[tor-talk] Tor Browser Bundle with Chromium

spencerone at openmailbox.org spencerone at openmailbox.org
Wed Mar 11 05:37:33 UTC 2015 

>> zaki[at]manian.org:
>> Fred says the deterministic builds for iOS are impossible because 
>> Apple's
>> FairPlay DRM.
>> 
>> RAM can't be trusted either.
>> 
>> Everytime I think we've hit local peak dystopia, we go deeper.
>> 
>>> 
>>> mikeperry[at]torproject.org:
>>> "The security researchers also claimed they had created a modified
>>> version of Apple’s proprietary software development tool, Xcode, 
>>> which
>>> could sneak surveillance backdoors into any apps or programs created
>>> using the tool. Xcode, which is distributed by Apple to hundreds of
>>> thousands of developers, is used to create apps that are sold through
>>> Apple’s App Store.
>>> 
>>> The modified version of Xcode, the researchers claimed, could enable
>>> spies to steal passwords and grab messages on infected devices.
>>> Researchers also claimed the modified Xcode could “force all iOS
>>> applications to send embedded data to a listening post.” It remains
>>> unclear how intelligence agencies would get developers to use the
>>> poisoned version of Xcode."
>>> 
>>> https://firstlook.org/theintercept/2015/03/10/ispy-cia-campaign-steal-apples-secrets/
>>> 
>>> *sigh*
>>> 
> 
> keb[at]cyblings.on.ca:
> I dont know anything about Apple development, just wondering if there 
> is
> a free firmware or jailbreak or similar project to put user-trustable
> code on those devices.  For example, if Mac OS X is sort of a fork of
> the free Darwin, is there a similar codebase that could replace what is
> on the phones and tablets?  If not, why waste any more time writing 
> code
> for patently untrustworthy products, or even talk about them here...
> 

You will always have to take others at their word, but trust in others 
is only going to get us so far, especially with software, which most 
people who use it don't understand.

Because this is a problem software alone can't resolve, we need hardware 
solutions, too.  For example, with microphones and GPS/RT antennas, a 
mechanical switch could help ensure privacy/security when employed and 
shut off.  As for keyloggers and malware, some sort of scan/detect 
filter could be beneficial, though a more technical person would have to 
validate the plausibility/value of this suggestion.

Wordlife,
Spencer

More information about the tor-talk mailing list