This year Ubuntu is just one of half a dozen distros that put out amazing new releases. Ubuntu is arguably one of the least interesting of the year.Crypto toolbox, Part I I think I was about 15 or 16 when PGP was making headlines for being classified as munitions by the US government and was (supposedly) banned from export. While I wasn’t a subversive type at the time, I got a very strong sense that any software that scared the mighty USA so badly was something I ought to play with and try to understand – even if I didn’t need it.Coming up to nearly the present day, I have fallen into a personal and working relationship with investigative journalist and occasional Reg contributor Duncan Campbell.Among other things, such as interpreting tedious corporate MS Access databases for our work on the Offshore Leaks tax haven investigation, and now getting involved with his forensic IT work, I ended up being personal tech support for anything Duncan can't sort directly or doesn’t have the time to research. This has also led me to presenting the technical side of our work on Offshore Leaks at a couple of journalism conferences.And then Edward Snowden, Laura Poitras and Glenn Greenwald changed the world. Or perhaps they just revealed that we'd been living in a fantasy world for a good long while.
Suddenly, Duncan “Echelon” Campbell was getting back in to serious top-tier investigative journalism again. And my opinion and assistance were sought on the tools people were telling him to use.After I assisted some of The Register's team with the necessary crypto tools to discuss Duncan's recent articles securely, group editor Joe Fay approached me and asked if I would write something myself about the tools and how they fit together.It should be noted that these are not the only potentially suitable tools – just the ones I'm directly familiar with. There are some alternative options at Reset The Net's Privacy Pack site.The tools I'm going to outline here are not going to improve your productivity. They aren't here to make your life easier; rather, they're to make the lives of anyone trying to snoop on your stuff harder. If you have a big team project and nobody apart from one or two crypto-fans have ever used PGP before, the feel-good factor that might be gained from being all techno-futuristic will be very rapidly overshadowed by the feel-bad problem of not getting any work done.
At the point I joined the team for ICU’s Offshore Leaks project, Duncan had just finished winning an internal battle about the use of PGP. Specifically, convincing everyone NOT to use it.If you have a big team project and nobody apart from one or two crypto-fans have ever used PGP before, the feel-good factor that might be gained from being all techno-futuristic will be very rapidly overshadowed by the feel-bad problem of not managing to get any work done.
Duncan wisely pointed out that the threat model for the project did not include governments – as we understood it, they had already received the same data we were working with and reporting on. So, there was no need to go to Defcon 1 in order to try to keep them out. A slow and convoluted manual PGP-and-email arrangement was replaced with a dedicated private forum system (provided by team member Sebastian Mondial) which was invite-only and delivered over SSL – but not specifically trying to be secure against government-level adversaries.
However, during the preparation of Duncan's recent articles about NSA GCHQ and the Snowden papers, all of the top-tier tools were absolutely in play.Don't feel you have to use the tools in this article at every possible opportunity. Consider who you're trying to keep secrets from when deciding how much extra effort to go to.Truecrypt can encrypt an entire physical drive (HDD, USB flash stick, whatever you like), or you can create a "container file" of a fixed size to hold the data you want to store securely. When you run Truecrypt, enter your password and mount your encrypted volume, it shows up as a new drive on whatever drive letter you choose.Next time your friend's Aunty Gladys asks if that software the nice man from India installed on her PC is legitimate, you might just get paid for helping her out.That's the aim of Singaporean startup Fynd, which bills itself as a way to “use your technical expertise to earn extra income.”The site's schtick is to match folks in need of IT support – either individuals or very small businesses – with nearby techies who'll drop in to fix things up. The service says its techies can tackle jobs like “removal of virus in laptop/desktops, speed up the performance of slow computers, installation or re-installation of operating system, backup of data, setup email clients, configure WiFi connection or troubleshoot smartphone issues … [and] repair of phone or laptop's cracked screen.
“Geeks”, as Fynd insists on calling its operatives, are interviewed before being loosed on the world and can tap into Fynd's community of fellow techies-for-hire if they feel like levelling up.Fynd's rates are “$80 to $150 per job” of which 80% of the goes to the geek. “Each job will usually won't take more than 2-3 hours, “ the service guesstimates, “so it will be about $20-$100 per hour, depending on how fast you can get the job done.”Fynd isn't suggesting it's going to be anyone's career. Nor is it trying to tackle business computing. Which is just as well: Aunty Gladys or a small businesses might tolerate a loosely-affiliated and unaccountable stranger messing with their computers. Larger organisations – we hope - understand the madness of such an arrangement.For now, Fynd is a Singapore-only affair. But with Uber and its ilk inspiring copycats in many fields, it may be the first of many.Channel players can probably console themselves with the knowledge that franchised tech support outfits like Nerds On Site – whose operatives drive red VW beetles and smile a lot – haven't set the world on fire.
Microsoft's Azure Backup cloud service could start getting a lot more traffic soon, with the introduction of backup services for Windows client operating systems.Azure Backup was released to general availability in 2013 as a backup and restore service for machines running Windows Server 2008 R2, Windows Sever 2012, and Windows Server 2012 R2. Microsoft added support for plain Windows Server 2008 in October of this year, but so far the service has remained a data center–only affair.On Tuesday, however, Redmond released a new update to the Azure Backup Agent software that extended support to include desktop PCs running Windows 7 SP1, Windows 8, or Windows 8.1.Specifically, only the 64-bit versions of the operating systems are supported. But this is nonetheless a big step that should change how IT admins view Microsoft's cloudy storage pool as a data protection and recovery option.Modern Windows clients already have the option of storing data in Microsoft's cloud via the OneDrive and OneDrive for Business clients. But these are file storage and sync systems, a la DropBox or SpiderOak, and don't offer the full security and data integrity of proper backup solutions.
Azure Backup, by comparison, conducts regularly scheduled backups that store users' data en masse in cloudy bit buckets that Microsoft calls "backup vaults." Vaults can be assigned to individual machines or a single vault can be used to simultaneously manage up to 50 machines.The backups are incremental, so that only the latest changes are shipped to the server each time the process runs. The backup can also be deferred when a user's laptop is running on battery, for example, or lacks an internet connection.All data is encrypted locally before being transmitted to the Azure cloud, and customers retain control of their own encryption passphrases.When recovering from a backup, the user can restore files, directories, and volumes based on the date and time of the backup, as with local file protection solutions.In general, you can think of the service as an alternative to tape for offsite backup storage, one that's billed on a pay-as-you-go basis. As of September, it costs $0.20 per gigabyte per month in the US or £0.1273 per gigabyte per month in the UK, with prices varying in other regions.
That should make it attractive to some customers, particularly small business for which managing secure offsite backup storage is often a chore that quietly slips off the radar.Windows client support is available now for all Azure Backup users; the update that enables the new functionality can be downloaded here. UK businesses that rely on a third party pricing system on Amazon were hit by an hour-long software glitch on Friday night, with items being sold for just 1p.Some retailers complained that RepricerExpress's technical cockup, which happened between 7pm and 8pm on 12 December, could leave them bankrupt.A number of small businesses took to Twitter to remind consumers that their livelihoods were at stake as a result of the loopy glitch.But some folk refused to show support for those retailers who had been affected by RepricerExpress's blunder.So people are too lazy to price products themselves and use software to do it for them... I have little sympathy... #AmazonGlitchWe have received communication that Amazon will not penalise sellers for this error. We are continuing to work to identify how this problem occurred and to put measures in place to ensure that it does not happen again.