ProtonMail: Secret adjustments to the transparency report
ProtonMail is one of the few Internet companies in Switzerland with a transparency report. The transparency that such a report can create is intended to create trust.
Thanks in part to this transparency report, it became known that real-time monitoring is also possible for ProtonMail.
The ProtonMail Transparency Report, however, has the flaw that it has been adapted considerably over the last few weeks in silence and secrecy.
According to the information in the transparency report, the last adjustment was made on 24 April 2019 (“Updated on 24 April 2019”).
But if you compare the versions that the Internet Archive Wayback machine had saved on April 25 and July 26, 2019 (screenshot), you can see several adjustments, among others:
👉🏼 Read the full (translated) report without ads n shit:
https://rwtxt.lelux.fi/blackbox/protonmail-secret-adjustments-to-the-transparency-report
#ProtonMail #Switzerland #transparency #report
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
ProtonMail is one of the few Internet companies in Switzerland with a transparency report. The transparency that such a report can create is intended to create trust.
Thanks in part to this transparency report, it became known that real-time monitoring is also possible for ProtonMail.
The ProtonMail Transparency Report, however, has the flaw that it has been adapted considerably over the last few weeks in silence and secrecy.
According to the information in the transparency report, the last adjustment was made on 24 April 2019 (“Updated on 24 April 2019”).
But if you compare the versions that the Internet Archive Wayback machine had saved on April 25 and July 26, 2019 (screenshot), you can see several adjustments, among others:
👉🏼 Read the full (translated) report without ads n shit:
https://rwtxt.lelux.fi/blackbox/protonmail-secret-adjustments-to-the-transparency-report
#ProtonMail #Switzerland #transparency #report
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Kazakhstan's HTTPS Interception
This post describes our analysis of carrier-level HTTPS interception ordered by the government of Kazakhstan.
The Kazakhstan government recently began using a fake root CA to perform a man-in-the-middle (MitM) attack against HTTPS connections to websites including Facebook, Twitter, and Google. We have been tracking the attack, and in this post, we provide preliminary results from our ongoing research and new technical details about the Kazakh interception system.
👉🏼 Read more:
https://censoredplanet.org/kazakhstan
#kazakhstan #HTTPS #interception #websites #MitM #tracking #attack #research #analysis #facebook #twitter #google
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
This post describes our analysis of carrier-level HTTPS interception ordered by the government of Kazakhstan.
The Kazakhstan government recently began using a fake root CA to perform a man-in-the-middle (MitM) attack against HTTPS connections to websites including Facebook, Twitter, and Google. We have been tracking the attack, and in this post, we provide preliminary results from our ongoing research and new technical details about the Kazakh interception system.
👉🏼 Read more:
https://censoredplanet.org/kazakhstan
#kazakhstan #HTTPS #interception #websites #MitM #tracking #attack #research #analysis #facebook #twitter #google
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Facebook is funding brain experiments to create a device that reads your mind
Big tech firms are trying to read people’s thoughts, and no one’s ready for the consequences.
In 2017, Facebook announced that it wanted to create a headband that would let people type at a speed of 100 words per minute, just by thinking.
Now, a little over two years later, the social-media giant is revealing that it has been financing extensive university research on human volunteers.
Today, some of that research was described in a scientific paper from the University of California, San Francisco, where researchers have been developing “speech decoders” able to determine what people are trying to say by analyzing their brain signals.
The research is important because it could help show whether a wearable brain-control device is feasible and because it is an early example of a giant tech company being involved in getting hold of data directly from people’s minds.
To some neuro-ethicists, that means we are going to need some rules, and fast, about how brain data is collected, stored, and used.
In the report published today in Nature Communications, UCSF researchers led by neuroscientist Edward Chang used sheets of electrodes, called ECoG arrays, that were placed directly on the brains of volunteers.
The scientists were able to listen in in real time as three subjects heard questions read from a list and spoke simple answers. One question was “From 0 to 10, how much pain are you in?” The system was able to detect both the question and the response of 0 to 10 far better than chance.
Another question asked was which musical instrument they preferred, and the volunteers were able to answer “piano” and “violin.” The volunteers were undergoing brain surgery for epilepsy.
Facebook says the research project is ongoing, and that is it now funding UCSF in efforts to try to restore the ability to communicate to a disabled person with a speech impairment.
Eventually, Facebook wants to create a wearable headset that lets users control music or interact in virtual reality using their thoughts.
To that end, Facebook has also been funding work on systems that listen in on the brain from outside the skull, using fiber optics or lasers to measure changes in blood flow, similar to an MRI machine.
Such blood-flow patterns represent only a small part of what’s going on in the brain, but they could be enough to distinguish between a limited set of commands.
👉🏼 Read more:
https://www.technologyreview.com/s/614034/facebook-is-funding-brain-experiments-to-create-a-device-that-reads-your-mind/
💡 Also intresting:
https://www.ucsf.edu/news/2019/07/415046/team-ids-spoken-words-and-phrases-real-time-brains-speech-signals
#DeleteFacebook #experiments #brain #SpeechSignals #BigTech #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Big tech firms are trying to read people’s thoughts, and no one’s ready for the consequences.
In 2017, Facebook announced that it wanted to create a headband that would let people type at a speed of 100 words per minute, just by thinking.
Now, a little over two years later, the social-media giant is revealing that it has been financing extensive university research on human volunteers.
Today, some of that research was described in a scientific paper from the University of California, San Francisco, where researchers have been developing “speech decoders” able to determine what people are trying to say by analyzing their brain signals.
The research is important because it could help show whether a wearable brain-control device is feasible and because it is an early example of a giant tech company being involved in getting hold of data directly from people’s minds.
To some neuro-ethicists, that means we are going to need some rules, and fast, about how brain data is collected, stored, and used.
In the report published today in Nature Communications, UCSF researchers led by neuroscientist Edward Chang used sheets of electrodes, called ECoG arrays, that were placed directly on the brains of volunteers.
The scientists were able to listen in in real time as three subjects heard questions read from a list and spoke simple answers. One question was “From 0 to 10, how much pain are you in?” The system was able to detect both the question and the response of 0 to 10 far better than chance.
Another question asked was which musical instrument they preferred, and the volunteers were able to answer “piano” and “violin.” The volunteers were undergoing brain surgery for epilepsy.
Facebook says the research project is ongoing, and that is it now funding UCSF in efforts to try to restore the ability to communicate to a disabled person with a speech impairment.
Eventually, Facebook wants to create a wearable headset that lets users control music or interact in virtual reality using their thoughts.
To that end, Facebook has also been funding work on systems that listen in on the brain from outside the skull, using fiber optics or lasers to measure changes in blood flow, similar to an MRI machine.
Such blood-flow patterns represent only a small part of what’s going on in the brain, but they could be enough to distinguish between a limited set of commands.
👉🏼 Read more:
https://www.technologyreview.com/s/614034/facebook-is-funding-brain-experiments-to-create-a-device-that-reads-your-mind/
💡 Also intresting:
https://www.ucsf.edu/news/2019/07/415046/team-ids-spoken-words-and-phrases-real-time-brains-speech-signals
#DeleteFacebook #experiments #brain #SpeechSignals #BigTech #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
🇪🇸 Multas millonarias en protección de datos para British Airways y Marriott…y estas son solo las primeras.
Las agencias quieren que las sanciones tengan un efecto disuasorio e impondrán multas que estén ligadas al volumen de facturación de la compañía.
Poco más de 1 año después de la entrada en vigor de la nueva regulación sobre protección de datos en Europa, hemos visto como la agencia de protección de datos inglesa, la Oficina del Comisionado de Información de Reino Unido (ICO) ha anunciado su intención de imponer las primeras multas millonarias en Europa: 203 millones de euros a British Airways y 110 millones de euros para Marriott.
Pero, ¿qué es lo que la ICO ha tenido en consideración para proponer este importe de sanciones a los que no estamos nada acostumbrados? En ambos casos, las propuestas de sanciones se impondrían como consecuencia de una brecha de seguridad y en ambos casos la ICO ha valorado, multitud de factores, siendo probablemente el más relevante, la existencia de fallos en las medidas de seguridad.
Si la empresa no tiene implementadas las medidas de seguridad necesarias para proteger los datos personales, las sanciones van a ser muy elevadas. Es cierto que la sofisticación de los ciberataques es cada vez mayor y que no existe ninguna medida de seguridad 100 % infalible, no obstante, lo que los reguladores van a tener en consideración en este tipo de casos es si las empresas se lo han puesto fácil a los atacantes porque no tenían implementadas las medidas adecuadas.
Y ambas multas son prueba de ello. En el caso de British Airways la ICO ha manifestado que la aerolínea no cumplía con los estándares básicos de seguridad que hay que aplicar cuando se trata información de pagos con tarjetas (PCI) y no tenía encriptados los códigos de seguridad (CVV) de las tarjetas de crédito.
Qué tipo de información se ve afectada por la brecha y las consecuencias que pueden derivarse para los usuarios es otro factor a tener en consideración en este tipo de investigaciones. Las consecuencias no son las mismas si los datos afectados son, por ejemplo, direcciones de email, que si además, como es el caso de British Airways, los atacantes tienen acceso a datos financieros como números de tarjetas de crédito que pueden fácilmente ser usados con fines fraudulentos.
No obstante, la ICO no tiene en consideración si ese uso fraudulento se ha producido o no, dado que como indica su directora, Elizabeth Denham, en una entrevista publicada por el Wall Street Journal, pueden transcurrir bastantes años desde que se produce la brecha hasta que los datos se utilizan con estos fines, como fue el caso de Yahoo! (la brecha se produjo en 2014 y el uso fraudulento se detectó 3 años más tarde).
El número de afectados también es otro criterio a tener en cuenta, en el caso de British Airways estamos hablando de 500.000 clientes , pero en el caso de Marriott se cree que la brecha afectó a la información de alrededor de 500.000.000 de clientes. La duración de la brecha, esto es, el tiempo durante el cual los hackers han podido acceder a la información hasta que se descubre la brecha es otro criterio a valorar; en el caso de Bristirh Airways fueron dos semanas mientras que en el de Marriott fueron 4 años.
En el caso de Marriott, la ICO también ha tenido en consideración las medidas que se adoptaron el momento de la adquisición de la cadena Starwood.
Las agencias quieren que las sanciones tengan un efecto disuasorio e impondrán multas que estén ligadas al volumen de facturación de la compañía.
Poco más de 1 año después de la entrada en vigor de la nueva regulación sobre protección de datos en Europa, hemos visto como la agencia de protección de datos inglesa, la Oficina del Comisionado de Información de Reino Unido (ICO) ha anunciado su intención de imponer las primeras multas millonarias en Europa: 203 millones de euros a British Airways y 110 millones de euros para Marriott.
Pero, ¿qué es lo que la ICO ha tenido en consideración para proponer este importe de sanciones a los que no estamos nada acostumbrados? En ambos casos, las propuestas de sanciones se impondrían como consecuencia de una brecha de seguridad y en ambos casos la ICO ha valorado, multitud de factores, siendo probablemente el más relevante, la existencia de fallos en las medidas de seguridad.
Si la empresa no tiene implementadas las medidas de seguridad necesarias para proteger los datos personales, las sanciones van a ser muy elevadas. Es cierto que la sofisticación de los ciberataques es cada vez mayor y que no existe ninguna medida de seguridad 100 % infalible, no obstante, lo que los reguladores van a tener en consideración en este tipo de casos es si las empresas se lo han puesto fácil a los atacantes porque no tenían implementadas las medidas adecuadas.
Y ambas multas son prueba de ello. En el caso de British Airways la ICO ha manifestado que la aerolínea no cumplía con los estándares básicos de seguridad que hay que aplicar cuando se trata información de pagos con tarjetas (PCI) y no tenía encriptados los códigos de seguridad (CVV) de las tarjetas de crédito.
Qué tipo de información se ve afectada por la brecha y las consecuencias que pueden derivarse para los usuarios es otro factor a tener en consideración en este tipo de investigaciones. Las consecuencias no son las mismas si los datos afectados son, por ejemplo, direcciones de email, que si además, como es el caso de British Airways, los atacantes tienen acceso a datos financieros como números de tarjetas de crédito que pueden fácilmente ser usados con fines fraudulentos.
No obstante, la ICO no tiene en consideración si ese uso fraudulento se ha producido o no, dado que como indica su directora, Elizabeth Denham, en una entrevista publicada por el Wall Street Journal, pueden transcurrir bastantes años desde que se produce la brecha hasta que los datos se utilizan con estos fines, como fue el caso de Yahoo! (la brecha se produjo en 2014 y el uso fraudulento se detectó 3 años más tarde).
El número de afectados también es otro criterio a tener en cuenta, en el caso de British Airways estamos hablando de 500.000 clientes , pero en el caso de Marriott se cree que la brecha afectó a la información de alrededor de 500.000.000 de clientes. La duración de la brecha, esto es, el tiempo durante el cual los hackers han podido acceder a la información hasta que se descubre la brecha es otro criterio a valorar; en el caso de Bristirh Airways fueron dos semanas mientras que en el de Marriott fueron 4 años.
En el caso de Marriott, la ICO también ha tenido en consideración las medidas que se adoptaron el momento de la adquisición de la cadena Starwood.
Y, obviamente, el tamaño de la empresa es lo que define el importe de la sanción; se asume que cuanto mayor sea el tamaño de la empresa, esta debe tener más medios dedicados a proteger los datos personales de sus clientes o empleados. No se le puede exigir lo mismo a una PYME que a una multinacional.
Pero además, las agencias de protección de datos quieren que las sanciones tengan un efecto disuasorio y para conseguir ese fin tienen que imponer multas que estén ligadas al volumen de facturación de la compañía, cosa que permite la nueva regulación de protección de datos. Así, mientras que bajo la anterior regulación la ICO solo pudo imponer a Facebook una multa de 500.000 Libras, que era la máxima permitida en aquel momento, por el escándalo de Cambridge Analytica, ahora, la nueva regulación le da la posibilidad de imponer una sanción a British Airways que representa el 1,5 % de su volumen de facturación anual en 2017. Claramente, el grado de persuasión de este tipo de sanciones es mayor.
La Agencia Española de Protección de Datos sancionó a la Liga de Fútbol Profesional con 250.000 euros recientemente y la directora de la ICO, en la mencionada entrevista, anunciaba que se van a imponer más multas a otras empresas este verano por parte del organismo que dirige, así que parece que vienen curvas y que British Airways y Marriott son solo los primeros de una larga lista de sanciones millonarias.
https://cincodias.elpais.com/cincodias/2019/07/29/legal/1564410687_469515.html
#multas #privacidad #seguridad
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Pero además, las agencias de protección de datos quieren que las sanciones tengan un efecto disuasorio y para conseguir ese fin tienen que imponer multas que estén ligadas al volumen de facturación de la compañía, cosa que permite la nueva regulación de protección de datos. Así, mientras que bajo la anterior regulación la ICO solo pudo imponer a Facebook una multa de 500.000 Libras, que era la máxima permitida en aquel momento, por el escándalo de Cambridge Analytica, ahora, la nueva regulación le da la posibilidad de imponer una sanción a British Airways que representa el 1,5 % de su volumen de facturación anual en 2017. Claramente, el grado de persuasión de este tipo de sanciones es mayor.
La Agencia Española de Protección de Datos sancionó a la Liga de Fútbol Profesional con 250.000 euros recientemente y la directora de la ICO, en la mencionada entrevista, anunciaba que se van a imponer más multas a otras empresas este verano por parte del organismo que dirige, así que parece que vienen curvas y que British Airways y Marriott son solo los primeros de una larga lista de sanciones millonarias.
https://cincodias.elpais.com/cincodias/2019/07/29/legal/1564410687_469515.html
#multas #privacidad #seguridad
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Cinco Días
Multas millonarias en protección de datos para British Airways y Marriott…y estas son solo las primeras
Las agencias quieren que las sanciones tengan un efecto disuasorio e impondrán multas que estén ligadas al volumen de facturación de la compañía
Pentagon testing mass surveillance balloons across the US
The US military is conducting wide-area surveillance tests across six midwest states using experimental high-altitude balloons, documents filed with the Federal Communications Commission (FCC) reveal.
Up to 25 unmanned solar-powered balloons are being launched from rural South Dakota and drifting 250 miles through an area spanning portions of Minnesota, Iowa, Wisconsin and Missouri, before concluding in central Illinois.
Travelling in the stratosphere at altitudes of up to 65,000ft, the balloons are intended to “provide a persistent surveillance system to locate and deter narcotic trafficking and homeland security threats”, according to a filing made on behalf of the Sierra Nevada Corporation, an aerospace and defence company.
The balloons are carrying hi-tech radars designed to simultaneously track many individual vehicles day or night, through any kind of weather. The tests, which have not previously been reported, received an FCC license to operate from mid-July until September, following similar flights licensed last year.
Arthur Holland Michel, the co-director of the Center for the Study of the Drone at Bard College in New York, said, “What this new technology proposes is to watch everything at once. Sometimes it’s referred to as ‘combat TiVo’ because when an event happens somewhere in the surveilled area, you can potentially rewind the tape to see exactly what occurred, and rewind even further to see who was involved and where they came from.”
The tests have been commissioned by the US Southern Command (Southcom), which is responsible for disaster response, intelligence operations and security cooperation in the Caribbean and Central and South America. Southcom is a joint effort by the US army, navy, air force and other forces, and one of its key roles is identifying and intercepting drug shipments headed for the United States.
“We do not think that American cities should be subject to wide-area surveillance in which every vehicle could be tracked wherever they go,” said Jay Stanley, a senior policy analyst at the American Civil Liberties Union.
“Even in tests, they’re still collecting a lot of data on Americans: who’s driving to the union house, the church, the mosque, the Alzheimer’s clinic,” he said. “We should not go down the road of allowing this to be used in the United States and it’s disturbing to hear that these tests are being carried out, by the military no less.”
PDF:
https://apps.fcc.gov/els/GetAtt.html?id=233815&x=.
👉🏼 Read more:
https://www.theguardian.com/us-news/2019/aug/02/pentagon-balloons-surveillance-midwest
#USA #pentagon #surveillance #Southcom
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
The US military is conducting wide-area surveillance tests across six midwest states using experimental high-altitude balloons, documents filed with the Federal Communications Commission (FCC) reveal.
Up to 25 unmanned solar-powered balloons are being launched from rural South Dakota and drifting 250 miles through an area spanning portions of Minnesota, Iowa, Wisconsin and Missouri, before concluding in central Illinois.
Travelling in the stratosphere at altitudes of up to 65,000ft, the balloons are intended to “provide a persistent surveillance system to locate and deter narcotic trafficking and homeland security threats”, according to a filing made on behalf of the Sierra Nevada Corporation, an aerospace and defence company.
The balloons are carrying hi-tech radars designed to simultaneously track many individual vehicles day or night, through any kind of weather. The tests, which have not previously been reported, received an FCC license to operate from mid-July until September, following similar flights licensed last year.
Arthur Holland Michel, the co-director of the Center for the Study of the Drone at Bard College in New York, said, “What this new technology proposes is to watch everything at once. Sometimes it’s referred to as ‘combat TiVo’ because when an event happens somewhere in the surveilled area, you can potentially rewind the tape to see exactly what occurred, and rewind even further to see who was involved and where they came from.”
The tests have been commissioned by the US Southern Command (Southcom), which is responsible for disaster response, intelligence operations and security cooperation in the Caribbean and Central and South America. Southcom is a joint effort by the US army, navy, air force and other forces, and one of its key roles is identifying and intercepting drug shipments headed for the United States.
“We do not think that American cities should be subject to wide-area surveillance in which every vehicle could be tracked wherever they go,” said Jay Stanley, a senior policy analyst at the American Civil Liberties Union.
“Even in tests, they’re still collecting a lot of data on Americans: who’s driving to the union house, the church, the mosque, the Alzheimer’s clinic,” he said. “We should not go down the road of allowing this to be used in the United States and it’s disturbing to hear that these tests are being carried out, by the military no less.”
PDF:
https://apps.fcc.gov/els/GetAtt.html?id=233815&x=.
👉🏼 Read more:
https://www.theguardian.com/us-news/2019/aug/02/pentagon-balloons-surveillance-midwest
#USA #pentagon #surveillance #Southcom
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Audio
The Tech Worker Resistance
There’s a movement building within tech. Workers are demanding higher standards from their companies — and because of their unique skills and talent, they have the leverage to get attention. Walkouts and sit-ins. Picket protests and petitions. Shareholder resolutions, and open letters. These are the new tools of tech workers, increasingly emboldened to speak out. And, as they do that, they expose the underbellies of their companies’ ethics and values, or perceived lack of them.
📻 #IRL - Online Life is Real Life #podcast
https://irlpodcast.org/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
There’s a movement building within tech. Workers are demanding higher standards from their companies — and because of their unique skills and talent, they have the leverage to get attention. Walkouts and sit-ins. Picket protests and petitions. Shareholder resolutions, and open letters. These are the new tools of tech workers, increasingly emboldened to speak out. And, as they do that, they expose the underbellies of their companies’ ethics and values, or perceived lack of them.
📻 #IRL - Online Life is Real Life #podcast
https://irlpodcast.org/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
YouTube Blacklists Federal Reserve Information - It’s Up To YOU To Spread It!
Breitbart finally covers the story of how Chris Hayes got YouTube to blacklist the search term “federal reserve” and scrub Century of Enslavement from those search results. Today, James puts out the challenge: can you break through the information blockade with good old word of mouth?
📺 https://www.corbettreport.com/youtube-blacklists-federal-reserve-information-its-up-to-you-to-spread-it/
#ItsUpToYOU #corbettreport #censorship #youtube #FederalReserve #podcast #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Breitbart finally covers the story of how Chris Hayes got YouTube to blacklist the search term “federal reserve” and scrub Century of Enslavement from those search results. Today, James puts out the challenge: can you break through the information blockade with good old word of mouth?
📺 https://www.corbettreport.com/youtube-blacklists-federal-reserve-information-its-up-to-you-to-spread-it/
#ItsUpToYOU #corbettreport #censorship #youtube #FederalReserve #podcast #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Stop Surveillance Humanitarianism
Requiring biometric data, like iris and facial scans, sets a dangerous precedent for vital aid.
A standoff between the United Nations World Food Program and Houthi rebels in control of the capital region is threatening the lives of hundreds of thousands of civilians in Yemen.
Alarmed by reports that food is being diverted to support the rebels, the aid program is demanding that Houthi officials allow them to deploy biometric technologies like iris scans and digital fingerprints to monitor suspected fraud during food distribution.
The Houthis have reportedly blocked food delivery, painting the biometric effort as an intelligence operation, and have demanded access to the personal data on beneficiaries of the aid. The impasse led the aid organization to the decision last month to suspend food aid to parts of the starving population — once thought of as a last resort — unless the Houthis allow biometrics.
With program officials saying their staff is prevented from doing its essential jobs, turning to a technological solution is tempting. But biometrics deployed in crises can lead to a form of surveillance humanitarianism that can exacerbate risks to privacy and security.
By surveillance humanitarianism, I mean the enormous data collection systems deployed by aid organizations that inadvertently increase the vulnerability of people in urgent need.
👉🏼 Read more:
https://www.nytimes.com/2019/07/11/opinion/data-humanitarian-aid.html
#surveillance #humanitarianism #vulnerability #humanrights #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Requiring biometric data, like iris and facial scans, sets a dangerous precedent for vital aid.
A standoff between the United Nations World Food Program and Houthi rebels in control of the capital region is threatening the lives of hundreds of thousands of civilians in Yemen.
Alarmed by reports that food is being diverted to support the rebels, the aid program is demanding that Houthi officials allow them to deploy biometric technologies like iris scans and digital fingerprints to monitor suspected fraud during food distribution.
The Houthis have reportedly blocked food delivery, painting the biometric effort as an intelligence operation, and have demanded access to the personal data on beneficiaries of the aid. The impasse led the aid organization to the decision last month to suspend food aid to parts of the starving population — once thought of as a last resort — unless the Houthis allow biometrics.
With program officials saying their staff is prevented from doing its essential jobs, turning to a technological solution is tempting. But biometrics deployed in crises can lead to a form of surveillance humanitarianism that can exacerbate risks to privacy and security.
By surveillance humanitarianism, I mean the enormous data collection systems deployed by aid organizations that inadvertently increase the vulnerability of people in urgent need.
👉🏼 Read more:
https://www.nytimes.com/2019/07/11/opinion/data-humanitarian-aid.html
#surveillance #humanitarianism #vulnerability #humanrights #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Army developing ‘synthetic telepathy’
Similar technology marketed as a way to control video games by thought
Vocal cords were overrated anyway. A new Army grant aims to create email or voice mail and send it by thought alone. No need to type an e-mail, dial a phone or even speak a word.
Known as synthetic telepathy, the technology is based on reading electrical activity in the brain using an electroencephalograph, or EEG. Similar technology is being marketed as a way to control video games by thought.
"I think that this will eventually become just another way of communicating," said Mike D'Zmura, from the University of California, Irvine and the lead scientist on the project.
"It will take a lot of research, and a lot of time, but there are also a lot of commercial applications, not just military applications," he said.
The idea of communicating by thought alone is not a new one. In the 1960s, a researcher strapped an EEG to his head and, with some training, could stop and start his brain's alpha waves to compose Morse code messages.
The Army grant to researchers at University of California, Irvine, Carnegie Mellon University and the University of Maryland has two objectives. The first is to compose a message using, as D'Zmura puts it, "that little voice in your head."
The second part is to send that message to a particular individual or object (like a radio), also just with the power of thought. Once the message reaches the recipient, it could be read as text or as a voice mail.
While the money may come from the Army and its first use could be for covert operations, D'Zmura thinks that thought-based communication will find more use in the civilian realm.
"The eventual application I see is for students sitting in the back of the lecture hall not paying attention because they are texting," said D'Zmura. "Instead, students could be back there, just thinking to each other."
EEG-based gaming devices are large and fairly conspicuous, but D'Zmura thinks that eventually they could be incorporated into a baseball hat or a hood.
Six real-life 'X-Files'Another use for such a system is for patients with Lou Gehrig's disease, or ALS. As the disease progresses, patients have fully functional brains but slowly lose control over their muscles. Synthetic telepathy could be a way for these patients to communicate.
One of the first areas for thought-based communication is in the gaming world, said Paul Sajda of Columbia University.
Commercial EEG headsets already exist that allow wearers to manipulate virtual objects by thought alone, noted Sajda, but thinking "move rock" is easier than, say, "Have everyone meet at Starbucks at 5:30."
👉🏼 Read more:
https://www.nbcnews.com/id/27162401/ns/technology_and_science-science/t/army-developing-synthetic-telepathy/
#army #telepathy #synthetic #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Similar technology marketed as a way to control video games by thought
Vocal cords were overrated anyway. A new Army grant aims to create email or voice mail and send it by thought alone. No need to type an e-mail, dial a phone or even speak a word.
Known as synthetic telepathy, the technology is based on reading electrical activity in the brain using an electroencephalograph, or EEG. Similar technology is being marketed as a way to control video games by thought.
"I think that this will eventually become just another way of communicating," said Mike D'Zmura, from the University of California, Irvine and the lead scientist on the project.
"It will take a lot of research, and a lot of time, but there are also a lot of commercial applications, not just military applications," he said.
The idea of communicating by thought alone is not a new one. In the 1960s, a researcher strapped an EEG to his head and, with some training, could stop and start his brain's alpha waves to compose Morse code messages.
The Army grant to researchers at University of California, Irvine, Carnegie Mellon University and the University of Maryland has two objectives. The first is to compose a message using, as D'Zmura puts it, "that little voice in your head."
The second part is to send that message to a particular individual or object (like a radio), also just with the power of thought. Once the message reaches the recipient, it could be read as text or as a voice mail.
While the money may come from the Army and its first use could be for covert operations, D'Zmura thinks that thought-based communication will find more use in the civilian realm.
"The eventual application I see is for students sitting in the back of the lecture hall not paying attention because they are texting," said D'Zmura. "Instead, students could be back there, just thinking to each other."
EEG-based gaming devices are large and fairly conspicuous, but D'Zmura thinks that eventually they could be incorporated into a baseball hat or a hood.
Six real-life 'X-Files'Another use for such a system is for patients with Lou Gehrig's disease, or ALS. As the disease progresses, patients have fully functional brains but slowly lose control over their muscles. Synthetic telepathy could be a way for these patients to communicate.
One of the first areas for thought-based communication is in the gaming world, said Paul Sajda of Columbia University.
Commercial EEG headsets already exist that allow wearers to manipulate virtual objects by thought alone, noted Sajda, but thinking "move rock" is easier than, say, "Have everyone meet at Starbucks at 5:30."
👉🏼 Read more:
https://www.nbcnews.com/id/27162401/ns/technology_and_science-science/t/army-developing-synthetic-telepathy/
#army #telepathy #synthetic #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Conspiracy Theorists Are Domestic Terrorists!
The term “conspiracy theory” was #weaponized by the #CIA half a century ago. At first it was merely used to marginalize those who question #government narratives. But now that weapon is being loaded and pointed at our heads. Can a “conspiracy theorist” false flag be far behind? James examines the new #FBI document on #conspiracy theorists as domestic #terrorists in this important edition of #PropagandaWatch.
📺 https://www.corbettreport.com/conspiracy-theorists-are-domestic-terrorists-propagandawatch/
#corbettreport #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
The term “conspiracy theory” was #weaponized by the #CIA half a century ago. At first it was merely used to marginalize those who question #government narratives. But now that weapon is being loaded and pointed at our heads. Can a “conspiracy theorist” false flag be far behind? James examines the new #FBI document on #conspiracy theorists as domestic #terrorists in this important edition of #PropagandaWatch.
📺 https://www.corbettreport.com/conspiracy-theorists-are-domestic-terrorists-propagandawatch/
#corbettreport #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
This media is not supported in your browser
VIEW IN TELEGRAM
Coordinating chaos - The tactics protesters use to fortify the frontlines
The scenes of protest in Hong Kong over the last few months can appear chaotic, filled with throngs of activists and waving umbrellas. But in the undulating waves of people is a well-developed system for moving supplies, providing aid and constructing barricades--all driven by hand signals.
A steady supply chain
Not too far from the clashes, protesters work to get any equipment needed to those on the frontlines facing off against the police. Human chains were observed at many of the marches. Some formed and dispersed quickly, but others were in place for some time, with protesters swapping positions as needed.
https://graphics.reuters.com/HONGKONG-EXTRADITIONS-TACTICS/0100B0790FL/index.html
#FreeHongKong
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
The scenes of protest in Hong Kong over the last few months can appear chaotic, filled with throngs of activists and waving umbrellas. But in the undulating waves of people is a well-developed system for moving supplies, providing aid and constructing barricades--all driven by hand signals.
A steady supply chain
Not too far from the clashes, protesters work to get any equipment needed to those on the frontlines facing off against the police. Human chains were observed at many of the marches. Some formed and dispersed quickly, but others were in place for some time, with protesters swapping positions as needed.
https://graphics.reuters.com/HONGKONG-EXTRADITIONS-TACTICS/0100B0790FL/index.html
#FreeHongKong
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
We want to bring Telegram a little bit closer to you - so what is Telegram actually?
#Telegram
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
#Telegram
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
🇪🇸 Tu cámara DSLR puede ser secuestrada por háckers, cifrando tus fotos.
Investigadores de la empresa de seguridad israelí Check Point han descubierto una serie de vulnerabilidades que permiten instalar ransomware en un modelo de cámara DSLR de Canon.
El ransomware es un tipo de malware que, una vez instalado en nuestro ordenador, se dedica a cifrar nuestros archivos y a bloquear el sistema. A continuación, suele mostrar un mensaje en el que advierte a la víctima de que puede perder sus datos. La "solución" presentada supone realizar una transferencia de dinero a los creadores del programa malicioso; normalmente usando Bitcoin u otra moneda virtual para evitar ser rastreados por la policía. En teoría, si realizamos el pago recibiremos una clave que podremos usar para descifrar nuestros archivos.
Inicialmente el ransomware tuvieron mucho éxito atacando ordenadores, pero poco a poco se expandieron a otros dispositivos. La investigación de Check Point ha demostrado que es posible llevar este modelo de ataque a las cámaras DSLR, creando una prueba de concepto que es capaz de cifrar las fotos guardadas en la memoria de la cámara.
Nuestra cámara DSLR puede ser secuestrada.
El ataque es posible gracias a seis vulnerabilidades descubiertas por los expertos; la investigación se centró en la Canon EOS 80D DSLR, pero el concepto detrás del ataque podría ser aplicable a otros modelos.
Los errores afectan a la implementación de PTP (Picture Transfer Protocol), el protocolo usado en cámaras Canon para transferir nuestras fotos a otros dispositivos, como nuestro ordenador. Este protocolo se basa en una serie de comandos, dependiendo del método de conexión; el método se puede usar tanto en conexiones por cable directas a nuestro ordenador, como con Bluetooth o Wi-Fi. Hay que aclarar que este modelo de cámara no soporta transferencias por Bluetooth, pero otros modelos sí podrían ser atacados por este método.
Si un atacante consigue infectar nuestro ordenador, la cámara podría ser atacada en cuanto la conectemos. Uno de los comandos permite realizar actualizaciones de firmware remotas sin permiso del usuario; un atacante entonces podría forzar la instalación del firmware modificado usando claves de cifrado obtenidas por ingeniería inversa.
Este método permitió a los investigadores crear un exploit que funcionaba a través de USB y Wi-Fi, y que obtenía control completo de la cámara. Incluso tenían acceso al almacenamiento, y eso les permitió cifrar las fotos y mostrar un mensaje al usuario en el que se solicita el pago.
Los turistas, principales objetivos.
Las principales víctimas de estos ataques pueden ser turistas, especialmente si se conectan a través de redes Wi-Fi públicas. Las fotos que han tomado en sus viajes pueden perderse para siempre; en esos casos, muchos podrían estar tan desesperados que pagarían la cantidad solicitada sin dudarlo.
Sin embargo, en Omicrono siempre recomendamos no realizar el pago. No solo porque eso fomenta que los háckers desarrollen más ransomware, sino porque no hay ninguna garantía de que vayamos a recibir la clave de cifrado.
Canon ya fue informada de estas vulnerabilidades, y desde el pasado 30 de julio ofrece una actualización de firmware, que deberíamos instalar si tenemos la EOS 80D. Pero algo nos dice que esto es sólo el principio, y que nuestras cámaras se convertirán en el próximo objetivo de los háckers.
https://www.elespanol.com/omicrono/20190812/camara-dslr-puede-secuestrada-hackers-cifrando-fotos/420958130_0.html
#vulnerabilidad #camaras #dslr
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Investigadores de la empresa de seguridad israelí Check Point han descubierto una serie de vulnerabilidades que permiten instalar ransomware en un modelo de cámara DSLR de Canon.
El ransomware es un tipo de malware que, una vez instalado en nuestro ordenador, se dedica a cifrar nuestros archivos y a bloquear el sistema. A continuación, suele mostrar un mensaje en el que advierte a la víctima de que puede perder sus datos. La "solución" presentada supone realizar una transferencia de dinero a los creadores del programa malicioso; normalmente usando Bitcoin u otra moneda virtual para evitar ser rastreados por la policía. En teoría, si realizamos el pago recibiremos una clave que podremos usar para descifrar nuestros archivos.
Inicialmente el ransomware tuvieron mucho éxito atacando ordenadores, pero poco a poco se expandieron a otros dispositivos. La investigación de Check Point ha demostrado que es posible llevar este modelo de ataque a las cámaras DSLR, creando una prueba de concepto que es capaz de cifrar las fotos guardadas en la memoria de la cámara.
Nuestra cámara DSLR puede ser secuestrada.
El ataque es posible gracias a seis vulnerabilidades descubiertas por los expertos; la investigación se centró en la Canon EOS 80D DSLR, pero el concepto detrás del ataque podría ser aplicable a otros modelos.
Los errores afectan a la implementación de PTP (Picture Transfer Protocol), el protocolo usado en cámaras Canon para transferir nuestras fotos a otros dispositivos, como nuestro ordenador. Este protocolo se basa en una serie de comandos, dependiendo del método de conexión; el método se puede usar tanto en conexiones por cable directas a nuestro ordenador, como con Bluetooth o Wi-Fi. Hay que aclarar que este modelo de cámara no soporta transferencias por Bluetooth, pero otros modelos sí podrían ser atacados por este método.
Si un atacante consigue infectar nuestro ordenador, la cámara podría ser atacada en cuanto la conectemos. Uno de los comandos permite realizar actualizaciones de firmware remotas sin permiso del usuario; un atacante entonces podría forzar la instalación del firmware modificado usando claves de cifrado obtenidas por ingeniería inversa.
Este método permitió a los investigadores crear un exploit que funcionaba a través de USB y Wi-Fi, y que obtenía control completo de la cámara. Incluso tenían acceso al almacenamiento, y eso les permitió cifrar las fotos y mostrar un mensaje al usuario en el que se solicita el pago.
Los turistas, principales objetivos.
Las principales víctimas de estos ataques pueden ser turistas, especialmente si se conectan a través de redes Wi-Fi públicas. Las fotos que han tomado en sus viajes pueden perderse para siempre; en esos casos, muchos podrían estar tan desesperados que pagarían la cantidad solicitada sin dudarlo.
Sin embargo, en Omicrono siempre recomendamos no realizar el pago. No solo porque eso fomenta que los háckers desarrollen más ransomware, sino porque no hay ninguna garantía de que vayamos a recibir la clave de cifrado.
Canon ya fue informada de estas vulnerabilidades, y desde el pasado 30 de julio ofrece una actualización de firmware, que deberíamos instalar si tenemos la EOS 80D. Pero algo nos dice que esto es sólo el principio, y que nuestras cámaras se convertirán en el próximo objetivo de los háckers.
https://www.elespanol.com/omicrono/20190812/camara-dslr-puede-secuestrada-hackers-cifrando-fotos/420958130_0.html
#vulnerabilidad #camaras #dslr
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
El Español
Tu cámara DSLR puede ser secuestrada por háckers, cifrando tus fotos
Vulnerabilidades permiten instalar ransomware en una cámara DSLR. El ransomware obliga a pagar para recuperar datos. Pero nunca deberías aceptar esas exigencias.
Media is too big
VIEW IN TELEGRAM
Hong Kong police make bloody arrest, assisted by officers suspected to be undercover as protesters
A protester was seen being wrestled to the ground by two men at around 10pm – one was a police officer in riot gear, the other was dressed as a pro-democracy protester in a yellow hardhat. In video footage captured by HKFP, the bloodied protester was seen moaning in pain and saying that his front tooth had been knocked out.
📺 https://www.hongkongfp.com/2019/08/12/video-hong-kong-police-make-bloody-arrest-assisted-officers-suspected-undercover-protesters/
#FreeHongKong #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
A protester was seen being wrestled to the ground by two men at around 10pm – one was a police officer in riot gear, the other was dressed as a pro-democracy protester in a yellow hardhat. In video footage captured by HKFP, the bloodied protester was seen moaning in pain and saying that his front tooth had been knocked out.
📺 https://www.hongkongfp.com/2019/08/12/video-hong-kong-police-make-bloody-arrest-assisted-officers-suspected-undercover-protesters/
#FreeHongKong #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Audio
The 5G Privilege
#5G is a new buzzword floating around every corner of the internet. But what exactly is this hyped-up cellular network, often referred to as the next technological evolution in mobile internet communications? Will it really be 100 times faster than what we have now? What will it make possible that has never been possible before? Who will reap the benefits? And, who will get left behind?
📻 https://irlpodcast.org/season5/episode5/
#IRL #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
#5G is a new buzzword floating around every corner of the internet. But what exactly is this hyped-up cellular network, often referred to as the next technological evolution in mobile internet communications? Will it really be 100 times faster than what we have now? What will it make possible that has never been possible before? Who will reap the benefits? And, who will get left behind?
📻 https://irlpodcast.org/season5/episode5/
#IRL #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Newly Unsealed Epstein Documents Released
As expected, these full reports have not been published through conventional media channels, but they have been circulating online for those who are determined enough to find the original source documents. Below are links to the court documents that have been released in the case in PDF format, please feel free to do your part in downloading, saving and spreading this information, just in case it is taken down in the future.
https://www.courthousenews.com/wp-content/uploads/2019/08/Giuffre-unseal.pdf
👉🏼 https://t.iss.one/BlackBox_Archiv/566
https://assets.documentcloud.org/documents/6250270/Sweet-Opinion-Unsealed.pdf
👉🏼 https://t.iss.one/BlackBox_Archiv/567
#epstein #documents #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
As expected, these full reports have not been published through conventional media channels, but they have been circulating online for those who are determined enough to find the original source documents. Below are links to the court documents that have been released in the case in PDF format, please feel free to do your part in downloading, saving and spreading this information, just in case it is taken down in the future.
https://www.courthousenews.com/wp-content/uploads/2019/08/Giuffre-unseal.pdf
👉🏼 https://t.iss.one/BlackBox_Archiv/566
https://assets.documentcloud.org/documents/6250270/Sweet-Opinion-Unsealed.pdf
👉🏼 https://t.iss.one/BlackBox_Archiv/567
#epstein #documents #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
This media is not supported in your browser
VIEW IN TELEGRAM
China starting to prepare against Hongkong protesters
#China is already rolling out footage of its tanks and armored vehicles moving into Shenzhen province which neighbors #HongKong . A veiled threat to large peaceful protests in Hong Kong.
📺 https://mobile.twitter.com/Joyce_Karam/status/1160909220264448000
#FreeHongKong #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
#China is already rolling out footage of its tanks and armored vehicles moving into Shenzhen province which neighbors #HongKong . A veiled threat to large peaceful protests in Hong Kong.
📺 https://mobile.twitter.com/Joyce_Karam/status/1160909220264448000
#FreeHongKong #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN