El modo más sencillo del algoritmo es establecer conexiones con la lista de los contactos de cada usuario: "Si Jaime conoce a Jorge y Jorge conoce a Ana, es probable que Jaime conozca a Ana". Cuando esos triángulos entre dos amigos se entrelazan mucho, la amistad es más probable. El algoritmo de recomendación no se alimenta solo de los contactos –aunque es el principal. Las redes no dan detalles, pero a veces parecen salir "amigos" de viejos emails o mensajes.
Aunque en la salsa hay mucho más: "Los algoritmos de recomendación de amigos tienen muchos componentes. La estructural es la más importante. El 60% de recomendación de amigos vienes de con quién te relacionas. Otra grande son los gustos. Estas dos las más importantes. Más del 80% del algoritmo", dice Moro.
Este ataque adversario puede ser un beneficio personal, pero para que mejore nuestra relación general con los algoritmos le falta algo más: "Me recuerda a las pegatinas que se ponen activistas en la cara para distraer los mecanismos de reconocimiento facial. Puede engañar a la máquina, por lo menos hasta que la adapten con otros datos o métodos", dice David García, investigador en el Complexity Science Hub de Viena (Austria).
La información que dejan nuestros amigos es también importante para nuestro perfil: "Hay mucha información que está fuera de nuestro control. Con los 'perfiles en la sombra' un individuo tiene control nulo para eliminar contactos porque no está en la red social. La información es la que comparten nuestros amigos. Ahí estas herramientas no funcionarían por el hecho de que la privacidad en nuestra sociedad digital es un fenómeno complejo que se escapa del control que tiene un individuo sobre sus datos", explica García.
Necesitaríamos, añade García, que fuera algo masivo, como una vacuna que se inyecta al 90% de la sociedad para que a las redes les cueste más saber mucho de todos.
✳️ Un primer paso.
Pero como primer paso tentativo y personal es atractiva. Los investigadores hicieron su experimento a partir de una base de datos de 829.725 llamadas entre 248.763 individuos. La cifra de 5 amigos que deberían desaparecer para eliminar conexiones sale a partir de unas redes que forman 30-40 amigos. Es probable que esas 5 amistades aumentaran en redes sociales reales con cientos de amistades.
Pero el método sería el mismo: elimina los eslabones clave de tu vida y añade ruido. "Es nuestra primera caja de herramientas para maximizar la privacidad. Cada uno de nosotros podríamos tener una serie de herramientas para ver cómo engañamos a los algoritmos de las redes sociales. No solo al de amigos, también al de recomendación de productos, al de publicidad", dice Moro.
Esta línea de investigación acaba de empezar. Algunos de los siguientes pasos son comprobar el valor de eliminar individuos cercanos para cada usuario y crear una herramienta para que cada cual pueda ver quiénes son los amigos que debería de eliminar: "Nos gustaría hacer una herramienta para enseñar a la gente cómo funciona el algoritmo en su red social y qué nodos debería borrar para que el algoritmo se confundiera más", explica Moro.
La literatura académica ya ha creado modos para que estos algoritmos funcionen peor. Pero deben aplicarlos las mismas redes sociales, que son quienes ven todos los datos. Por ahora no parecen tan interesadas en esta vía de proteger la privacidad de sus usuarios.
https://elpais.com/tecnologia/2019/09/15/actualidad/1568581883_618003.html
#facebook #privacidad #rastreo
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Aunque en la salsa hay mucho más: "Los algoritmos de recomendación de amigos tienen muchos componentes. La estructural es la más importante. El 60% de recomendación de amigos vienes de con quién te relacionas. Otra grande son los gustos. Estas dos las más importantes. Más del 80% del algoritmo", dice Moro.
Este ataque adversario puede ser un beneficio personal, pero para que mejore nuestra relación general con los algoritmos le falta algo más: "Me recuerda a las pegatinas que se ponen activistas en la cara para distraer los mecanismos de reconocimiento facial. Puede engañar a la máquina, por lo menos hasta que la adapten con otros datos o métodos", dice David García, investigador en el Complexity Science Hub de Viena (Austria).
La información que dejan nuestros amigos es también importante para nuestro perfil: "Hay mucha información que está fuera de nuestro control. Con los 'perfiles en la sombra' un individuo tiene control nulo para eliminar contactos porque no está en la red social. La información es la que comparten nuestros amigos. Ahí estas herramientas no funcionarían por el hecho de que la privacidad en nuestra sociedad digital es un fenómeno complejo que se escapa del control que tiene un individuo sobre sus datos", explica García.
Necesitaríamos, añade García, que fuera algo masivo, como una vacuna que se inyecta al 90% de la sociedad para que a las redes les cueste más saber mucho de todos.
✳️ Un primer paso.
Pero como primer paso tentativo y personal es atractiva. Los investigadores hicieron su experimento a partir de una base de datos de 829.725 llamadas entre 248.763 individuos. La cifra de 5 amigos que deberían desaparecer para eliminar conexiones sale a partir de unas redes que forman 30-40 amigos. Es probable que esas 5 amistades aumentaran en redes sociales reales con cientos de amistades.
Pero el método sería el mismo: elimina los eslabones clave de tu vida y añade ruido. "Es nuestra primera caja de herramientas para maximizar la privacidad. Cada uno de nosotros podríamos tener una serie de herramientas para ver cómo engañamos a los algoritmos de las redes sociales. No solo al de amigos, también al de recomendación de productos, al de publicidad", dice Moro.
Esta línea de investigación acaba de empezar. Algunos de los siguientes pasos son comprobar el valor de eliminar individuos cercanos para cada usuario y crear una herramienta para que cada cual pueda ver quiénes son los amigos que debería de eliminar: "Nos gustaría hacer una herramienta para enseñar a la gente cómo funciona el algoritmo en su red social y qué nodos debería borrar para que el algoritmo se confundiera más", explica Moro.
La literatura académica ya ha creado modos para que estos algoritmos funcionen peor. Pero deben aplicarlos las mismas redes sociales, que son quienes ven todos los datos. Por ahora no parecen tan interesadas en esta vía de proteger la privacidad de sus usuarios.
https://elpais.com/tecnologia/2019/09/15/actualidad/1568581883_618003.html
#facebook #privacidad #rastreo
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
El País
Cómo engañar al algoritmo y evitar que Facebook sepa a quién conoces
Una nueva investigación revela un truco para confundir a una función clave de las redes sociales
🇪🇸 El reconocimiento facial podría prohibirse cambiando nuestro uso de la tecnología.
El reconocimiento facial es una tecnología que no ha estado exenta de polémica. La llevamos en nuestro día a día prácticamente, en smartphones, ordenadores, etcétera. Hay quién dice que es una tecnología vital para el futuro y quienes aseguran que podría comprometer gravemente nuestra privacidad.
Algunos de los usos de este reconocimiento facial han sido prohibidos en varios estados de Estados Unidos, y ahora una asesora de políticas de Inteligencia Artificial, Mutale Nkonde, esto se podría extender a más estados llegando incluso a prohibirse del todo, tal y como asegura MIT Technology Review.
Según Nkonde podríamos llegar a ver prohibiciones en algunos de sus usos en determinados estados, pero también podríamos ver una prohibición a nivel federal de sus principales características. Y esto cambiaría nuestrra relación con la tecnología.
✳️ El reconocimiento facial podría prohibirse en Estados Unidos (o al menos en parte).
Según ha predicho Nkonde, no está claro qué prohibiciones sufrirá el reconocimiento facial, y sobre todo, cuáles de sus usos se verán limitados. El ejemplo claro está en Portland; dicha zona quiere restringir el uso del reconocimiento facial en el sector privado, mientras que los primeros 'baneos' se han centrado en la policía. Algunas ciudades de Estados Unidos han prohibido el uso de este reconocimiento en cuerpos policiales.
El debate no se limita a Estados Unidos; en Reino Unido se reavivó el debate del uso del reconocimiento después de que se descubriera que un promotor inmobiliariohabía estado recopilando imágenes de los rostros de personas en un área de Londres durante dos años sin informarles. Lo preocupante es que el cómo se usaron estos datos aún no se sabe. En palabras de Nkonde:
"Habrá desafíos legales, y eventualmente habrá regulación. Un derecho constitucional que tenemos es inocente hasta que se pruebe su culpabilidad. El reconocimiento facial podría cambiar esa idea".
Nkonde señaló un ejemplo muy claro de cómo el uso del reconocimiento facial intercede directamente con nuestra vida privada; los ciudadanos neoyorkinos se enfrentaron a un plan que pretendía instalar sistemas de reconocimiento facial en diversos apartamentos para sustituir a la llave. Casualmente, este despliegue afectó principalmente a mujeres de color o mujeres pobres.
No fue hasta que los ciudadanos metieron en el caso abogados de derechos humanos. Nkonde asegura que "la marginación de los grupos minoritarios por reconocimiento facial es el primer paso [hacia una prohibición]. Cuando se usa para atacar a grupos con más poder, será ilegal".
✳️ Los usuarios lo notaríamos.
El reconocimiento facial, por mucho que suene a ciencia ficción, es una tecnología ya instaurada en nuestra sociedad. Tu smartphone tiene tecnologías de reconocimiento facial, tu portátil con Windows Hello también, tu iPad y además hay países que la han adoptado de forma más o menos cuestionable, como China. Sin ir más lejos, aquí podemos ver cómo en China usan reconocimiento facial para mostrar información de tu viaje.
Una prohibición a mayor escala por parte de los Estados Unidos afectaría indudablemente a Europa y a más países; podría haber un efecto dominó en la zona europea que instara a otros países a seguir sus pasos y a prohibir usos del reconocimiento facial (o incluso su totalidad). En ese caso tendríamos que cambiar nuestro uso de la tecnología, cambiando algunos hábitos tecnológicos que ya tenemos más que asumidos y replantearnos la implicación en nuestra privacidad que suponen esta clase de tecnologías.
Según Nkonde, "esta no sería la primera vez que una sociedad examina una nueva tecnología y decide no usarla".
https://www.elespanol.com/omicrono/20190919/reconocimiento-facial-podria-prohibirse-cambiando-uso-tecnologia/430457021_0.html
#privacidad #reconocimiento #facial #eeuu
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
El reconocimiento facial es una tecnología que no ha estado exenta de polémica. La llevamos en nuestro día a día prácticamente, en smartphones, ordenadores, etcétera. Hay quién dice que es una tecnología vital para el futuro y quienes aseguran que podría comprometer gravemente nuestra privacidad.
Algunos de los usos de este reconocimiento facial han sido prohibidos en varios estados de Estados Unidos, y ahora una asesora de políticas de Inteligencia Artificial, Mutale Nkonde, esto se podría extender a más estados llegando incluso a prohibirse del todo, tal y como asegura MIT Technology Review.
Según Nkonde podríamos llegar a ver prohibiciones en algunos de sus usos en determinados estados, pero también podríamos ver una prohibición a nivel federal de sus principales características. Y esto cambiaría nuestrra relación con la tecnología.
✳️ El reconocimiento facial podría prohibirse en Estados Unidos (o al menos en parte).
Según ha predicho Nkonde, no está claro qué prohibiciones sufrirá el reconocimiento facial, y sobre todo, cuáles de sus usos se verán limitados. El ejemplo claro está en Portland; dicha zona quiere restringir el uso del reconocimiento facial en el sector privado, mientras que los primeros 'baneos' se han centrado en la policía. Algunas ciudades de Estados Unidos han prohibido el uso de este reconocimiento en cuerpos policiales.
El debate no se limita a Estados Unidos; en Reino Unido se reavivó el debate del uso del reconocimiento después de que se descubriera que un promotor inmobiliariohabía estado recopilando imágenes de los rostros de personas en un área de Londres durante dos años sin informarles. Lo preocupante es que el cómo se usaron estos datos aún no se sabe. En palabras de Nkonde:
"Habrá desafíos legales, y eventualmente habrá regulación. Un derecho constitucional que tenemos es inocente hasta que se pruebe su culpabilidad. El reconocimiento facial podría cambiar esa idea".
Nkonde señaló un ejemplo muy claro de cómo el uso del reconocimiento facial intercede directamente con nuestra vida privada; los ciudadanos neoyorkinos se enfrentaron a un plan que pretendía instalar sistemas de reconocimiento facial en diversos apartamentos para sustituir a la llave. Casualmente, este despliegue afectó principalmente a mujeres de color o mujeres pobres.
No fue hasta que los ciudadanos metieron en el caso abogados de derechos humanos. Nkonde asegura que "la marginación de los grupos minoritarios por reconocimiento facial es el primer paso [hacia una prohibición]. Cuando se usa para atacar a grupos con más poder, será ilegal".
✳️ Los usuarios lo notaríamos.
El reconocimiento facial, por mucho que suene a ciencia ficción, es una tecnología ya instaurada en nuestra sociedad. Tu smartphone tiene tecnologías de reconocimiento facial, tu portátil con Windows Hello también, tu iPad y además hay países que la han adoptado de forma más o menos cuestionable, como China. Sin ir más lejos, aquí podemos ver cómo en China usan reconocimiento facial para mostrar información de tu viaje.
Una prohibición a mayor escala por parte de los Estados Unidos afectaría indudablemente a Europa y a más países; podría haber un efecto dominó en la zona europea que instara a otros países a seguir sus pasos y a prohibir usos del reconocimiento facial (o incluso su totalidad). En ese caso tendríamos que cambiar nuestro uso de la tecnología, cambiando algunos hábitos tecnológicos que ya tenemos más que asumidos y replantearnos la implicación en nuestra privacidad que suponen esta clase de tecnologías.
Según Nkonde, "esta no sería la primera vez que una sociedad examina una nueva tecnología y decide no usarla".
https://www.elespanol.com/omicrono/20190919/reconocimiento-facial-podria-prohibirse-cambiando-uso-tecnologia/430457021_0.html
#privacidad #reconocimiento #facial #eeuu
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
El Español
El reconocimiento facial podría prohibirse cambiando nuestro uso de la tecnología
El reconocimiento facial podría prohibirse en EE.UU. Ya se están prohibiendo sus usos en algunos estados. ZAO, la app que se queda con tu cara.
DeepPrivacy: A Generative Adversarial Network for Face Anonymization
We propose a novel architecture which is able to automatically anonymize faces in images while retaining the original data distribution. We ensure total anonymization of all faces in an image by generating images exclusively on privacy-safe information. Our model is based on a conditional generative adversarial network, generating images considering the original pose and image background. The conditional information enables us to generate highly realistic faces with a seamless transition between the generated face and the existing background. Furthermore, we introduce a diverse dataset of human faces, including unconventional poses, occluded faces, and a vast variability in backgrounds. Finally, we present experimental results reflecting the capability of our model to anonymize images while preserving the data distribution, making the data suitable for further training of deep learning models. As far as we know, no other solution has been proposed that guarantees the anonymization of faces while generating realistic images.
👉🏼 PDF:
https://arxiv.org/pdf/1909.04538.pdf
👉🏼 GitHub:
https://github.com/hukkelas/DeepPrivacy
👉🏼 Story on Motherboard:
https://www.vice.com/en_us/article/ne87pg/deepprivacy-fake-face-anonymized-algorithm
#DeepPrivacy #privacy #anonymization #research #study #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
We propose a novel architecture which is able to automatically anonymize faces in images while retaining the original data distribution. We ensure total anonymization of all faces in an image by generating images exclusively on privacy-safe information. Our model is based on a conditional generative adversarial network, generating images considering the original pose and image background. The conditional information enables us to generate highly realistic faces with a seamless transition between the generated face and the existing background. Furthermore, we introduce a diverse dataset of human faces, including unconventional poses, occluded faces, and a vast variability in backgrounds. Finally, we present experimental results reflecting the capability of our model to anonymize images while preserving the data distribution, making the data suitable for further training of deep learning models. As far as we know, no other solution has been proposed that guarantees the anonymization of faces while generating realistic images.
👉🏼 PDF:
https://arxiv.org/pdf/1909.04538.pdf
👉🏼 GitHub:
https://github.com/hukkelas/DeepPrivacy
👉🏼 Story on Motherboard:
https://www.vice.com/en_us/article/ne87pg/deepprivacy-fake-face-anonymized-algorithm
#DeepPrivacy #privacy #anonymization #research #study #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Ep 47: Project Raven
Project Raven
This is the story about an ex-NSA agent who went to work for a secret hacking group in the UAE.
👉🏼 Story:
https://www.reuters.com/investigates/special-report/usa-spying-raven/
📻 Podcast:
https://darknetdiaries.com/episode/47/
#darknetdiaries #NSA #UAE #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
This is the story about an ex-NSA agent who went to work for a secret hacking group in the UAE.
👉🏼 Story:
https://www.reuters.com/investigates/special-report/usa-spying-raven/
📻 Podcast:
https://darknetdiaries.com/episode/47/
#darknetdiaries #NSA #UAE #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Police can access suspects’ Facebook and WhatsApp messages in deal with US
WhatsApp, Facebook and other social media platforms will be forced to disclose encrypted messages from suspected terrorists, paedophiles and other serious criminals under a new treaty between the UK and the US.
Priti Patel, home secretary, will sign an agreement next month that compels US social media companies to hand over information to the police, security services and prosecutors. The data access agreement, which marks the culmination of four years of intense lobbying by the UK, is seen by Downing Street as an essential tool in the fight against terrorism and sexual abuse.
Ms Patel has previously warned social media companies that they risk empowering terrorists and urged them to take greater responsibility for criminal activity on their platforms. At present the security services are only able to obtain data if there is a need for an “emergency disclosure” due to an imminent threat to life. The police and prosecutors can also request data under the “mutual legal assistance” treaty but the process is highly bureaucratic and can take up to two years.
Under the new treaty, the police, prosecutors and the security services can submit requests for information to a judge, magistrate or “other independent authority”. The process will be overseen by the investigatory powers commissioner.
The UK has agreed it will not target people in the US and the US has agreed not to target people in the UK. The government is “confident” that the arrangement will comply with data protection regulations. Britain has also secured a guarantee that any information secured by the US from British companies cannot be used as evidence in cases that attract the death penalty, without the UK’s permission.
Last year Facebook was criticised by police investigating the murder of 13-year-old Lucy McHugh for refusing to release messages sent by Stephen Nicholson, the main suspect. After applying through the US courts for access to his account, prosecutors only received a log of his Facebook contacts with Lucy but not the content of any messages. It finally arrived the day that the trial started and Nicholson was convicted.
David Davis, the former Brexit secretary and a prominent campaigner on privacy issues, cautioned against the new powers. “The simple truth is that I’m afraid the US has a habit of using to the maximum extraterritorial laws to promote its own causes,” he said.
However, Richard Walton, a former head of counterterrorism at the Metropolitan Police, said: “US tech giants have been inadvertently putting a veil over serious criminality and terrorism. It has tilted the balance in favour of criminals and terrorists. This is very welcome, it will make a big difference.”
👉🏼 Read more (paywall)
https://www.thetimes.co.uk/article/police-can-access-suspects-facebook-and-whatsapp-messages-in-deal-with-us-q7lrfmchz
#UK #USA #Police #DeleteWhatsapp #DeleteFacebook
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
WhatsApp, Facebook and other social media platforms will be forced to disclose encrypted messages from suspected terrorists, paedophiles and other serious criminals under a new treaty between the UK and the US.
Priti Patel, home secretary, will sign an agreement next month that compels US social media companies to hand over information to the police, security services and prosecutors. The data access agreement, which marks the culmination of four years of intense lobbying by the UK, is seen by Downing Street as an essential tool in the fight against terrorism and sexual abuse.
Ms Patel has previously warned social media companies that they risk empowering terrorists and urged them to take greater responsibility for criminal activity on their platforms. At present the security services are only able to obtain data if there is a need for an “emergency disclosure” due to an imminent threat to life. The police and prosecutors can also request data under the “mutual legal assistance” treaty but the process is highly bureaucratic and can take up to two years.
Under the new treaty, the police, prosecutors and the security services can submit requests for information to a judge, magistrate or “other independent authority”. The process will be overseen by the investigatory powers commissioner.
The UK has agreed it will not target people in the US and the US has agreed not to target people in the UK. The government is “confident” that the arrangement will comply with data protection regulations. Britain has also secured a guarantee that any information secured by the US from British companies cannot be used as evidence in cases that attract the death penalty, without the UK’s permission.
Last year Facebook was criticised by police investigating the murder of 13-year-old Lucy McHugh for refusing to release messages sent by Stephen Nicholson, the main suspect. After applying through the US courts for access to his account, prosecutors only received a log of his Facebook contacts with Lucy but not the content of any messages. It finally arrived the day that the trial started and Nicholson was convicted.
David Davis, the former Brexit secretary and a prominent campaigner on privacy issues, cautioned against the new powers. “The simple truth is that I’m afraid the US has a habit of using to the maximum extraterritorial laws to promote its own causes,” he said.
However, Richard Walton, a former head of counterterrorism at the Metropolitan Police, said: “US tech giants have been inadvertently putting a veil over serious criminality and terrorism. It has tilted the balance in favour of criminals and terrorists. This is very welcome, it will make a big difference.”
👉🏼 Read more (paywall)
https://www.thetimes.co.uk/article/police-can-access-suspects-facebook-and-whatsapp-messages-in-deal-with-us-q7lrfmchz
#UK #USA #Police #DeleteWhatsapp #DeleteFacebook
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
🇪🇸 Whatsapp y otras apps tendrán "puertas traseras" en el Reino Unido para descifrar mensajes
Hoy en día, cualquier app de mensajería que se precie implementa algún tipo de protección en nuestros mensajes.
El cifrado punto a punto (o extremo a extremo) se ha generalizado en los últimos años; consiste en cifrar los mensajes y que estos permanezcan cifrados durante toda la comunicación, hasta que lleguen a su destinatario. De esta manera, ni siquiera los creadores de la app pueden leer el mensaje.
El cifrado punto a punto no es perfecto, pero sí que es mucho mejor que alternativas como el "cifrado en tránsito", en el que el servidor de la compañía sí puede descifrar y leer nuestros mensajes.
Este tipo de protección ha sido muy solicitada por los usuarios, pero para los gobiernos y servicios de inteligencia de todo el mundo es un quebradero de cabeza. Los dos gobiernos más contrarios al cifrado punto a punto han sido el del Reino Unido y el de los EEUU, y ya han dado pasos para prohibirlo o, al menos, limitar su eficacia.
La excusa usada por estos gobiernos es la misma: la seguridad. En concreto, denuncian que apps como Whatsapp o Telegram están siendo usadas por terroristas y criminales para organizarse; también se habla de redes de pedofilia creadas en estas plataformas.
Desde hace años, el gobierno británico ha presionado a las desarrolladores para obtener acceso a las llamadas "puertas traseras", métodos para saltarse el cifrado de los mensajes. Estas puertas pueden ser, por ejemplo, el acceso a una clave maestra de cifrado, capaz de descifrar cualquier mensaje, o acceso a la tecnología usada para cifrar el texto.
Las iniciativas del gobierno británico han sido duramente criticadas por expertos de seguridad de la industria. Ni que decir tiene que la mera existencia de estas puertas traseras haría inútil cualquier método de protección; sería exactamente lo mismo que no tener ningún tipo de cifrado. Desde el mismo momento en el que un mensaje se puede descifrar, esa comunicación ya no es segura.
Ahora el gobierno británico se ha encontrado con un gran aliado en su lucha contra el cifrado: EEUU. La administración Trump se ha mostrado en contra del cifrado extremo a extremo, e incluso se estaría planteando prohibirlo completamente.
Según adelanta Bloomberg, un nuevo acuerdo entre EEUU y el Reino Unido obligaría a apps de mensajería y redes sociales a aportar esa "puerta trasera" a la policía británica. El acuerdo, que se finalizaría en octubre, afectaría a Facebook, Whatsapp y otras apps similares.
El texto incluye algunas excepciones, destinadas a protegerse mutuamente. Por ejemplo, ambos gobiernos se comprometen a no usar estas puertas traseras para investigar a usuarios del otro país.
Además, inicialmente las apps sólo estarán obligadas a aportar información en casos de "crímenes graves", como terrorismo o pedofilia. Sin embargo, ya se habla de que el acuerdo abriría una "Caja de Pandora", y que en el futuro se puedan obtener mensajes que no estén relacionados con crímenes graves.
https://www.elespanol.com/omicrono/software/20190929/whatsapp-puertas-traseras-reino-unido-descifrar-mensajes/432956770_0.html
#uk #privacidad #mensajeria
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Hoy en día, cualquier app de mensajería que se precie implementa algún tipo de protección en nuestros mensajes.
El cifrado punto a punto (o extremo a extremo) se ha generalizado en los últimos años; consiste en cifrar los mensajes y que estos permanezcan cifrados durante toda la comunicación, hasta que lleguen a su destinatario. De esta manera, ni siquiera los creadores de la app pueden leer el mensaje.
El cifrado punto a punto no es perfecto, pero sí que es mucho mejor que alternativas como el "cifrado en tránsito", en el que el servidor de la compañía sí puede descifrar y leer nuestros mensajes.
Este tipo de protección ha sido muy solicitada por los usuarios, pero para los gobiernos y servicios de inteligencia de todo el mundo es un quebradero de cabeza. Los dos gobiernos más contrarios al cifrado punto a punto han sido el del Reino Unido y el de los EEUU, y ya han dado pasos para prohibirlo o, al menos, limitar su eficacia.
La excusa usada por estos gobiernos es la misma: la seguridad. En concreto, denuncian que apps como Whatsapp o Telegram están siendo usadas por terroristas y criminales para organizarse; también se habla de redes de pedofilia creadas en estas plataformas.
Desde hace años, el gobierno británico ha presionado a las desarrolladores para obtener acceso a las llamadas "puertas traseras", métodos para saltarse el cifrado de los mensajes. Estas puertas pueden ser, por ejemplo, el acceso a una clave maestra de cifrado, capaz de descifrar cualquier mensaje, o acceso a la tecnología usada para cifrar el texto.
Las iniciativas del gobierno británico han sido duramente criticadas por expertos de seguridad de la industria. Ni que decir tiene que la mera existencia de estas puertas traseras haría inútil cualquier método de protección; sería exactamente lo mismo que no tener ningún tipo de cifrado. Desde el mismo momento en el que un mensaje se puede descifrar, esa comunicación ya no es segura.
Ahora el gobierno británico se ha encontrado con un gran aliado en su lucha contra el cifrado: EEUU. La administración Trump se ha mostrado en contra del cifrado extremo a extremo, e incluso se estaría planteando prohibirlo completamente.
Según adelanta Bloomberg, un nuevo acuerdo entre EEUU y el Reino Unido obligaría a apps de mensajería y redes sociales a aportar esa "puerta trasera" a la policía británica. El acuerdo, que se finalizaría en octubre, afectaría a Facebook, Whatsapp y otras apps similares.
El texto incluye algunas excepciones, destinadas a protegerse mutuamente. Por ejemplo, ambos gobiernos se comprometen a no usar estas puertas traseras para investigar a usuarios del otro país.
Además, inicialmente las apps sólo estarán obligadas a aportar información en casos de "crímenes graves", como terrorismo o pedofilia. Sin embargo, ya se habla de que el acuerdo abriría una "Caja de Pandora", y que en el futuro se puedan obtener mensajes que no estén relacionados con crímenes graves.
https://www.elespanol.com/omicrono/software/20190929/whatsapp-puertas-traseras-reino-unido-descifrar-mensajes/432956770_0.html
#uk #privacidad #mensajeria
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
El Español
Whatsapp y otras apps tendrán "puertas traseras" en el Reino Unido para descifrar mensajes
El acuerdo de puertas traseras permite descifrar mensajes protegidos en el servicio. EEUU y Reino Unido coinciden en luchar contra el cifrado. Australia estrenó una ley similar.
30 countries closed media and blocked internet access so far in 2019
In advance of the International Day for Universal Access to Information (IDUAI) on 28 September, the IFJ has condemned the fact that more than 30 countries have been guilty of closing media or blocking internet access so far in 2019, threatening citizens’ fundamental right to free access to information.
https://www.ifj.org/media-centre/news/detail/category/press-releases/article/iduai-30-countries-closed-media-and-blocked-internet-access-so-far-in-2019.html
#democracy #IDUAI #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
In advance of the International Day for Universal Access to Information (IDUAI) on 28 September, the IFJ has condemned the fact that more than 30 countries have been guilty of closing media or blocking internet access so far in 2019, threatening citizens’ fundamental right to free access to information.
https://www.ifj.org/media-centre/news/detail/category/press-releases/article/iduai-30-countries-closed-media-and-blocked-internet-access-so-far-in-2019.html
#democracy #IDUAI #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Russia starts rolling out DPI filtration tech that might finally block Telegram
Russia’s federal censor has started testing new digital filtration equipment that could finally make it possible to block access to the instant messenger Telegram. A source participating in the pilot project told the news website RBC that DPI (Deep Packet Inspection) technology is rolling out in Russia’s Ural Federal District, enabling ISPs to analyze and filter specific Internet traffic (a more sophisticated form of online censorship than simply blocking whole IP addresses, which has failed against Telegram).
RBC’s sources say the company “DTsOA” has been tasked with supplying the new hardware to Internet Service Providers throughout the Ural Federal District by the end of the year. DTsOA’s former CEO is reportedly Rashid Ismailov, Nokia’s former head of Russian operations and Russia’s former deputy communications minister.
According to RBC, the new hardware is already active in Yekaterinburg, and it’s currently expanding to Chelyabinsk, Tyumen, and other cities in the region. The equipment is being supplied primarily to ISPs providing home Internet access, and the new DPI filtration apparently isn’t around the clock. All providers reportedly have access to a kill switch, in the event that the new hardware somehow malfunctions. https://www.rbc.ru/technology_and_media/26/09/2019/5d8b4c1c9a7947d3c58f9a48
☣️ Roskomnadzor will reportedly monitor how severely the new filtration systems degrade Internet speeds, and verify that the equipment blocks everything the authorities have blacklisted, and nothing else.
☣️ The pilot project is part of the government’s implementation of a controversial “RuNet isolation” initiative that takes effect on November 1, 2019, wherein the state will ensure that Russia’s domestic Internet network continues to function, even if it is disconnected from the outside world.
https://meduza.io/en/news/2019/09/27/russia-starts-rolling-out-dpi-filtration-tech-that-might-finally-block-telegram
#russia #blocking #telegram #dpi #filtration
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Russia’s federal censor has started testing new digital filtration equipment that could finally make it possible to block access to the instant messenger Telegram. A source participating in the pilot project told the news website RBC that DPI (Deep Packet Inspection) technology is rolling out in Russia’s Ural Federal District, enabling ISPs to analyze and filter specific Internet traffic (a more sophisticated form of online censorship than simply blocking whole IP addresses, which has failed against Telegram).
RBC’s sources say the company “DTsOA” has been tasked with supplying the new hardware to Internet Service Providers throughout the Ural Federal District by the end of the year. DTsOA’s former CEO is reportedly Rashid Ismailov, Nokia’s former head of Russian operations and Russia’s former deputy communications minister.
According to RBC, the new hardware is already active in Yekaterinburg, and it’s currently expanding to Chelyabinsk, Tyumen, and other cities in the region. The equipment is being supplied primarily to ISPs providing home Internet access, and the new DPI filtration apparently isn’t around the clock. All providers reportedly have access to a kill switch, in the event that the new hardware somehow malfunctions. https://www.rbc.ru/technology_and_media/26/09/2019/5d8b4c1c9a7947d3c58f9a48
☣️ Roskomnadzor will reportedly monitor how severely the new filtration systems degrade Internet speeds, and verify that the equipment blocks everything the authorities have blacklisted, and nothing else.
☣️ The pilot project is part of the government’s implementation of a controversial “RuNet isolation” initiative that takes effect on November 1, 2019, wherein the state will ensure that Russia’s domestic Internet network continues to function, even if it is disconnected from the outside world.
https://meduza.io/en/news/2019/09/27/russia-starts-rolling-out-dpi-filtration-tech-that-might-finally-block-telegram
#russia #blocking #telegram #dpi #filtration
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Read the full transcript of Mark Zuckerberg’s leaked internal Facebook meetings
Highlights from two hours of leaked audio from recent Q&A sessions with Facebook’s CEO
On October 1st, The Verge published text and audio from recent internal meetings at Facebook where CEO Mark Zuckerberg answered tough questions from employees who are concerned about the company’s future. In two July meetings, Zuckerberg rallied his employees against critics, competitors, and Sen. Elizabeth Warren, among others.
To provide more context around Zuckerberg’s remarks, The Verge is publishing expanded transcripts from the two meetings below. In them, Zuckerberg discussed his plan to beat TikTok, why he wants to keep absolute control of the company, and what employees should tell friends who have a dim view of Facebook. Each question below was asked by a different Facebook employee.
👉🏼 Listen to clips from the meeting:
https://www.theverge.com/2019/10/1/20756701/mark-zuckerberg-facebook-leak-audio-ftc-antitrust-elizabeth-warren-tiktok-comments
👉🏼 Read more:
https://www.theverge.com/2019/10/1/20892354/mark-zuckerberg-full-transcript-leaked-facebook-meetings
#DeleteFacebook #transcript #leak #meetings
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Highlights from two hours of leaked audio from recent Q&A sessions with Facebook’s CEO
On October 1st, The Verge published text and audio from recent internal meetings at Facebook where CEO Mark Zuckerberg answered tough questions from employees who are concerned about the company’s future. In two July meetings, Zuckerberg rallied his employees against critics, competitors, and Sen. Elizabeth Warren, among others.
To provide more context around Zuckerberg’s remarks, The Verge is publishing expanded transcripts from the two meetings below. In them, Zuckerberg discussed his plan to beat TikTok, why he wants to keep absolute control of the company, and what employees should tell friends who have a dim view of Facebook. Each question below was asked by a different Facebook employee.
👉🏼 Listen to clips from the meeting:
https://www.theverge.com/2019/10/1/20756701/mark-zuckerberg-facebook-leak-audio-ftc-antitrust-elizabeth-warren-tiktok-comments
👉🏼 Read more:
https://www.theverge.com/2019/10/1/20892354/mark-zuckerberg-full-transcript-leaked-facebook-meetings
#DeleteFacebook #transcript #leak #meetings
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
18-year-old shot by Hong Kong police in stable condition as students stage protest
A student who was shot by police with a live round at close range on Tuesday has stabilised following an operation, according to the Hospital Authority.
Tsang Chi-kin, an 18-year-old form 5 student, was shot in Tsuen Wan after a scuffle with an officer.
The officer rushed towards a group of protesters attacking another officer whilst pointing a pistol, but was also surrounded. Tsang used a metal rod to hit the surrounded officer, before he fired the shot.
https://www.hongkongfp.com/2019/10/02/18-year-old-shot-hong-kong-police-stable-condition-students-stage-protest/
#FreeHongKong #shooting #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
A student who was shot by police with a live round at close range on Tuesday has stabilised following an operation, according to the Hospital Authority.
Tsang Chi-kin, an 18-year-old form 5 student, was shot in Tsuen Wan after a scuffle with an officer.
The officer rushed towards a group of protesters attacking another officer whilst pointing a pistol, but was also surrounded. Tsang used a metal rod to hit the surrounded officer, before he fired the shot.
https://www.hongkongfp.com/2019/10/02/18-year-old-shot-hong-kong-police-stable-condition-students-stage-protest/
#FreeHongKong #shooting #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
RIAA Reports Telegram to US Govt. Over Piracy Concerns
The RIAA has submitted its most recent overview of "notorious markets" to the U.S. Government. As usual, the music industry group lists various torrent sites, download portals and stream-ripping sites as direct threats. This year, however, the messaging app Telegram is also highlighted as a problem.
Responding to a request from the Office of the US Trade Representative (USTR), the RIAA has submitted its annual list of “notorious markets.”
The submission identifies online and offline piracy hubs to help guide the U.S. Government’s position towards foreign countries when it comes to copyright enforcement.
“The online and physical markets identified in our comments are harming American creators, businesses, and the American economy,” writes George York, the RIAA’s Senior Vice President of International Policy.
Traditionally the online focus lies on classic pirate sites, such as torrent indexers, linking sites, cyberlockers, download portals, and stream-rippers. These are also listed in the latest RIAA submission. It includes many of the usual suspects, such as The Pirate Bay, Flvto, Newalbumreleases, and Uploaded.
While these mentions were expected, there’s also a new ‘issue’ highlighted by the music group – the encrypted messaging app Telegram. The software, which was launched by VKontakte founders Nikolai and Pavel Durov a few years ago, is frequently used by pirates, the RIAA notes.
The RIAA points out that messaging apps by themselves are of no special concern. However, Telegram also allows its users to share files of up to 1.5GB, a process that can be automated with scripts. This is a feature that many pirates have embraced.
“Telegram offers many user-created channels which are dedicated to the unauthorized distribution of copyrighted recordings, with some channels focused on particular genres or artists,” the RIAA notes.
Many of these files are hosted on Telegram’s servers and the RIAA says that it sent 18,000 DMCA notices to Telegram, identifying over 18,000 instances of copyright infringement.
The messaging app says that it forwards these requests to channel owners. However, according to the music group, this doesn’t have the desired effect, as many channel operators ignore the takedown requests. In addition, repeat infringers don’t appear to be punished in any way.
#riaa #telegram #tg #usa #govt #piracy
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
The RIAA has submitted its most recent overview of "notorious markets" to the U.S. Government. As usual, the music industry group lists various torrent sites, download portals and stream-ripping sites as direct threats. This year, however, the messaging app Telegram is also highlighted as a problem.
Responding to a request from the Office of the US Trade Representative (USTR), the RIAA has submitted its annual list of “notorious markets.”
The submission identifies online and offline piracy hubs to help guide the U.S. Government’s position towards foreign countries when it comes to copyright enforcement.
“The online and physical markets identified in our comments are harming American creators, businesses, and the American economy,” writes George York, the RIAA’s Senior Vice President of International Policy.
Traditionally the online focus lies on classic pirate sites, such as torrent indexers, linking sites, cyberlockers, download portals, and stream-rippers. These are also listed in the latest RIAA submission. It includes many of the usual suspects, such as The Pirate Bay, Flvto, Newalbumreleases, and Uploaded.
While these mentions were expected, there’s also a new ‘issue’ highlighted by the music group – the encrypted messaging app Telegram. The software, which was launched by VKontakte founders Nikolai and Pavel Durov a few years ago, is frequently used by pirates, the RIAA notes.
The RIAA points out that messaging apps by themselves are of no special concern. However, Telegram also allows its users to share files of up to 1.5GB, a process that can be automated with scripts. This is a feature that many pirates have embraced.
“Telegram offers many user-created channels which are dedicated to the unauthorized distribution of copyrighted recordings, with some channels focused on particular genres or artists,” the RIAA notes.
Many of these files are hosted on Telegram’s servers and the RIAA says that it sent 18,000 DMCA notices to Telegram, identifying over 18,000 instances of copyright infringement.
The messaging app says that it forwards these requests to channel owners. However, according to the music group, this doesn’t have the desired effect, as many channel operators ignore the takedown requests. In addition, repeat infringers don’t appear to be punished in any way.
👉🏼 Read more:https://torrentfreak.com/riaa-reports-telegram-to-us-govt-over-piracy-concerns-191002/
#riaa #telegram #tg #usa #govt #piracy
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
DMCA Notice Confirms Trump Tweet Was Taken Down By Warner Music
Earlier today Twitter exploded when a tweet by US President Donald Trump was taken down for alleged copyright infringement. A copy of the DMCA notice obtained by TorrentFreak shows that Warner Music was behind the takedown. It became the seventh copyright complaint filed against Trump's Twitter account in 2019 alone, raising questions about Twitter's repeat infringer policy.
President of the United States Donald Trump is well-known for his love of Twitter.
He currently has well in excess of 65 million followers and regularly uses the platform to promote himself and attack his critics.
Earlier today, Twitter erupted when a tweet by the President, which contained a video attacking the integrity of political rival Joe Biden, received some serious editing thanks to Twitter.
While the words “LOOK AT THIS PHOTOGRAPH!” remained, the actual video had been removed following a copyright infringement complaint.
Trump’s tweet contained a video that has been doing the rounds featuring a photograph central to the recent Biden/Ukraine controversy. However, the photograph itself wasn’t the reason the video was taken down by Twitter.
The viral video contains a clip from Nickelback’s 2005 video ‘Photograph’, prompting speculation that the band itself was behind the takedown sent to Twitter. While they may have had a hand in it, the actual DMCA served on Twitter and obtained by TorrentFreak reveals that the notice was sent by Warner Music.
👉🏼 Read more:
https://torrentfreak.com/dmca-notice-confirms-trump-tweet-was-taken-down-by-warner-music/
#dmca #trump #twitter #WarnerMusic #CopyrightInfringement
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Earlier today Twitter exploded when a tweet by US President Donald Trump was taken down for alleged copyright infringement. A copy of the DMCA notice obtained by TorrentFreak shows that Warner Music was behind the takedown. It became the seventh copyright complaint filed against Trump's Twitter account in 2019 alone, raising questions about Twitter's repeat infringer policy.
President of the United States Donald Trump is well-known for his love of Twitter.
He currently has well in excess of 65 million followers and regularly uses the platform to promote himself and attack his critics.
Earlier today, Twitter erupted when a tweet by the President, which contained a video attacking the integrity of political rival Joe Biden, received some serious editing thanks to Twitter.
While the words “LOOK AT THIS PHOTOGRAPH!” remained, the actual video had been removed following a copyright infringement complaint.
Trump’s tweet contained a video that has been doing the rounds featuring a photograph central to the recent Biden/Ukraine controversy. However, the photograph itself wasn’t the reason the video was taken down by Twitter.
The viral video contains a clip from Nickelback’s 2005 video ‘Photograph’, prompting speculation that the band itself was behind the takedown sent to Twitter. While they may have had a hand in it, the actual DMCA served on Twitter and obtained by TorrentFreak reveals that the notice was sent by Warner Music.
👉🏼 Read more:
https://torrentfreak.com/dmca-notice-confirms-trump-tweet-was-taken-down-by-warner-music/
#dmca #trump #twitter #WarnerMusic #CopyrightInfringement
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Vulnerabilities exploited in VPN products used worldwide
APTs are exploiting vulnerabilities in several VPN products used worldwide
💡 Introduction
The NCSC is investigating the exploitation, by Advanced Persistent Threat (APT) actors, of known vulnerabilities affecting Virtual Private Network (VPN) products from vendors Pulse secure, Palo Alto and Fortinet.
This activity is ongoing, targeting both UK and international organisations. Affected sectors include government, military, academic, business and healthcare. These vulnerabilities are well documented in open source.
Details💡
Vulnerabilities exist in several SSL VPN products which allow an attacker to retrieve arbitrary files, including those containing authentication credentials.
An attacker can use these stolen credentials to connect to the VPN and change configuration settings, or connect to further internal infrastructure.
Unauthorised connection to a VPN could also provide the attacker with the privileges needed to run secondary exploits aimed at accessing a root shell.
💡 Top vulnerabilities
The highest-impact vulnerabilities known to be exploited by APTs are listed below, although this is not an exhaustive list of CVEs associated with these products.
Sample exploit code for these vulnerabilities is publicly available online. The NCSC cautions against testing infrastructure with untrusted third-party code.
👉🏼 Read more:
https://www.ncsc.gov.uk/news/alert-vpn-vulnerabilities
#uk #govt #alert #vpn #exploiting #vulnerabilities
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
APTs are exploiting vulnerabilities in several VPN products used worldwide
💡 Introduction
The NCSC is investigating the exploitation, by Advanced Persistent Threat (APT) actors, of known vulnerabilities affecting Virtual Private Network (VPN) products from vendors Pulse secure, Palo Alto and Fortinet.
This activity is ongoing, targeting both UK and international organisations. Affected sectors include government, military, academic, business and healthcare. These vulnerabilities are well documented in open source.
Details💡
Vulnerabilities exist in several SSL VPN products which allow an attacker to retrieve arbitrary files, including those containing authentication credentials.
An attacker can use these stolen credentials to connect to the VPN and change configuration settings, or connect to further internal infrastructure.
Unauthorised connection to a VPN could also provide the attacker with the privileges needed to run secondary exploits aimed at accessing a root shell.
💡 Top vulnerabilities
The highest-impact vulnerabilities known to be exploited by APTs are listed below, although this is not an exhaustive list of CVEs associated with these products.
Sample exploit code for these vulnerabilities is publicly available online. The NCSC cautions against testing infrastructure with untrusted third-party code.
👉🏼 Read more:
https://www.ncsc.gov.uk/news/alert-vpn-vulnerabilities
#uk #govt #alert #vpn #exploiting #vulnerabilities
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
France Set to Roll Out Nationwide Facial Recognition ID Program
Digital identity enrollment app to be rolled out in November
Privacy, absence of consent and security among concerns raised
France is poised to become the first European country to use facial recognition technology to give citizens a secure digital identity -- whether they want it or not.
👉🏼 Read more:
https://www.bloomberg.com/news/articles/2019-10-03/french-liberte-tested-by-nationwide-facial-recognition-id-plan
#france #id #FacialRecognition #nationwide #thinkabout #why #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Digital identity enrollment app to be rolled out in November
Privacy, absence of consent and security among concerns raised
France is poised to become the first European country to use facial recognition technology to give citizens a secure digital identity -- whether they want it or not.
👉🏼 Read more:
https://www.bloomberg.com/news/articles/2019-10-03/french-liberte-tested-by-nationwide-facial-recognition-id-plan
#france #id #FacialRecognition #nationwide #thinkabout #why #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
The Eye on the Nile
Phishing attack on government opponents in Egypt - with apps from the Play Store
Specialists reveal a sophisticated phishing attack in Egypt. Android apps that made it into the Play Store without catching the eye were involved.
Back in March 2019, Amnesty International published a report that uncovered a targeted attack against journalists and human rights activists in Egypt. The victims even received an e-mail from Google warning them that government-backed attackers attempted to steal their passwords. https://www.amnesty.org/en/latest/research/2019/03/phishing-attacks-using-third-party-applications-against-egyptian-civil-society-organizations/
According to the report, the attackers did not rely on traditional phishing methods or credential-stealing payloads, but rather utilized a stealthier and more efficient way of accessing the victims’ inboxes: a technique known as “OAuth Phishing”. By abusing third-party applications for popular mailing services such as Gmail or Outlook, the attackers manipulated victims into granting them full access to their e-mails.
Recently, we were able to find previously unknown or undisclosed malicious artifacts belonging to this operation. A new website we attributed to this malicious activity revealed that the attackers are going after their prey in more than one way, and might even be hiding in plain sight: developing mobile applications to monitor their targets, and hosting them on Google’s official Play Store.
After we notified Google about the involved applications, they quickly took them off of the Play Store and banned the associated developer.
👉🏼 Read more:
https://research.checkpoint.com/the-eye-on-the-nile/
#Egypt #pishing #attacks #research #android #apps #playstore
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Phishing attack on government opponents in Egypt - with apps from the Play Store
Specialists reveal a sophisticated phishing attack in Egypt. Android apps that made it into the Play Store without catching the eye were involved.
Back in March 2019, Amnesty International published a report that uncovered a targeted attack against journalists and human rights activists in Egypt. The victims even received an e-mail from Google warning them that government-backed attackers attempted to steal their passwords. https://www.amnesty.org/en/latest/research/2019/03/phishing-attacks-using-third-party-applications-against-egyptian-civil-society-organizations/
According to the report, the attackers did not rely on traditional phishing methods or credential-stealing payloads, but rather utilized a stealthier and more efficient way of accessing the victims’ inboxes: a technique known as “OAuth Phishing”. By abusing third-party applications for popular mailing services such as Gmail or Outlook, the attackers manipulated victims into granting them full access to their e-mails.
Recently, we were able to find previously unknown or undisclosed malicious artifacts belonging to this operation. A new website we attributed to this malicious activity revealed that the attackers are going after their prey in more than one way, and might even be hiding in plain sight: developing mobile applications to monitor their targets, and hosting them on Google’s official Play Store.
After we notified Google about the involved applications, they quickly took them off of the Play Store and banned the associated developer.
👉🏼 Read more:
https://research.checkpoint.com/the-eye-on-the-nile/
#Egypt #pishing #attacks #research #android #apps #playstore
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Legal firm claims Fortnite made to be "as addictive as possible"
A Montreal legal firm is pursuing legal action on behalf of parents, comparing the game to tobacco and cocaine.
Many parents know the problems with overlong sessions of their children, in Canada now two minors want to sue against manufacturer Epic Games. The development studio has specifically produced Fortnite in such a way that it is the most addictive game, her lawyers say.
A 10-year-old and a 15-year-old applied to a court in Montréal for a class-action lawsuit against Epic Games. Their lawyers' accusation: The US development studio Epic Games deliberately programmed Fortnite Battle Royale "to be the most addictive game", the newspaper La Presse quotes. Epic had worked with psychologists and tried to avoid any "loss of attention" in experiments with test persons.
👉🏼 Read more:
https://www.gamereactor.eu/legal-firm-claims-fortnite-made-to-be-as-addictive-as-possible/
👉🏼 Read more:
https://www.lapresse.ca/actualites/justice-et-faits-divers/201910/03/01-5243992-demande-daction-collective-fortnite-comme-la-cigarette-.php
#fortnite #addictive #EpicGames #lawsuit #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
A Montreal legal firm is pursuing legal action on behalf of parents, comparing the game to tobacco and cocaine.
Many parents know the problems with overlong sessions of their children, in Canada now two minors want to sue against manufacturer Epic Games. The development studio has specifically produced Fortnite in such a way that it is the most addictive game, her lawyers say.
A 10-year-old and a 15-year-old applied to a court in Montréal for a class-action lawsuit against Epic Games. Their lawyers' accusation: The US development studio Epic Games deliberately programmed Fortnite Battle Royale "to be the most addictive game", the newspaper La Presse quotes. Epic had worked with psychologists and tried to avoid any "loss of attention" in experiments with test persons.
👉🏼 Read more:
https://www.gamereactor.eu/legal-firm-claims-fortnite-made-to-be-as-addictive-as-possible/
👉🏼 Read more:
https://www.lapresse.ca/actualites/justice-et-faits-divers/201910/03/01-5243992-demande-daction-collective-fortnite-comme-la-cigarette-.php
#fortnite #addictive #EpicGames #lawsuit #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
3G Internet and Confidence in Government
How does the internet affect government approval? Using surveys of 840,537 individuals from 2,232 subnational regions in 116 countries in 2008-2017 from the Gallup World Poll and the global expansion of 3G networks, we show that an increase in internet access reduces government approval and increases the perception of corruption in government. This effect is present only when the internet is not censored and is stronger when traditional media is censored. Actual incidents of corruption translate into higher corruption perception only in places covered by 3G. In Europe, the expansion of mobile internet increased vote shares of anti-establishment populist parties.
👉🏼 PDF:
https://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID3456747_code3025720.pdf?abstractid=3456747&mirid=1
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3456747
#internet #government #study #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
How does the internet affect government approval? Using surveys of 840,537 individuals from 2,232 subnational regions in 116 countries in 2008-2017 from the Gallup World Poll and the global expansion of 3G networks, we show that an increase in internet access reduces government approval and increases the perception of corruption in government. This effect is present only when the internet is not censored and is stronger when traditional media is censored. Actual incidents of corruption translate into higher corruption perception only in places covered by 3G. In Europe, the expansion of mobile internet increased vote shares of anti-establishment populist parties.
👉🏼 PDF:
https://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID3456747_code3025720.pdf?abstractid=3456747&mirid=1
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3456747
#internet #government #study #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Leaked drone footage purports to show Xinjiang prisoners blindfolded and tied up
Drone footage anonymously posted to YouTube appears to show hundreds of male prisoners in Xinjiang, western China, tied up and wearing blindfolds.
China has installed a 21st century police state in the region, where the US has accused Beijing of housing more than a million Uighur Muslims in "concentration camps."
https://www.businessinsider.de/china-xinjiang-prisoners-blindfolded-tied-up-leaked-drone-footage-2019-10
#china #xinjiang #prisioners #drone #footage #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Drone footage anonymously posted to YouTube appears to show hundreds of male prisoners in Xinjiang, western China, tied up and wearing blindfolds.
China has installed a 21st century police state in the region, where the US has accused Beijing of housing more than a million Uighur Muslims in "concentration camps."
https://www.businessinsider.de/china-xinjiang-prisoners-blindfolded-tied-up-leaked-drone-footage-2019-10
#china #xinjiang #prisioners #drone #footage #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
FBI misused surveillance data, spied on its own, FISA ruling finds
Contractor looked up relatives; data was used to vet agents, sources in US.
In an October 2018 ruling unsealed and posted on October 8, 2019 by the Office of the Director of Intelligence, the United States Foreign Intelligence Surveillance Court (FISC) found that the employees of the Federal Bureau of Investigation had inappropriately used data collected under Section 702 of the Foreign Intelligence Surveillance Act (FISA). The FBI was found to have misused surveillance data to look into American residents, including other FBI employees and their family members, making large-scale queries that did not distinguish between US persons and foreign intelligence targets.
The revelation drew immediate outcry from privacy advocates and renewed calls for the termination of FISA and USA FREEDOM Act that authorized bulk intelligence collection. President Donald Trump signed a bill extending Section 702 collection authorizations for six years in 2018; the Office of the Director of National Intelligence announced earlier this year that the administration would seek the extension of authority for collection of call data granted under the USA FREEDOM Act.
In a statement emailed to Ars Technica, ACLU Senior Legislative Counsel Neema Singh Guliani, said:
"The government should not be able to spy on our calls and emails without a warrant. Any surveillance legislation considered by Congress this year must include reforms that address the disturbing abuses detailed in these opinions. Congress and the courts now have even more reason to prohibit warrantless searches of our information, and to permanently close the door on any collection of information that is not to or from a surveillance target."
https://icontherecord.tumblr.com/post/188217887058/release-of-documents-related-to-the-2018-fisa
👉🏼 Read more:
https://arstechnica.com/tech-policy/2019/10/unsealed-fisa-ruling-slaps-fbi-for-misuse-of-surveillance-data/
#USA #FISA #FBI #spy #surveillance #misuse #data #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Contractor looked up relatives; data was used to vet agents, sources in US.
In an October 2018 ruling unsealed and posted on October 8, 2019 by the Office of the Director of Intelligence, the United States Foreign Intelligence Surveillance Court (FISC) found that the employees of the Federal Bureau of Investigation had inappropriately used data collected under Section 702 of the Foreign Intelligence Surveillance Act (FISA). The FBI was found to have misused surveillance data to look into American residents, including other FBI employees and their family members, making large-scale queries that did not distinguish between US persons and foreign intelligence targets.
The revelation drew immediate outcry from privacy advocates and renewed calls for the termination of FISA and USA FREEDOM Act that authorized bulk intelligence collection. President Donald Trump signed a bill extending Section 702 collection authorizations for six years in 2018; the Office of the Director of National Intelligence announced earlier this year that the administration would seek the extension of authority for collection of call data granted under the USA FREEDOM Act.
In a statement emailed to Ars Technica, ACLU Senior Legislative Counsel Neema Singh Guliani, said:
"The government should not be able to spy on our calls and emails without a warrant. Any surveillance legislation considered by Congress this year must include reforms that address the disturbing abuses detailed in these opinions. Congress and the courts now have even more reason to prohibit warrantless searches of our information, and to permanently close the door on any collection of information that is not to or from a surveillance target."
https://icontherecord.tumblr.com/post/188217887058/release-of-documents-related-to-the-2018-fisa
👉🏼 Read more:
https://arstechnica.com/tech-policy/2019/10/unsealed-fisa-ruling-slaps-fbi-for-misuse-of-surveillance-data/
#USA #FISA #FBI #spy #surveillance #misuse #data #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
This is how you kick facial recognition out of your town
Bans on the technology have mostly focused on law enforcement, but there’s a growing movement to get it out of school, parks, and private businesses too.
In San Francisco, a cop can’t use facial recognition technology on a person arrested. But a landlord can use it on a tenant, and a school district can use it on students.
This is where we find ourselves, smack in the middle of an era when cameras on the corner can automatically recognize passersby, whether they like it or not. The question of who should be able to use this technology, and who shouldn’t, remains largely unanswered in the US. So far, American backlash against facial recognition has been directed mainly at law enforcement. San Francisco and Oakland, as well as Somerville, Massachusetts, have all banned police from using the technology in the past year because the algorithms aren’t accurate for people of color and women. Presidential candidate Bernie Sanders has even called for a moratorium on police use.
Private companies and property owners have had no such restrictions, and facial recognition is increasingly cropping up in apartment buildings, hotels, and more. Privacy advocates worry that constant surveillance will lead to discrimination and have a chilling effect on free speech—and the American public isn’t very comfortable with it either. According to a recent survey by Pew Research, people in the US actually feel better about cops using facial recognition than they do about private businesses.
👉🏼 Read more:
https://www.technologyreview.com/s/614477/facial-recognition-law-enforcement-surveillance-private-industry-regulation-ban-backlash/
#surveillance #facialrecognition #lawenforcement #regulation #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Bans on the technology have mostly focused on law enforcement, but there’s a growing movement to get it out of school, parks, and private businesses too.
In San Francisco, a cop can’t use facial recognition technology on a person arrested. But a landlord can use it on a tenant, and a school district can use it on students.
This is where we find ourselves, smack in the middle of an era when cameras on the corner can automatically recognize passersby, whether they like it or not. The question of who should be able to use this technology, and who shouldn’t, remains largely unanswered in the US. So far, American backlash against facial recognition has been directed mainly at law enforcement. San Francisco and Oakland, as well as Somerville, Massachusetts, have all banned police from using the technology in the past year because the algorithms aren’t accurate for people of color and women. Presidential candidate Bernie Sanders has even called for a moratorium on police use.
Private companies and property owners have had no such restrictions, and facial recognition is increasingly cropping up in apartment buildings, hotels, and more. Privacy advocates worry that constant surveillance will lead to discrimination and have a chilling effect on free speech—and the American public isn’t very comfortable with it either. According to a recent survey by Pew Research, people in the US actually feel better about cops using facial recognition than they do about private businesses.
👉🏼 Read more:
https://www.technologyreview.com/s/614477/facial-recognition-law-enforcement-surveillance-private-industry-regulation-ban-backlash/
#surveillance #facialrecognition #lawenforcement #regulation #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Revealed: Google made large contributions to climate change deniers
Firm’s public calls for climate action contrast with backing for conservative thinktanks
Google has made “substantial” contributions to some of the most notorious climate deniers in Washington despite its insistence that it supports political action on the climate crisis.
Among hundreds of groups the company has listed on its website as beneficiaries of its political giving are more than a dozen organisations that have campaigned against climate legislation, questioned the need for action, or actively sought to roll back Obama-era environmental protections.
The list includes the Competitive Enterprise Institute (CEI), a conservative policy group that was instrumental in convincing the Trump administration to abandon the Paris agreement and has criticised the White House for not dismantling more environmental rules.
Google said it was disappointed by the US decision to abandon the global climate deal, but has continued to support CEI.
Google is also listed as a sponsor for an upcoming annual meeting of the State Policy Network (SPN), an umbrella organisation that supports conservative groups including the Heartland Institute, a radical anti-science group that has chided the teenage activist Greta Thunberg for “climate delusion hysterics”.
SPN members recently created a “climate pledge” website that falsely states “our natural environment is getting better” and “there is no climate crisis”.
👉🏼 The obscure law that explains why Google backs climate deniers
https://www.theguardian.com/environment/2019/oct/11/obscure-law-google-climate-deniers-section-230
👉🏼 Read more:
https://www.theguardian.com/environment/2019/oct/11/google-contributions-climate-change-deniers
#DeleteGoogle #contributions #climate #deniers #thinktanks #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Firm’s public calls for climate action contrast with backing for conservative thinktanks
Google has made “substantial” contributions to some of the most notorious climate deniers in Washington despite its insistence that it supports political action on the climate crisis.
Among hundreds of groups the company has listed on its website as beneficiaries of its political giving are more than a dozen organisations that have campaigned against climate legislation, questioned the need for action, or actively sought to roll back Obama-era environmental protections.
The list includes the Competitive Enterprise Institute (CEI), a conservative policy group that was instrumental in convincing the Trump administration to abandon the Paris agreement and has criticised the White House for not dismantling more environmental rules.
Google said it was disappointed by the US decision to abandon the global climate deal, but has continued to support CEI.
Google is also listed as a sponsor for an upcoming annual meeting of the State Policy Network (SPN), an umbrella organisation that supports conservative groups including the Heartland Institute, a radical anti-science group that has chided the teenage activist Greta Thunberg for “climate delusion hysterics”.
SPN members recently created a “climate pledge” website that falsely states “our natural environment is getting better” and “there is no climate crisis”.
👉🏼 The obscure law that explains why Google backs climate deniers
https://www.theguardian.com/environment/2019/oct/11/obscure-law-google-climate-deniers-section-230
👉🏼 Read more:
https://www.theguardian.com/environment/2019/oct/11/google-contributions-climate-change-deniers
#DeleteGoogle #contributions #climate #deniers #thinktanks #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN