Twitter security celebrity1 SwiftOnSecurity maintains Decent Security, providing some nice detail on how to securely install your Windows machines, and then how to maintain and recover them (particularly useful when your relatives call wondering why their browser is exploding):
This is a guide to bi-yearly maintenance for Windows 7 and higher. Although this isn’t a computer disinfection guide, it will remove many viruses and repair their damage.
Some of the info is incomplete, but it’s an excellent starting point.
Open source and publicly minded certificate provider Let’s Encrypt have gone into open beta, meaning anyone running their own web server can now get a free HTTPS certificate. It’s still complicated to implement, but the ‘private by default’ concept is gradually getting easier.
The EFF recommended private messaging tool Signal has released a beta desktop version. Android synch only at the moment, but it’s getting closer to a universal (sorry Windows phone) secure messaging platform.
The EFF on the case again with their Who Has Your Back? table: which companies do the most to protect your data from government snooping.
WhisperSystems have updated their IOS app Signal so that it now supports private and secure text messaging between IOS and Android devices using TextSecure (the Android equivalent of Signal):
We cannot hear your conversations or see your messages, and no one else can either. Everything in Signal is always end-to-end encrypted, and painstakingly engineered in order to keep your communication safe.
The EFF agrees - no ads, no cost, no catches. A great way to claw back some of the privacy ground ceded in the name of convenience.
The Electronic Frontier Foundation has created a very helpful secure messaging scorecard as part of their campaign for ‘secure and usable crypto’. Interesting to see just how insecure some of the bigger tools are:
Many options—including Google, Facebook, and Apple’s email products, Yahoo’s web and mobile chat, Secret, and WhatsApp—lack the end-to-end encryption that is necessary to protect against disclosure by the service provider. Several major messaging platforms, like QQ, Mxit, and the desktop version of Yahoo Messenger, have no encryption at all.
Nice argument from the Pinboard crew for paying for web services you like: if you don’t, someone will buy them or they’ll go out of business. Includes a handy chart.
Only companies the size of Google & Apple are immune to this, and the obvious trade-off is you’re at their mercy.
Related: Shifty Jelly, developers of the excellent Pocket Weather AU, on the joy and horror of independent app development. Having read the Pinboard piece, why not go buy a copy (for iOS & Android).
I made the mistake of going to a website today. It’s understandable, of course - everybody does it, from time to time - and I’m sure I’ll forgive myself, eventually.
They’re filled with ads and social-media sharing buttons - and more ads. And Google plus-onesies and Facebook likeys. And also more ads. Plus tweet-this-es. Plus ads. (And, under-the-hood, a whole cruise-ship-full of analytics.)
His points are the main reason I also love Instapaper, Google Reader, and the tiny Reader icon in iOS Safari.
A friend commented on the Google Music post below, only he commented over at Google+. Then someone replied to his comment, also on G+.
I can’t see that he commented. And I can’t respond to his comment on G+ because I’m not a member. He can’t comment here because he’s not registered.
In any case, the comment on the comment was:
Don’t look at Google - look at the dinosaur music companies who set down the policies on where their music may be purchased and played.
My comment on the comment made on his comment: I do look at Google here. To make it work, you just have to fork out enough dosh. Apple have done it1. Google can too.
Amazon are also guilty here - one of the strengths of their (otherwise apparently pretty average) Fire is apparently video playback. Full video functionality comes with being a member of Amazon Prime2. And Amazon Prime is, you guessed it: US only.