Skype is following your links – that’s proprietary for you

Yesterday it was reported that Skype, owned by Microsoft these days, seems to automatically follow each exchanged https link. Besides the fact that this is a huge security and personal rights problem in its own it again shows how important it is to not trust a proprietary system.

The problem, skin deep

Heise reported yesterday that Skype follows https links which have been exchanged in chats on a regular basis. First and foremost, this is a privacy issue: it looks like Skype, and thus Microsoft, scans your chat history and acts based on these findings on a regular base. That cannot be explained by “security measures” or anything like it and is not acceptable. My personal data are mine, and Microsoft should not have anything to do with as long as there is no need!

Second, there is the security problem: imagine you are exchanging private links, or even links containing passwords and usernames for direct access (you shouldn’t, but sometimes you have to). Microsoft does follows these links -and therefore gains full access to all data hidden there. Imagine these are sensitive data (private or business), you have no idea what Microsoft is going to do with them.

Read full Article

Posted from WordPress for Android

Spain’s Extremadura region switches 40,000 PCs to Linux and open source software

Expects annual savings of €30m

THE SPANISH REGION of Extremadura has announced that it will switch 40,000 government PCs to open source software.

The government of Extremadura has worked out what many already know, that open source software can deliver significant cost savings over using proprietory software. The region’s government has decided to switch 40,000 PCs to open source software, including a customised Linux distribution called Sysgobex.

According to the Extremadura government’s calculations, the switch to Linux and open source software will save it €30m a year, an amount that should come in particularly handy given Spain’s economic challenges. The government has already migrated 150 PCs to open source software in various ministries, including the department for Development, Culture and Employment.

Extremadura’s previous government had already switched 70,000 PCs in secondary schools and 15,000 PCs in health care to a local Linux distribution called Linex. It said that PCs using its Sysgobex Linux distribution will be able to access health records and that because they can be centrally managed, it expects to save on administration costs

Read full article @INQUIRER

Posted from WordPress for Android

Tribunal anula concurso público de software Microsoft no Município de Almada

Na sequência de acção judicial intentada pela ESOP no Tribunal Administrativo e Fiscal de Almada, foi anulado o concurso público n.º 31A2012 relativo ao licenciamento e manutenção de software Microsoft, lançado pela Câmara Municipal de Almada em Setembro de 2012, no valor de 550.000,00 EUR.

Segundo a ESOP, trata-se da primeira decisão judicial sobre esta matéria em Portugal, em que é reconhecida a ilegalidade deste tipo de procedimento para aquisição de licenças de software, apesar dos inúmeros alertas da associação para situações de concursos ilegais, que têm ocorrido nos últimos anos.

artigo completo

english Language: Illegal procurement favouring Microsoft in Portugal killed in the courts

Posted from WordPress for Android

UK to launch first-ever satellite controlled by a mobile phone… and the scientists have chosen a Google Nexus handset

British space scientists are gearing up to launch the world’s first satellite run entirely using a mobile phone.

The unique STRaND-1 satellite, developed by researchers from the University of Surrey, will be fully controlled by a Google Nexus phone during part of its six-month space mission.

It will launch into a 785km sun-synchronous orbit on the Indian Space Research Organisation’s Polar Satellite Launch Vehicle (PSLV) from Sriharikota, India, on February 25.

The satellite’s launch will be an interesting test of the oft-repeated claim that the mobile phone in your pocket has more computing power than was used to send a man to the Moon.

At the heart of STRaND-1 is an unmodified Nexus One smartphone running an Android operating system, according to Dr Chris Bridges, the Surrey Space Centre’s lead engineer on the venture.

‘We haven’t gutted the Nexus. We’ve done lots and lots of tests on it; we’ve put our own software on it. But we’ve essentially got a regular phone, connected up the USB to it and put it in the satellite,’ he told the BBC.

The smartphone is pressed up against a side panel of the 30cm-long, 4.3kg cubesat, so that it’s 5MP camera can look out and take pictures of the Earth and the Moon.

Read Full Article @Daily Mail

Posted from WordPress for Android

Microsoft goes its own way with Web audio/video spec, despite W3C rebuff

Microsoft has published a working prototype of CU-RTC-Web, its proposed specification for enabling browser-based, plugin-free, real-time audio and video communication.

CU-RTC-Web isn’t the only proposal for such a specification. In fact, it’s not even the main one. The World Wide Web Consortium (W3C), the group that formalizes the development and specification of Web-related standards, has its own group working on a plugin-free, real-time audio and video communication specification called WebRTC. Preliminary—and somewhat rudimentary—support for WebRTC is found in current versions of Chrome and Firefox.

This support certainly isn’t finished yet, and interoperability between the browsers remains troublesome—many of the online WebRTC demos are built for Chrome alone and won’t work with Firefox at all—but in theory they’re on track to support the same specification in a manner that will eventually be compatible.

Redmond first announced CU-RTC-Web in August. Along with the specification itself, the company produced a rationale; a list of reasons why it felt that WebRTC was a bad fit for the problem at hand, and why CU-RTC-Web was a superior solution. Perhaps the most specific complaint was that WebRTC was quite deeply linked to a specification called SDP, an open industry standard used extensively for VoIP and video conferencing systems in conjunction with SIP, with Microsoft arguing that this is over-complicated and hinders interoperability with non-SDP systems. SDP is used to negotiate the parameters of the connection; things like the bandwidth, the IP addresses and port numbers to use, and so on.

It just happens that Microsoft has non-SDP products of its own—Skype (which remains stubbornly proprietary and undocumented) and Lync (which can bridge with SIP systems, and hence understands SDP, but offers alternative APIs too).

Although W3C’s WebRTC working group acknowledged that the current WebRTC spec has parts that are as-yet incomplete, a vote carried out in September to choose between the two paths was heavily in favor of WebRTC. It won with 22 votes to just 4 for Microsoft’s proposal.

Read full article

Posted from WordPress for Android

Video: Former Microsoftie making ‘Software Wars’ movie

Break out the popcorn: A new crowdfunding campaign, launched overnight, aims to raise $150,000 to complete a movie about the open-source software movement and the “war for freedom” against the world of proprietary software.

Keith Curtis

The main producer is Keith Curtis, a Seattle-based author and programmer who spent 11 years at Microsoft before being converted to the world of Linux and open-source software. The movie is based on a portion of Curtis’ book, “After the Software Wars,” but he’s working on the project with an extensive virtual team out of L.A.

He says the goal is to make a film that’s engaging and informative for geeks, but also approachable and interesting to everyone else.

Check out the trailer above, including snippets of interviews with Linus Torvalds and other key players from the open-source software movement.

Read Full Article

Posted from WordPress for Android

So much for online banking security with Internet Explorer

On the 1st of October, 2012, we disclosed to Microsoft the following security vulnerability in Internet Explorer, versions 6–10, which allows your mouse cursor to be tracked anywhere on the screen—even if the Internet Explorer window is minimised. The vulnerability is particularly troubling because it compromises the security of virtual keyboards and virtual keypads.

The motivation for using a virtual keyboard is typically that it reduces the chance of a keylogger recording one’s keypresses and thereby compromising one’s passwords or credit card details. (c.f. bit.ly/YnNBYE; bit.ly/VpapWf)

Whilst the Microsoft Security Research Center has acknowledged the vulnerability in Internet Explorer, they have also stated that there are no immediate plans to patch this vulnerability in existing versions of the browser. It is important for users of Internet Explorer to be made aware of this vulnerability and its implications.

The vulnerability is already being exploited by at least two display ad analytics companies across billions of page impressions per month.

Demonstration of the Security Problem

Read Full Article

Posted from WordPress for Android