[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[tor-talk] Tor Browser Bundle with Chromium



zaki[at]manian.org:
Fred says the deterministic builds for iOS are impossible because Apple's
FairPlay DRM.

RAM can't be trusted either.

Everytime I think we've hit local peak dystopia, we go deeper.


mikeperry[at]torproject.org:
"The security researchers also claimed they had created a modified
version of Apple’s proprietary software development tool, Xcode, which
could sneak surveillance backdoors into any apps or programs created
using the tool. Xcode, which is distributed by Apple to hundreds of
thousands of developers, is used to create apps that are sold through
Apple’s App Store.

The modified version of Xcode, the researchers claimed, could enable
spies to steal passwords and grab messages on infected devices.
Researchers also claimed the modified Xcode could “force all iOS
applications to send embedded data to a listening post.” It remains
unclear how intelligence agencies would get developers to use the
poisoned version of Xcode."

https://firstlook.org/theintercept/2015/03/10/ispy-cia-campaign-steal-apples-secrets/

*sigh*


keb[at]cyblings.on.ca:
I dont know anything about Apple development, just wondering if there is
a free firmware or jailbreak or similar project to put user-trustable
code on those devices.  For example, if Mac OS X is sort of a fork of
the free Darwin, is there a similar codebase that could replace what is
on the phones and tablets? If not, why waste any more time writing code
for patently untrustworthy products, or even talk about them here...


You will always have to take others at their word, but trust in others is only going to get us so far, especially with software, which most people who use it don't understand.

Because this is a problem software alone can't resolve, we need hardware solutions, too. For example, with microphones and GPS/RT antennas, a mechanical switch could help ensure privacy/security when employed and shut off. As for keyloggers and malware, some sort of scan/detect filter could be beneficial, though a more technical person would have to validate the plausibility/value of this suggestion.

Wordlife,
Spencer

--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk