The Open Source Tool That Lets You Send Encrypted Emails to Anyone

Rafael Laguna Open-Xchange CEO Open-Xchange

In the wake of the mass NSA surveillance scandal sparked by whistleblower Edward Snowden, all sorts of hackers, academics, startups, and major corporations are working to build tools that let us more easily secure our email messages and other online communications.

Dozens of projects have emerged in recent months, ranging from the email client Mailpile to the offline messaging app Briar to the Skype replacement Tox. But although many succeed in streamlining the traditionally onerous task of encrypting personal communications, they all come with one caveat: They depend on both the sender and the recipient adopting the same technology to exchange messages.

Now, a German company called Open-Xchange wants to change this using a tool it calls OX Guard, a new addition to the company’s existing open source email server, software that individuals and businesses can use to operate their own email services. Using OX Guard, you can send an encrypted email to anyone—even if they don’t use Open-Xchange.

Open-Xchange offers an alternative to cloud-based communication and collaboration suites like Microsoft’s Office 365 and Google Apps for Work (formerly known as Google Apps). In addition to an email server, Open-Xchange provides a Dropbox alternative called OX Drive, for sharing files online, and a Google-Docs-style office suite called OX Docs. This software is mostly used by businesses, but because it’s free and open source, anyone can install a copy on their own computer server.

How It All Works

With OX Guard, people using the same Open-Xchange email server will be able to easily send each other encrypted email with the check of a box, without having to install new software. All encryption keys are created, stored, and managed on the server. In some cases, this approach can be insecure. If you’re tapping into a server run by an outside company, it’s always possible for the company to install backdoors for the government, or for a rogue employee to modify the software’s code to capture a user’s passwords. But with the open source Open-Xchange, you can take control of your email server, ensuring that it’s run by someone you trust.

This is the detailed architecture of OX Guard, the encryption plugin for Open-Xchange. Open-Xchange

The server software can be hosted anywhere—on your own machine, by a friend, or by one of the company’s OX Guard partners. And because it’s open source, the code can be inspected for backdoors or bugs that could expose data to the outside world. “Users can decide who they trust,” says CEO Rafael Laguna. “If they trust no one, they can run it themselves.”

But you can also send an encrypted message to someone who isn’t using OX Guard or a compatible encryption system. This kind of message gets stored in an encrypted state on your Open-Xchange server. The recipient is then sent two messages: one with a web address for accessing the message, and a separate message containing a one-time password for logging to the appropriate Open-Xchange server. After logging in, the person must change the password. That way, if both the URL and the password are intercepted and a hacker reads the message, the intended recipient will know that the password has been changed and that the message has been compromised.

This idea isn’t unique to OX Guard. It’s also used by companies like Tutanota, as well as by banks to communicate securely with customers. But it does offer an intriguing alternative to existing encryption apps.

‘Pretty Good Safety’

OX Guard uses the same encryption algorithms as PGP, short for Pretty Good Privacy, a venerable standard for protecting email. But it uses a custom implementation of the software to make it possible to protect each message sent with a different key. That means that if someone is able to decrypt a single message, they won’t be able to use that knowledge to decrypt other messages sent to the same person.

The downside, Laguna says, is that it means that users won’t be able to send messages through OX Guard using traditional PGP keys. That makes the web-based login system all the more important.

Of course, this isn’t a solution for everyone. You need to either manage your own email server, or have someone you trust do so. It’s also in early stages, and it will take time for the security community to evaluate this newcomer. Laguna admits that the system isn’t perfect. But he says it’s an important step forward for Open-Xchange users who aren’t using any sort of encryption at all.

“It’s like driving without a seat belt or airbags, because they’re too complicated,” he says. “So we decided by starting with just seat belts, because they provide pretty good safety.”

Bar code devised for bacteria that causes tuberculosis

The bacteria that cause the deadly respiratory disease have evolved into families of strains, or lineages, which may affect people differently.

To help identify the different origins and map how tuberculosis moves around the world, spreading from person to person through the air, the research team studied over 90,000 genetic mutations.

According to the study -- published in Nature Communications -- the researchers found that just 62 mutations are needed to code the global family of strains.

Dr Taane Clark, Reader in Genetic Epidemiology and Statistical Genomics at the London School of Hygiene & Tropical Medicine, who led the study, said: "There is increasing interest in new technologies that can assist those treating tuberculosis patients.

"This new barcode can be easily implemented and used to determine the strain-type that is a surrogate for virulence.

"We are making this information available to the doctors and scientists working with tuberculosis so that they can more easily know what strains they are dealing with."

Dr Ruth McNerney, TB expert and Senior Lecturer in Pathogen Biology and Diagnostics at the School, who was also part of the study, said: "New technology is making it easier to track mutations but genomes are very complicated and we hope this simple bar code will help people with their research."

Tuberculosis is a bacterial disease that often involves the lungs but can affect any part of the body. Untreated it is often fatal and TB kills an estimated 1.3 million people every year.

The World Health Organization estimates there are 12 million TB patients in the world and in the UK nearly 9,000 new cases are diagnosed every year. The disease can be carried around the world by people unaware they are infected. The bacterium that causes TB is called Mycobacterium tuberculosis.

Story Source:

The above story is based on materials provided by London School of Hygiene & Tropical Medicine . Note: Materials may be edited for content and length.

Scientists create renewable fossil fuel alternative using bacteria

Researchers have engineered the harmless gut bacteria E.coli to generate renewable propane.

The development is a step towards commercial production of a source of fuel that could one day provide an alternative to fossil fuels.

Propane is an appealing source of cleaner fuel because it has an existing global market. It is already produced as a by-product during natural gas processing and petroleum refining, but both are finite resources. In its current form it makes up the bulk of LPG (liquid petroleum gas), which is used in many applications, from central heating to camping stoves and conventional motor vehicles.

In a new study, the team of scientists from Imperial College London and the University of Turku in Finland used Escherichia coli to interrupt the biological process that turns fatty acids into cell membranes. The researchers used enzymes to channel the fatty acids along a different biological pathway, so that the bacteria made engine-ready renewable propane instead of cell membranes.

Their ultimate goal is to insert this engineered system into photosynthetic bacteria, so as to one day directly convert solar energy into chemical fuel.

The results of the study are published in the journal Nature Communications.

Dr Patrik Jones, from the Department of Life Sciences at Imperial College London said: "Although this research is at a very early stage, our proof of concept study provides a method for renewable production of a fuel that previously was only accessible from fossil reserves. Although we have only produced tiny amounts so far, the fuel we have produced is ready to be used in an engine straight away. This opens up possibilities for future sustainable production of renewable fuels that at first could complement, and thereafter replace fossil fuels like diesel, petrol, natural gas and jet fuel."

The scientists chose to target propane because it can easily escape the cell as a gas, yet requires little energy to transform from its natural gaseous state into a liquid that is easy to transport, store and use.

"Fossil fuels are a finite resource and as our population continues to grow we are going to have to come up with new ways to meet increasing energy demands. It is a substantial challenge, however, to develop a renewable process that is low-cost and economically sustainable. At the moment algae can be used to make biodiesel, but it is not commercially viable as harvesting and processing requires a lot of energy and money. So we chose propane because it can be separated from the natural process with minimal energy and it will be compatible with the existing infrastructure for easy use" added Dr Jones.

Using E. coli as a host organism, the scientists interrupted the biological process that turns fatty acids into cell membranes. By stopping this process at an early stage they could remove butyric acid, a nasty smelling compound that is an essential precursor for propane production.

To interrupt the process, the researchers discovered a new variant of an enzyme called thioesterase which specifically targets fatty acids and releases them from the natural process. They then used a second bacterial enzyme, called CAR, to convert butyric acid into butyraldehyde. Finally, they added a recently discovered enzyme called aldehyde-deformylating oxygenase (ADO), which is known to naturally create hydrocarbons, in order to form propane.

Previous attempts to use the ADO enzyme have proved disappointing as scientists have been unable to harness the natural power of the enzyme to create cleaner fuel. But the scientists at Imperial discovered that by stimulating ADO with electrons they were able to substantially enhance the catalytic capability of the enzyme, and ultimately produce propane.

The level of propane that the scientists produced is currently one thousand times less than what would be needed to turn it into a commercial product, so they are now working on refining their newly designed synthetic process. Dr Jones said: "At the moment, we don't have a full grasp of exactly how the fuel molecules are made, so we are now trying to find out exactly how this process unfolds. I hope that over the next 5-10 years we will be able to achieve commercially viable processes that will sustainably fuel our energy demands."

This research was funded by a grant from the European Research Council.

Story Source:

The above story is based on materials provided by Imperial College London . Note: Materials may be edited for content and length.

War between bacteria, phages benefits humans

In the battle between our immune systems and cholera bacteria, humans may have an unknown ally in bacteria-killing viruses known as phages. In a new study, researchers from Tufts University, Massachusetts General Hospital, Partners In Health, Haiti's National Public Health Laboratory, and elsewhere, report that phages can force cholera bacteria to give up their virulence in order to survive. Importantly, the study -- published in eLife -- found that cholera's mutational escape from phage predation occurs during human infection.

First author Kimberley Seed, Ph.D., and corresponding author Andrew Camilli, Ph.D., both of Tufts University School of Medicine, and their co-authors analyzed phage resistance properties and DNA sequences of cholera bacteria taken from phage-positive stool samples from patients with cholera in Haiti and Bangladesh, two countries where cholera outbreaks are common at present.

They first determined that cholera bacteria from Haiti changed its DNA in order to fight phages. They compared the bacteria from Haiti to bacteria from Bangladesh collected over many years to determine if the changes were happening on multiple occasions in both countries or only in isolated groups or cases.

The research team discovered that across both time and geography, the cholera bacteria mutated during human infection in order to trade their virulence, or ability to persist and make a human sick, for the ability to defend against the phages. Alternatively, in some patients, the cholera bacteria mutated in a more conservative manner to retain virulence, yet sacrificed the ability to grow optimally in the environment. In either scenario, the cholera bacteria appear to have traded something important in order to survive the onslaught from phages.

"This is the first time we have seen cholera bacteria defend themselves from phages while infecting humans. This suggests that these phages are actively working in our favor, first by killing cholera bacteria within the patient, and second, by genetically weakening the bacteria that are shed by the infected patient such that they are less fit to survive in the environment or less able to cause infection in other people," said senior author Andrew Camilli, a Howard Hughes Medical Institute investigator, professor of molecular biology & microbiology at Tufts University School of Medicine, and member of the Molecular Microbiology program faculty at the Sackler School of Graduate Biomedical Sciences at Tufts University.

"This important finding suggests that we may be able to leverage the strength of phages for treating people with cholera or perhaps preventing cholera in people who may have been recently exposed as an alternative to antibiotics," he continued.

"Seeing this rapid evolutionary change in the cholera bacteria occurring during human infection suggests that the phages are posing a very strong threat. And to observe this in two different continents suggests that this is not a one-time find, but that it may be happening consistently during cholera outbreaks," said first author Seed, now assistant professor of molecular, cellular and developmental biology at University of Michigan. "Additionally, virtually all bacteria can be infected by phages, which are found wherever bacteria are. So this finding with cholera may be the start of a broader understanding of how phages and bacteria evolve."

Previous work by Camilli and Seed, published last year in Nature, provided the first evidence that a phage could acquire a wholly functional and adaptive immune system. They observed that the phage could use this acquired immune system to disarm a phage defense system of the cholera bacteria, allowing the phage to ultimately destroy its bacterial host. This study bolstered the concept of using phage to prevent or treat bacterial infections, and extended the idea that phages can be extremely sophisticated bacterial predators. The team is now investigating the details of this particular arms race between phage and bacteria in hopes of better understanding how phage influence cholera outbreaks and how we can further leverage phages to treat or prevent infections.

The World Health Organization reports that there are an estimated three-to five million cases of cholera cases and 100,000 to 120,000 deaths due to cholera each year. This summer, at least 67 people in Ghana have died of cholera while 6,000 others have been infected. In northern Cameroon, there are reports that 200 people have died and many more infected in the last few months. A current outbreak in South Sudan has taken 130 lives out of a total of more than 5,800 cases. In Haiti, since the beginning of the epidemic there (October 2010) and through March of this year, more than 8,500 people have died, out of more than 700,000 reported cases.

Story Source:

The above story is based on materials provided by Tufts University . Note: Materials may be edited for content and length.

Discovery reveals how bacteria distinguish harmful vs. helpful viruses

When they are not busy attacking us, germs go after each other. But when viruses invade bacteria, it doesn't always spell disaster for the infected microbes: Sometimes viruses actually carry helpful genes that a bacterium can harness to, say, expand its diet or better attack its own hosts.

Scientists have assumed the bacterial version of an immune system would robotically destroy anything it recognized as invading viral genes. However, new experiments at Rockefeller University have now revealed that one variety of the bacterial immune system known as the CRISPR-Cas system can distinguish viral foe from friend. And, the researchers report in a paper published August 31 in Nature, it does so by watching for one particular cue.

"Transcription -- an initial step in the process that reads genes, including those of viruses -- makes the difference," says researcher Luciano Marraffini, head of the Laboratory of Bacteriology. "The full genome of viruses in their lytic, or destructive phase, is transcribed. Meanwhile, a few of the genes from a virus are transcribed during its lysogenic, or dormant phase."

Viruses in their lytic phase make copies of themselves using a cell's machinery before destroying it to liberate these new viruses. Viruses in their lysogenic phase, meanwhile, quietly integrate into a host's genetic material. And this is where they offer their potential benefit to the bacteria, which co-opt viral genes for their own ends. In fact, some disease-causing microbes, such as the bacterium responsible for diphtheria, must pick up the right virus in order to attack humans.

Scientists have only discovered this adaptive bacterial immune system relatively recently. Its function relies on CRISPRs, sections of DNA that contain repeating sequences interspersed with unique sequences called spacers. (CRISPR stands for clustered regularly interspaced short palindromic repeats.) The spacer sequences match the sequences in the viral genetic code, making it possible for enzymes encoded by CRISPR-associated genes (Cas) to chop out single spacer sequences from the RNA transcribed from the CRISPR DNA. Other Cas enzymes then use these spacer sequences as guides to target invaders for destruction.

The system can adapt to new invaders by acquiring new spacer sequences to target them. Recently, CRISPR-Cas systems have attracted significant scientific attention because their ability to make precisely targeted cuts in DNA can be put to use to genetically engineer all types of cells.

"Our understanding of CRISPR-Cas systems remains in the early stages, but, so far, it has generally been thought they lack a sophisticated way of discriminating their targets. In other words, once they target something, it will be chopped up," says the study's lead author, graduate student Gregory Goldberg. "For the first time, our work has shown that a CRISPR-Cas system, one found in Staphylococcus bacteria, can detect whether or not a virus is in its destructive phase and poses an immediate threat."

Most previous work has focused on lytic viruses. However, Staphylococci host many viruses capable of entering a lysogenic phase. The researchers also uncovered a telling asymmetry in the Staphylococcal CRISPR system's ability to effectively target a sequence and its counterpart on two strands of complimentary DNA. They suspected this discrepancy arose because transcription proceeds in a single direction for most viral genes, meaning one of the two target strands is not transcribed.

"The big clue showed up when we isolated a mutant virus that managed to evade destruction. Sometimes viruses can do this through a mutation in a target sequence that prevents the system from identifying them. But when we sequenced the genome of this phage, we found a mutation in a region that promotes transcription instead," Goldberg says.

In a series of experiments, he and colleagues tested their hypothesis that the Staphylococcal CRISPR-Cas system, known as Type III-A, can tolerate an infection by a lysogenic virus, so long as the target sequences are not transcribed. They engineered a target sequence that would undergo transcription only in the presence of a specific chemical. As a result, the Type III-A CRISPR-Cas system only destroyed the target in the presence of this chemical.

"This discovery of a transcription requirement is likely to surprise many who work with these systems," Marraffini says. "Although we do not yet understand the mechanism behind it, we can say that the Type -III-A system is quite different from other CRISPR-Cas systems, of which there is a mysteriously large variety. Our discovery hints at the possibility that each CRISPR type and subtype recognizes and destroys its targets in different ways, each in tune with a particular bacterium's needs. If these different targeting mechanisms do exist, they could have important implications for biotechnology."

Story Source:

The above story is based on materials provided by Rockefeller University . Note: Materials may be edited for content and length.

Listen to Chubby Checker Sing About Dig Dug On Unearthed Demo Tape

theOzman/Soundcloud

Let’s take a moment and listen to this song about Dig Dug, as sung by Chubby Checker.

Uploaded to Soundcloud earlier this week by user Matt Osborne, the rendition of the throwback rock ‘n roll number performed by the father of “The Twist” seems to have been recorded for use in a commercial for the arcade game, developed by Namco and released in the U.S. by Atari in 1982.

“My father, Don Osborne, was Vice President of ATARI at the time and he brought this home one day for us to listen to,” Osborne said, as reported on game historian Frank Cifaldi’s new Video Game Preservation Dump blog. “I remember my father being extra excited that Chubby was involved in the project and had great things to say about having met him.”

Checker’s delivery of the song is significantly more passionate and soulful than one would expect from the soundtrack to a ridiculous television commercial. Actually, I can’t stop replaying it.

Osborne says he doesn’t know why Checker’s vocals were not used in the final commercial, but speculates that it may be that the 50′s legend no longer appealed to a youthful arcade-going audience.

The Celebrity Photo Hacks Couldn’t Have Come at a Worse Time for Apple

Mingle Media TV CC BY ND

The media crush will soon descend on Cupertino, California, as Apple prepares to announce what will surely be its newest iPhone, quite probably its latest laptops, and possibly its first smartwatch. When the new devices arrive next week, they’ll be tied together with an Apple operating system more dependent on the company’s cloud services than ever before. And as the world saw over the weekend, those cloud services might be about as secure as leaving your front door key under the mat.

The exact methods that led to the apparent breaches and theft of photos from celebrity iCloud accounts hasn’t been confirmed. Apple says the attacks were “very targeted” at specific user accounts, not the iCloud or Find My iPhone systems as a whole. But for the average user, how it was done is really beside the point. The message the world is hearing is that if it’s that easy to hack Jennifer Lawrence’s iCloud account, it’s probably that easy to hack mine too. For a company about to ask its users to entrust an even greater portion of their digital lives to its cloud, that’s the last thought Apple wants on anyone’s mind.

If all of this seems like a side note to the new features Apple nerds really care about, like a bigger iPhone screen, it’s not.

To refresh: Back in July, in a keynote widely hailed as the return of the company’s mojo, Apple announced a major refresh of iOS that would tie together users’ iPhones, iPads, and MacBooks more closely via the cloud. Among the most obvious was iCloud Drive, a Dropbox clone primed to finally make iCloud’s backup and syncing features less esoteric. Even more significantly, Apple released CloudKit, a set of tools for developers to build all kinds of third-party apps on top of iCloud, which let them outsource such tasks as data storage, syncing, and user authentication to Apple.

This last feature is especially unnerving in light of the celebrity photo hacks, since it allows access to other apps based on a user’s Apple ID —the same ID that would seem to have been compromised to gain entry to celebrities’ iCloud accounts. Regardless, once the account is compromised, whatever data it’s storing is likely compromised too.

All About the Cloud

If all of this seems like a side note to the new features Apple nerds really care about, like a bigger iPhone screen, it’s not. As Andreessen Horowitz’s Ben Evans noted after the Worldwide Developer’s Conference in July, “iOS 8 is really iOS 2.0,” and that next generation of Apple’s flagship mobile operating system is all about the cloud.

“For Apple, a lot of iOS 8 is about removing reasons to use the web at all, pulling more and more of the cloud into apps,” Evans writes. As Google stitches the web ever more tightly into Android’s fabric, Apple is embracing a closed system powered by its private cloud. And it’s that cloud that’s just become harder to trust.

In response to the hacks, Apple says it’s investigating. But as we at WIRED know all too well, this hardly the first time an iCloud account has been hacked with disastrous consequences. If Apple were a startup like Dropbox, such a high-profile theft of users’ sensitive, private data could spell the difference between success and failure as a company. If iCloud really is this poorly locked down, Apple starts to look like a company that has so much money it feels it can afford to be complacent.