Telegram founder Pavel Durov claims WhatsApp will never be secure

Screenshot from 2019-05-16 12-11-57

Probably everyone already read about the security breach with WhatsApp which allow malware to be installed by simple phone ring which you may even not answer. The attack exploiting again well known buffer overflow approach, which makes me sad. How come people didn’t learn that they should check their buffer boundaries and do such stupid mistakes again and again.

Pavel Durov one of Telegram founder made interesting post claiming that no matter what fixes they do now WhatsApp will never be secure.

Participate in our Weekend Brainstorm Discussion and you have chance to win Pioneer-FreedomBox-HSK!

Internet-of-Things-IoT-e1521969062826

This week we started the sales of Pioneer-FreedomBox-Home-Server-Kits, and got lot of exposure in the social networks. Immediately people start to send us ideas of how to improve and make the product even better.

This is the beauty of the Open Source – everything is open, everyone can check and review the sources and advice what and how can be done better.

Even regular users who has no great knowledge of Software and Hardware contribute with ideas and tips what they miss as features.

We are already thinking for design special hardware which to have four SATA interfaces and allow 2 or 4 HDDs to work in RAID, thus improving the data storage capacity and reliability.

Another direction we think is how to release lower cost version with only SD card, no battery UPS backup and slower Ethernet interface which to get closer to Mr. Moglen (FreedomBox Foundation founder) dream for $29 plug server.

Many people asked why FreedomBox software does not included private e-mail server, but only client. The major problem to implement it is how to keep such service clean, as spammers may compromise your ISP by infecting computers to send emails and your ISP IP addresses to be blacklisted, so you can loose your ability to send e-mails for reasons behind your control. We would love to hear your ideas about this.

We got interesting tip to add possibility two or more Pioneer-FreedomBox-HSK to work in-sync and backup/mirror the data, being physically separated by long distance. The idea is to keep your information safe even if one of the server is stolen, broken or bombed 🙂 This would be easy to do with rsync.

Our challenge for you this weekend is to provoke discussion about what would be useful new feature, which you want to see in Pioneer-FreedomBox-HSK software or  hardware improvement.

You can discuss here on our blog, in Twitter, Facebook or Mastodon.

One Pioneer-FreedomBox-HSK will be given away in Monday to random participant.

Have a nice weekend!

UPDATE-2019-04-30: sorry Monday was part Easter Holidays so we couldn’t update the recap for the Weekend Discussion, but here is summary of your feedback:

About the Software:

  1. Number of people requested PiHole to be included. What is PiHole? It’s DNS sinkhole that protects your devices from unwanted content, without installing any client-side software. It’s Network level ad and spyware blocker.
  2. Many requested  NextCloud to be add in FreedomBox. It duplicated some of the existing software in FreedomBox.
  3. Some requested home Git server to be included, but if you want to work on Open Source project hiding your code in private Home Git may be not best approach.
  4. LibreSSL as alternative to OpenSSL.
  5. Diaspora pod may be good but I have no idea how much resources it needs.
  6. WireGuard as alternative to OpenVPN.
  7. IPFS we admit we never hear before for it but it look cool.
  8. Snips  this looks like nice open source alternative to Alexa and Google assistant.
  9. Btrfs
  10. FreshRSS
  11. Matrix/Riot
  12. HomeAssistant not sure how this relates to FreedomBox targets for distributed Internet and Privacy, but well related to Home server.
  13. Bitwarden
  14. Federation i.e. two FreedomBoxes to may replicate/backup each others data without having access to each others data.
  15. Containerized services (not sure how fast will work virtualization on our current processor and memory).
  16. encrypted email server

About the Hardware:

  1. RAID.
  2. Kill switch to wipe encryption key.
  3. Low cost model just SD-card and Ethernet.
  4. Dual Ethernet.
  5. Option for more RAM.
  6. WiFi/Ble this may be a conflict with Debian as they do not allow binary blobs firmware.
  7. mSATA / M.2
  8. miniPCIe.
  9. USB 3.0.
  10. Microphone, Speaker.
  11. UFS cards support.
  12. solar panel power supply support.

Wow a lot to consider 🙂 Thanks for your incredible feedback!

Random.org selected @Benjaminlj@mastodon.social as our winner!

SPECTRE and MELTDOWN attacks and OLinuXino and SOMs

meltdown-and-spectre-vulnerability

The #spectre and #meltdown attacks were subject to great concerns in the last weeks.

Eben Upton made brilliant explanation of how and why they work in his blog post.

There is already project on Github which can be used to test if your ARM AArch64 processor is vulnerable to such attacks.

As Cortex-A7 and Cortex-A53 are not affected of these attacks this means all our boards with A20, A33, A64 processors are immune.

For A10, A13, AM335X (Cortex-A8), RK3188 (Cortex-A9) we need to do some further investigation.