields for malware-and its malicious cousin, "malvertising"-to exploit"
Gonzalo San Gil, PhD.

Why Is Linux Foundation's Latest Change A Bad News For Linux And Open Source? - 0 views

  •  
    "Short Bytes: Up until recently, the Linux Foundation allowed the individual members to elect two board members and ensure that the voice of Linux community is considered at the board meetings. In a shocking change, the Foundation has erased this clause and decided to benefit the corporate companies rather that whole community."
Paul Merrell

Open Government Data Initiative - 0 views

  • The Open Government Data Initiative (OGDI) is an initiative led by Microsoft Public Sector Developer Evangelism team. OGDI uses the Azure Services Platform to make it easier to publish and use a wide variety of public data from government agencies. OGDI is also a free, open source ‘starter kit’ (coming soon) with code that can be used to publish data on the Internet in a Web-friendly format with easy-to-use, open API's. OGDI-based web API’s can be accessed from a variety of client technologies such as Silverlight, Flash, JavaScript, PHP, Python, Ruby, mapping web sites, etc. Whether you are a business wishing to use government data, a government developer, or a ‘citizen developer’, these open API's will enable you to build innovative applications, visualizations and mash-ups that empower people through access to government information. This site is built using the OGDI starter kit software assets and provides interactive access to some publicly-available data sets along with sample code and resources for writing applications using the OGDI API's.
Paul Merrell

Edward Snowden Explains How To Reclaim Your Privacy - 0 views

  • Micah Lee: What are some operational security practices you think everyone should adopt? Just useful stuff for average people. Edward Snowden: [Opsec] is important even if you’re not worried about the NSA. Because when you think about who the victims of surveillance are, on a day-to-day basis, you’re thinking about people who are in abusive spousal relationships, you’re thinking about people who are concerned about stalkers, you’re thinking about children who are concerned about their parents overhearing things. It’s to reclaim a level of privacy. The first step that anyone could take is to encrypt their phone calls and their text messages. You can do that through the smartphone app Signal, by Open Whisper Systems. It’s free, and you can just download it immediately. And anybody you’re talking to now, their communications, if it’s intercepted, can’t be read by adversaries. [Signal is available for iOS and Android, and, unlike a lot of security tools, is very easy to use.] You should encrypt your hard disk, so that if your computer is stolen the information isn’t obtainable to an adversary — pictures, where you live, where you work, where your kids are, where you go to school. [I’ve written a guide to encrypting your disk on Windows, Mac, and Linux.] Use a password manager. One of the main things that gets people’s private information exposed, not necessarily to the most powerful adversaries, but to the most common ones, are data dumps. Your credentials may be revealed because some service you stopped using in 2007 gets hacked, and your password that you were using for that one site also works for your Gmail account. A password manager allows you to create unique passwords for every site that are unbreakable, but you don’t have the burden of memorizing them. [The password manager KeePassX is free, open source, cross-platform, and never stores anything in the cloud.]
  • The other thing there is two-factor authentication. The value of this is if someone does steal your password, or it’s left or exposed somewhere … [two-factor authentication] allows the provider to send you a secondary means of authentication — a text message or something like that. [If you enable two-factor authentication, an attacker needs both your password as the first factor and a physical device, like your phone, as your second factor, to login to your account. Gmail, Facebook, Twitter, Dropbox, GitHub, Battle.net, and tons of other services all support two-factor authentication.]
  • We should armor ourselves using systems we can rely on every day. This doesn’t need to be an extraordinary lifestyle change. It doesn’t have to be something that is disruptive. It should be invisible, it should be atmospheric, it should be something that happens painlessly, effortlessly. This is why I like apps like Signal, because they’re low friction. It doesn’t require you to re-order your life. It doesn’t require you to change your method of communications. You can use it right now to talk to your friends.
  • ...4 more annotations...
  • Lee: What do you think about Tor? Do you think that everyone should be familiar with it, or do you think that it’s only a use-it-if-you-need-it thing? Snowden: I think Tor is the most important privacy-enhancing technology project being used today. I use Tor personally all the time. We know it works from at least one anecdotal case that’s fairly familiar to most people at this point. That’s not to say that Tor is bulletproof. What Tor does is it provides a measure of security and allows you to disassociate your physical location. … But the basic idea, the concept of Tor that is so valuable, is that it’s run by volunteers. Anyone can create a new node on the network, whether it’s an entry node, a middle router, or an exit point, on the basis of their willingness to accept some risk. The voluntary nature of this network means that it is survivable, it’s resistant, it’s flexible. [Tor Browser is a great way to selectively use Tor to look something up and not leave a trace that you did it. It can also help bypass censorship when you’re on a network where certain sites are blocked. If you want to get more involved, you can volunteer to run your own Tor node, as I do, and support the diversity of the Tor network.]
  • Lee: So that is all stuff that everybody should be doing. What about people who have exceptional threat models, like future intelligence-community whistleblowers, and other people who have nation-state adversaries? Maybe journalists, in some cases, or activists, or people like that? Snowden: So the first answer is that you can’t learn this from a single article. The needs of every individual in a high-risk environment are different. And the capabilities of the adversary are constantly improving. The tooling changes as well. What really matters is to be conscious of the principles of compromise. How can the adversary, in general, gain access to information that is sensitive to you? What kinds of things do you need to protect? Because of course you don’t need to hide everything from the adversary. You don’t need to live a paranoid life, off the grid, in hiding, in the woods in Montana. What we do need to protect are the facts of our activities, our beliefs, and our lives that could be used against us in manners that are contrary to our interests. So when we think about this for whistleblowers, for example, if you witnessed some kind of wrongdoing and you need to reveal this information, and you believe there are people that want to interfere with that, you need to think about how to compartmentalize that.
  • Tell no one who doesn’t need to know. [Lindsay Mills, Snowden’s girlfriend of several years, didn’t know that he had been collecting documents to leak to journalists until she heard about it on the news, like everyone else.] When we talk about whistleblowers and what to do, you want to think about tools for protecting your identity, protecting the existence of the relationship from any type of conventional communication system. You want to use something like SecureDrop, over the Tor network, so there is no connection between the computer that you are using at the time — preferably with a non-persistent operating system like Tails, so you’ve left no forensic trace on the machine you’re using, which hopefully is a disposable machine that you can get rid of afterward, that can’t be found in a raid, that can’t be analyzed or anything like that — so that the only outcome of your operational activities are the stories reported by the journalists. [SecureDrop is a whistleblower submission system. Here is a guide to using The Intercept’s SecureDrop server as safely as possible.]
  • And this is to be sure that whoever has been engaging in this wrongdoing cannot distract from the controversy by pointing to your physical identity. Instead they have to deal with the facts of the controversy rather than the actors that are involved in it. Lee: What about for people who are, like, in a repressive regime and are trying to … Snowden: Use Tor. Lee: Use Tor? Snowden: If you’re not using Tor you’re doing it wrong. Now, there is a counterpoint here where the use of privacy-enhancing technologies in certain areas can actually single you out for additional surveillance through the exercise of repressive measures. This is why it’s so critical for developers who are working on security-enhancing tools to not make their protocols stand out.
  •  
    Lots more in the interview that I didn't highlight. This is a must-read.
Paul Merrell

A Secret Catalogue of Government Gear for Spying on Your Cellphone - 0 views

  • HE INTERCEPT HAS OBTAINED a secret, internal U.S. government catalogue of dozens of cellphone surveillance devices used by the military and by intelligence agencies. The document, thick with previously undisclosed information, also offers rare insight into the spying capabilities of federal law enforcement and local police inside the United States. The catalogue includes details on the Stingray, a well-known brand of surveillance gear, as well as Boeing “dirt boxes” and dozens of more obscure devices that can be mounted on vehicles, drones, and piloted aircraft. Some are designed to be used at static locations, while others can be discreetly carried by an individual. They have names like Cyberhawk, Yellowstone, Blackfin, Maximus, Cyclone, and Spartacus. Within the catalogue, the NSA is listed as the vendor of one device, while another was developed for use by the CIA, and another was developed for a special forces requirement. Nearly a third of the entries focus on equipment that seems to have never been described in public before.
  • The Intercept obtained the catalogue from a source within the intelligence community concerned about the militarization of domestic law enforcement. (The original is here.) A few of the devices can house a “target list” of as many as 10,000 unique phone identifiers. Most can be used to geolocate people, but the documents indicate that some have more advanced capabilities, like eavesdropping on calls and spying on SMS messages. Two systems, apparently designed for use on captured phones, are touted as having the ability to extract media files, address books, and notes, and one can retrieve deleted text messages. Above all, the catalogue represents a trove of details on surveillance devices developed for military and intelligence purposes but increasingly used by law enforcement agencies to spy on people and convict them of crimes. The mass shooting earlier this month in San Bernardino, California, which President Barack Obama has called “an act of terrorism,” prompted calls for state and local police forces to beef up their counterterrorism capabilities, a process that has historically involved adapting military technologies to civilian use. Meanwhile, civil liberties advocates and others are increasingly alarmed about how cellphone surveillance devices are used domestically and have called for a more open and informed debate about the trade-off between security and privacy — despite a virtual blackout by the federal government on any information about the specific capabilities of the gear.
  • “We’ve seen a trend in the years since 9/11 to bring sophisticated surveillance technologies that were originally designed for military use — like Stingrays or drones or biometrics — back home to the United States,” said Jennifer Lynch, a senior staff attorney at the Electronic Frontier Foundation, which has waged a legal battle challenging the use of cellphone surveillance devices domestically. “But using these technologies for domestic law enforcement purposes raises a host of issues that are different from a military context.”
  • ...2 more annotations...
  • ANY OF THE DEVICES in the catalogue, including the Stingrays and dirt boxes, are cell-site simulators, which operate by mimicking the towers of major telecom companies like Verizon, AT&T, and T-Mobile. When someone’s phone connects to the spoofed network, it transmits a unique identification code and, through the characteristics of its radio signals when they reach the receiver, information about the phone’s location. There are also indications that cell-site simulators may be able to monitor calls and text messages. In the catalogue, each device is listed with guidelines about how its use must be approved; the answer is usually via the “Ground Force Commander” or under one of two titles in the U.S. code governing military and intelligence operations, including covert action.
  • But domestically the devices have been used in a way that violates the constitutional rights of citizens, including the Fourth Amendment prohibition on illegal search and seizure, critics like Lynch say. They have regularly been used without warrants, or with warrants that critics call overly broad. Judges and civil liberties groups alike have complained that the devices are used without full disclosure of how they work, even within court proceedings.
‹ Previous 21 - 40 of 54 Next ›
Showing 20 items per page