“We are apolitical” — DarkSide threat actors
By now, probably everyone has heard about the Colonial Pipeline security incident that has been linked to threat actors known as DarkSide.
On April 12, this site published an email chat with DarkSide. If you missed that chat write-up, you can read it here. On May 8, after the mainstream media reported that the Colonial Pipeline incident had been attributed to DarkSide by those familiar with the matter, I reached out to the threat actors to ask for a comment or response. As I tweeted and reported, they responded, “Hello, no comments,” but then immediately sent another reply explaining, “At the time of negotiations and in the case of payment, we do not disclose information about the transaction.”
That was their only acknowledgement by that point that they were involved.
Today, they have issued a statement on their leak site:
"We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined goverment and look for other our motives.
Our goal is to make money, and not creating problems for society.
From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future."
That press statement is consistent with what they had stated in our email interview when I asked them if they ever had regretted any attack. They responded how they added funeral homes and crematoria to their exclusion list because they had regretted what a partner had done. Now they say they will start moderation to check companies that their partners want to encrypt.
Chalk this up as purely opinion, but I think it’s likely that they are quite serious about that. Since Colonial Pipeline is private industry and not a state/government entity, they probably did not consider it as infrastructure or political as much as just a typical big (lucrative) target by a partner.
Could DarkSide be state-related? Could they have lied about that? Sure. But then do we say the same thing about every threat actor group that may speak Russian? Is there any evidence that DarkSide has had any political or governmental targets?
https://www.databreaches.net/we-are-apolitical-darkside-threat-actors/
#colonial #pipeline #hack #ransomware #darkside #apolitical
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
By now, probably everyone has heard about the Colonial Pipeline security incident that has been linked to threat actors known as DarkSide.
On April 12, this site published an email chat with DarkSide. If you missed that chat write-up, you can read it here. On May 8, after the mainstream media reported that the Colonial Pipeline incident had been attributed to DarkSide by those familiar with the matter, I reached out to the threat actors to ask for a comment or response. As I tweeted and reported, they responded, “Hello, no comments,” but then immediately sent another reply explaining, “At the time of negotiations and in the case of payment, we do not disclose information about the transaction.”
That was their only acknowledgement by that point that they were involved.
Today, they have issued a statement on their leak site:
"We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined goverment and look for other our motives.
Our goal is to make money, and not creating problems for society.
From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future."
That press statement is consistent with what they had stated in our email interview when I asked them if they ever had regretted any attack. They responded how they added funeral homes and crematoria to their exclusion list because they had regretted what a partner had done. Now they say they will start moderation to check companies that their partners want to encrypt.
Chalk this up as purely opinion, but I think it’s likely that they are quite serious about that. Since Colonial Pipeline is private industry and not a state/government entity, they probably did not consider it as infrastructure or political as much as just a typical big (lucrative) target by a partner.
Could DarkSide be state-related? Could they have lied about that? Sure. But then do we say the same thing about every threat actor group that may speak Russian? Is there any evidence that DarkSide has had any political or governmental targets?
https://www.databreaches.net/we-are-apolitical-darkside-threat-actors/
#colonial #pipeline #hack #ransomware #darkside #apolitical
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
www.databreaches.net
“We are apolitical” — DarkSide threat actors
By now, probably everyone has heard about the Colonial Pipeline security incident that has been linked to threat actors known as DarkSide. On April 12, this...
Garbage Collection – the silent enemy of data recovery
3 SSDs which we loaded with data sets and then issued the deleted command. Which disk would still have its data intact after 24hours?
Drive Rescue recently gave a guest lecture to the computer science class of a well-known Dublin third-level institution. Their lecturer wanted to give his class some real-world insights into how the world of practitioners sometimes differs to the world of academic theory. So, in the name of science and knowledge enhancement for all – we duly obliged.
The topic we decided to talk about was garbage collection in solid-state disks (SSD). Garbage collection is a silent (disk controller) process which runs in the background of most solid-state disks and operates as a sort of clean-up mechanism for data which had been recently subject to the delete command. This makes read, write and erase operations in SSDs more efficient. However, for the forensic investigator, the security analyst, the systems administrator or indeed the data recovery technician, the garbage collection feature has the potential to complicate investigations and recovery cases.
Data Deletion from HDDs
When data is deleted from traditional electro-mechanical hard disks, the space on the volume is marked as free by the disk. But the actual data is not deleted until it’s overwritten to the same location.
Why Garbage Collection is a problem
File deletion with SSDs works differently. Unlike HDDs, they cannot write data to a random area of the disk. SSDs must write to blank pages. Moreover, an SSD cannot erase data at page level, it must be block-level. For this reason, SSDs use TRIM and garbage collection to make sure there always pages ready available for writing.
https://datarecoveryireland.ie/garbage-collection-the-silent-enemy-of-data-recovery/
#data #recovery #ssd #hdd #drive #rescue #forensic
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
3 SSDs which we loaded with data sets and then issued the deleted command. Which disk would still have its data intact after 24hours?
Drive Rescue recently gave a guest lecture to the computer science class of a well-known Dublin third-level institution. Their lecturer wanted to give his class some real-world insights into how the world of practitioners sometimes differs to the world of academic theory. So, in the name of science and knowledge enhancement for all – we duly obliged.
The topic we decided to talk about was garbage collection in solid-state disks (SSD). Garbage collection is a silent (disk controller) process which runs in the background of most solid-state disks and operates as a sort of clean-up mechanism for data which had been recently subject to the delete command. This makes read, write and erase operations in SSDs more efficient. However, for the forensic investigator, the security analyst, the systems administrator or indeed the data recovery technician, the garbage collection feature has the potential to complicate investigations and recovery cases.
Data Deletion from HDDs
When data is deleted from traditional electro-mechanical hard disks, the space on the volume is marked as free by the disk. But the actual data is not deleted until it’s overwritten to the same location.
Why Garbage Collection is a problem
File deletion with SSDs works differently. Unlike HDDs, they cannot write data to a random area of the disk. SSDs must write to blank pages. Moreover, an SSD cannot erase data at page level, it must be block-level. For this reason, SSDs use TRIM and garbage collection to make sure there always pages ready available for writing.
https://datarecoveryireland.ie/garbage-collection-the-silent-enemy-of-data-recovery/
#data #recovery #ssd #hdd #drive #rescue #forensic
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Data Recovery Ireland
Garbage Collection – the silent enemy of data recovery - Data Recovery Ireland
Drive Rescue recently gave a guest lecture to the computer science class of a well-known Dublin third-level institution. Their lecturer wanted to give his class some real-world insights into how the world of practitioners sometimes differs to the world of…
30 Years Of Linux - An Interview With Linus Torvalds: Open Source And Beyond - Part 2
The Linux kernel is celebrating its thirtieth anniversary this year. In part two of our interview, we conclude our conversation with Linux creator Linus Torvalds. If you haven't already, check out part one to learn all about Linux kernel development and the creation of the Git version control system.
In this second part, Linus offers insight and perspective gained from managing a large open source project for three decades. He also talks about his employment at the Linux Foundation, and describes what he does with his spare time when he's not focused on kernel development.
As to what makes an open source project successful, Linus admits, "I don't really know what the key to success is. Yes, Linux has been very successful, and clearly Git too started on the right foot, but it's always very hard to really attribute that to some deeper cause. Maybe I've just been lucky?" He goes on to offer three practical recommendations he's followed himself: be there for other developers, be open, and be honest.
https://www.tag1consulting.com/blog/interview-linus-torvalds-open-source-and-beyond-part-2
💡 read as well: An Interview With Linus Torvalds: Linux and Git - Part 1
https://www.tag1consulting.com/blog/interview-linus-torvalds-linux-and-git
#interview #torvalds #linux
📡 @nogoolag 📡 @blackbox_archiv
The Linux kernel is celebrating its thirtieth anniversary this year. In part two of our interview, we conclude our conversation with Linux creator Linus Torvalds. If you haven't already, check out part one to learn all about Linux kernel development and the creation of the Git version control system.
In this second part, Linus offers insight and perspective gained from managing a large open source project for three decades. He also talks about his employment at the Linux Foundation, and describes what he does with his spare time when he's not focused on kernel development.
As to what makes an open source project successful, Linus admits, "I don't really know what the key to success is. Yes, Linux has been very successful, and clearly Git too started on the right foot, but it's always very hard to really attribute that to some deeper cause. Maybe I've just been lucky?" He goes on to offer three practical recommendations he's followed himself: be there for other developers, be open, and be honest.
https://www.tag1consulting.com/blog/interview-linus-torvalds-open-source-and-beyond-part-2
💡 read as well: An Interview With Linus Torvalds: Linux and Git - Part 1
https://www.tag1consulting.com/blog/interview-linus-torvalds-linux-and-git
#interview #torvalds #linux
📡 @nogoolag 📡 @blackbox_archiv
Tag1 Consulting
An Interview With Linus Torvalds: Open Source And Beyond - Part 2 30 Years Of Linux
In this second part, Linus offers insight and perspective gained from managing a large open source project for three decades. He also talks about his employment at the Linux Foundation, and describes what he does with his spare time when he's not focused…
Actor sues TikTok for using her voice in viral tool
An actor is suing TikTok for using her voice in its text-to-speech function.
It converts writing into speech, which can then be played over videos uploaded to the app, often for comedic effect.
Bev Standing recorded about 10,000 sentences of audio for the state-backed Chinese Institute of Acoustics research body to use in translations, in 2018.
The legal action claims her voice can now be heard in viral videos featuring “foul and offensive language”, causing her reputation “irreparable harm”.
https://www.bbc.co.uk/news/technology-57063087
#DeleteTikTok #tiktok
📡 @nogoolag 📡 @blackbox_archiv
An actor is suing TikTok for using her voice in its text-to-speech function.
It converts writing into speech, which can then be played over videos uploaded to the app, often for comedic effect.
Bev Standing recorded about 10,000 sentences of audio for the state-backed Chinese Institute of Acoustics research body to use in translations, in 2018.
The legal action claims her voice can now be heard in viral videos featuring “foul and offensive language”, causing her reputation “irreparable harm”.
https://www.bbc.co.uk/news/technology-57063087
#DeleteTikTok #tiktok
📡 @nogoolag 📡 @blackbox_archiv
BBC News
Actor sues TikTok for using her voice in viral tool
Bev Standing’s voice is used on the social-media platform's text-to-speech feature.
Colonial Hack Can’t Be Just Another Wake-Up Call
Companies and the government need to confront cyberattacks before an unmanageable disaster arrives.
Visit Colonial Pipeline’s corporate website and you’ll learn that the Alpharetta, Georgia, energy company is “committed to EXCELLENCE” and that “safety, environmental stewardship, and first-class customer service” drive its operating philosophy.
What you won’t find — unless you navigate to the bottom of the home page and click on “News & Media” — is any mention that the company that operates the largest refined fuels pipeline in the U.S. was brought to its knees by computer hackers Friday. That’s understandable, because it’s likely that Colonial still doesn’t completely understand what hit it.
In a brief statement Saturday, Colonial said it learned the previous day that hackers were trying to extort it using ransomware. In response, the company shut down its pipeline and some information technology systems and hired cybersleuths to sort out the damage. It offered more of the same Sunday evening, while also disclosing that the Department of Energy had joined a federal law enforcement investigation of the attack. Other than noting that its main lines were still closed, Colonial didn’t offer much clarity about when it would be back in business (which has left oil traders on edge and scrambling for alternatives).
Companies have their reasons for going mum when hacked, of course. They’re worried about reputational damage. If publicly traded, they also fear possible negligence lawsuits from investors (Colonial is privately held). But in an era in which nation-states and roving freelancers alike have turned rival governments, corporations, schools and universities, hospitals, research labs, fire and police departments, and other institutions into digital piñatas, hunkering down only perpetuates the problem.
https://www.bloomberg.com/opinion/articles/2021-05-10/colonial-hack-shows-we-re-one-attack-away-from-a-cyber-disaster
#colonial #pipeline #hack #ransomware #darkside #cyberattacks
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Companies and the government need to confront cyberattacks before an unmanageable disaster arrives.
Visit Colonial Pipeline’s corporate website and you’ll learn that the Alpharetta, Georgia, energy company is “committed to EXCELLENCE” and that “safety, environmental stewardship, and first-class customer service” drive its operating philosophy.
What you won’t find — unless you navigate to the bottom of the home page and click on “News & Media” — is any mention that the company that operates the largest refined fuels pipeline in the U.S. was brought to its knees by computer hackers Friday. That’s understandable, because it’s likely that Colonial still doesn’t completely understand what hit it.
In a brief statement Saturday, Colonial said it learned the previous day that hackers were trying to extort it using ransomware. In response, the company shut down its pipeline and some information technology systems and hired cybersleuths to sort out the damage. It offered more of the same Sunday evening, while also disclosing that the Department of Energy had joined a federal law enforcement investigation of the attack. Other than noting that its main lines were still closed, Colonial didn’t offer much clarity about when it would be back in business (which has left oil traders on edge and scrambling for alternatives).
Companies have their reasons for going mum when hacked, of course. They’re worried about reputational damage. If publicly traded, they also fear possible negligence lawsuits from investors (Colonial is privately held). But in an era in which nation-states and roving freelancers alike have turned rival governments, corporations, schools and universities, hospitals, research labs, fire and police departments, and other institutions into digital piñatas, hunkering down only perpetuates the problem.
https://www.bloomberg.com/opinion/articles/2021-05-10/colonial-hack-shows-we-re-one-attack-away-from-a-cyber-disaster
#colonial #pipeline #hack #ransomware #darkside #cyberattacks
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Bloomberg.com
Colonial Hack Can’t Be Just Another Wake-Up Call
Companies and the government need to confront cyberattacks before an unmanageable disaster arrives.
Beware of Applications Misusing Root Stores
We have been alerted about applications that use the root store provided by Mozilla for purposes other than what Mozilla’s root store is curated for. We provide a root store to be used for server authentication (TLS) and for digitally signed and encrypted email (S/MIME). Applications that use Mozilla’s root store for a purpose other than that have a critical security vulnerability. With the goal of improving the security ecosystem on the internet, below we clarify the correct and incorrect use of Mozilla’s root store, and provide tools for correct use.
....(....)
Misuse of Root Stores: We have been alerted that some applications are using root stores provided by Mozilla or an operating system (e.g. Linux) for purposes other than what the root store is curated for. An application that uses a root store for a purpose other than what the store was created for has a critical security vulnerability. This is no different than failing to validate a certificate at all.
https://blog.mozilla.org/security/2021/05/10/beware-of-applications-misusing-root-stores/
#mozilla #root #store #applications
📡 @nogoolag 📡 @blackbox_archiv
We have been alerted about applications that use the root store provided by Mozilla for purposes other than what Mozilla’s root store is curated for. We provide a root store to be used for server authentication (TLS) and for digitally signed and encrypted email (S/MIME). Applications that use Mozilla’s root store for a purpose other than that have a critical security vulnerability. With the goal of improving the security ecosystem on the internet, below we clarify the correct and incorrect use of Mozilla’s root store, and provide tools for correct use.
....(....)
Misuse of Root Stores: We have been alerted that some applications are using root stores provided by Mozilla or an operating system (e.g. Linux) for purposes other than what the root store is curated for. An application that uses a root store for a purpose other than what the store was created for has a critical security vulnerability. This is no different than failing to validate a certificate at all.
https://blog.mozilla.org/security/2021/05/10/beware-of-applications-misusing-root-stores/
#mozilla #root #store #applications
📡 @nogoolag 📡 @blackbox_archiv
Mozilla Security Blog
Beware of Applications Misusing Root Stores
We have been alerted about applications that use the root store provided by Mozilla for purposes other than what Mozilla’s root store is curated for. We provide a root store ...
Media is too big
VIEW IN TELEGRAM
HakByte: How to find anything on the internet with Google Dorks
On this first episode of HakByte, we cover Google Dorking, which is an OSINT technique that takes advantage of the Google Search engine with advanced search strings. This video covers basic google dorks that will allow you to filter out irrelevant information for a google search, finding insecure websites, and even discovering exposed password databases. Finally, an open source tool called pagodo is covered, which automatically can pass thousands of google dorks while avoiding detection from google.
https://www.youtube.com/watch?v=lESeJ3EViCo
#hakbyte #osint #google #dorking #search #engine #educational #video
🎥 @nogoolag 🎥 @blackbox_archiv
On this first episode of HakByte, we cover Google Dorking, which is an OSINT technique that takes advantage of the Google Search engine with advanced search strings. This video covers basic google dorks that will allow you to filter out irrelevant information for a google search, finding insecure websites, and even discovering exposed password databases. Finally, an open source tool called pagodo is covered, which automatically can pass thousands of google dorks while avoiding detection from google.
https://www.youtube.com/watch?v=lESeJ3EViCo
#hakbyte #osint #google #dorking #search #engine #educational #video
🎥 @nogoolag 🎥 @blackbox_archiv
Today the United States announced that it will join the Christchurch Call to Action to Eliminate Terrorist and Violent Extremist Content Online, a global pledge by member governments and technology partners to work together to address terrorist and violent extremist content online.
Countering the use of the internet by terrorists and violent extremists to radicalize and recruit is a significant priority for the United States. Joining the coalition of governments and companies that have endorsed the Christchurch Call to Action reinforces the need for collective action.
The United States applauds language in the Christchurch Call emphasizing the importance of respecting human rights and the rule of law, including the protection of freedom of expression. In joining the Christchurch Call, the United States will not take steps that would violate the freedoms of speech and association protected by the First Amendment to the U.S. Constitution, nor violate reasonable expectations of privacy.
The United States looks forward to participating in the Christchurch Call Second Anniversary virtual summit on May 14.
https://telegra.ph/Statement-by-Press-Secretary-Jen-Psaki-on-the-Occasion-of-the-United-States-Joining-the-Christchurch-Call-to-Action-to-Eliminate-05-10
via www.whitehouse.gov
#christchurch #call #action
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Countering the use of the internet by terrorists and violent extremists to radicalize and recruit is a significant priority for the United States. Joining the coalition of governments and companies that have endorsed the Christchurch Call to Action reinforces the need for collective action.
The United States applauds language in the Christchurch Call emphasizing the importance of respecting human rights and the rule of law, including the protection of freedom of expression. In joining the Christchurch Call, the United States will not take steps that would violate the freedoms of speech and association protected by the First Amendment to the U.S. Constitution, nor violate reasonable expectations of privacy.
The United States looks forward to participating in the Christchurch Call Second Anniversary virtual summit on May 14.
https://telegra.ph/Statement-by-Press-Secretary-Jen-Psaki-on-the-Occasion-of-the-United-States-Joining-the-Christchurch-Call-to-Action-to-Eliminate-05-10
via www.whitehouse.gov
#christchurch #call #action
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Telegraph
Statement by Press Secretary Jen Psaki on the Occasion of the United States Joining the Christchurch Call to Action to Eliminate…
Today the United States announced that it will join the Christchurch Call to Action to Eliminate Terrorist and Violent Extremist Content Online, a global pledge by member governments and technology partners to work together to address terrorist and violent…
Apple accused of breaking UK competition law by overcharging for apps
Almost 20 million users could be eligible for compensation, with £1.5bn damages sought
Apple is facing a demand for billions of pounds of consumer compensation in a British lawsuit that accuses the company of overcharging users by up to 30% on its App Store.
The claim argues that Apple’s restrictive policies, which limit app developers to using its own payment systems, are generating “excessive” profits for the company and leading to consumers paying more than they otherwise would. As a collective action, it seeks to represent the almost 20 million people in the UK who have spent money on the App Store, and seeks damages of up to £1.5bn.
Apple has dismissed the action as “meritless”.
Leading the suit is Dr Rachael Kent, an expert in the digital economy and lecturer at King’s College, University of London, who said: “The App Store was a brilliant gateway for a range of interesting and innovative services that millions of us find useful, myself included. But 13 years after its launch, it has become the only gateway for millions of consumers. Apple guards access to the world of apps jealously, and charges entry and usage fees that are completely unjustified.
“This is the behaviour of a monopolist and is unacceptable.”
https://www.theguardian.com/technology/2021/may/11/apple-accused-of-breaking-uk-competition-law-by-overcharging-for-apps
#apple #uk #competition #law #apps #overcharging
📡 @nogoolag 📡 @blackbox_archiv
Almost 20 million users could be eligible for compensation, with £1.5bn damages sought
Apple is facing a demand for billions of pounds of consumer compensation in a British lawsuit that accuses the company of overcharging users by up to 30% on its App Store.
The claim argues that Apple’s restrictive policies, which limit app developers to using its own payment systems, are generating “excessive” profits for the company and leading to consumers paying more than they otherwise would. As a collective action, it seeks to represent the almost 20 million people in the UK who have spent money on the App Store, and seeks damages of up to £1.5bn.
Apple has dismissed the action as “meritless”.
Leading the suit is Dr Rachael Kent, an expert in the digital economy and lecturer at King’s College, University of London, who said: “The App Store was a brilliant gateway for a range of interesting and innovative services that millions of us find useful, myself included. But 13 years after its launch, it has become the only gateway for millions of consumers. Apple guards access to the world of apps jealously, and charges entry and usage fees that are completely unjustified.
“This is the behaviour of a monopolist and is unacceptable.”
https://www.theguardian.com/technology/2021/may/11/apple-accused-of-breaking-uk-competition-law-by-overcharging-for-apps
#apple #uk #competition #law #apps #overcharging
📡 @nogoolag 📡 @blackbox_archiv
the Guardian
Apple accused of breaking UK competition law by overcharging for apps
Almost 20 million users could be eligible for compensation, with £1.5bn damages sought
2021-05-11-press-release-facebook.pdf
128.8 KB
Order of the HmbBfDI: Ban of further processing of WhatsApp user data by Facebook
The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) issued an order prohibiting Facebook Ireland Ltd. from processing personal data from WhatsApp for its own purposes. The order is immediately enforceable. This is done under the urgency procedure of the General Data Protection Regulation (GDPR), which provides for the adoption of provisional measures with a specified period of validity in the respective territory, in this case Germany. The background to the proceedings is the request to all WhatsApp users to agree to the new terms and privacy policy by May 15, which grant WhatsApp far-reaching powers to share data with Facebook.
https://datenschutz-hamburg.de/assets/pdf/2021-05-11-press-release-facebook.pdf
#whatsapp #DeleteWhatsApp #user #data #facebook #DeleteFacebook #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) issued an order prohibiting Facebook Ireland Ltd. from processing personal data from WhatsApp for its own purposes. The order is immediately enforceable. This is done under the urgency procedure of the General Data Protection Regulation (GDPR), which provides for the adoption of provisional measures with a specified period of validity in the respective territory, in this case Germany. The background to the proceedings is the request to all WhatsApp users to agree to the new terms and privacy policy by May 15, which grant WhatsApp far-reaching powers to share data with Facebook.
https://datenschutz-hamburg.de/assets/pdf/2021-05-11-press-release-facebook.pdf
#whatsapp #DeleteWhatsApp #user #data #facebook #DeleteFacebook #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The widely anticipated quantum internet breakthrough is finally here
A Delft University spinout is commercialising a quantum modem that can link quantum machines into superfast networks.
f you thought quantum computing was a leap forward, get ready for the next step: the quantum internet, where quantum machines can be linked to each other to create powerful networks of superfast computing power.
The vision is now even closer to becoming reality. QphoX, a Delft University spinout, has created a quantum modem that can get these machines talking to each other. It plans to be the first to take it out of the research lab and turn it into a commercial project — and has raised €2m seed round to build the company.
It is the next big step in quantum computing. Today’s biggest quantum computers have less than 100 qubits, but scientists say that the machines will need at least 1k qubits to be truly commercially useful. Scaling up the computers themselves will take time, but a quantum internet could connect smaller machines to get to 1k+ qubits faster.
“Scaling a quantum computer even beyond 100 qubits is hard at the moment, but you could link 10 together to get 1k,” says Simon Gröblacher, CEO and cofounder of QphoX. Gröblacher says they expect to have a working modem ready for customers to test within two years.
The seed funding round was led by Quantonation, Speedinvest and High-Tech Gründerfonds, with participation from TU Delft.
https://sifted.eu/articles/quantum-internet-breakthrough/
#quantum #internet #breakthrough
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
A Delft University spinout is commercialising a quantum modem that can link quantum machines into superfast networks.
f you thought quantum computing was a leap forward, get ready for the next step: the quantum internet, where quantum machines can be linked to each other to create powerful networks of superfast computing power.
The vision is now even closer to becoming reality. QphoX, a Delft University spinout, has created a quantum modem that can get these machines talking to each other. It plans to be the first to take it out of the research lab and turn it into a commercial project — and has raised €2m seed round to build the company.
It is the next big step in quantum computing. Today’s biggest quantum computers have less than 100 qubits, but scientists say that the machines will need at least 1k qubits to be truly commercially useful. Scaling up the computers themselves will take time, but a quantum internet could connect smaller machines to get to 1k+ qubits faster.
“Scaling a quantum computer even beyond 100 qubits is hard at the moment, but you could link 10 together to get 1k,” says Simon Gröblacher, CEO and cofounder of QphoX. Gröblacher says they expect to have a working modem ready for customers to test within two years.
The seed funding round was led by Quantonation, Speedinvest and High-Tech Gründerfonds, with participation from TU Delft.
https://sifted.eu/articles/quantum-internet-breakthrough/
#quantum #internet #breakthrough
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Sifted
The widely anticipated quantum internet breakthrough is finally here
A Delft University spinout is commercialising a quantum modem that can link quantum machines into superfast networks.
This media is not supported in your browser
VIEW IN TELEGRAM
Stopping the Manipulation Machines - Some things are difficult by design.
Consider Amazon. The company perfected the one-click checkout. But canceling a $119 Prime subscription is a labyrinthine process that requires multiple screens and clicks.
Or Ticketmaster. Online customers are bombarded with options for ticket insurance, subscription services for razors and other items and, when users navigate through those, they can expect to receive a battery of text messages from the company with no clear option to stop them.
https://www.nytimes.com/2021/04/30/opinion/dark-pattern-internet-ecommerce-regulation.html
#manipulation #amazon #DeleteAmazon #ticketmaster #opinion
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Consider Amazon. The company perfected the one-click checkout. But canceling a $119 Prime subscription is a labyrinthine process that requires multiple screens and clicks.
Or Ticketmaster. Online customers are bombarded with options for ticket insurance, subscription services for razors and other items and, when users navigate through those, they can expect to receive a battery of text messages from the company with no clear option to stop them.
https://www.nytimes.com/2021/04/30/opinion/dark-pattern-internet-ecommerce-regulation.html
#manipulation #amazon #DeleteAmazon #ticketmaster #opinion
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Facebook Ordered to Stop Collecting German WhatsApp Data
Facebook Inc. was ordered to stop collecting German users’ data from its WhatsApp unit, after a regulator in the nation said the company’s attempt to make users agree to the practice in its updated terms isn’t legal.
Johannes Caspar, who heads Hamburg’s privacy authority, issued a three-month emergency ban, prohibiting Facebook from continuing with the data collection. He also asked a panel of European Union data regulators to take action and issue a ruling across the 27-nation bloc. The new WhatsApp terms enabling the data scoop are invalid because they are intransparent, inconsistent and overly broad, he said.
“The order aims to secure the rights and freedoms of millions of users which are agreeing to the terms Germany-wide,” Caspar said in a statement on Tuesday. “We need to prevent damage and disadvantages linked to such a black-box-procedure.”
https://www.bloomberg.com/news/articles/2021-05-11/facebook-ordered-to-stop-collecting-german-whatsapp-users-data
💡 read as well (PDF)
Order of the HmbBfDI: Ban of further processing of WhatsApp user data by Facebook
https://t.iss.one/BlackBox_Archiv/2184
#whatsapp #DeleteWhatsApp #user #data #facebook #DeleteFacebook #gdpr #eu #germany
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Facebook Inc. was ordered to stop collecting German users’ data from its WhatsApp unit, after a regulator in the nation said the company’s attempt to make users agree to the practice in its updated terms isn’t legal.
Johannes Caspar, who heads Hamburg’s privacy authority, issued a three-month emergency ban, prohibiting Facebook from continuing with the data collection. He also asked a panel of European Union data regulators to take action and issue a ruling across the 27-nation bloc. The new WhatsApp terms enabling the data scoop are invalid because they are intransparent, inconsistent and overly broad, he said.
“The order aims to secure the rights and freedoms of millions of users which are agreeing to the terms Germany-wide,” Caspar said in a statement on Tuesday. “We need to prevent damage and disadvantages linked to such a black-box-procedure.”
https://www.bloomberg.com/news/articles/2021-05-11/facebook-ordered-to-stop-collecting-german-whatsapp-users-data
💡 read as well (PDF)
Order of the HmbBfDI: Ban of further processing of WhatsApp user data by Facebook
https://t.iss.one/BlackBox_Archiv/2184
#whatsapp #DeleteWhatsApp #user #data #facebook #DeleteFacebook #gdpr #eu #germany
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Bloomberg.com
Facebook Ordered to Stop Collecting German WhatsApp Data
Facebook Inc. was ordered to stop collecting German users’ data from its WhatsApp unit, after a regulator in the nation said the company’s attempt to make users agree to the practice in its updated terms isn’t legal.
Media is too big
VIEW IN TELEGRAM
Colonial Pipeline Hit With Ransomware; Apple AirTags Hacked - ThreatWire
A Qualcomm SoC could be exploited by attackers, the US’s biggest gas pipeline is hit with ransomware, and Apple AirTags get hacked! All that coming up now on ThreatWire.
https://www.youtube.com/watch?v=QjLvIDWnc3w
#threatwire #hak5 #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
A Qualcomm SoC could be exploited by attackers, the US’s biggest gas pipeline is hit with ransomware, and Apple AirTags get hacked! All that coming up now on ThreatWire.
https://www.youtube.com/watch?v=QjLvIDWnc3w
#threatwire #hak5 #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
Collection of novel security vulnerabilities that affect Wi-Fi devices
11 May 2021 — This website presents FragAttacks (fragmentation and aggregation attacks) which is a collection of novel security vulnerabilities that affect Wi-Fi devices. An adversary that is within radio range of a victim can abuse these vulnerabilities to steal user information or attack devices. Three of the discovered vulnerabilities are design flaws in the Wi-Fi standard and therefore affect most devices. On top of this, several other vulnerabilities were discovered that are caused by widespread programming mistakes in Wi-Fi products. Experiments indicate that every Wi-Fi product is affected by at least one vulnerability and that most products are affected by several vulnerabilities.
The discovered vulnerabilities affect all modern security protocols of Wi-Fi, including the latest WPA3 specification. Even the original security protocol of Wi-Fi, called WEP, is affected. This means that several of the newly discovered design flaws have been part of Wi-Fi since its release in 1997! Fortunately, the design flaws are hard to abuse because doing so requires user interaction or is only possible when using uncommon network settings. As a result, in practice the biggest concern are the programming mistakes in Wi-Fi products since several of them are trivial to exploit.
https://www.fragattacks.com/
#fragattacks #wifi #security #vulnerabilities #exploit #educational
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
11 May 2021 — This website presents FragAttacks (fragmentation and aggregation attacks) which is a collection of novel security vulnerabilities that affect Wi-Fi devices. An adversary that is within radio range of a victim can abuse these vulnerabilities to steal user information or attack devices. Three of the discovered vulnerabilities are design flaws in the Wi-Fi standard and therefore affect most devices. On top of this, several other vulnerabilities were discovered that are caused by widespread programming mistakes in Wi-Fi products. Experiments indicate that every Wi-Fi product is affected by at least one vulnerability and that most products are affected by several vulnerabilities.
The discovered vulnerabilities affect all modern security protocols of Wi-Fi, including the latest WPA3 specification. Even the original security protocol of Wi-Fi, called WEP, is affected. This means that several of the newly discovered design flaws have been part of Wi-Fi since its release in 1997! Fortunately, the design flaws are hard to abuse because doing so requires user interaction or is only possible when using uncommon network settings. As a result, in practice the biggest concern are the programming mistakes in Wi-Fi products since several of them are trivial to exploit.
https://www.fragattacks.com/
#fragattacks #wifi #security #vulnerabilities #exploit #educational
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Fragattacks
FragAttacks: Security flaws in all Wi-Fi devices
We present three security design flaws in Wi-Fi and widepread implementation flaws. These can be abused to exfiltrate user data and attack local devices.
Media is too big
VIEW IN TELEGRAM
Delete Google from Your Life Now
DELETE GOOGLE!
https://www.youtube.com/watch?v=94ENNlF_05k
#google #DeleteGoogle #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
DELETE GOOGLE!
https://www.youtube.com/watch?v=94ENNlF_05k
#google #DeleteGoogle #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
Bitcoin Privacy Feud Erupts After Edward Snowden Pans Long-Awaited Taproot Upgrade
Core devs say the Taproot software update for Bitcoin will improve privacy. Edward Snowden said it doesn't fix Bitcoin's bigger privacy problem. Who's right?
Edward Snowden is a former National Security Agency contractor who exposed a secret surveillance program of American citizens. As one of the world's foremost privacy advocates, he thinks Bitcoin isn't private enough—and that an upcoming software update could make it worse.
His comments have created something of an uproar from fellow activists such as Alex Gladstein, the Chief Strategy Officer of the Human Rights Foundation, who thinks Snowden has misrepresented the upgrade, known as Taproot. Others have argued that the Russian exile can't see the importance of mainstream adoption to the project, which could falter if it turns too far toward anonymity.
"Cryptocurrency, and by this I'm just going to say Bitcoin, is really failing comprehensively, terribly, on the privacy angle," Snowden told the Electronic Frontier Foundation's Marta Belcher at the Ethereal Summit on Thursday. Taproot, he added, isn't a good fix.
Taproot, which was first proposed in early 2018, is in the process of making its way from developers' brains to the Bitcoin protocol itself. When it does come online, it's supposed to improve privacy as well as scalability and security.
https://decrypt.co/70470/bitcoin-privacy-feud-erupts-edward-snowden-pans-long-awaited-taproot-upgrade
#bitcoin #cryptocurrency #privacy #snowden #taproot #upgrade
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Core devs say the Taproot software update for Bitcoin will improve privacy. Edward Snowden said it doesn't fix Bitcoin's bigger privacy problem. Who's right?
Edward Snowden is a former National Security Agency contractor who exposed a secret surveillance program of American citizens. As one of the world's foremost privacy advocates, he thinks Bitcoin isn't private enough—and that an upcoming software update could make it worse.
His comments have created something of an uproar from fellow activists such as Alex Gladstein, the Chief Strategy Officer of the Human Rights Foundation, who thinks Snowden has misrepresented the upgrade, known as Taproot. Others have argued that the Russian exile can't see the importance of mainstream adoption to the project, which could falter if it turns too far toward anonymity.
"Cryptocurrency, and by this I'm just going to say Bitcoin, is really failing comprehensively, terribly, on the privacy angle," Snowden told the Electronic Frontier Foundation's Marta Belcher at the Ethereal Summit on Thursday. Taproot, he added, isn't a good fix.
Taproot, which was first proposed in early 2018, is in the process of making its way from developers' brains to the Bitcoin protocol itself. When it does come online, it's supposed to improve privacy as well as scalability and security.
https://decrypt.co/70470/bitcoin-privacy-feud-erupts-edward-snowden-pans-long-awaited-taproot-upgrade
#bitcoin #cryptocurrency #privacy #snowden #taproot #upgrade
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Decrypt
Bitcoin Privacy Feud Erupts After Edward Snowden Pans Long-Awaited Taproot Upgrade
Core devs say the Taproot software update for Bitcoin will improve privacy. Edward Snowden said it doesn't fix the bigger problem.
Media is too big
VIEW IN TELEGRAM
Deep Web - the downfall of the Silk Road (full documentary)
Documentary about the dark side of the Internet: for some the Deep Web and for others the Dark Web, where people trade in stolen identities, illegal substances and secret knowledge. Within a short time, the Silk Road, the "Ebay for drugs," becomes a hotly contested trans-shipment center for everything forbidden. Both the FBI and Europol try everything to track down the mastermind behind the website, known on the Deep Web only as DPR - Dread Pirate Roberts.
https://www.youtube.com/watch?v=y7x4CmWIeGE
#silkroad #doku #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
Documentary about the dark side of the Internet: for some the Deep Web and for others the Dark Web, where people trade in stolen identities, illegal substances and secret knowledge. Within a short time, the Silk Road, the "Ebay for drugs," becomes a hotly contested trans-shipment center for everything forbidden. Both the FBI and Europol try everything to track down the mastermind behind the website, known on the Deep Web only as DPR - Dread Pirate Roberts.
https://www.youtube.com/watch?v=y7x4CmWIeGE
#silkroad #doku #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
Facebook says it will ignore emergency data collection ban issued in Germany over WhatApp rules
Privacy watchdog is calling on GDPR regulators to enforce an EU-wide ban
A hot potato: Germany has banned Facebook from collecting data on WhatsApp users within its borders. The Hamburg Data Protection and Freedom of Information (HmbBfDI) commission claims that the app's new data collection policies and Facebook's heavy-handed efforts to get users to accept them violate the General Data Protection Regulation (GDPR).
Johannes Caspar, the commissioner of the HmbBfDI, indicated in a press release that Facebook has a history of user-privacy abuse, pointing to the Cambridge Analytica scandal and the recent leak of 500 million records. More urgently, Caspar fears that WhatsApp's less than transparent advertising policies will influence German elections coming up in September.
"The data protection scandals of the last few years from 'Cambridge Analytica' to the data leak that recently became known, which affected more than 500 million Facebook users, show the extent and the dangers of massive profiling," said Caspar. "This affects not only privacy but also the possibility of using profiles to influence voter decisions in order to manipulate democratic decisions. In view of the nearly 60 million WhatsApp users with a view to the upcoming federal elections in Germany in September 2021, the risk is all the more concrete, as these will arouse desires after influencing the opinion-forming of Facebook's advertisers."
https://www.techspot.com/news/89639-facebook-ignore-emergency-data-collection-ban-issued-germany.html
#whatsapp #DeleteWhatsApp #user #data #facebook #DeleteFacebook #gdpr #eu #germany
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Privacy watchdog is calling on GDPR regulators to enforce an EU-wide ban
A hot potato: Germany has banned Facebook from collecting data on WhatsApp users within its borders. The Hamburg Data Protection and Freedom of Information (HmbBfDI) commission claims that the app's new data collection policies and Facebook's heavy-handed efforts to get users to accept them violate the General Data Protection Regulation (GDPR).
Johannes Caspar, the commissioner of the HmbBfDI, indicated in a press release that Facebook has a history of user-privacy abuse, pointing to the Cambridge Analytica scandal and the recent leak of 500 million records. More urgently, Caspar fears that WhatsApp's less than transparent advertising policies will influence German elections coming up in September.
"The data protection scandals of the last few years from 'Cambridge Analytica' to the data leak that recently became known, which affected more than 500 million Facebook users, show the extent and the dangers of massive profiling," said Caspar. "This affects not only privacy but also the possibility of using profiles to influence voter decisions in order to manipulate democratic decisions. In view of the nearly 60 million WhatsApp users with a view to the upcoming federal elections in Germany in September 2021, the risk is all the more concrete, as these will arouse desires after influencing the opinion-forming of Facebook's advertisers."
https://www.techspot.com/news/89639-facebook-ignore-emergency-data-collection-ban-issued-germany.html
#whatsapp #DeleteWhatsApp #user #data #facebook #DeleteFacebook #gdpr #eu #germany
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
TechSpot
Germany issues emergency data collection ban against Facebook over WhatsApp rules [Updated]
Update (05/13/21): A WhatsApp spokesman reached out to TechSpot to clarify that the Hamburg DPA order does not impact the WhatsApp update as the DPA is raising...
92: The Pirate Bay
Darknet Diaries - Ep 92: The Pirate Bay
The Pirate Bay is a website, a search engine, which has an index of torrent files. A lot of copyrighted material is listed on the site, but the site doesn’t store any of the copyrighted material. It just points the user to where you can download it from. So for a while The Pirate Bay has been the largest places you can find pirated movies, music, games, and apps. But this site first came up 2003. And is still up and operation now, 18 years later! You would think someone would shut this place down by now. How does the biggest source for copyrighted material stay up and online for that long? Listen to this episode to find out.
https://darknetdiaries.com/episode/92/
#truecrime #darknetdiaries #podcast
🎙@cRyPtHoN_INFOSEC_FR
🎙@cRyPtHoN_INFOSEC_EN
🎙@cRyPtHoN_INFOSEC_DE
🎙@BlackBox_Archiv
The Pirate Bay is a website, a search engine, which has an index of torrent files. A lot of copyrighted material is listed on the site, but the site doesn’t store any of the copyrighted material. It just points the user to where you can download it from. So for a while The Pirate Bay has been the largest places you can find pirated movies, music, games, and apps. But this site first came up 2003. And is still up and operation now, 18 years later! You would think someone would shut this place down by now. How does the biggest source for copyrighted material stay up and online for that long? Listen to this episode to find out.
https://darknetdiaries.com/episode/92/
#truecrime #darknetdiaries #podcast
🎙@cRyPtHoN_INFOSEC_FR
🎙@cRyPtHoN_INFOSEC_EN
🎙@cRyPtHoN_INFOSEC_DE
🎙@BlackBox_Archiv