Signal: New Signal groups use Google servers

Some readers have pointed out to me that Signal appears to be using the Google Data Center to create / manage new Signal groups. The domain storage.signal.org resolves to the IP addresses:

216.239.32.21
216.239.34.21
216.239.36.21
and 216.239.38.21

These addresses belong to Google, Mountain View. The host name of these servers or the Revese lookup also listens to the name any-in-2015.1e100.net.

The question now is, why the group function is linked to Google servers. Especially for privacy-sensitive users Google is a red flag - for a good reason: The sick WWW: Stop using Google Web-Services.

https://www.kuketz-blog.de/signal-neue-signal-gruppen-nutzen-google-server/

#signal #messenger #google #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Julian Assange pleaded with Edward Snowden to hide 'where CIA doesn't have influence'

JULIAN ASSANGE delivered a desperate plea to Edward Snowden, a US whistleblower, to seek asylum in Russia as opposed to Latin America, as it was a nation "where the CIA doesn't have influence".

Mr Assange, who founded the news leaks website WikiLeaks, was told today he cannot be extradited to the US during a hearing at the Old Bailey. Judge Vanessa Baraitser said extradition had been refused amid fears Mr Assange could take his own life, a decision the US government said it would appeal. The 49-year-old was indicted by prosecutors in the US over 17 espionage charges, and one allegation of computer misuse, over WikiLeaks' decision to publish leaked military and diplomatic documents ten years ago.

Whistleblower Mr Snowden urged US President Donald Trump to "free Julian Assange", and that he "alone can save his life".

It had previously been reported Mr Trump was "considering" pardoning Mr Assange, but it appears the US will continue its battle to ensure the website editor goes in front of a court in America.

https://www.express.co.uk/news/world/1379409/julian-assange-news-edward-snowden-donald-trump-pardon-cia-wikileaks-nationality-spt

#assange #snowden #cia #usa #russia
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Denuvo Anti-Cheat now available on Steamworks

Denuvo’s Anti-Cheat protection is available to all Valve Steamworks partners

AMSTERDAM, January 18, 2021 – Denuvo by Irdeto, the leader in video games protection and anti-cheat security, is now available for direct anti-cheat integration through Steamworks, offering security solutions for publishers and developers whose games are available on Steam.

Denuvo has more than two billion unique game protected installs across all platforms, making it one of the leading security providers in the video gaming industry. More than 1,000 games have been secured by Denuvo worldwide, proving Denuvo’s strong understanding of developers’ needs and the gaming landscape. Denuvo offering its services via direct integration through Steamworks makes it easier for developers and publishers to prevent cheating in their competitive multiplayer games.

According to Irdeto’s latest research, 77% of global gamers are likely to abandon a game when cheating occurs, creating a tremendous monetization risk for publishers and developers. By offering its services directly through Steamworks, Denuvo can further its mission of bringing fairness and fun back to gaming by providing security solutions to all developers who want to protect their games and gamers from hackers and cheaters.

https://irdeto.com/news/denuvo-anti-cheat-now-available-on-steamworks/

Earlier post: Why You Should Remove DOOM Eternal from your PC Immediately
https://t.iss.one/BlackBox_Archiv/900

#irdeto #denuvo #anticheat #steamworks
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Degoogling my life

Privacy is a human right, when so much of our life is lived online. In my opinion, the two most evil companies on the planet with a blatant disregard for privacy because it is so fundamental to their business model are: Facebook (and by extension, WhatsApp and Instagram) and Google. A common argument against the need for privacy that I have definitely heard in my family is “but I have nothing to hide”. Well, neither do I and yet so does everyone. Does anyone really appreciate searching on Google for a vacuum cleaner and then seeing photos of vacuum cleaners follow them around all over the web for months afterwards? But I digress: I made a conscious decision to gradually rid myself of Google (Facebook was easier: just delete the app.) to the extant possible.

I spent quite some time researching alternatives to each of Google services, and the list below tabulates what I have settled on. Importantly, I have reached the conclusion that viable (and often superior) alternatives exist. Nothing in life is free: one can pay with one’s privacy or with cash. It is no surprise this that most of these below are paid services. Personally, I am more than happy to support businesses where I know what I am paying for and my data is not being pilfered to create some Frankensteinian advertising profile on me.

https://thefiringneuron.com/2021/01/17/degoogling-my-life/

#degoogling #google #DeleteGoogle #privacy #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Exclusive: Trump admin slams China's Huawei, halting shipments from Intel, others - sources

NEW YORK/WASHINGTON (Reuters) - The Trump administration notified Huawei suppliers, including chipmaker Intel, that it is revoking certain licenses to sell to the Chinese company and intends to reject dozens of other applications to supply the telecommunications firm, people familiar with the matter told Reuters.

The action - likely the last against Huawei Technologies under Republican President Donald Trump - is the latest in a long-running effort to weaken the world’s largest telecommunications equipment maker, which Washington sees as a national security threat.

The notices came amid a flurry of U.S. efforts against China in the final days of Trump’s administration. Democrat Joe Biden will take the oath of office as president on Wednesday.

Huawei and Intel Corp declined to comment. Commerce said it could not comment on specific licensing decisions, but said the department continues to work with other agencies to “consistently” apply licensing policies in a way that “protects U.S. national security and foreign policy interests.”

https://www.reuters.com/article/us-usa-huawei-tech-exclusive-idUSKBN29M0KD

#usa #china #huawei #intel
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Signal: All communication takes place via tech giants like Amazon, Microsoft, Google and Cloudflare.

At Signal, all communication takes place via various tech giants such as Amazon, Microsoft, Google and Cloudflare. Broken down by domains, the following picture emerges:

❗️ Amazon: textsecure-service.whispersystems.org, cdn.signal.org, sfu.voip.signal.org
❗️ Google: storage.signal.org, contentproxy.signal.org
❗️ Microsoft: api.directory.signal.org, api.backup.signal.org
❗️ Cloudflare: cdn2.signal.org

Message exchange (textsecure-service.whispersystems.org) is done via Amazon AWS, for example, while Google Data Servers (storage.signal.org) are responsible for creating and managing the groups. This means that all communication is handled via central servers of the tech giants. Especially privacy-sensitive users may be put off by this, which I can understand. However, at least from an IT security perspective, I think the use of the rented servers is negligible, since Signal works with the zero-knowledge principle. Certainly, it would be desirable if the Signal Foundation hosted the servers itself. However, this would not necessarily mean a security gain. Nevertheless, this is a point of criticism, since this naturally also flushes money into the coffers of the tech data octopuses.

https://www.kuketz-blog.de/signal-jegliche-kommunikation-erfolgt-ueber-tech-giganten-wie-amazon-microsoft-google-und-cloudflare/

#signal #messenger #google #amazon #microsoft #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Astian Translate: Open Source Translations in Nine Languages

Astian's new translation service competes against proprietary services from Google, Microsoft and Amazon. It is based on the Python software Argos Translate.

With Translate, Astian releases a new translation service that appears as free software. At launch, the program can handle nine languages: English, Spanish, French, German, Italian, Portuguese, Russian, Arabic and Chinese. Automatic input recognition is still experimental.

Users can try out the service on libretranslate.com, which is operated by Astian, but the software can also be deployed on a separate server. The corresponding API can be found on GitHub, including instructions for setup and configuration. However, the Astian server is intended for testing purposes only.

https://astian.org/en/astian-translate-free-and-open-source-translations/

#opensource #translation #astian
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Favicons can be misused for tracking - Persistent Tracking in Modern Browsers

In a research paper, favicons are used for user tracking in browsers. There is no protection against this yet.

Browser manufacturers have increasingly cracked down on tracking techniques that use cookies in recent years. However, a research team at the University of Illinois at Chicago (UIC) has now shown in a study (PDF) that browsers offer a much larger attack surface for abusing their tracking techniques, even if such tracking is not actually intended. The team shows this by means of favicons, which could be converted into so-called supercookies.

https://www.cs.uic.edu/~polakis/papers/solomos-ndss21.pdf

#tracking #favicons #browser #research #supercookies #fingerprinting #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

How to leave Google and why

You should already know how big tech companies like Google or Facebook are using your private data to make revenue from targeted ads (and sometimes maybe sell it under the hood without your knowledge). There is no secret about data being the most valuable asset on earth now - even exceeding the oil.

Why ?

Some people say "I have nothing to hide, I don't care" which is essentialy ignoring basic human right and making this right worthless to you and very precious to others. We are already living in Cyberpunk era and the world is starting to be led by big organizations rather than governments so let's try to prepare ourselves and start to care about our data.

I think Google and Facebook are particulary bad when it comes to the data - we all heard about Cambridge Analytica and lately about Whatsapp scandal. Removing Facebook account is slightly easier than moving away from your Google account. It's impossible to just toggle some settings and let go your gmail address, google search, photos, youtube - pretty much your entire digital life.

Recently Google changed their policy for storing photos. Starting from July 2021 you won't have unlimited High Quality storage as before rather than 15GB limit. This is still okay in terms of space but the politics behind it is just disgusting. Google was effectively feeding it's photo AI algorithms for face detection and tagging for years now using user data obtained by giving up the service for free. Now when these algorithms got so good and it's almost impossible to make them better and Google don't need users anymore they switched to make some money from the service.

https://jach.me/how-to-leave-google

💡 https://www.bbc.co.uk/news/technology-46618582

💡 https://www.economist.com/leaders/2017/05/06/the-worlds-most-valuable-resource-is-no-longer-oil-but-data

💡 https://www.wired.com/story/google-tracks-you-privacy/

💡 Degoogling my life
https://t.iss.one/BlackBox_Archiv/1640

#degoogling #google #DeleteGoogle #privacy #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Hacker News

Hacker News is a social news website focusing on computer science and entrepreneurship. It is run by Paul Graham's investment fund and startup incubator, Y Combinator. In general, content that can be submitted is defined as "anything that gratifies one's intellectual curiosity."

https://t.iss.one/hackernewslive

💡 https://news.ycombinator.com/

#hackernews #ycombinator #recommendation
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Congratulations to @DuckDuckGo! We're happy to have you as Tor Browser's default search engine. 🦆 + 🧅

https://nitter.net/torproject/status/1351274161763733510?s=19

#tor #duckduckgo #searchengine
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Zuccnet - End-to-end Encrypted Facebook Messenger

Zuccnet is a fork of https://github.com/mjkaufer/messer, a command-line client for Facebook Messenger. Only difference is, Facebook can't read your messages.

It is known that Facebook scans your messages. If you need to keep using Facebook messenger but care about privacy, Zuccnet might help.

It's pretty simple: you and your friend have Zuccnet installed. Your friend gives you their Zuccnet public key. Then, when you send a message to your friend on Zuccnet, your message is encrypted on your machine before it is sent across Facebook to your friend. Then, your friend's Zuccnet decrypts the message. Facebook never sees the content of your message.

💡 I'm not a security person and there's probably some stuff I've missed - any contributions are very welcome! This is very beta, don't take it too seriously.

https://github.com/tomquirk/zuccnet#zuccnet

#zuccnet #facebook #DeleteFacebook #messenger #encryption #commandline
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Privacy Browser - A web browser that respects your privacy

Privacy Browser has two primary goals.

1. Minimize the amount of information that is sent to the internet.

2. Minimize the amount of information that is stored on the device.

Most browsers silently give websites massive amounts of information that allows them to track you and compromise your privacy. Websites and ad networks use technologies like JavaScript, cookies, DOM storage, user agents, and many other things to uniquely identify each user and track them between visits and across the web.

In contrast, privacy sensitive features are disabled by default in Privacy Browser. If one of these technologies is required for a website to function correctly, the user may choose to turn it on for just that visit. Or, they can use domain settings to automatically turn on certain features when entering a specific website and turn them off again when leaving.

Privacy Browser currently uses Android’s built-in WebView to render web pages. As such, it works best when the latest version of WebView is installed (see https://www.stoutner.com/privacy-browser/common-settings/webview/). In the 4.x series, Privacy Browser will switch to a forked version of Android’s WebView called Privacy WebView that will allow for advanced privacy features.

#privacy #browser #android
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Privacy and Messaging apps: Signal Vs Telegram 2021

https://www.youtube.com/watch?v=llgAfjpPEm8

#signal #telegram #messenger #privacy #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Stepping into the Void (Linux): A Fast, Minimal and Independent Distro

Void Linux is one of those distros that many hobbyists like me have heard about. But it doesn't get a lot of hype and promotion so it's easy to forget it even exists. Especially as it's lightning fast, minimal, independent and systemd free.

https://www.youtube.com/watch?v=mjeV6nAjyxg

#void #linux #distro #minimal #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

RAW AUDIO: Wikileaks Founder Julian Assange Phone Call With Hillary Clinton's State Department

https://www.youtube.com/watch?v=lfZQcV-frnY

#wikileaks #assange #hillary #clinton #video #audio
🎙@cRyPtHoN_INFOSEC_DE
🎙@cRyPtHoN_INFOSEC_EN
🎙@BlackBox_Archiv
🎙@NoGoolag

Comparison of web search engines

https://en.wikipedia.org/wiki/Comparison_of_web_search_engines

SearX
https://en.wikipedia.org/wiki/Searx

#comparison #search #engines #wikipedia
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Janet Yellen suggests 'curtailing' cryptocurrencies such as Bitcoin, saying they are mainly used for illegal financing

Janet Yellen, President-elect Joe Biden's nominee for treasury secretary, suggested on Tuesday that lawmakers "curtail" the use of cryptocurrencies such as bitcoin over concerns that they are "mainly" used for illegal activities.

There has been a surge in interest in bitcoin; its price has soared by about 300% in the past year. Bitcoin was down 7.59%, to $34,183.57, on Wednesday, while Ethereum was down 9.74%, to $1,259.97, after hitting an all-time high of more than $1,430 on Tuesday.

Yellen's comments suggested the incoming Biden administration could be hostile to cryptocurrencies and ramp up regulation. Watchdogs around the world, from the European Central Bank to the UK's financial regulator, have recently expressed concerns about cryptocurrencies like Bitcoin.

Sen. Maggie Hassan asked Yellen during her confirmation hearing on Tuesday about the dangers of terrorists using cryptocurrencies.

https://markets.businessinsider.com/currencies/news/bitcoin-price-cryptocurrency-should-be-curtailed-terrorism-concerns-yellen-2021-1-1029985692

#bitcoin #cryptocurrency #curtailing
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Tencent has been caught spying on your web browsing history with QQ Messenger

QQ Messenger, a popular Chinese instant messaging app by Tencent, was caught scraping web browser history with their desktop client. The discovery was made by Chinese internet users on the Q and A platforum Zhihu. Here is a Chinese language thread that documents the QQ Messenger web browsing history scraping investigation. Basically, all Chromium based web browsers store your internet history in an sqlite file in local storage. QQ Messenger would seek out this file and scrape the information, comparing it to a list of keywords and then phoning home if any matches were found.

After the spying revelation, Tencent quickly released a new version of QQ Messenger without the web history scraping functionality and claimed that the Chinese company was only previously looking at its millions of users’ web browsing history as a way of ”checking whether malicious programs were using certain websites to access QQ.”

This isn’t the first time Tencent has spied on users for the Chinese government

Since last year, QQ messenger has lost 6% of its active users – possibly because users have already started distrusting QQ and Tencent. Over the years, similar revelations about Tencent’s anti-privacy and weak security practices have come out especially in regards to QQ products. Back in 2016, the University of Toronto’s CitizenLab revealed that Tencent’s QQ Browser regularly sent personal information back to Tencent unencrypted. Furthermore, it became known that this overt lack of encryption was likely explicitly requested by “higher powers.”

https://www.privateinternetaccess.com/blog/tencent-has-been-caught-spying-on-your-web-browsing-history-with-qq-messenger/

#tencent #china #spying #browsing #history #qq #messenger #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Twitter locks Chinese embassy's account over tweet about Uighur women

Twitter said it locked the account of China's embassy in the United States over a tweet about Uighur women that violated company policy against dehumanization.

The Chinese Embassy account, @ChineseEmbinUS, tweeted this month that Uighur women had been emancipated by government policy from being "baby making machines." The tweet cited a study reported by state-controlled newspaper China Daily, Reuters reported.

"We've taken action on the Tweet ... for violating our policy against dehumanization, where it states: We prohibit the dehumanization of a group of people based on their religion, caste, age, disability, serious disease, national origin, race, or ethnicity," a Twitter spokesperson told CNBC in a statement.

The ethnic Uighurs, a Muslim minority living in western China, have been repressed by the Chinese government for years, according to the United Nations, United States and United Kingdom.

https://www.cnbc.com/2021/01/21/twitter-locks-chinas-us-embassy-over-uighur-tweet.html

#twitter #china #embassy #uighurs #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Young Russians Flood TikTok With Navalny Protest Cries

Young Russians have flooded TikTok with calls to rally in support of opposition leader Alexei Navalny this weekend, prompting the state censor to urge the popular short-video app’s administrators to take them down.

Navalny called for nationwide street protests this Saturday after his arrest and a viral investigative video into an opulent $1.35 billion Black Sea estate that he and news outlets claim belongs to President Vladimir Putin. The activist was jailed this week after a defiant return to Russia from Germany, where he had been hospitalized with what Western scientists determined to be nerve agent poisoning.

Russian TikTok users filmed themselves dressing up and packing for the upcoming rallies, with many expressing readiness for the authorities to detain them. Others took down Putin’s portrait from the walls of their classrooms and school hallways and replaced it with Navalny’s photo.

Videos posted with the hashtags “Free Navalny” and “Jan. 23” have garnered more than 50 million combined views.

Federal media and IT watchdog Roskomnadzor has asked TikTok to block the videos, warning that inciting minors to attend unauthorized rallies is illegal under Russian law.

https://telegra.ph/Young-Russians-Flood-TikTok-With-Navalny-Protest-Cries---The-Moscow-Times-01-21

via www.themoscowtimes.com

#tiktok #russia #navalny #protest
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag