Privacy International study shows your mental health is for sale
A new study by Privacy International reveals how popular websites about depression in France, Germany and the UK share user data with advertisers, data brokers and large tech companies, while some depression test websites leak answers and test results with third parties. The findings raise serious concerns about compliance with European data protection and privacy laws.
👉🏼 Story
https://privacyintyqcroe.onion/long-read/3194/privacy-international-study-shows-your-mental-health-sale
👉🏼 Report
https://privacyintyqcroe.onion/report/3193/report-your-mental-health-sale
#privacy #study #report #DataBrokers #ourdata #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
A new study by Privacy International reveals how popular websites about depression in France, Germany and the UK share user data with advertisers, data brokers and large tech companies, while some depression test websites leak answers and test results with third parties. The findings raise serious concerns about compliance with European data protection and privacy laws.
👉🏼 Story
https://privacyintyqcroe.onion/long-read/3194/privacy-international-study-shows-your-mental-health-sale
👉🏼 Report
https://privacyintyqcroe.onion/report/3193/report-your-mental-health-sale
#privacy #study #report #DataBrokers #ourdata #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
🇪🇸 La escuela que usa reconocimiento facial para controlar la asistencia.
Multado con 18.500 euros un colegio sueco por utilizar tecnología facial, pese a contar con el consentimiento de los estudiantes.
Controlar la asistencia de los alumnos en colegios e institutos es una de las prioridades de los centros de enseñanza. Frente a las tradicionales listas de asistencia, hay escuelas que ya experimentan con la tecnología para llevar un seguimiento al respecto. Pero no todo vale a la hora de utilizar de nuevas herramientas. Una escuela de secundaria en el norte de Suecia ha sido multada con 200.000 coronas suecas —unos 18.500 euros— por realizar una prueba piloto con cámaras con reconocimiento facial para monitorear a 22 alumnos de una clase del centro, según informa el Comité Europeo de Protección de Datos.
La prueba se realizó durante tres semanas en un centro de la localidad de Skellefteå. Pese a que los estudiantes habían dado su consentimiento, la Agencia de Protección de Datos (DPA) sueca ha concluido que este proyecto piloto viola varios artículos del reglamento europeo de protección de datos (RGPD). El organismo indica que el consentimiento no es una vía legal en este caso porque “hay un desequilibrio claro entre los dueños de los datos y quién controla esta información ahora” y porque los alumnos están en una situación de dependencia con respecto a la dirección del centro.
En Suecia, las autoridades públicas pueden recibir una multa máxima de 10 millones de coronas suecas —aproximadamente 1 millón de euros—. Esta es la primera multa en relación al RGPD emitida por la Agencia de Protección de Datos sueca, que sostiene que la escuela ha procesado datos biométricos sensibles de manera ilegal y no ha realizado una evaluación de impacto adecuada. El centro, según la DPA, debería haber consultado previamente con el organismo si podía llevar a cabo el proyecto.
El uso de reconocimiento facial ha levantado polémica en los últimos años entre organizaciones de defensas de los derechos. Hay lugares que ya han comenzado a legislar al respecto. San Francisco se convirtió en mayo en la primera ciudad en Estados Unidos en prohibir el uso de la tecnología de reconocimiento facial.
En Europa, el Reglamento General de Protección de Datos (RGPD) prevé una protección especial a los datos biométricos. Se prohíbe de forma general que se puedan tratar datos biométricos, aunque hay algunas excepciones en las que los sistemas de reconocimiento facial sí pueden ser utilizados. Por ejemplo, cuando lo usan cuerpos policiales en la persecución de delitos y terroristas a nivel internacional o cuando el afectado ha dado el consentimiento y el tratamiento persigue una finalidad lícita.
Otras escuelas
Suecia no es el único país en el que se ha utilizado esta tecnología en centros educativos. Mientras que algunos centros europeos se plantean su uso, varias escuelas de China también cuentan con sistemas de reconocimiento facial en sus puertas para controlar la asistencia de los alumnos. Y van mucho más allá. Utilizan uniformes inteligentes con el fin de combatir el absentismo escolar, según el diario oficial Global Times. La prenda permite a los profesores detectar la ubicación de los alumnos o activar una alarma cuando un estudiante se queda dormido en clase.
En Estados Unidos el distrito escolar de la ciudad de Lockport, en Nueva York, ha comenzado a implementar un sistema de reconocimiento facial, según The Guardian. En este caso, esta tecnología se utiliza para garantizar la seguridad en el centro. La probabilidad de morir a tiros en Estados Unidos es 24 veces mayor que en España y 100 veces mayor que en Japón.
Multado con 18.500 euros un colegio sueco por utilizar tecnología facial, pese a contar con el consentimiento de los estudiantes.
Controlar la asistencia de los alumnos en colegios e institutos es una de las prioridades de los centros de enseñanza. Frente a las tradicionales listas de asistencia, hay escuelas que ya experimentan con la tecnología para llevar un seguimiento al respecto. Pero no todo vale a la hora de utilizar de nuevas herramientas. Una escuela de secundaria en el norte de Suecia ha sido multada con 200.000 coronas suecas —unos 18.500 euros— por realizar una prueba piloto con cámaras con reconocimiento facial para monitorear a 22 alumnos de una clase del centro, según informa el Comité Europeo de Protección de Datos.
La prueba se realizó durante tres semanas en un centro de la localidad de Skellefteå. Pese a que los estudiantes habían dado su consentimiento, la Agencia de Protección de Datos (DPA) sueca ha concluido que este proyecto piloto viola varios artículos del reglamento europeo de protección de datos (RGPD). El organismo indica que el consentimiento no es una vía legal en este caso porque “hay un desequilibrio claro entre los dueños de los datos y quién controla esta información ahora” y porque los alumnos están en una situación de dependencia con respecto a la dirección del centro.
En Suecia, las autoridades públicas pueden recibir una multa máxima de 10 millones de coronas suecas —aproximadamente 1 millón de euros—. Esta es la primera multa en relación al RGPD emitida por la Agencia de Protección de Datos sueca, que sostiene que la escuela ha procesado datos biométricos sensibles de manera ilegal y no ha realizado una evaluación de impacto adecuada. El centro, según la DPA, debería haber consultado previamente con el organismo si podía llevar a cabo el proyecto.
El uso de reconocimiento facial ha levantado polémica en los últimos años entre organizaciones de defensas de los derechos. Hay lugares que ya han comenzado a legislar al respecto. San Francisco se convirtió en mayo en la primera ciudad en Estados Unidos en prohibir el uso de la tecnología de reconocimiento facial.
En Europa, el Reglamento General de Protección de Datos (RGPD) prevé una protección especial a los datos biométricos. Se prohíbe de forma general que se puedan tratar datos biométricos, aunque hay algunas excepciones en las que los sistemas de reconocimiento facial sí pueden ser utilizados. Por ejemplo, cuando lo usan cuerpos policiales en la persecución de delitos y terroristas a nivel internacional o cuando el afectado ha dado el consentimiento y el tratamiento persigue una finalidad lícita.
Otras escuelas
Suecia no es el único país en el que se ha utilizado esta tecnología en centros educativos. Mientras que algunos centros europeos se plantean su uso, varias escuelas de China también cuentan con sistemas de reconocimiento facial en sus puertas para controlar la asistencia de los alumnos. Y van mucho más allá. Utilizan uniformes inteligentes con el fin de combatir el absentismo escolar, según el diario oficial Global Times. La prenda permite a los profesores detectar la ubicación de los alumnos o activar una alarma cuando un estudiante se queda dormido en clase.
En Estados Unidos el distrito escolar de la ciudad de Lockport, en Nueva York, ha comenzado a implementar un sistema de reconocimiento facial, según The Guardian. En este caso, esta tecnología se utiliza para garantizar la seguridad en el centro. La probabilidad de morir a tiros en Estados Unidos es 24 veces mayor que en España y 100 veces mayor que en Japón.
Desde el inicio del siglo XXI se han perpetrado más de 200 tiroteos en institutos y colegios de primaria y secundaria de Estados Unidos a los que han estado expuestos algo más de 200.000 estudiantes, según información recabada por el diario The Washington Post y por este periódico. El último sistema mencionado está diseñado para detectar los rostros de personas expulsadas o suspendidas de las escuelas de Lockport, agresores sexuales u otras personas que puedan suponer una amenaza para el centro.
https://elpais.com/tecnologia/2019/08/30/actualidad/1567157371_609647.html
#privacidad #suecia #colegio #multa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
https://elpais.com/tecnologia/2019/08/30/actualidad/1567157371_609647.html
#privacidad #suecia #colegio #multa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
El País
La escuela que usa reconocimiento facial para controlar la asistencia
Multado con 18.500 euros un colegio sueco por utilizar tecnología facial, pese a contar con el consentimiento de los estudiantes
Phone numbers of 420 million Facebook users discovered on the net
Facebook had already admitted last year that the function to search for friends by telephone number was misused for data tapping. Now a database with entries for hundreds of millions of users has been discovered on the Internet.
Phone numbers of around 420 million Facebook users were openly accessible on the Internet. The database seems to have been compiled through the misuse of a function to search for friends by telephone number. Facebook declared on Wednesday that it was old data. They were probably collected before the online network last year switched off the possibility of finding acquaintances with the help of their telephone number. Facebook had no evidence that accounts had been hacked.
An IT security researcher discovered the file with the telephone numbers and the corresponding Facebook identification number and pointed this out to the technology blog "TechCrunch". It had been accessible unencrypted and had since been removed. It is unclear who created and uploaded the list for what purpose. Among the telephone numbers were 133 million Facebook users from the USA - as well as 13 million from Great Britain and more than 50 million from Vietnam. In some cases, it also contained information about users' names and sex.
Criminals could hijack profiles
The danger with such data is that online criminals could use it to reset account passwords and hijack profiles.
Facebook had already admitted in April 2018 that the search for phone numbers by friends was being misused to tap data and turned it off. Although the phone numbers were not openly visible, they could possibly be retrieved on a large scale via automated queries - so-called "scraping". This violated the Facebook rules, but was technically possible. Facebook is also struggling with the scraping of publicly accessible profile data on the Instagram photo platform.
https://techcrunch.com/2019/09/04/facebook-phone-numbers-exposed/
https://t3n.de/news/telefonnummern-420-millionen-netz-1194823/
#DeleteFacebook #dataleak #userdata #privacy #phonenumbers
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Facebook had already admitted last year that the function to search for friends by telephone number was misused for data tapping. Now a database with entries for hundreds of millions of users has been discovered on the Internet.
Phone numbers of around 420 million Facebook users were openly accessible on the Internet. The database seems to have been compiled through the misuse of a function to search for friends by telephone number. Facebook declared on Wednesday that it was old data. They were probably collected before the online network last year switched off the possibility of finding acquaintances with the help of their telephone number. Facebook had no evidence that accounts had been hacked.
An IT security researcher discovered the file with the telephone numbers and the corresponding Facebook identification number and pointed this out to the technology blog "TechCrunch". It had been accessible unencrypted and had since been removed. It is unclear who created and uploaded the list for what purpose. Among the telephone numbers were 133 million Facebook users from the USA - as well as 13 million from Great Britain and more than 50 million from Vietnam. In some cases, it also contained information about users' names and sex.
Criminals could hijack profiles
The danger with such data is that online criminals could use it to reset account passwords and hijack profiles.
Facebook had already admitted in April 2018 that the search for phone numbers by friends was being misused to tap data and turned it off. Although the phone numbers were not openly visible, they could possibly be retrieved on a large scale via automated queries - so-called "scraping". This violated the Facebook rules, but was technically possible. Facebook is also struggling with the scraping of publicly accessible profile data on the Instagram photo platform.
https://techcrunch.com/2019/09/04/facebook-phone-numbers-exposed/
https://t3n.de/news/telefonnummern-420-millionen-netz-1194823/
#DeleteFacebook #dataleak #userdata #privacy #phonenumbers
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
MetaX Worked With Hundreds of People to Visit Global Publishers’ Sites to Reverse Engineer Google’s Cookie_Push GDPR Workaround (aka ‘Push Pages’) & the OpenX Push Page Workaround
MetaX is proud to provide additional important context to the research released today from Brave and featured in the Financial Times, focusing on a GDPR workaround built by Google known as “cookie_push” (aka “Push Pages”). Our intention is not to single any one company out, but rather inform the community on these ongoing data issues.
The data released by Brave and reported in the Financial Times article showed that Google deployed a new data syncing architecture prior to GDPR – the details released by Brave include numerous written explanations of the process, and also a chart showing the cookie data flow that our team helped with. https://www.ft.com/content/e3e1697e-ce57-11e9-99a4-b5ded7a7fe3f
💡 How Google’s RTB and Push Pages allow hundreds of DSPs to tie their tracking profiles about people together (View the full chart)
https://brave.com/wp-content/uploads/sequence.pdf
https://metax.io/metax-report-google-workaround-openx-workaround/
#Google #Brave #DeleteGoogle #tracking #rtb #dsp #GDPR #advertisers #advertising #pdf #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
MetaX is proud to provide additional important context to the research released today from Brave and featured in the Financial Times, focusing on a GDPR workaround built by Google known as “cookie_push” (aka “Push Pages”). Our intention is not to single any one company out, but rather inform the community on these ongoing data issues.
The data released by Brave and reported in the Financial Times article showed that Google deployed a new data syncing architecture prior to GDPR – the details released by Brave include numerous written explanations of the process, and also a chart showing the cookie data flow that our team helped with. https://www.ft.com/content/e3e1697e-ce57-11e9-99a4-b5ded7a7fe3f
💡 How Google’s RTB and Push Pages allow hundreds of DSPs to tie their tracking profiles about people together (View the full chart)
https://brave.com/wp-content/uploads/sequence.pdf
https://metax.io/metax-report-google-workaround-openx-workaround/
#Google #Brave #DeleteGoogle #tracking #rtb #dsp #GDPR #advertisers #advertising #pdf #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
We filed a criminal complaint: Prosecutor launches investigation into FinFisher for illegal export of state spyware
The state spyware FinFisher is developed in Munich and sold all over the world. The company needs approval for exports, but the German government has never granted that. Together with other NGOs, we have filed a criminal complaint. Customs is investigating, the crime is punishable by prison sentence up to five years.
Bahrain, Egypt, Ethiopia: Dictatorships around the world rely on surveillance technology „made in Germany“. The state spyware FinFisher or FinSpy is developed in Munich and sold to police and secret services in dozens of countries, including the German Federal Police.
To export such malware, FinFisher needs a license in accord with German and European law. However, the German Government has never issued one. Export without a license is a criminal offense. Thus we have filed a criminal complaint against the responsible companies and their managing directors.
Together with the Society for Civil Rights, Reporters without Borders and the European Center for Constitutional and Human Rights, we wrote a 21-page criminal complaint and an eight-page technical appendix, which we submitted to the public prosecutor’s office in Munich on July 5. Now they are investigating.
Our accusations are being taken seriously: The case was escalated directly to the Federal Customs Criminal Investigation Office, which is responsible for violations of the Foreign Trade and Payments Act.
From Munich via Turkey to prison?
Our principle case is Turkey. After the 2016 coup d’état attempt, the Turkish government arrested more than 77,000 people, including 34 journalists. A broad coalition of civil resistance organized against this repression, including the 2017 March for Justice.
During that time, a website „Walk for justice“ appeared, which offered an Android app to help organize the protest movement. This website was advertised on social media. But the app, which is still available today, is a camouflaged state spyware. After installation, it takes complete control of the device, monitors communication and extracts data.
In a detailed technical analysis and a technical appendix we prove that this Turkish state spyware is the German product FinFisher/FinSpy. We then analyze the company structure of FinFisher and suspicious individuals.
We are certain: FinFisher is developed in Munich and FinFisher was sold to Turkey without permission. That is a crime, punishable by a prison sentence up to five years. We hope that the authorities investigate extensively and confirm our accusations.
Until then, German authorities should stop using tools for dictators themselves and stop subsidizing such companies with taxpayers‘ money.
The legal documents are available in English as PDF and in German as HTML.
👉🏼 PDF:
https://cdn.netzpolitik.org/wp-upload/2019/09/2019-07-05_FinFisher_Criminal-Complaint_ENG.pdf
https://netzpolitik.org/2019/we-filed-a-criminal-complaint-prosecutor-launches-investigation-into-finfisher-for-illegal-export-of-state-spyware/
#FinFisher #FinSpy #spyware #CriminalComplaint #investigation #crime #StateTrojan #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
The state spyware FinFisher is developed in Munich and sold all over the world. The company needs approval for exports, but the German government has never granted that. Together with other NGOs, we have filed a criminal complaint. Customs is investigating, the crime is punishable by prison sentence up to five years.
Bahrain, Egypt, Ethiopia: Dictatorships around the world rely on surveillance technology „made in Germany“. The state spyware FinFisher or FinSpy is developed in Munich and sold to police and secret services in dozens of countries, including the German Federal Police.
To export such malware, FinFisher needs a license in accord with German and European law. However, the German Government has never issued one. Export without a license is a criminal offense. Thus we have filed a criminal complaint against the responsible companies and their managing directors.
Together with the Society for Civil Rights, Reporters without Borders and the European Center for Constitutional and Human Rights, we wrote a 21-page criminal complaint and an eight-page technical appendix, which we submitted to the public prosecutor’s office in Munich on July 5. Now they are investigating.
Our accusations are being taken seriously: The case was escalated directly to the Federal Customs Criminal Investigation Office, which is responsible for violations of the Foreign Trade and Payments Act.
From Munich via Turkey to prison?
Our principle case is Turkey. After the 2016 coup d’état attempt, the Turkish government arrested more than 77,000 people, including 34 journalists. A broad coalition of civil resistance organized against this repression, including the 2017 March for Justice.
During that time, a website „Walk for justice“ appeared, which offered an Android app to help organize the protest movement. This website was advertised on social media. But the app, which is still available today, is a camouflaged state spyware. After installation, it takes complete control of the device, monitors communication and extracts data.
In a detailed technical analysis and a technical appendix we prove that this Turkish state spyware is the German product FinFisher/FinSpy. We then analyze the company structure of FinFisher and suspicious individuals.
We are certain: FinFisher is developed in Munich and FinFisher was sold to Turkey without permission. That is a crime, punishable by a prison sentence up to five years. We hope that the authorities investigate extensively and confirm our accusations.
Until then, German authorities should stop using tools for dictators themselves and stop subsidizing such companies with taxpayers‘ money.
The legal documents are available in English as PDF and in German as HTML.
👉🏼 PDF:
https://cdn.netzpolitik.org/wp-upload/2019/09/2019-07-05_FinFisher_Criminal-Complaint_ENG.pdf
https://netzpolitik.org/2019/we-filed-a-criminal-complaint-prosecutor-launches-investigation-into-finfisher-for-illegal-export-of-state-spyware/
#FinFisher #FinSpy #spyware #CriminalComplaint #investigation #crime #StateTrojan #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
🇪🇸 Los números de teléfono de 420 millones de usuarios de Facebook, a la vista de cualquiera.
Cientos de millones de usuarios se han visto afectados por el último gran fallo de privacidad de Facebook, que ha permitido que una base de datos con números de teléfono se mantenga en un servidor externo.
La existencia de la base de datos ha sido revelada por Techcrunch, que pudo entrar en el servidor sin problemas porque no tenía ningún tipo de protección, ni siquiera por una contraseña; eso significa que cualquiera podría haber encontrado esta base de datos y acceder a su información sin ningún límite.
Cada registro de la base de datos estaba compuesto por el Facebook ID y el número de teléfono del usuario. El Facebook ID es un identificador compuesto de una larga ristra de números, que identifican a cada usuario de la red social. La base de datos tenía más de 419 millones de entradas.
✳️ Cientos de millones de teléfonos, al aire libre.
Con este número es fácil obtener datos como el nombre de usuario de la cuenta. Por lo tanto, alguien con acceso a esta base de datos podría asociar números de teléfono con personas concretas. Techcrunch pudo comprobar la veracidad de estos datos. Además, algunos de estos registros también tienen otra información personal, como el nombre, el género y el país.
Este es uno de los casos más graves protagonizados por Facebook que se recuerdan, y eso es decir mucho. Después de un 2018 protagonizado por el escándalo de Cambridge Analytica, el 2019 no ha sido mucho mejor.
Apenas hace unos meses que se reveló que empleados de Facebook guardaban las contraseñas de los usuarios sin cifrar; y hablando de números de teléfono, se descubrió que no los usaba sólo por seguridad, como afirmaba en un principio.
La gran diferencia del caso de hoy es que, en esta ocasión, esta base de datos no parece formar parte de los planes de Facebook. Todo indica a que alguien se ha dedicado a recopilar esta información de los perfiles; es un proceso llamado "web scraping", por el cual se usan algoritmos para almacenar el contenido de una página de manera automática.
✳️ El problema del scraping de Facebook.
La propia Facebook ha admitido que el scraping es un problema; por ejemplo, cuando una startup consiguió rastrear a usuarios de Instagram usando este método. Todo indica que esta nueva base de datos ha sido creada de esta manera.
Antes, los números de teléfono eran más fácilmente accesibles en Facebook; en abril de 2018, y en respuesta a las informaciones relacionadas con Cambridge Analytica, la compañía decidió limitar el acceso a esa información.
Por lo tanto, es muy probable que estos datos se hayan obtenido antes de esa fecha. Representantes de Facebook han confirmado esto.
El scraping es como el fantasma de las navidades pasadas para Facebook. Es el resultado de las laxas políticas de privacidad que la compañía tenía hasta no hace mucho. Ahora que se desvelan casos como este, representantes de Facebook son rápidos en aclarar que las políticas han cambiado y que ya no sería posible hacer algo como eso. Pero es poco consuelo para quien puede estar recibiendo spam o acoso por teléfono por culpa de esta filtración.
La base de datos ya no está accesible, después de que la empresa de hosting propietaria del servidor haya decidido cerrarlo. Por lo tanto, queda la gran duda de quién consiguió esos datos, cuándo creó esta base de datos y cuál era su objetivo, algo que por ahora, es un misterio.
Lo que si sabemos es que es muy probable que exista una copia, probablemente más, de esta base de datos.
https://www.elespanol.com/omicrono/20190905/numeros-telefono-millones-usuarios-facebook-vista/426957547_0.html
#facebook #privacidad #filtracion #datos
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Cientos de millones de usuarios se han visto afectados por el último gran fallo de privacidad de Facebook, que ha permitido que una base de datos con números de teléfono se mantenga en un servidor externo.
La existencia de la base de datos ha sido revelada por Techcrunch, que pudo entrar en el servidor sin problemas porque no tenía ningún tipo de protección, ni siquiera por una contraseña; eso significa que cualquiera podría haber encontrado esta base de datos y acceder a su información sin ningún límite.
Cada registro de la base de datos estaba compuesto por el Facebook ID y el número de teléfono del usuario. El Facebook ID es un identificador compuesto de una larga ristra de números, que identifican a cada usuario de la red social. La base de datos tenía más de 419 millones de entradas.
✳️ Cientos de millones de teléfonos, al aire libre.
Con este número es fácil obtener datos como el nombre de usuario de la cuenta. Por lo tanto, alguien con acceso a esta base de datos podría asociar números de teléfono con personas concretas. Techcrunch pudo comprobar la veracidad de estos datos. Además, algunos de estos registros también tienen otra información personal, como el nombre, el género y el país.
Este es uno de los casos más graves protagonizados por Facebook que se recuerdan, y eso es decir mucho. Después de un 2018 protagonizado por el escándalo de Cambridge Analytica, el 2019 no ha sido mucho mejor.
Apenas hace unos meses que se reveló que empleados de Facebook guardaban las contraseñas de los usuarios sin cifrar; y hablando de números de teléfono, se descubrió que no los usaba sólo por seguridad, como afirmaba en un principio.
La gran diferencia del caso de hoy es que, en esta ocasión, esta base de datos no parece formar parte de los planes de Facebook. Todo indica a que alguien se ha dedicado a recopilar esta información de los perfiles; es un proceso llamado "web scraping", por el cual se usan algoritmos para almacenar el contenido de una página de manera automática.
✳️ El problema del scraping de Facebook.
La propia Facebook ha admitido que el scraping es un problema; por ejemplo, cuando una startup consiguió rastrear a usuarios de Instagram usando este método. Todo indica que esta nueva base de datos ha sido creada de esta manera.
Antes, los números de teléfono eran más fácilmente accesibles en Facebook; en abril de 2018, y en respuesta a las informaciones relacionadas con Cambridge Analytica, la compañía decidió limitar el acceso a esa información.
Por lo tanto, es muy probable que estos datos se hayan obtenido antes de esa fecha. Representantes de Facebook han confirmado esto.
El scraping es como el fantasma de las navidades pasadas para Facebook. Es el resultado de las laxas políticas de privacidad que la compañía tenía hasta no hace mucho. Ahora que se desvelan casos como este, representantes de Facebook son rápidos en aclarar que las políticas han cambiado y que ya no sería posible hacer algo como eso. Pero es poco consuelo para quien puede estar recibiendo spam o acoso por teléfono por culpa de esta filtración.
La base de datos ya no está accesible, después de que la empresa de hosting propietaria del servidor haya decidido cerrarlo. Por lo tanto, queda la gran duda de quién consiguió esos datos, cuándo creó esta base de datos y cuál era su objetivo, algo que por ahora, es un misterio.
Lo que si sabemos es que es muy probable que exista una copia, probablemente más, de esta base de datos.
https://www.elespanol.com/omicrono/20190905/numeros-telefono-millones-usuarios-facebook-vista/426957547_0.html
#facebook #privacidad #filtracion #datos
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
El Español
Los números de teléfono de 420 millones de usuarios de Facebook, a la vista de cualquiera - EL ESPAÑOL
La base de datos estaba en un servidor sin protección.
Incluía información que asociaba los números con cada usuario.
Facebook también guardó contraseñas sin protección.
Incluía información que asociaba los números con cada usuario.
Facebook también guardó contraseñas sin protección.
Media is too big
VIEW IN TELEGRAM
When is the News Not the News?
So when is the news not the news? When it’s simply ignored by the mockingbird media, of course. Join James for today’s exploration of yet another tool in the propagandists’ toolbox in this week’s edition of #PropagandaWatch.
📺 https://www.corbettreport.com/when-is-the-news-not-the-news-propagandawatch/
#PropagandaWatch #Corbettreport #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
So when is the news not the news? When it’s simply ignored by the mockingbird media, of course. Join James for today’s exploration of yet another tool in the propagandists’ toolbox in this week’s edition of #PropagandaWatch.
📺 https://www.corbettreport.com/when-is-the-news-not-the-news-propagandawatch/
#PropagandaWatch #Corbettreport #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Facebook Is Giving Advertisers Access to Your Shadow Contact Information
Last week, I ran an ad on Facebook that was targeted at a computer science professor named Alan Mislove. Mislove studies how privacy works on social networks and had a theory that Facebook is letting advertisers reach users with contact information collected in surprising ways. I was helping him test the theory by targeting him in a way Facebook had previously told me wouldn’t work. I directed the ad to display to a Facebook account connected to the landline number for Alan Mislove’s office, a number Mislove has never provided to Facebook. He saw the ad within hours.
One of the many ways that ads get in front of your eyeballs on Facebook and Instagram is that the social networking giant lets an advertiser upload a list of phone numbers or email addresses it has on file; it will then put an ad in front of accounts associated with that contact information. A clothing retailer can put an ad for a dress in the Instagram feeds of women who have purchased from them before, a politician can place Facebook ads in front of anyone on his mailing list, or a casino can offer deals to the email addresses of people suspected of having a gambling addiction. Facebook calls this a “custom audience.”
You might assume that you could go to your Facebook profile and look at your “contact and basic info” page to see what email addresses and phone numbers are associated with your account, and thus what advertisers can use to target you. But as is so often the case with this highly efficient data-miner posing as a way to keep in contact with your friends, it’s going about it in a less transparent and more invasive way.
Facebook is not content to use the contact information you willingly put into your Facebook profile for advertising. It is also using contact information you handed over for security purposes and contact information you didn’t hand over at all, but that was collected from other people’s contact books, a hidden layer of details Facebook has about you that I’ve come to call “shadow contact information.” I managed to place an ad in front of Alan Mislove by targeting his shadow profile. This means that the junk email address that you hand over for discounts or for shady online shopping is likely associated with your account and being used to target you with ads.
Facebook is not upfront about this practice. In fact, when I asked its PR team last year whether it was using shadow contact information for ads, they denied it. Luckily for those of us obsessed with the uncannily accurate nature of ads on Facebook platforms, a group of academic researchers decided to do a deep dive into how Facebook custom audiences work to find out how users’ phone numbers and email addresses get sucked into the advertising ecosystem.
Giridhari Venkatadri, Piotr Sapiezynski, and Alan Mislove of Northeastern University, along with Elena Lucherini of Princeton University, did a series of tests that involved handing contact information over to Facebook for a group of test accounts in different ways and then seeing whether that information could be used by an advertiser. They came up with a novel way to detect whether that information became available to advertisers by looking at the stats provided by Facebook about the size of an audience after contact information is uploaded. They go into this in greater length and technical detail in their paper.
👉🏼 PDF:
https://mislove.org/publications/PII-PETS.pdf
Read more:
https://gizmodo.com/facebook-is-giving-advertisers-access-to-your-shadow-co-1828476051
#DeleteFacebook #Facebook #targeting #advertising #datamining #pdf #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Last week, I ran an ad on Facebook that was targeted at a computer science professor named Alan Mislove. Mislove studies how privacy works on social networks and had a theory that Facebook is letting advertisers reach users with contact information collected in surprising ways. I was helping him test the theory by targeting him in a way Facebook had previously told me wouldn’t work. I directed the ad to display to a Facebook account connected to the landline number for Alan Mislove’s office, a number Mislove has never provided to Facebook. He saw the ad within hours.
One of the many ways that ads get in front of your eyeballs on Facebook and Instagram is that the social networking giant lets an advertiser upload a list of phone numbers or email addresses it has on file; it will then put an ad in front of accounts associated with that contact information. A clothing retailer can put an ad for a dress in the Instagram feeds of women who have purchased from them before, a politician can place Facebook ads in front of anyone on his mailing list, or a casino can offer deals to the email addresses of people suspected of having a gambling addiction. Facebook calls this a “custom audience.”
You might assume that you could go to your Facebook profile and look at your “contact and basic info” page to see what email addresses and phone numbers are associated with your account, and thus what advertisers can use to target you. But as is so often the case with this highly efficient data-miner posing as a way to keep in contact with your friends, it’s going about it in a less transparent and more invasive way.
Facebook is not content to use the contact information you willingly put into your Facebook profile for advertising. It is also using contact information you handed over for security purposes and contact information you didn’t hand over at all, but that was collected from other people’s contact books, a hidden layer of details Facebook has about you that I’ve come to call “shadow contact information.” I managed to place an ad in front of Alan Mislove by targeting his shadow profile. This means that the junk email address that you hand over for discounts or for shady online shopping is likely associated with your account and being used to target you with ads.
Facebook is not upfront about this practice. In fact, when I asked its PR team last year whether it was using shadow contact information for ads, they denied it. Luckily for those of us obsessed with the uncannily accurate nature of ads on Facebook platforms, a group of academic researchers decided to do a deep dive into how Facebook custom audiences work to find out how users’ phone numbers and email addresses get sucked into the advertising ecosystem.
Giridhari Venkatadri, Piotr Sapiezynski, and Alan Mislove of Northeastern University, along with Elena Lucherini of Princeton University, did a series of tests that involved handing contact information over to Facebook for a group of test accounts in different ways and then seeing whether that information could be used by an advertiser. They came up with a novel way to detect whether that information became available to advertisers by looking at the stats provided by Facebook about the size of an audience after contact information is uploaded. They go into this in greater length and technical detail in their paper.
👉🏼 PDF:
https://mislove.org/publications/PII-PETS.pdf
Read more:
https://gizmodo.com/facebook-is-giving-advertisers-access-to-your-shadow-co-1828476051
#DeleteFacebook #Facebook #targeting #advertising #datamining #pdf #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Introduction to (home) network security.
A beginner-friendly guide to network segmentation for privacy and security in the age of the Internet of Insecure Things.
Typical home networks use a closed-source Internet Service Provider supplied router/firewall and contain no restrictions on communications between clients within the network. The widespread deployment of network-connected appliances, control systems, lighting, etc, means that this design is insecure. This talk will cover the basics of networking, including why and how segregation of different types of network clients and traffic can be achieved to increase privacy and security.
📺 https://media.ccc.de/v/Camp2019-10225-introduction_to_home_network_security
#ChaosCommunicationCamp #CCCamp19 #CCC #network #security #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
A beginner-friendly guide to network segmentation for privacy and security in the age of the Internet of Insecure Things.
Typical home networks use a closed-source Internet Service Provider supplied router/firewall and contain no restrictions on communications between clients within the network. The widespread deployment of network-connected appliances, control systems, lighting, etc, means that this design is insecure. This talk will cover the basics of networking, including why and how segregation of different types of network clients and traffic can be achieved to increase privacy and security.
📺 https://media.ccc.de/v/Camp2019-10225-introduction_to_home_network_security
#ChaosCommunicationCamp #CCCamp19 #CCC #network #security #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Audio
Privacy or Profit - Why Not Both?
Every day, #OurData hits the market when we sign #online. It’s for sale, and we’re left to wonder if tech companies will ever choose to protect our privacy rather than reap large profits with our information. But, is the choice — profit or privacy — a false dilemma? Meet the people who have built profitable tech businesses while also respecting your #privacy. Fact check if #Facebook and #Google have really found religion in privacy. And, imagine a world where you could actually get paid to share your data.
📻 https://irlpodcast.org/
#IRL #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Every day, #OurData hits the market when we sign #online. It’s for sale, and we’re left to wonder if tech companies will ever choose to protect our privacy rather than reap large profits with our information. But, is the choice — profit or privacy — a false dilemma? Meet the people who have built profitable tech businesses while also respecting your #privacy. Fact check if #Facebook and #Google have really found religion in privacy. And, imagine a world where you could actually get paid to share your data.
📻 https://irlpodcast.org/
#IRL #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Spyware company leaves private customer data on the internet
A manufacturer of consumer spyware marketed to parents and partners has published incredibly intimate user data on a server freely accessible over the Internet. Freely available for all to see and hear: photos of children, school report cards, call recordings. The companies responsible for the stalkerware are largely indifferent to what happens with the data.
A child, maybe six or seven, picks his nose with both fingers and makes silly faces for the camera. In the next picture he is eating a banana. Then we see a photo of a school report card, picture taken from a computer screen. It shows the child’s full name and the current grades in English and biology.
What looks like the digital photo album of a normal family has been freely available on the internet for more than a year – without the knowledge of the people concerned. A company that sells stalkerware – software for the secret surveillance of children and partners – has published these pictures and hundreds of intimate call recordings on the internet.
The photos not only show the child and his parents, their apartment, their bedroom, but also connect these to personal data such as names, e-mail addresses or medication prescriptions. The data has been on a server since April 2018 – without a password or other protection, freely available ot anyone with an internet connection.
For people „who are tired of being lied to“
Responsible for this privacy disaster is a company called Spyapp247. It sells an app that allows you to spy on what another person is doing on their phone. The Android app records phone calls, chat messages, browser history, photos, allows access to the address book and tracks location data – without the affected person noticing. According to the manufacturer, even the microphone can be switched on remotely: The telephone becomes a bug.
Spyapp247 markets the app on its website to people „who are tired of being lied to and cheated on,“ meaning: who want to spy on a partner. Civil rights organizations therefore call such apps stalkerware. But the company also advertises its apps as a tool for cautious parents to recognize „dangers to your children before they ever happen.“
Spyware manufacturer not reacting
It is hard to tell who installed the app in this case, and for what purpose, but it is likely that the data was obtained without the consent of the person targeted. In order to install the app, a person must have physical access to the device for at least a few minutes. Once the app is on the phone, it can collect all kinds of information in the background. The data is uploaded to a server and presented to the operator in a browser window.
👉🏼 Read more:
https://netzpolitik.org/2019/spyware-company-leaves-private-customer-data-on-the-internet/
#spyware #Spyapp247 #stalkerware #dataprotection #dataleak #userdata #surveillance #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
A manufacturer of consumer spyware marketed to parents and partners has published incredibly intimate user data on a server freely accessible over the Internet. Freely available for all to see and hear: photos of children, school report cards, call recordings. The companies responsible for the stalkerware are largely indifferent to what happens with the data.
A child, maybe six or seven, picks his nose with both fingers and makes silly faces for the camera. In the next picture he is eating a banana. Then we see a photo of a school report card, picture taken from a computer screen. It shows the child’s full name and the current grades in English and biology.
What looks like the digital photo album of a normal family has been freely available on the internet for more than a year – without the knowledge of the people concerned. A company that sells stalkerware – software for the secret surveillance of children and partners – has published these pictures and hundreds of intimate call recordings on the internet.
The photos not only show the child and his parents, their apartment, their bedroom, but also connect these to personal data such as names, e-mail addresses or medication prescriptions. The data has been on a server since April 2018 – without a password or other protection, freely available ot anyone with an internet connection.
For people „who are tired of being lied to“
Responsible for this privacy disaster is a company called Spyapp247. It sells an app that allows you to spy on what another person is doing on their phone. The Android app records phone calls, chat messages, browser history, photos, allows access to the address book and tracks location data – without the affected person noticing. According to the manufacturer, even the microphone can be switched on remotely: The telephone becomes a bug.
Spyapp247 markets the app on its website to people „who are tired of being lied to and cheated on,“ meaning: who want to spy on a partner. Civil rights organizations therefore call such apps stalkerware. But the company also advertises its apps as a tool for cautious parents to recognize „dangers to your children before they ever happen.“
Spyware manufacturer not reacting
It is hard to tell who installed the app in this case, and for what purpose, but it is likely that the data was obtained without the consent of the person targeted. In order to install the app, a person must have physical access to the device for at least a few minutes. Once the app is on the phone, it can collect all kinds of information in the background. The data is uploaded to a server and presented to the operator in a browser window.
👉🏼 Read more:
https://netzpolitik.org/2019/spyware-company-leaves-private-customer-data-on-the-internet/
#spyware #Spyapp247 #stalkerware #dataprotection #dataleak #userdata #surveillance #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
uninformed-consent_Yl7FPEh.pdf
845.7 KB
Data protectors consider most cookie banners illegal
Only very few cookie banners comply with the provisions of the DSGVO, as a study has shown. However, the data protection authorities are still reluctant to impose sanctions.
Studying GDPR Consent Notices in theField
👉🏼 🇬🇧 PDF:
https://www.syssec.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2019/09/05/uninformed-consent_Yl7FPEh.pdf
https://www.golem.de/news/manipulierte-zustimmung-die-meisten-cookie-banner-sind-illegal-1909-143773.html
#gdpr #study #cookie #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Only very few cookie banners comply with the provisions of the DSGVO, as a study has shown. However, the data protection authorities are still reluctant to impose sanctions.
Studying GDPR Consent Notices in theField
👉🏼 🇬🇧 PDF:
https://www.syssec.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2019/09/05/uninformed-consent_Yl7FPEh.pdf
https://www.golem.de/news/manipulierte-zustimmung-die-meisten-cookie-banner-sind-illegal-1909-143773.html
#gdpr #study #cookie #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
This media is not supported in your browser
VIEW IN TELEGRAM
The remix story behind Hong Kong's new protest anthem
Hong Kong’s protestors want greater autonomy from mainland China, a grievance they’re expressing through a song some are calling their new “national anthem.”
👉🏼 Read more:
https://time.com/5672018/glory-to-hong-kong-protests-national-anthem/
📺 With english subs:
https://www.youtube.com/watch?v=y7yRDOLCy4Y
📺 Orchestral version:
https://www.youtube.com/watch?v=oUIDL4SB60g
#FreeHongKong #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Hong Kong’s protestors want greater autonomy from mainland China, a grievance they’re expressing through a song some are calling their new “national anthem.”
👉🏼 Read more:
https://time.com/5672018/glory-to-hong-kong-protests-national-anthem/
📺 With english subs:
https://www.youtube.com/watch?v=y7yRDOLCy4Y
📺 Orchestral version:
https://www.youtube.com/watch?v=oUIDL4SB60g
#FreeHongKong #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
The creep in your pocket
Mobile spyware/stalkerware services offer common users to spy on mobile devices of people close to them, such as their children or spouses. This talk presents different types of these services and touches their social impact.
The talk focuses on #android and #iOS #spyware that do not require rooting or jailbreaking the victim's device. During the talk I will also show how Android spyware #apps misuse Android OS features to spy on
victims and hide themselves on their devices. Additionally, I will discuss the legal side of these services, as well as their social impact, such as domestic violence.
📺 https://media.ccc.de/v/2019-214-the-creep-in-your-pocket
#video #mrmcd19 #CCC
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Mobile spyware/stalkerware services offer common users to spy on mobile devices of people close to them, such as their children or spouses. This talk presents different types of these services and touches their social impact.
The talk focuses on #android and #iOS #spyware that do not require rooting or jailbreaking the victim's device. During the talk I will also show how Android spyware #apps misuse Android OS features to spy on
victims and hide themselves on their devices. Additionally, I will discuss the legal side of these services, as well as their social impact, such as domestic violence.
📺 https://media.ccc.de/v/2019-214-the-creep-in-your-pocket
#video #mrmcd19 #CCC
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Hæçk français - œuvres choisies de la Grande Nation - Let's dig in the archives of the French "datenschleuder" !
Once upon a time, back then in 1993 the #ChaosComputerClub France started their own "Datenschleuder" : the "Chaos Digest".
But here's the twist : the #CCCF was piloted by the #french #secretservice to protect the interests of big companies and of the #government.
So what was going on in the six months of existence of this online service ? Let's find out, and as we will see, even more than 25 years later, some things never change…
📺 https://media.ccc.de/v/2019-212-hk-franais-uvres-choisies-de-la-grande-nation
#video #mrmcd19 #CCC
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Once upon a time, back then in 1993 the #ChaosComputerClub France started their own "Datenschleuder" : the "Chaos Digest".
But here's the twist : the #CCCF was piloted by the #french #secretservice to protect the interests of big companies and of the #government.
So what was going on in the six months of existence of this online service ? Let's find out, and as we will see, even more than 25 years later, some things never change…
📺 https://media.ccc.de/v/2019-212-hk-franais-uvres-choisies-de-la-grande-nation
#video #mrmcd19 #CCC
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Julian Assange to stay in prison over absconding fears
Wikileaks co-founder Julian Assange is to remain in prison when his jail term ends because of his "history of absconding", a judge has ruled.
He was due to be released on 22 September after serving his sentence for breaching bail conditions.
But Westminster Magistrates' Court heard there were "substantial grounds" for believing he would abscond again.
The Australian, 48, is fighting extradition to the US over allegations of leaking government secrets.
He will face a full extradition hearing next year, starting on 25 February, after an extradition request was signed by the then home secretary Sajid Javid in June.
Assange received a 50-week sentence in Belmarsh Prison, south-east London, after being found guilty of breaching the Bail Act in April.
He was arrested at the Ecuadorian Embassy, where he took refuge in 2012 to avoid extradition to Sweden over sexual assault allegations - which he has denied.
District judge Vanessa Baraitser on Friday told Assange, who appeared by video-link: "You have been produced today because your sentence of imprisonment is about to come to an end.
"When that happens your remand status changes from a serving prisoner to a person facing extradition."
She said that his lawyer had declined to make an application for bail on his behalf, adding "perhaps not surprisingly in light of your history of absconding in these proceedings".
"In my view I have substantial ground for believing if I release you, you will abscond again."
He faces 18 charges in the US, including computer misuse and the unauthorised disclosure of national defence information.
He is accused of working with former US army intelligence analyst Chelsea Manning in "unlawfully obtaining and disclosing classified documents related to the national defence", according to the US Justice Department.
He spent seven years inside the Ecuadorian embassy in London before being handed over to British authorities by Ecuador in April.
In May, Swedish prosecutors reopened their investigation into an allegation of rape against Assange.
https://www.bbc.com/news/uk-49689167
#FreeAssange
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Wikileaks co-founder Julian Assange is to remain in prison when his jail term ends because of his "history of absconding", a judge has ruled.
He was due to be released on 22 September after serving his sentence for breaching bail conditions.
But Westminster Magistrates' Court heard there were "substantial grounds" for believing he would abscond again.
The Australian, 48, is fighting extradition to the US over allegations of leaking government secrets.
He will face a full extradition hearing next year, starting on 25 February, after an extradition request was signed by the then home secretary Sajid Javid in June.
Assange received a 50-week sentence in Belmarsh Prison, south-east London, after being found guilty of breaching the Bail Act in April.
He was arrested at the Ecuadorian Embassy, where he took refuge in 2012 to avoid extradition to Sweden over sexual assault allegations - which he has denied.
District judge Vanessa Baraitser on Friday told Assange, who appeared by video-link: "You have been produced today because your sentence of imprisonment is about to come to an end.
"When that happens your remand status changes from a serving prisoner to a person facing extradition."
She said that his lawyer had declined to make an application for bail on his behalf, adding "perhaps not surprisingly in light of your history of absconding in these proceedings".
"In my view I have substantial ground for believing if I release you, you will abscond again."
He faces 18 charges in the US, including computer misuse and the unauthorised disclosure of national defence information.
He is accused of working with former US army intelligence analyst Chelsea Manning in "unlawfully obtaining and disclosing classified documents related to the national defence", according to the US Justice Department.
He spent seven years inside the Ecuadorian embassy in London before being handed over to British authorities by Ecuador in April.
In May, Swedish prosecutors reopened their investigation into an allegation of rape against Assange.
https://www.bbc.com/news/uk-49689167
#FreeAssange
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Anti-Abuse Working Group Minutes RIPE 77
👉🏼 PDF:
Criminal Abuse in RIPE IP Space
https://ripe77.ripe.net/presentations/134-RIPE77_Anti_Abuse_WG.pdf
📺 https://ripe77.ripe.net/archives/video/2286/
#CriminalAbuse #RIPE77 #WorkingGroup #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
👉🏼 PDF:
Criminal Abuse in RIPE IP Space
https://ripe77.ripe.net/presentations/134-RIPE77_Anti_Abuse_WG.pdf
📺 https://ripe77.ripe.net/archives/video/2286/
#CriminalAbuse #RIPE77 #WorkingGroup #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Privacy leaks in smart devices: Extracting data from used smart home devices
Remember the good old fun sport, where people bought random hard drives from ebay and did forensics on them?
Did you know you can do the same thing with used #IoT #devices too? Most end-users have no idea what kind of #information their devices are storing and how to securely clean their devices (if that even is possible). Lets explore together what the risks are and how we can extract that data.
📺 https://media.ccc.de/v/Camp2019-10355-privacy_leaks_in_smart_devices_extracting_data_from_used_smart_home_devices
#ChaosCommunicationCamp #CCCamp19 #CCC #network #security #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Remember the good old fun sport, where people bought random hard drives from ebay and did forensics on them?
Did you know you can do the same thing with used #IoT #devices too? Most end-users have no idea what kind of #information their devices are storing and how to securely clean their devices (if that even is possible). Lets explore together what the risks are and how we can extract that data.
📺 https://media.ccc.de/v/Camp2019-10355-privacy_leaks_in_smart_devices_extracting_data_from_used_smart_home_devices
#ChaosCommunicationCamp #CCCamp19 #CCC #network #security #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
NPP 184 with Lawrence Lessig: on Joi Ito, the MIT Media Lab and…
Lawrence Lessig, Chris Köver, Alexander Fanta
NPP 184 with Lawrence Lessig: on Joi Ito, the MIT Media Lab and reputation laundering
The #MIT Media Lab took millions in donations from Jeffrey #Epstein and director Joi #Ito was trying to hide it. Was Ito doing the right thing? A conversation with Lawrence #Lessig on Epstein, Ito, MIT and the damage done by taking money from a donor who has caused such significant pain to so many.
📻 https://netzpolitik.org/2019/npp-184-with-lawrence-lessig-on-joi-ito-the-mit-media-lab-and-reputation-laundering/
#NPP #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
The #MIT Media Lab took millions in donations from Jeffrey #Epstein and director Joi #Ito was trying to hide it. Was Ito doing the right thing? A conversation with Lawrence #Lessig on Epstein, Ito, MIT and the damage done by taking money from a donor who has caused such significant pain to so many.
📻 https://netzpolitik.org/2019/npp-184-with-lawrence-lessig-on-joi-ito-the-mit-media-lab-and-reputation-laundering/
#NPP #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Database leaks data on most of Ecuador's citizens, including 6.7 million children
Elasticsearch server leaks personal data on Ecuador's citizens, their family trees, and children, but also some users' financial records and car registration information.
The personal records of most of Ecuador's population, including children, has been left exposed online due to a misconfigured database, ZDNet has learned.
The database, an Elasticsearch searver, was discovered two weeks ago by vpnMentor security researchers Noam Rotem and Ran Locar, who shared their findings exclusively with ZDNet. Together, we worked to analyze the leaking data, verify its authenticity, and contact the server owner.
The leaky server is one of the, if not the biggest, data breaches in Ecuador's history, a small South American country with a population of 16.6 million citizens.
20.8 million user records
The Elasticsearch server contained a total of approximately 20.8 million user records, a number larger than the country's total population count. The bigger number comes from duplicate records or older entries, containing the data of deceased persons.
The data was spread across different Elasticsearch indexes. These indexes contained different information, supposedly obtained from different sources. They stored details such as names, information on family members/trees, civil registration data, financial and work information, but also data on car ownership.
Based on the names of these indexes, the entire database could be split in two main categories, based on the data's supposed origin. There's data that appears to have been gathered from a government sources, and data that appears to have been gathered from private databases.
The data from government sources
The most extensive data was the one that appears to have been gathered from the Ecuadorian government's civil registry.
This data contained entries holding citizens' full names, dates of birth, places of birth, home addresses, marital status, cedulas (national ID numbers), work/job information, phone numbers, and education levels.
ZDNet verified the authenticity of this data by contacting some users listed in the database. The database was up to date, containing information as recent as 2019.
We were able to find records for the country's president, and even Julian Assange, who once received political asylum from the small South Americam country, and was issued a natioanl ID number (cedula).
👉🏼 Read more:
https://www.zdnet.com/article/database-leaks-data-on-most-of-ecuadors-citizens-including-6-7-million-children/
👉🏼 Read on TG:
https://t.iss.one/BlackBox_EN/3100
#database #leak #ecuador
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Elasticsearch server leaks personal data on Ecuador's citizens, their family trees, and children, but also some users' financial records and car registration information.
The personal records of most of Ecuador's population, including children, has been left exposed online due to a misconfigured database, ZDNet has learned.
The database, an Elasticsearch searver, was discovered two weeks ago by vpnMentor security researchers Noam Rotem and Ran Locar, who shared their findings exclusively with ZDNet. Together, we worked to analyze the leaking data, verify its authenticity, and contact the server owner.
The leaky server is one of the, if not the biggest, data breaches in Ecuador's history, a small South American country with a population of 16.6 million citizens.
20.8 million user records
The Elasticsearch server contained a total of approximately 20.8 million user records, a number larger than the country's total population count. The bigger number comes from duplicate records or older entries, containing the data of deceased persons.
The data was spread across different Elasticsearch indexes. These indexes contained different information, supposedly obtained from different sources. They stored details such as names, information on family members/trees, civil registration data, financial and work information, but also data on car ownership.
Based on the names of these indexes, the entire database could be split in two main categories, based on the data's supposed origin. There's data that appears to have been gathered from a government sources, and data that appears to have been gathered from private databases.
The data from government sources
The most extensive data was the one that appears to have been gathered from the Ecuadorian government's civil registry.
This data contained entries holding citizens' full names, dates of birth, places of birth, home addresses, marital status, cedulas (national ID numbers), work/job information, phone numbers, and education levels.
ZDNet verified the authenticity of this data by contacting some users listed in the database. The database was up to date, containing information as recent as 2019.
We were able to find records for the country's president, and even Julian Assange, who once received political asylum from the small South Americam country, and was issued a natioanl ID number (cedula).
👉🏼 Read more:
https://www.zdnet.com/article/database-leaks-data-on-most-of-ecuadors-citizens-including-6-7-million-children/
👉🏼 Read on TG:
https://t.iss.one/BlackBox_EN/3100
#database #leak #ecuador
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN