• Dark theme of Thunderbird as a reason to run a code analyzer

      Picture 3
      The adventures with the Mozilla Thunderbird mail client began with automatic update to version 68.0. More text in pop-up notifications and default dark theme are the notable features of this version. Occasionally I found an error that I immediately craved to detect with static analysis. This became the reason to go for another check of the project source code using PVS-Studio. It so happened that by the time of the analysis, the bug had already been fixed. However, since we've paid some attention to the project, there's no reason not to write about other found defects.

      Introduction


      The dark theme of the new Thunderbird version looks pretty. I like dark themes. I've already switched to them in messengers, Windows, macOS. Soon iPhone will be updated to iOS 13 with a dark theme. For this reason I even had to change my iPhone 5S for a newer model. In practice, it turned out that a dark theme requires more effort for developers to pick up the colors of the interface. Not everyone can handle it the first time.
      Read more →
    • Long journey to Tox-rs. Part 1

        Tox logo

        Hi everyone!


        I like Tox and respect the participants of this project and their work. In an effort to help Tox developers and users, I looked into the code and noticed potential problems that could lead to a false sense of security. Since I originally published this article in 2016 (in Russian), many improvements have been made to Tox, and I lead a team that re-wrote secure Tox software from scratch using the Rust programming language (check out Tox-rs). I DO recommend using tox in 2019. Let's take a look what actually made us rewrite Tox in Rust.


        Original article of 2016


        There is an unhealthy tendency to overestimate the security of E2E systems only on the basis that they are E2E. I will present objective facts supplemented with my own comments for you to draw your own conclusions.


        Spoiler: The Tox developers agree with my points and my source code pull request was accepted.

        Here go facts:
      • Top 10 Chat, Audio & Video Calling API & SDK Providers for Enterprise Business

          The Worlds Leading Real-time Messaging, Audio & Video Chat Solutions That Made Biggest Impact In 2019

          image

          With the growing trend of digitalization, most enterprises have transformed their communication methodology from mainstream to digital. In order to keep up with competitors, companies regularly upgrade their services, specially the way they relay information to their customers as well as their employees. Today, seamless real-time networking plays a critical role in engaging with individuals and enterprises, and the best way to implement such a feat is onboarding a Real-Time Chat, Voice & Video Calling SDK/API providers.
          Read more →
        • Even more secret Telegrams

            We used to think of Telegram as a reliable and secure transmission medium for messages of any sort. But under the hood it has a rather common combination of a- and symmetric encryptions. Where’s fun in that? And why would anyone trust their private messages to a third-party anyway?
            Spy vs Spy by Antonio Prohías
            TL;DR — inventing a private covert channel through users blacklisting each other.

            Read more →