Boycott Israel Tech

At the time of writing over 1800 Palestinians have been killed in Gaza by the Israeli Defence Force, among the targets have been three UN facilities. Fascism is on the rise in Israel and its politicians believe its is acceptable to call for the slaughter of Palestinian mothers who give birth to “little snakes.” Human Rights Watch and Amnesty International have condemned the actions as unlawful, amounting to collective punishment and war crimes.

In light of this I believe its time for tech consumers to make their voices heard and boycott Israeli tech. Two of the biggest apps to come out of Israel in recent times are Viber, the VOIP/messaging app and Waze the navigation tool.

An equally cool alternative to Viber is the South Korean Kakao Talk, which is available on all major platforms including BlackBerry and many Nokia handsets. It offers free calls and conference calls (up to five participants), video calls, and has no banner ads. The app is primarily funded through the sale of sticker packs and optional marketing channels to brands. For the privacy conscious, you can exchange contacts using a username, rather than your mobile phone number.

Finding a free app similar to Waze has been a little more difficult as the best alternatives either aren’t available across platforms or are produced in almost equally objectionable places like Russia (Yandex Maps/Navigate). I will be trying MapQuest and Yandex over the next few days here in the UK and will post when I know more about them. If you have any suggestions please leave them in the comments below.

Secure messaging app Threema and NIST SP 800-90A

Recently the RSA, a major US computer security firm, told its customers that a random number generator, Dual EC DRBG (NIST 800-90A) used in its software may contain a NSA backdoor and advised it’s customers to discontinue its use: Deliberately flawed? RSA Security tells customers to drop NSA-related encryption algorithm. As this is one of a number of random number generators used in elliptic curve cryptography used in secure messaging app Threema we contacted the Kasper Systems to check this wasn’t a known flaw in their service, see their response below:

While not revealing the random number generator used, it does offer some reassurance that this particular vulnerability isn’t included in the software. Further details of the encryption used can be found in the Threema FAQ.

EE – Nothing Nowhere

Since the merger of T-Mobile and Orange to form EE many users have experienced network problems as “overlapping” masts are switched off. When contacting customer services users are regularly told this is no problem with the network and the fault must be with their phone, or that the mast is down temporarily with no deadline for a fix.

To avoid being perceptually fobbed off any user experiencing problems should immediately put their complaint in writing and send it recorded delivery, large numbers of complaint letters get “lost”, if nothing improves the complaint should be escalated to industry regulator Ofcom. Template letters can be found on the eecomplaints.co.uk website.

Android users can also download the Rootmetrics app which will record areas of good and bad coverage and plot it on their crowd sourced coverage maps. To set the app up for background testing follow these steps:

1. After downloading and opening the app, click the top left stopwatch “test” icon and and select “Signal only” testing.
2. Go back to the menu by selecting small icon in the top left.
3. Select the “Settings” cog in the bottom right, inside this menu turn the “background testing” to ON, and then “Send results using: Wifi Only”. This will ensure the data collected is only sent via Wifi at home and won’t eat into your mobile allowance.

Uploaded results should appear on the map within a few minutes of uploading, and poor coverage will show as orange, red, or black (completely dead) and can be used to demonstrate the extent of the holes in their coverage and their failure to meet their contractual obligations to provide the service their customers pay for.

Microsoft, a trojan horse?

The latest release of the Snowden files published today by the Guardian, “Revealed: how Microsoft handed the NSA access to encrypted messages“, show the extent that Microsoft (and subsidiary Skype) have been collaborating with the NSA. Giving access to encrypted emails, video calls, cloud storage and presumably anything else they wanted. Microsofts defence is that they were legally compelled; completely forgetting the fourth amendment which reads:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

I’m not a lawyer but the FISA court warrants authorising the collection of the data did not specify the person being searched or what the probable cause was; therefore unconstitutional. I’m happy to be corrected in the comments section 🙂

Given more civilians are killed in countries participating in Prism by the police than terrorists you might be forgiven for thinking the blanket analysis and perpetual storage of every private communication is a little disproportionate. An explanation is that the data gathered is being used for more than the prevention of terrorist attacks.

A possibility is that the American government has been monitoring global communications as a mass act of industrial espionage, to gain an advantage from both its allies and enemies alike. This is just a theory but if you’re responsible for a business outside of the US are you happy that the IT your using could be being used to share your intellectual property, gauge your negotiating position (as the US/UK have done in trade negotiations), gain the contact details of prospective clients?

Imagine the advantage a politically well connected US bank would have over its German or British counterpart simply because they’re naively using their competitors national office software and email programs (Outlook/Hotmail). Likewise could an Airbus PowerPoint sales pitch be used to Boeings advantage?

It might now be time to seriously consider installing one of the many easy to use Linux distributions such as Ubuntu, Linux Mint, or Trisquel all of which can be downloaded for FREE and burnt to a DVD for install. All include a LibreOffice which functions in a very similar way to MS Office 2007 (no ribbons).

Send your iPhone messages via Wickr, and short: MSFT, GOOG, AAPL, YHOO

Google backlash: Prism leaves red ink

With the exception of the UKs Guardian much of the media has left the Snowden affair well alone, either through political pressure or lack of exclusive. The story, however, hasn’t gone unnoticed by the American and European consumer. Alexa, the Amazon owned website ranking company, shows the number of page views to Googles various international sites significantly down over the last month.

Google.com: -9.97%
Google.co.uk (United Kingdom): -21.7%
Google.fr (France): -25.05%
Google.de (Germany): -14.58%
Google.es (Spain): -24.16%
Google.be (Belgium): -21%
Google.com.br (Brazil): -6.65%
Google.nl (Netherlands): -14.27%
Google.co.ve (Venezuela): -13.37%
Google.it (Italy): -20.67 [Added 12:08 11/07/2013, London]

These figures are correct as at 12:37 10/07/2013 (London).

Whether this will result on any impact on the bottom line and is temporary remains to be seen but the online consumer seems to be at least trying StartPage and DuckDuckGo, and possibly many of the other alternatives this blog has highlighted in the wake of Prism.

Please follow on twitter: @madeupnamethree for updates and feel free to comment below.

New democracy

The Snowden documents and the resulting investigation and diplomatic response has shown how weak and craven European nations have become in the face of American imperialism (see the grounding of Bolivian President Morales state jet). It is also becoming increasingly obvious that British and American politics are dominated by political parties that talk a good opposition but act just like their counterparts on gaining power; in terms of policy the Democrats are interchangeable with the Republicans and the Conservatives with Labour. This has left the vote that our forefathers fought for virtually worthless.

Our political oligarchy now primarily serves itself, and takes its direction from big business. Effectively the only way for the average citizen to exert any influence over the system now is to break the monopolies held by the companies so they are both less influential in the long term and in the short term articulate that unless their customers views are represented, they will lose business.

Your choices as a consumer in terms of which search engine you use, who provides your email, and which web browser (etc..) are now the best and easiest way for you to express your dissatisfaction with the trampling of our United Nations backed right to privacy.

See my previous post for suggestions on alternatives, and feel free to comment below and follow on twitter: @madeupnamethree

Weve got you tracked

Weve is the location tracking marketing joint venture created by O2, EE (Orange & T-Mobile), and Vodafone. The idea behind the project is to take the data the mobile operators hold on you and sell it for marketing purposes. According to the Weve website 15m ( 21%) of the three networks 68m subscribers have opted-in, however, when I contacted the customer services of each network the agents had never heard of the scheme, or knew if I had opted in or how I could opt in or out. Presumably most of the 15m have opted in through small print in their contract.

Contact your mobile operator to find out if you’re in (or out) but expect bewilderment:

Vodafone: 01635 676061
EE/Orange/T-Mobile: 01707 315000
O2: 0800 0321402

Twitter: @madeupnamethree

Prism, CarrierIQ and your mobile device.

Back in 2011 Trevor Eckhart broke the story that mobile phone logging software CarrierIQ was quietly transmitting data about users handset use without their knowledge. The software reports keystrokes, browser data, and text messages’ content, and location. The extent of the data transmitted back allegedly depends largely in the install. He explains this in detail on his YouTube channel, click here to watch.

At the time many dismissed this as being used for development purposes (to remove software bugs, improve mobile coverage, etc…) but in light of the Prism revelations many now wish to revisit whether they want their activities monitored. According to the Chpwn blog the iPhone install only reports location data, however, if you wish to stop this the process is relatively easy.

1. Go into your settings “app”.
2. Scroll down to “General”.
3. Click “About”.
4. Scroll down to “Diagnostics & Usage”
5. Select “Don’t Send”.

This should prevent any further logs being sent via CarrierIQ to Apple, who in turn probably share it with the NSA/GCHQ via Prism.

The process for checking whether the software is installed on Android devices, and how to remove it, is a little more complicated but is explained in full on the Tech Crunch website.

Prism: there are alternatives

Since the Prism surveillance scandal broke in the Guardian and revealed the extent of government access to internet users data, many including myself have been looking for alternatives. The Prism Break website has listed a huge number of these, which is great but a number of these aren’t particularly user friendly so I’m using this blog to highlight my picks all of which are available free.

Browser
Prior to the revelations I had been a committed (Google) Chrome user, it offered faster feeling experience than IE and had the then innovative omnibar which allowed Google searches to be undertaken without visiting the search engines home page. The best alternative to this is Mozilla Firefox; it’s free, open source and customisable and available for Windows, OS X, Linux and Android.

The Omnibar add-on gives you the ability to search straight from the browser address box, as per Chrome. DoNotTrackMe and Adblock Plus are also must adds, which block both annoying ads and hidden java script, which track your movements across the internet.

Mobile Web Browser
Again wanting to ditch Chrome from my iPhone, I tried Opera and Dolphin; both of which are available for iOS and Android. While Opera offered data compression features it seemed to freeze when data coverage was poor. Dolphin on the other hand seems slick and is easily customisable to force searches through the privacy conscious DuckDuckGo (see below).

Search
If you want to get away from the dominant Google, Bing and Yahoo, worth trying are the European StartPage or the US based DuckDuckGo, both of which promise no logging or tracking of searches. Both offer good web search but lack the niche video, news and blog searches of the established players. StartPage, however, does have a reasonable image search.

Cloud Storage
The best alternative to Google Drive, and (Microsoft) Skydrive I’ve found is the 256 bit AES encrypted Spider Oak. The service is hosted in the US but the level of encryption means even their staff don’t have unencrypted access to your data, the downside to this is if you lose/forget your password there’s no way of recovering your back-up. They offer 2gb for free to anyone, or those clicking through this link should get a 1gb referral bonus (3gb).

Mapping
Open Source Routing Machine finds the fastest car route in seconds, the only quirk for UK users is that postcodes need to be separated correctly unlike Google Maps. A slight downside is that it doesn’t offer walking or cycling directions.

Mobile Messaging
The Wickr app for iOS offers free encrypted messaging that self erase within a predefined time, which can be set up to 5 days. It’s unbelievably easy to use and Mashable reports it has been approved by IT security consultant Dan Kaminsky but the developers reluctance to release the source code has left some doubtful of its claims. My take on it is, can it be any worse than iMessage which is archived and probably accessible by the NSA. An Android version is promised in future.

It would be foolish to believe you could ever fully escape a security services or police investigation, but this software should stop or limit the wholesale archiving of our digital lives, help us regain our privacy, and send a message to the established players that their are consequences of breaching our trust.

Please feel free to comment below and follow on twitter: @madeupnamethree