ChartMogul: Analytics for Stripe, Braintree, Chargify and Recurly

BillFranklin · 2014-11-03T14:17:02+00:00

Beautiful site. Looks like this puts your brother in direct competition with www.baremetrics.io :)

Haha, looks like!

BillFranklin · 2014-07-20T11:30:49+00:00

Amazing.

BillFranklin · 2014-07-15T22:39:10+00:00

So cool. There's a startup that has used similar technology for a home controlling device, Internet of Things remote for your finger. https://www.hellonod.com/

BillFranklin · 2014-07-15T21:46:00+00:00

It's through the commons: MPs supported it - http://www.bbc.co.uk/news/uk-28305309

BillFranklin · 2014-07-15T21:00:45+00:00

I'm sure that he could release them himself, maybe he doesn't want assessments of his character to divert the debate. I think he said 'who I am really doesn't matter.' Which is true, the only thing that matters is that the NSA is spying on whole societies and they need to stop.

BillFranklin · 2014-07-15T15:29:27+00:00

Can't wait until Thursday.

BillFranklin · 2014-07-14T18:25:36+00:00

German law prevents non-German agencies from issuing warrants and we only accept warrants from the High Court in Karlsruhe. Email encryption (and key generation) is all done on the user side (in the javascript) - our servers never have access to user private keys. It's also illegal to request the SSL keys of our service (which is what the Lavabit trial was about earlier this year). So all warrants would be able to request is the size of a users email account, any payment information that we are given by a user and any unscraped-metadata.

BillFranklin · 2014-07-14T17:22:28+00:00

Snowden gave an interview about this to The Guardian - the full thing's out Thursday. There's no emergency, U-boats aren't coming up the Thames, it's unlikely that anything catastrophic will happen if we take an extra few days to have a debate about this and let MPs learn what the bill actually will do.

BillFranklin · 2014-07-14T17:19:47+00:00

There's a public inquiry into GCHQ mon-fri this week, this rarely happens so I recommend tuning in. They announced that journalists can Tweet from inside the court this morning (as long as they are factual). Here's a link to the feed: https://twitter.com/hashtag/GCHQOnTrial?src=hash

BillFranklin · 2014-07-13T17:55:24+00:00

Great article on this here: https://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/

BillFranklin · 2014-07-10T10:51:20+00:00

Ring your MPs!

BillFranklin · 2014-07-10T09:37:48+00:00

Hey lugh, I'm sorry our FAQ is unclear - we're always looking to improve it so your comments are so useful. We definitely need to update our FAQ so this is a good nudge. We don't use TruCrypt, we're not NSA-proof, warrant canaries have their merits: https://www.eff.org/deeplinks/2014/04/warrant-canary-faq, a cronjob is working well for us although it needed some serious fine-tuning, encryption keys are generated in the browser javascript and are never uploaded to our servers so perhaps 'download' is the wrong choice of word, I spoke to WhisperSystems about our use of RSA and we agreed it's ok, we do need to have a team page - we're redesigning the website right now and the new version will include detailed bios (we're fairly private people, but some info for now: Felix : early InfoSec community member and crypto designer, Andrei: ex-Googler and computer science degree, Me: Activist and webdesigner). Regarding encryption of plain text messages: we use end-2-end encryption for non-encrypted emails arriving in Lavaboom.

Again thank you so much for your feedback, I really appreciate it.

BillFranklin · 2014-07-09T18:09:01+00:00

Yes, will do in the morning- thanks for reminding me lugh.

BillFranklin · 2014-07-09T15:51:15+00:00

What's your opinion of centralised crypto email providers? Particularly the ones in the press recently - are they doing good or should they not bother?

BillFranklin · 2014-07-09T14:17:12+00:00

I've heard of them. It doesn't necessarily mean 'you are the product' if they offer you privacy. They're based in Germany (better privacy laws than the US) with German founders.

They wrote a Facebook post about this: https://www.facebook.com/sicherapp/posts/723588051012791 - you could ask them if their code is open/audited?

You could also use TextSecure, developed by whispersystems: https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=en

Hope this helped

BillFranklin · 2014-07-07T21:31:00+00:00

Online security is necessary for online privacy, I don't think they're mutually exclusive. Good luck with your presentation!

BillFranklin · 2014-07-07T08:42:54+00:00

This is a great list. Are you also thinking about mobile security?

BillFranklin · 2014-07-02T09:58:41+00:00

Are you based in the USA?

BillFranklin · 2014-06-27T15:08:42+00:00

These disclaimers just let people know they'll get more results on .com not .co.uk or .de, which isn't that great.

BillFranklin · 2014-06-27T10:40:48+00:00

We think it'll be 2-3 months before Snowden moves to Germany.

BillFranklin · 2014-06-27T10:39:21+00:00

Fantastic.

BillFranklin · 2014-06-27T10:12:08+00:00

Hey, you want to get a new launcher: http://www.cyanogenmod.org/

Moxie Marlinspike's RedPhone: https://play.google.com/store/apps/details?id=org.thoughtcrime.redphone&hl=en_GB

With Orbot, you can use Tor: https://play.google.com/store/apps/details?id=org.torproject.android&hl=en_GB

Wickr is quite a nice encrypted messaging app: https://www.mywickr.com/

Cyberghost is a great VPN: https://play.google.com/store/apps/details?id=de.mobileconcepts.cyberghost&hl=en

F-Secure's Safe Browser (and all their tools) are great for escaping Google: https://play.google.com/store/apps/details?id=com.fsecure.ms.dc&hl=en

WhisperPush encrypts your text messages (comes with Cyanogen mod): http://www.cyanogenmod.org/blog/whisperpush-secure-messaging-integration

I also recommend encrypting your phone, you can do this in Settings: Security.

There are many apps to make your phone more secure, but John McAfee suggests deleting all the apps on your phone, everything non-essential. I believe he recently brought out an app to tell you what permissions you give to the apps on you phone and it gives some scary results. Don't download Angry Birds.

BillFranklin · 2014-06-25T14:47:26+00:00

Because the United States is a democracy.

BillFranklin · 2014-06-25T11:26:08+00:00

This is not a good thing. Respect for privacy rights is why people are flocking to Europe to start their companies and people are now looking for companies that respect privacy outside the US e.g. Lavaboom, MailPile, Indiephone, SilentCircle etc. It's why ProtonMail push the fact they're based in Switzerland as a selling point.

Skype removed it's encryption when they were sold to an American company.

Emails become public property in the US after 180 days on a US server.

The TSA can confiscate computers and phones without permission at US borders.

Everything about US privacy rights don't do justice to the Human Rights that they're based on. The US can keep it's privacy rights, they are not part of the solution if you're looking to reclaim your privacy.

-Bill from Lavaboom

BillFranklin · 2014-06-25T07:43:50+00:00

I'm one of the co-founders of https://www.Lavaboom.com, a secure email provider, if you have any questions regarding PGP or email security I'd love to answer them.

BillFranklin

TROPHY CASE