Archive for April 13, 2018

Russian Court Says That Telegram Is Now Blocked In Russia

Posted in Commentary with tags on April 13, 2018 by itnerd

I’ve been writing about the ongoing fight between the Russian government and popular messaging app Telegram for a few weeks now. In short, Russia wanted Telegram’s encryption keys. Presumably so they can spy on Telegram users. Telegram said no. And as a result, here we are with Telegram being blocked in Mother Russia on the orders of a court:

The decision came a week after Russia’s state communication watchdog filed a lawsuit to limit access to Telegram messaging app following the company’s refusal to give Russian state security services access to its users messages.

With more than 200 million users worldwide, the mobile messaging app allows users to communicate via encrypted messages which cannot be read by third parties, including government authorities.

Here’s the ironic part, apparently the Russian government uses Telegram…. I wonder how they will do without it?:

The Kremlin uses Telegram to coordinate timings of regular conference calls with Vladimir Putin’s spokesman, while many government officials use the messenger to communicate with media.

When Reuters asked a person in the Russian government on how they would operate without access to Telegram, the person, who asked not be identified due to the sensitivity of the issue, replied by sending a screenshot of his mobile phone with an open VPN app.

Wait, aren’t VPNs banned in Russia? Of course they are. I guess that in Russia, everyone is equal. But some are clearly more equal than others.

In any case, this fight between the Russia government and Telegram is likely to escalate. It will be interesting to see what shape that escalation takes.


Your Android Phone Might Not Be As Secure As You Think

Posted in Commentary with tags on April 13, 2018 by itnerd

If you own a Android phone from Google, Samsung, Motorola, LG, HTC, Xiaomi, OnePlus, Nokia, TCL, and ZTE, but really any Android phone, you might not be getting the security patches that you need to keep your phone safe based on a recently released study:

The study found that outside of Google and its Pixel phones, well-known phone makers had devices that were missing patches that they claimed to have. “We found several vendors that didn’t install a single patch but changed the patch date forward by several months,” says SRL founder Karsten Nohl.

The number of missing security patches on phones varied between device makers. For example, Google, Samsung, and Sony devices were found to be missing 0 or 1 patches on average. Xiaomi, OnePlus, and Nokia devices were missing 1 to 3 patches on average, while HTC, Huawei, LG, and Motorola were missing 3 to 4 patches on average. Devices from TCL and ZTE fared the worst, missing an average of 4 or more patches that they claimed to have.

One of the huge problems with Android is that is is now so fragmented, and every vendor has filled it with their own custom stuff and they’ve done god knows what to the core of it. That’s horrible for the consumer as you are guaranteed to get this situation because it’s easier to fudge things than to come out with proper patches on a regular cadence.

Contrast that to those on team iOS where everything comes from Apple. Thus every iPhone user that has an iPhone made in the last five years give or take gets every security update that comes out. Sure iOS is a walled garden unlike the freedom that Android provides its users, but the wall surrounding that garden is pretty secure unlike Android.

While people are going to buy Android phones regardless of how insecure they are because they are cheap, Google and company need to do something about this. The fact is that you can’t have millions of phones running around out there which are wide open to being pwned. That’s just a disaster waiting to happen.

About 1 In 10 Americans Have Joined Team #DeleteFacebook Says Study

Posted in Commentary with tags on April 13, 2018 by itnerd

A survey from TechPinions and reported by Boy Genius Report says that about 1 in 10 Americans have deleted their Facebook account because of the data leakage scandal:

With the outrage surrounding Facebook’s privacy policies reaching a fever pitch over the past few weeks, there has been something of an underground movement calling for users to delete their Facebook account altogether. To this point, you may have seen the DeleteFacebook hashtag pop up on any number of social media platforms in recent weeks, including, ironically enough, on Facebook itself. While Zuckerberg last week said that the company hasn’t seen a meaningful drop off in cumulative users, a new survey from Creative Strategies claims that 9% of Americans may have deleted their accounts.

The report reads in part: “Privacy matters to our panelists. Thirty-six percent said they are very concerned about it and another 41% saying they are somewhat concerned. Their behavior on Facebook has somewhat changed due to their privacy concerns. Seventeen percent deleted their Facebook app from their phone, 11% deleted from other devices, and 9% deleted their account altogether. These numbers might not worry Facebook too much, but there are less drastic steps users are taking that should be worrying as they directly impact Facebook’s business model.”

Facebook has about 2.2 billion users of which less than 220 million are American. So 9% of Americans would be about 0.9% of their users. Thus I am not sure if Zuckerberg and company have anything to worry about just yet. The real test will be in the weeks ahead. If this number does increase to say 3 in 10 or 4 in 10 Americans, then Facebook might have a problem. Hopefully the organization that took this survey does another one in a few weeks so that we can see if this is the beginning of a trend or not.