secure
Latest
Telegram is launching a video conferencing feature in May
The service initially planned to switch on the feature last year.
Signal lets you see more info before you accept a message from a stranger
Signal lets you see a sender's profile before you accept, delete or block a message or call.
Telegram promises secure group video calls sometime this year
Telegram says it will add secure group video calls in 2020.
Chrome's 'Lite Pages' now work with secure sites
Loading websites over a slow connection can be frustrating and expensive. That's why Google offers Data Saver, a feature that lets Chrome reduce data use by up to 90 percent and load pages two times faster. Previously, this Lite feature was only available for HTTP pages. Now, on Android, Chrome is extending the function to HTTPS pages as well, meaning you'll be able to browse faster and securely, even if your network connection sucks.
Chrome is killing its 'Secure' URL label in September
The Chrome browser's upcoming versions will focus on highlighting its negative security indicators, even going as far as sunsetting its positive ones. Chrome Security Product Manager Emily Schechter has announced that Chrome 69, which will be available in September, will stop marking HTTPS sites as "Secure" on the address bar. Why? Well, because Google wants the default state to be secure. The tech giant already revealed earlier this year that all HTTP-only sites will be marked "Not Secure" in July. It looks like the Chrome team will also take things a step further by October: starting that month, the usually gray "Not Secure" warning will flash red as soon as you start typing in data on HTTP pages.
Command Nest's security system with Google Assistant
You'd think Nest's Secure alarm system would have worked with Google Assistant out of the box, but no -- you've had to arm it the old-fashioned way. Now, however, it's decidedly more convenient. Nest has quietly introduced Google Assistant support that allows voice control over Secure from a supporting device. You can arm the system whether you're home or away, check its status, or cancel it within seconds of making a mistake.
Scientists made the first 'unhackable' quantum video call
Following extensive testing earlier this year, China has now deployed its quantum communications work in the form of the first ever quantum-safe video call. The call, between the Chinese Academy of Sciences and the Austrian Academy of Sciences, marks a secure communications breakthrough which will have a huge impact on the way sensitive information is shared between distant parties.
BlackBerry Messenger Enterprise promises secure comms for business
Faulting BlackBerry for its lack of apps or antiquated design ideas was fair, but the firm's dedication to security spoke for itself. The company is going to take that reputation and use it to retool BlackBerry Messenger as an enterprise-level communications platform. Appropriately dubbed BBM Enterprise, the app offers end-to-end encryption for all communication methods; voice, video and text-based comms will all be secure.
Vertu's latest luxury Android phone is built for jetsetters
Luxury smartphone maker Vertu may have undergone some operational changes over the past couple of years, but that doesn't mean it has broken the tradition of selling people expensive Android smartphones. With its latest update to the premium Constellation handset, the company is targeting the "global traveller" with support for dual SIMs (for the first time) and access to iPass, the world's largest WiFi network.
Google shows the web is a lot more secure than it was a year ago
As we spend more time online, the need for secure browsing and communications has become more and more important. Messaging apps now incorporate encryption as standard and many of your favorite websites (including this one) are moving to HTTPS to protect their visitors. For the longest time, Google has helped champion that movement by rolling out secure apps and services, but its latest move is all about highlighting the good work of others. The web is a lot more secure than it was just a year and a half ago, and thanks to its new Transparency Report metric, Google has the stats to prove it.
Telegram founder knew ISIS was using his service before Paris attacks (updated)
Secure messaging service Telegram announced on Wednesday it had shut down 78 ISIS-related channels since the deadly attacks on Paris and Beirut, alongside a statement saying the company was "disturbed to learn that Telegram's public channels were being used by ISIS to spread their propaganda." This made the situation sound like new information to Telegram -- but that's not the case. At TechCrunch Disrupt in September, Telegram founder Pavel Durov told interviewer Mike Butcher that he knew ISIS used his app (as spotted by The Washington Post). "I don't think we are actually taking part in these activities," Durov said. "I don't think we should be guilty or feel guilty about it." The relevant conversation went down as follows:
Telegram blocked 78 ISIS messaging channels this week
As details emerged after ISIS' coordinated, deadly attacks on Paris and Beirut last week, one name stood out in conversations about communications channels: Telegram. ISIS operatives use Telegram and other encrypted messaging services to communicate -- a fact that was apparently news to Telegram. In response, this week the company blocked 78 ISIS-related channels in 12 languages. "We were disturbed to learn that Telegram's public channels were being used by ISIS to spread their propaganda," the company writes. Telegram found and blocked the channels based on user-submitted reports.
TunnelBear VPN lets you surf, securely
TunnelBear VPN is a simple app that works beautifully to let you securely surf online using your iPhone or iPad (and there's a Mac version as well). A VPN (Virtual Private Network) is an encrypted connection to a server that permits you to be online without worrying about anyone stealing your passwords or watching your private communications. It also helps to defeat software that tracks your movements online. VPNs are handy for anyone who is concerned about their privacy. Because VPNs hides your location, you can easily connect to a VPN server in another country, which will have the effect of making servers in that country think you are local. This lets you get around restrictions that might be in place. More on that in a minute. Using TunnelBear is pretty straightforward. After you create a free account, you are walked through the steps to get it set up and working. This involves installing a network profile onto your iPhone or iPad but TunnelBear makes it as easy as it can be. You are given the choice of one of two ways to connect to the VPN. The first is through the app itself. The second is using the Settings App on your iPhone or iPad. The latter approach provides faster connecting but may be more technical than some people would like. The app's interface is quite entertaining and also easy to use and understand. You can always try one and then switch to the other by choosing "Reinstall Profile" from TunnelBear's menu in the app. Once you are set up then you can connect. Connecting to the country you live in is the best plan unless you specifically need to appear as if you are in a different country. In my tests, using TunnelBear's VPN is noticeably slower when tunneling to, say, the United Kingdom from the United States. There is a slowdown tunneling locally as well but it is nowhere near as great as it was going across the pond, as it were. TunnelBear claims you should see about 80%-90% of your normal speed and my tests showed that when tunneling within the United States. When I connected to the United Kingdom, that speed dropped as low as 50% at one point. All tests were done using Ookla's Speedtest App. If you are new to the concept of the VPN you might wonder when you would want to use it. Generally, I do whenever I find myself on a public WiFi network. You really don't know who's running it or who might be lurking around on it. For me, the killer feature is the ease with which you can appear to be in a foreign country. During the London Summer Olympics a while back, I heard that some people (cough) made good use of TunnelBear in watching the live, unedited, and un-ruined-by-NBC-commentary feeds from the BBC rather than waiting for prime-time. I have heard others have used it for Downton Abbey or Doctor Who purposes as well. I can neither confirm nor deny the veracity of these statements. (Technically, doing anything like this is not allowed and is frowned upon.) I may or may not have used it to watch the live results in the UK of the historic vote on Scottish independence at 1AM. TunnelBear VPN takes the mystique and technogeekery out of the VPN and does so with a delightful and whimsical user interface. I've tried a few of these types of apps and this is the one I come back to again and again. The app is designed for both iPhone and iPad and requires iOS 7 and up. It provides 500MB free data per month (which is hardly enough to do much of anything) and offers in-app purchases of data plans including US$2.99/month, $7.99 every 3 months, or $29.99 for a full year. Note that if you get the free Mac version and buy a plan through it or through TunnelBear's website, the prices are $4.99/month or $49.99 per year but that gives you unlimited use on your Mac and up to two mobile devices (including Android). For many, that will be the better deal. The iPhone and iPad in-App plans are only for a single device. Finally, you can get 1 free gigabyte of data by tweeting them and asking for it. Instructions are in the app and on their website.
Snowden reports NSA employees intercept, share private nude photos
Edward Snowden is currently holed up in Russia, but the Guardian recently paid him a visit, and today published an interview today in which the former government contractor discussed numerous privacy violations, including the "routine enough" practice of intercepting nude photos shared privately through email and other means. According to Snowden, NSA employees come across nude photos on a regular basis, but rather than labeling such content as irrelevant, they often pass it along to colleagues. "They turn around in their chair and they show their co-worker. And their co-worker says: 'Oh hey, that's great. Send that to Bill down the way.' And then Bill sends it to George, George sends it to Tom. And sooner or later this person's whole life has been seen by all of these other people."
Silent Circle expands its encrypted calling service to 79 countries
Silent Circle's mobile apps have helped make calls, messages and storing contacts more secure, but to enjoy its encryption benefits other people would need to use the same service. That could no longer be a problem for some, after the company announced its expanding its Silent Phone service to let users make truly private calls to non-Silent Circle members worldwide. While some users have been able to use the iOS and Android apps to make calls to standard mobile and landlines, like you would with Skype or Viber, Silent Circle's encrypted "Out-Circle" calling service was limited to users in a select number of countries. From today, subscribers enrolling in the service will be given a unique ten-digit Silent Phone number to make and receive calls in 79 countries without a roaming charge in sight. If you've ordered the Blackphone, you will, of course, be pre-subscribed to Silent Phone (although you'll have to set up Out-Circle separately) and the company's other anti-surveillance services. Starting at $12.95 for 100 minutes, Out-Circle isn't the cheapest package out there, but you can't put a price on privacy, right?
Tell the White House who you trust (or don't trust) with your data
President Clinton's former Chief of Staff, John Podesta, is back in the White House, working with President Obama to assess the state of big data and privacy. A thorough review is currently underway, and you can contribute by filling out a survey over at the White House website. First, you'll be asked about how much you trust certain institutions with your data, with responses ranging from "not at all" to very much" (ha!), before the survey prompts you to rank your concern when it comes to certain types of content (like video and audio, or location info) and data practices in general. It's not clear what change, if any, may result from the agency's review, but if you feel strongly about sharing your opinions (and we know you do!), head on over to let the prez know what's on your mind.
Browsing on your Android phone just got safer, thanks to the EFF
In the wake of Edward Snowden's NSA revelations, finding ways to browse the internet more securely has become of paramount importance. In its mission to help netizens feel that little bit safer, the Electronic Frontier Foundation (EFF) has long offered its HTTPS Everywhere add-on for desktop browsers, and it's now looking to do the same on mobile. As of yesterday, you can install the HTTPS Everywhere on Firefox for Android, which automatically seeks out HTTPS connections on supported websites. Webpages will be loaded over an encrypted connection, letting you to check your email, shop online and browse the web without fear of a third-party, or surveillance agency like the NSA or GCHQ, intercepting your traffic. To install the add-on, make sure you have the latest version of Firefox for Android on your phone, then install the plugin via the EFF website. Once loaded, the app will display an icon in the address bar, ensuring your browser won't suffer the same fate as Angry Birds and other mobile apps.
Starbucks plans to secure user information with updated iOS app (update)
Following this week's revelation that Starbucks' mobile apps store data such as user names, passwords and even location coordinates in plain text, a company executive announced today that a refreshed application is in the works. Curt Garner, the beverage giant's chief information officer, says that the new iOS app will "add extra layers of protection" to the "added measures" that he claims already "sufficiently address the concerns" referenced in yesterday's post. Garner also emphasizes that no information has been compromised using the methods outlined this week. There's no firm timeline for the updated iOS app, but the company reiterated that the current version offers sufficient protection -- and we imagine they'll be sticking to that story right up until a fix is available. Update: According to the Starbucks Twitter account, an update is now available. We're not seeing it via the web, but a check of our iOS device reveals v2.6.2 with "additional performance enhancements and safeguards." The press release doesn't go into detail about changes, saying only "As promised, we have released an updated version of Starbucks Mobile App for iOS which adds extra layers of protection. We encourage customers to download the update as an additional safeguard measure."
Starbucks app stores log-in credentials, location info in plain text
If you're concerned about someone getting their hands on your personal data, you'll want to read on -- this latest method's an unlikely culprit. The Starbucks mobile-payment app is reportedly saving user data, including email addresses, passwords and even your GPS location in plain text. Theoretically, anyone with access to your phone (and a computer) can download your private data with less than an hour or work. Company executives confirmed the flaw to Computerworld, admitting that they're aware of the issue. Daniel Wood, a security researcher, first came upon the unencrypted information last year. He downloaded and re-tested an updated version the app, which Starbucks claims now includes "adequate security measures," only to find that the same information is still easily accessible. A log file also includes GPS coordinates that are captured every time you search for a nearby Starbucks store. Of course, the global caffeinator's mobile application isn't free of other weaknesses, too -- payments are processed by scanning an on-screen barcode, which can be reproduced and used to drain your account by anyone close enough to photograph your phone.
Kim Dotcom's Mega cloud storage exits beta, secure messaging and video chat due next year
The feds may have taken Megaupload to the big cloud storage facility in the sky, but Kim Dotcom's followup Mega is going strong and now out of beta. That official launch includes a new web UI with tweaks focused on making everything faster and more efficient, including local caching that only syncs changes made since the last time you connected. Sharing among friends should also be easier, with user avatars for a visual reminder of who's who plus contact management that shows how many files someone is sharing with you and when they were last updated. The final tweaks mentioned are tree style navigation between folders, the ability to move around the site while continuing file transfers and a custom Firefox extension. So what's next for Mega? Its iOS app has been submitted for review (it's already available on Android), and is expected in the next month along with a Sync desktop app headed for Windows, OS X and Linux. Looking down the road into 2014, the company also previewed encrypted communications services (including file attachments, of course) for text messaging between members and video conferencing built to keep prying eyes locked out.
