The End of the Privacy of Digital Correspondence

The EU wants to have all private chats, messages, and emails automatically searched for suspicious content, generally and indiscriminately. The stated aim: To prosecute child pornography. The result: Mass surveillance through fully automated real-time messaging and chat control and the end of secrecy of digital correspondence.

In 2020 the European Commission proposed “temporary” legislation aimed at allowing the search of all private chats, messages, and emails for illegal depictions of minors and attempted initiation of contacts with minors. This is to allow the providers of Facebook Messenger, Gmail, et al, to scan every message for suspicious text and images. This takes place in a fully automated process and using error-prone “artificial intelligence”. If an algorithm considers a message suspicious, its content and meta-data are disclosed automatically and without human verification to a private US-based organization and from there to national police authorities worldwide. The reported users are not notified.

Some U.S. providers of services such as Gmail and Outlook.com are already performing such automated messaging and chat controls. Through a second piece of legislation, the EU Commission intends to oblige all providers of chat, messaging and e-mail services to deploy this mass surveillance technology.

https://www.patrick-breyer.de/?page_id=594160&lang=en

#eu #privacy #masssurveillance #surveillance #messaging #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

La fin de la confidentialité de la correspondance numérique

L'UE souhaite que tous les discussions privée, messages et e-mails privés recherchent automatiquement le contenu suspect, de manière générale et sans discrimination.

Le but déclaré: poursuivre la pornographie juvénile.

Le résultat: une surveillance de masse grâce à la messagerie en temps réel entièrement automatisée et au contrôle du chat et à la fin du secret de la correspondance numérique.

En 2020, la Commission européenne a proposé une législation «temporaire» visant à permettre la recherche de tous les chats, messages et e-mails privés pour des représentations illégales aux mineurs et des tentatives d'initiation de contacts avec des mineurs.

Cela permet aux fournisseurs de Facebook Messenger, Gmail, et al, d'analyser chaque message à la recherche de texte et d'images suspects.

Cela se déroule dans un processus entièrement automatisé et en utilisant une «intelligence artificielle» sujette aux erreurs.

Si un algorithme considère un message comme suspect, son contenu et ses méta-données sont divulgués automatiquement et sans vérification humaine à une organisation privée basée aux États-Unis et aux autorités policières nationales du monde entier.

Les utilisateurs signalés ne sont pas notifiés.
Certains fournisseurs de services américains tels que Gmail et Outlook.com effectuent déjà de tels contrôles automatisés de messagerie et de chat.
Par le biais d'un deuxième texte législatif, la Commission européenne entend obliger tous les fournisseurs de services de chat, de messagerie et de courrier électronique à déployer cette technologie de surveillance de masse.

https://www.patrick-breyer.de/?page_id=594160&lang=en

#eu #privacy #masssurveillance #surveillance #messaging #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Supercookie: Browser Fingerprinting via Favicon

Supercookie uses favicons to assign a unique identifier to website visitors.
Unlike traditional tracking methods, this ID can be stored almost persistently and cannot be easily cleared by the user.

The tracking method works even in the browser's incognito mode and is not cleared by flushing the cache, closing the browser or restarting the system, using a VPN or installing AdBlockers.

https://github.com/jonasstrehle/supercookie

#supercookie #browser #tracking
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

They Stormed the Capitol. Their Apps Tracked Them.

Times Opinion was able to identify individuals from a trove of leaked smartphone location data.

About 40 percent of the phones tracked near the rally stage on the National Mall during the speeches were also found in and around the Capitol during the siege — a clear link between those who’d listened to the president and his allies and then marched on the building.

While there were no names or phone numbers in the data, we were once again able to connect dozens of devices to their owners, tying anonymous locations back to names, home addresses, social networks and phone numbers of people in attendance. In one instance, three members of a single family were tracked in the data.

https://www.nytimes.com/2021/02/05/opinion/capitol-attack-cellphone-data.html

#usa #cellphone #smartphone #data #tracking
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

More CopperheadOS harassment proof

Wow, I'm late to this, but having a lawyer send a letter to a student's university to try to get them in trouble for open source contributions they made on their own time is very not ok.

https://nitter.nixnet.services/FiloSottile/status/1358231799458103297

#copperheadOS #harassment #proof #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

From phishing to opening 45 libraries, Jharkhand's Jamtara turns a new page

Infamous as India's phishing capital, Jamtara in Jharkhand has opened as many as 45 public libraries to divert the youth from cybercrime.

amtara, which is infamous as India's phishing capital, is now trying to turn a new page with the opening of several public libraries to divert the youth away from cybercrime. Police of at least 22 states have visited Jamtara in connection with several cybercrimes.

To move away from the image of India's phishing capital, the district administration has kicked off a public library movement to divert the hearts and minds of youths away from cybercrime.

Jamtara DC Faiz Aq Ahmad said the dropouts, mostly in the age group of 15 to 35 years, get carried away to make a quick buck. "We thought many ways to tackle the crime. Jamtara was known for the library movement initiated by great social reformer and educator Ishwar Chandra Vidyasagar. His idea motivated us."

This is how the district administration decided to use the unused government buildings and land to start a public library movement.

"Many dilapidated buildings were renovated to turn them into a public library. As many as 45 public libraries have already been set up and are functional. Most of them have been set up in the area known as the hubs of cyber fraud," he said.

During the pandemic, special classes for students of class 10th and 12th were arranged in these public libraries. Two teachers in each public library have been entrusted with the responsibility to clear teach students every Sunday.

https://www.indiatoday.in/india/story/from-phishing-to-opening-45-libraries-jharkhand-s-jamtara-turns-a-new-page-1766593-2021-02-06

#india #phishing #libraries #jharkhand #jamtara
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

NewPipe x SponsorBlock

A fork of NewPipe with SponsorBlock functionality.

The implementation is still a bit basic but it generally works pretty well.

💡 How can I get this?

Builds will be uploaded in the Releases section. Please download the APK from the newest release and install it on your device.

💡 Why isn't this in upstream NewPipe?

The developer team behind the official NewPipe decided that they do not want to include this kind of functionality in their app. See https://newpipe.schabi.org/blog/pinned/newpipe-and-online-advertising/ and https://github.com/TeamNewPipe/NewPipe/pull/3205 for more information and discussion.

We obviously disagree but we respect their decision and continue to offer SponsorBlock in NewPipe via this fork.

https://github.com/polymorphicshade/NewPipe#newpipe-x-sponsorblock

#newpipe #sponsorblock
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Mobile Forensic Investigations - Basic Fundamentals, Intermediate
and Advanced Overview

#smartphone #forensic #investigations #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

VoltPillager: Researchers Compromise Intel SGX With Hardware-Based Undervolting Attack

Security researchers out of the University of Birmingham have crafted another attack against Intel Software Guard Extensions (SGX) when having physical motherboard access and using their "VoltPillager" hardware device they assembled for about $30 USD.

Two years ago Plundervolt was widely publicized for compromising Intel's SGX security by manipulating the CPU frequency/voltage as able to through software interfaces. By carefully undervolting the Intel CPUs when executing enclave computations they were able to ultimately compromise the integrity of SGX.

The impact of Plundervolt was already limited as typically the software needs root/administrative rights to access the CPU voltage/frequency MSRs or other kernel interfaces for manipulating them. But in response to Plundervolt, motherboard vendors began offering options to allow disabling voltage/frequency interface controls on their systems. Following Plundervolt, security researchers at the University of Birmingham in the UK began exploring a hardware-based attack on SGX.

https://www.phoronix.com/scan.php?page=news_item&px=VoltPillager-HW-Undervolt

#research #VoltPillager #undervolting #attack #intel #sgx
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Photoshop CC v19 installer for Linux

This bash script helps you to install Photoshop CC version 19 on your Linux machine using wine behind the scene and sets some necessary components up for the best performance

🚀 Features

✅ downloads necessary components and installs them (vcrun, atmlib, msxml...)

✅ downloads photoshop.exe installer

✅ reates photoshop command and a desktop entry

✅ wine dark mode

✅ supports graphic cards like (intel, Nvidia)

✅ saves the downloaded files in your cache directory

✅ It's free and you will not need any license key

✅ works on any Linux distribution

https://github.com/Gictorbit/photoshopCClinux

#linux #wine #photoshop
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

North Korean hackers stole more than $300 million to pay for nuclear weapons, says confidential UN report

New York (CNN)North Korea's army of hackers stole hundreds of millions of dollars throughout much of 2020 to fund the country's nuclear and ballistic missile programs in violation of international law, according to a confidential United Nations report.

The document accused the regime of leader Kim Jong Un of conducting "operations against financial institutions and virtual currency exchange houses" to pay for weapons and keep North Korea's struggling economy afloat. One unnamed country that is a member of the UN claimed the hackers stole virtual assets worth $316.4 million dollars between 2019 and November 2020, according to the document.
The report also alleged that North Korea "produced fissile material, maintained nuclear facilities and upgraded its ballistic missile infrastructure" while continuing "to seek material and technology for these programs from overseas."

North Korea has for years sought to develop powerful nuclear weapons and advanced missiles to pair them with, despite their immense cost and the fact that such a pursuit has turned the country into an international pariah barred by the UN from conducting almost any economic activity with other countries.

https://edition.cnn.com/2021/02/08/asia/north-korea-united-nations-report-intl-hnk/index.html

#northkorea #hacker #un #report
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

In-depth dive into the security features of the Intel/Windows platform secure boot process

This blog post is an in-depth dive into the security features of the Intel/Windows platform boot process. In this post I'll explain the startup process through security focused lenses, next post we'll dive into several known attacks and how there were handled by Intel and Microsoft. My wish is to explain to technology professionals not deep into platform security why Microsoft's SecureCore is so important and necessary.

https://igor-blue.github.io/2021/02/04/secure-boot.html

#intel #windows #secure #boot #security
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

If you are still releasing custom ROMs/kernels with permissive, YOU ARE LITERALLY BACKDOORING YOUR USERS!

Remember when I said using SELinux permissive is really bad? Here is a privilege escalation PoC where the only requirement is SELinux permissive. If you are still releasing custom ROMs/kernels with permissive, YOU ARE LITERALLY BACKDOORING YOUR USERS!

https://nitter.nixnet.services/topjohnwu/status/1359054106019565571

https://github.com/vvb2060/Magica

#selinux #backdooring #customrom #topjohnwu #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

This is how we lost control of our faces

The largest ever study of facial-recognition data shows how much the rise of deep learning has fueled a loss of privacy.

Now a new study shows just how much this enterprise has eroded our privacy. It hasn’t just fueled an increasingly powerful tool of surveillance. The latest generation of deep-learning-based facial recognition has completely disrupted our norms of consent.

https://www.technologyreview.com/2021/02/05/1017388/ai-deep-learning-facial-recognition-data-history/

https://arxiv.org/pdf/2102.00813.pdf

#ai #deep #learning #facial #recognition #data #privacy #study #thinkabout #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Stash - an organizer for your porn

What is Stash?

Stash allows you to organize and view your own collection of adult video and image files. Think of it like a private PornHub site for your personal porn collection.

View your content

Preview and view all of your scenes and galleries from your web browser on your PC, tablet or phone. Stash directly streams videos to your web browser. Stash supports streaming of a large variety of formats and codecs to most web browsers.

Curate your content

Rate your scenes, and tag them with performers, tags, movies and studios. Filter and sort your content with a variety of filter and sorting options.

Stash also allows you to derive scene metadata from video filenames. Alternatively, you can scrape scene metadata from websites using community-curated scrapers.

https://stashapp.cc/

https://github.com/stashapp/stash/releases

#stash #porn #organizer
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Fedora on the PinePhone: Pipewire Calling!

https://odysee.com/@linmob:3/fedora-on-the-pinephone-pipewire-calling:1

#linux #fedora #pinephone #pipwire #video
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Farmers Are Having to Hack Their Own Tractors Just to Make Repairs

Owners are turning to hacked software from Eastern Europe as farm equipment companies won't license it to them directly.

Usually the word "hacking" implies breaking into someone else's data, but farmers are having to hack their own farm equipment just to keep it running, reports Freethink. Companies like John Deere won't license out the software necessary to diagnose and fix their increasingly complex farm equipment, forcing owners to source that software online.

https://www.thedrive.com/news/39158/farmers-are-having-to-hack-their-own-tractors-just-to-make-repairs

#farmers #hackers #tractors #hacking #video
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

The Great Firewall Cracked, Briefly. A People Shined Through.

China’s censors finally blocked Clubhouse, but not before users were able to bypass the caricatures painted by government-controlled media and freely discuss their hopes and fears.

For years, the Chinese government has prevented its 1.4 billion people from speaking freely online. A digital wall separated them from the rest of the world.

Then, for a precious few days, that wall was breached.

Clubhouse, a new social media app that emerged faster than the censors could block it, became a place for Mandarin Chinese speakers from the mainland and anywhere else to speak their minds. They had a lot to say.

In Clubhouse’s audio chatrooms, people from the mainland joined those from Taiwan, Hong Kong, the global Chinese diaspora and anybody else who was interested to share thoughts. The topics ranged from the politically charged (repression of Muslims in China’s Xinjiang region, the 1989 Tiananmen Square crackdown, censorship) to the mundane (hookups) to the unexpected (hemorrhoids).

The Chinese government blocked the app Monday afternoon. I knew it was coming, and yet I still didn’t expect to feel so dismayed.

For that brief moment, people in China proved that they are as creative and well spoken as people who enjoy the freedom to express themselves. They lined up, sometimes for hours, to wait for their turns to speak. They argued for the rights of the government loyalists to speak despite their disagreements. They held many honest, sincere conversations, sometimes with tears and sometimes with laughter.

https://www.nytimes.com/2021/02/09/technology/china-clubhouse.html

https://www.nytimes.com/2021/02/08/world/asia/china-clubhouse-blocked.html

#china #asia #clubhouse #blocked #GreatFirewall #repression #digitalwall #censorship #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Court Orders Telegram To Block Pirated Movies, TV Shows and Music

A court has ordered Telegram to block access to pirated movies, TV shows and music following a lawsuit filed in Israel. Local anti-piracy group ZIRA complained that the messaging platform does not properly respond to takedown notices, contrary to Telegram's claims that it does. Telegram is now working with rightsholders to implement the injunction.

Last November, the RIAA and MPAA nominated popular messenger app Telegram for inclusion on the USTR’s ‘notorious markets’ list, claiming that the platform doesn’t do enough to combat piracy.

A month later, the EU added the service to its own ‘Counterfeit and Piracy Watch List’, noting that along with other social media platforms, Telegram “lags behind” in respect of efforts to combat piracy.

This opinion is shared by Israel-based anti-piracy group ZIRA. Last year, ZIRA – which represents local media companies – took its complaints to court, hoping to force Telegram to take a more serious approach to infringement mitigation.

https://torrentfreak.com/court-orders-telegram-to-block-pirated-movies-tv-shows-and-music-210210/

#tg #telegram #court #order #block #pirated #movies #music #riaa #mpaa #piracy #watchlist
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

North Dakota Senate bill targets 'monopolistic' app stores

Proponents of a North Dakota Senate bill say the legislation would clamp down on app stores seen as monopolistic, but opponents see it as interference and potentially harmful.

Sen. Kyle Davison, R-Fargo, on Tuesday introduced Senate Bill 2333 to the Senate Industry, Business and Labor Committee. The bill would ban app stores such as Apple and Google Play from requiring app developers to exclusively use their app store and payment system, and prohibit retaliating. Violations would be considered an unlawful practice under state law, opening a door to lawsuits.

"The purpose of the bill is to level the playing field for app developers in North Dakota and protect customers from devastating, monopolistic fees imposed by big tech companies," said Davison, referring to a 30% fee imposed by Apple and Google on in-app purchases, which he said penalizes small app developers "by raising prices and limiting choices for consumers."

Proponents of the bill said it addresses concerns of a monopoly by Apple and Google.

https://telegra.ph/North-Dakota-Senate-bill-targets-monopolistic-app-stores-02-11

via bismarcktribune.com

https://www.legis.nd.gov/assembly/67-2021/bill-actions/ba2333.html

#usa #monopolistic #appstores #apple #DeleteApple #google #DeleteGoogle
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Facebook Is Said to Be Building a Product to Compete With Clubhouse

The social network, which has a history of cloning its competitors, has started working on an audio chat product.

SAN FRANCISCO — Facebook is building an audio chat product that is similar to the popular young app Clubhouse, according to two people with knowledge of the matter, as the social network aims to expand into new forms of communication.

Clubhouse, a social networking app, has gained buzz for letting people gather in audio chat rooms to talk about various topics. Mark Zuckerberg, Facebook’s chief executive, has been interested in audio communication forms, said the people with knowledge of the matter, and he appeared in the Clubhouse app on Sunday to chat about augmented and virtual reality.

Facebook executives have ordered employees to create a similar product, known internally as Fireside, said the people, who were not authorized to speak publicly. The product is in its earliest stages of development, they said, and the project’s code name could change.

“We’ve been connecting people through audio and video technologies for many years and are always exploring new ways to improve that experience for people,” Emilie Haskell, a Facebook spokeswoman, said.

A representative for Clubhouse declined to comment.

https://www.nytimes.com/2021/02/10/technology/facebook-building-product-clubhouse.html

#facebook #DeleteFacebook #Clubhouse
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag