Is the Cloud ready for mission critical apps? | The Next Web

No it isn’t. I’ve consulted for companies that try to rely on third parties, and their false promises of redundancy and reliability bite them every time.

Even those reliant on Amazon EC2 now simply accept that they must pay double or even triple the monthly rate to run copies of their virtual machines in 3 different Amazon data centers. Such a joke.

thenextweb.com/insider/2013/09/18/is-the-cloud-ready-for-mission-critical-apps/

Smart Scopes to anonymize images before landing in the user’s Dash (privacy oriented) | Iloveubuntu: Ubuntu blog

As seen in the demo URL, the Canonical severs are anonymizing directly the URL with the probable behavior: typing a word in the Dash, pushes the word against (along with the locally-installed scopes) the Canonical servers, the Canonical servers decide the best results, the results are then anonymized and finally landed in the Dash.

This isn’t enough. Anonymity means that no one, not Amazon, not Canonical, receives your personal information. Canonical simply becomes the focal point of attention when “they” come knocking.

http://iloveubuntu.net/smart-scopes-anonymize-images-landing-users-dash-privacy-oriented

Al Franken questions privacy of iPhone 5S fingerprint scanner | CNET News

“Passwords are secret and dynamic; fingerprints are public and permanent,” Franken wrote. “If you don’t tell anyone your password, no one will know what it is. If someone hacks your password, you can change it — as many times as you want. You can’t change your fingerprints. You have only ten of them. And you leave them on everything you touch; they are definitely not a secret. What’s more, a password doesn’t uniquely identify its owner — a fingerprint does. Let me put it this way: if hackers get a hold of your thumbprint, they could use it to identify and impersonate you for the rest of your life.”

http://news.cnet.com/8301-13579_3-57603947-37/sen-franken-questions-privacy-of-iphone-5s-fingerprint-scanner/

Google Chrome is Spyware.

On its first run, Google Chrome silently imports your browser history from Firefox and Internet Explorer. This combined with its incessant prompting to sign into your Google Account guarantees quite a bit of unauthorized data collection on their part, considering this history data will then be synchronized, unencrypted, with them.

It is the only piece of software I know which:

  • logs your keystrokes
  • logs your browser history
  • logs your affiliations
  • lists your installed software
  • sends all this information to unnamed third parties

All known traits of spyware programs, which would be removed swiftly and decisively by users if found. Google Chrome, however, which exhibits all the above traits of a spyware program (because it is one) is universally accepted.

Don’t be evil.

Great New Features in GNOME 3.8

I’m quite enjoying GNOME 3.8 so far. Despite my initial objections to the GNOME 3 environment (Linus Torvalds had the same objections), I’ve found that much of the UI decision making involved in the desktop environment has been more than sensible, and lent a natural feel to it (Linus feels the same way!).

The latest version of GNOME even requires one to switch their init system from SysV init to SystemD, if their distribution of choice has not yet done so (looking at you, Gentoo). I had no objection to this either, has SystemD has been a great improvement in various areas of the system, from boot time to proper logging and tracking of who’s logged in, and good integration with the desktop. This is a mature and modern init system.

But the thing that impressed me most just now is the Epiphany browser – I’ve been using it for about 50% of my browsing activities since about GNOME 3.2, as it effectively sandboxes things like Facebook and prevents their tracking cookies from sifting through all my other activities on the web. Very nice. No, Ghostery and Adblock Plus as Firefox addons are not quite as effective as a sandboxing strategy, so don’t go there.

New in Epiphany is the ‘Allow advertisements’ checkbox:

General

 

In concert with the ‘Cookies – Only from sites you visit’ radio button in the Privacy tab:

Privacy

 

Which, when checked, both permits ads and allows those third party cookies from known advertisers even if ‘Only from sites you visit’ is also selected. Smooth and fair. Permit advertising behavior, or completely block advertising behavior.

Overall, the GNOME 3.8 desktop is much smoother and the feel has really taken shape. I still use a couple of extensions, but my usage of native GNOME apps has even increased – I’ve been using Evolution regularly where in years past stability issues had pushed me back to Mozilla Thunderbird. The latest Empathy has replaced Pidgin on my desktop. The list will expand as things continue to take shape.

If you’ve been upset with GNOME 3’s radical change in user interface design, I recommend you take a second look. The desktop has really come a long way.

 

Think Your Office Is Soulless? Check Out This Amazon Fulfillment Center | Co.Design

“When you buy something from an independent retailer, you might pay more than Amazon, but that extra bit is an investment,” Roberts explains. “When you pay it, you’re investing in the quality of not only your own life but the life of the community around you.”

I don’t buy things from Amazon because shopping requires a human touch. As do we all.

Read more: http://www.fastcodesign.com/1672939/think-your-office-is-soulless-check-out-this-amazon-fulfillment-center?fullsite#1

Björk cancels Kickstarter, blames complexity of Android and Windows 8 | The Verge

Kickstarter backers in line for an Android or touchscreen Windows 8 port of Björk’s app/album Biophilia are going to be be disappointed: the project has been put on hold indefinitely, reports Pitchfork. In a letter to the project’s contributors, the Biophilia team explains that “the costs were too gigantic and we were too optimistic,” deciding that it would be better to stop the project than let it drag on, although it didn’t rule out coming back to it in the future. Biophilia was originally released for the iPad in October, 2011.

Android apps are hackjobs – the lack of a proper development workflow is apparent in the poorly constructed user experiences of even A-list apps like Evernote. Windows 8 apps are featureless ghosts of their cross-platform counterparts, reflective of that platform’s overwhelming limitations.

I’m curious to see what the development tools are like for blackberry and what kind of leeway their apps have. I certainly hope developers don’t use the Android runtime as a crutch, but only superior blackberry development environments can prevent that.

Read more: http://www.theverge.com/2013/2/8/3966806/bjork-app-android-windows-8-canceled

US Surveillance Law May Poorly Protect New Text Message Services | ACLU

People are finally beginning to understand the issues I’ve been tightening my tinfoil hat over for years now. Refreshing.

Where we go from here, is a choice I leave to you.

Google’s customers should be free to vote with their feet (or their data), and to use services that offer them the greatest degree of privacy protection, both via technology and the law. Google’s total failure to be transparent on this issue robs its customers of the ability to take reasonable steps to protect their own communications from warrantless government surveillance.

Finally, while Google’s lawyers hid behind the non-answer provided by their PR team, Google’s competitors were far more transparent. Twitter and Facebook both offer some functionality to their mobile users via SMS, including the ability to send private messages to their friends. In response to queries from me, both Twitter and Facebook confirmed that the companies treat communications metadata the same regardless of whether users’ messages are transmitted to the companies’ servers via SMS or the internet. No court order? No metadata. Not only have these companies apparently adopted a more pro-privacy reading of the law than Google, but they’re also willing to talk about it.

Read more: http://www.aclu.org/blog/national-security-technology-and-liberty/us-surveillance-law-may-poorly-protect-new-text

Circumventing Windows RT’s Code Integrity Mechanism | On the Surface of Security

It’s taken longer than expected but it has finally happened: unsigned desktop applications run on Windows RT. Ironically, a vulnerability in the Windows kernel that has existed for some time and got ported to ARM just like the rest of Windows made this possible. MSFT’s artificial incompatibility does not work because Windows RT is not in any way reduced in functionality. It’s a clean port, and a good one. But deep in the kernel, in a hashed and signed data section protected by UEFI’s Secure Boot, lies a byte that represents the minimum signing level.

This is proof of a few things.

  1. Secure Boot serves no purpose other than to attempt to block alternative operating systems and software from running on a device. It does NOT in any way protect users from exploits.
  2. As the author states, the decision to block traditional desktop applications was a choice the suits made, it had no technical basis whatsoever.
  3. This is a sign of things to come. If the RT were a successful product it would have encouraged Microsoft to proceed with locking users out of their desktop applications once and for all, sometime down the line. After all, piracy is probably the desktop’s primary use in practice at this point.

That last one is important, because it’s still a clear and present threat. Microsoft’s marketing and messaging for their products clearly states that the desktop is the past, and the App Store is the future.

Read more: http://surfsec.wordpress.com/2013/01/06/circumventing-windows-rts-code-integrity-mechanism/