After uncovering a ferocious horde of hidden spyware in official Android apps the Yale Privacy Lab and Exodus have pitched in with F-Droid's app store that only allows apps that include their source-code and whose licenses require anyone who modifies them to also include the source.
They argue that the proliferation of spyware in Android stems from the project's "original sin": a directive to create an alternative Linux ecosystem that eliminated the "GNU" part of "GNU/Linux": that is, the part of the licensing regime that required programmers who modified open projects to make their projects open, too. In so doing, Google created a constellation of apps and tools that can be trojanized without violating the software license and without any way to audit the modifications and spot the malicious code.
Google’s choice to limit copyleft’s presence in Android, its disdain for reciprocal licenses, and its begrudging use of copyleft only when it “made sense to do so” are just symptoms of a deeper problem. In an environment without sufficient transparency, malware and trackers can thrive.
Android’s privacy and security woes are amplified by cellphone companies and hardware vendors, which bolt on dodgy Android apps and hardware drivers. Sure, most of Android is still open-source, but the door is wide open to all manners of software trickery you won’t find in an operating system like Debian GNU/Linux, which goes to great length to audit its software packages and protect user security.
Android Users: To Avoid Malware, Try the F-Droid App Store [Sean O'Brien and Michael Kwet/Wired]
Pillman is Oscar "Nanochess" Toledo's reimplementation of Pacman ("a game about a yellow man eating pills") in 512 bytes -- small enough to fit in a boot sector -- written in 8088 assembler. (via Four Short Links)
Securing Our Cyber Future, Stanford Cyber Policy Center's new report on election security, depicts a US electoral system whose glaring vulnerabilities are still in place, three years after the chaos of the 2016 elections.
Private Join and Compute is a new free/open Google tool that implements the longstanding cryptographic concept of "commutative encryption," which allows untrusted parties to merge their datasets without revealing their contents to one another, do mathematical work on the data, and learn the outcome of that work without either of them seeing the underlying data.
Whether you’re using them for next-level selfies or steady tracking shots, gimbals are a must for anyone who wants to maximize the potential of these powerful smartphone cameras we’re all carrying around. But those smartphones are also supposed to be portable, and let’s face it: Gimbals tend to offset that advantage. Weighing in at just […]
It’s too hot for yard sales, but hey: The internet is here for you. Here are the top ten deals on some of the Boing Boing Store’s best gear, just in time for summer. It’s everything from grills to security cameras to MacBook Pros, and they might be as low as they’re ever going to […]
When it comes to getting stats and ideas across quickly, there’s still nothing like a good slide presentation. But the critical word here is “good” – not 20 slides all thrown together with the same stock PowerPoint template. Whether it’s a crucial pitch for a new business or a quarterly report, Slideshop can be a […]