Bonum Certa Men Certa

Regaining Control Over Infrastructure With Decentralisation and Trusted Encryption

Clown computing isn't about security but lack of it (you've been compromised the moment you migrated to 'the clown')

Cloud Mass / rain is coming



Summary: Considering some recent developments in the GnuPG project, there are growing reasons for concern; recently we've been studying what alternatives to it already exist and are sufficiently mature; there are other betrayals or cases of divergence from a strict trust model and the issue needs to be brought up a lot more often

SOME of ours readers are security folks. They mostly agree with what we've published about conflating "fake trust" (authorisation from monopolies) with the user's trust (in effect not outsourcing trust to some dodgy, military-connected firms) and the idea that encryption between node and server (e.g. Facebook user and Facebook servers) is somehow "privacy", never mind if Facebook abuses all the data it gathers and moreover sells this data. This isn't privacy. This is a joke. The media helps these monopolies mislead the public, leaving people utterly confused about what privacy even means. Google says it's improving GMail privacy/security while harvesting, scanning and sharing with governments contents of E-mails. Is that privacy? Microsoft puts back doors in Windows (there's evidence), but at the same time it claims to deliver "security updates". What does security mean in this context? National security? As in US access to all of the files and communications of innocent people? Even on their own desktop/laptop?



But that's where it gets even worse. Years ago the father of Linus Torvalds said very publicly that his son had been asked by the NSA to put back doors in Linux. Not only did the son not deny this; he turned a question about it into a joke, refusing to explain if he agreed or not. This is no way to establish or regain trust.

Bison comingRecently, in light of the Guix petition, we've received some mail alarming us about GnuPG (it is among the signatures there, in effect seeking the ousting of Richard Stallman from the GNU Project -- a project that he founded).

"GnuPG is showing signs of compromise by outsiders," a reader recently told us. "I think we need to start looking at alternatives before the spyware starts to (inevitably) creep in. If [Werner] Koch can accommodate Yubico, he can accommodate the NSA and friends."

The Yubico Authenticator is developed on Microsoft (NSA/PRISM) servers with proprietary software and the product itself isn't trustworthy; it's proprietary itself. Yubikey is expensive snakeoil which raises the access barrier, both technically and fiscally (how many in poor African countries would shed a grand or two for a bunch of glorified "keys"?). Who stands to benefit? Probably the deep-pocketed (state-subsidised) surveillance giants that have redefined "security" and "privacy" their own way (they want us to assume they're guardians of both, not agents or facilitators of digital imperialism).

In the coming days we shall be writing about, then exploring, a plethora of alternatives. They do exist, not many people use these, and the media certainly isn't giving them the publicity they deserve. A lot of media coverage is nowadays up for sale; those who raise more money can dominate publishers or even so-called 'influencers' in social control media (to get paid-for 'endorsements').

Recent Techrights' Posts

Why We're Reporting Brett Wilson LLP for Apparently Misusing Their Licence to Protect American Microsofters Who Attack Women
For those who have not been keeping abreast
Stefano Maffulli and His Microsoft-Funded OSI Staff Are Killing the OSI and Killing "Open Source" (All for Money!)
This is far from over
Techrights Headlines as Semaphore
"If you are hearing this, thank you"
 
Gemini Links 01/04/2025: Games and More
Links for the day
Links 01/04/2025: Apple Fined $162M for Privacy Abuses, Disinformation Online a Growing Concern
Links for the day
Newer Press Reports Confirm That Microsoft Shuts Down 'Hey Hi' (AI) Labs Despite All the Hype
The "hey hi" (AI) bubble is not sustainable
Links 01/04/2025: Mass Layoffs at Eidos and "Microsoft Pulls Back on Data Centers" (Demand Lacking); "Racist and Sexist" Slop From Microsoft
Links for the day
Gemini Links 01/04/2025: XKCDpunk and worldclock.py
Links for the day
50 Years of Sabotage and a Gut Punch to Computer Science (and Science in General)
Will we get back to science-based computing rather than cult-like following?
3 Months in 2025, 4 Waves of Mass Layoffs at Microsoft, Now Offices Shut Down Permanently
"A recent visit by the South China Morning Post confirmed that the office was dark, unoccupied, and had its logo removed."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 31, 2025
IRC logs for Monday, March 31, 2025
Links 31/03/2025: China Tensions, Bombs Falling in Myanmar After Earthquake
Links for the day
Gemini Links 31/03/2025: Falling Out of Love With Tech, Sunsetting openSNP
Links for the day
R.T.O. at IBM in Texas and Atlanta (State of Georgia) Expected as "Soft Layoffs" Catalyst This Coming Year
It also sounds like more IBM layoffs are in the making
Law Firms Can Also Lose Their Licence for Clearly Misusing It
The bottom line is, never made the false assumption that because you can pile up SLAPPs in a docket you will not suffer from bad reputation or even get disbarred
Link between institutional abuse, Swiss jurists, Debianism and FSFE
Reprinted with permission from Daniel Pocock
LLM Slop Piggybacking News About GNU/Linux and Distorting It
new examples
Links 31/03/2025: Press and Democracy Under Further Attacks in the US, Attitudes Towards Slop Sour
Links for the day
Open Source Initiative (OSI) Privacy Fiasco in Detail: The OSI Does Not Respect Anybody's Privacy
The surveillance mafia that bans dissent or key people (even co-founders) with dissenting views
Gemini Links 31/03/2025: More X-Filesposting and Dreaming in Emacs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 30, 2025
IRC logs for Sunday, March 30, 2025
Links 30/03/2025: Security Breaches, Crackdowns on Dissent/Rival Politicians
Links for the day
Gemini Links 30/03/2025: London Soundtrack Festival, Superbloom, gmiCAPTCHA
Links for the day
Phasing Out Vista 10 in Nations Where ~90% of Windows Users Still Rely on It
Recipe for another Microsoft disaster
The Cost of Pursuing the Much-Needed Reform/Shield Against Strategic Lawsuits Against Public Participation (SLAPPs)
“It is curious that physical courage should be so common in the world and moral courage so rare.”
The LLM Bubble is About to Implode, Gimmicks and Financial Shell Games Cannot Prevent That, Only Delay It
To inflate the bubble MElon is now doing the classic trick of buying from oneself for a fictional value
Links 30/03/2025: Contagious Ideas, Signal Leak, and Squashing Lousy Patents
Links for the day
Links 30/03/2025: "Quantum Randomness" and "F-1 Visa Revoked" in US
Links for the day
Gemini Links 30/03/2025: US as a Threat, Returning to the WWW
Links for the day
Links 30/03/2025: Judge Blocks Dismantling Of VOA, Turkey Arrested Many Journalists
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 29, 2025
IRC logs for Saturday, March 29, 2025