YouTube is reading text in users’ videos

Google keeps tabs on much of your activity, including your browsing history and your location. Now, it turns out that its YouTube service is also reading what’s in your videos, too.

Programmer Austin Burk, who goes by the nickname Sudofox, discovered the issue after discovering a cross-site scripting (XSS) flaw on another site.

In an attempt to responsibly disclose it, he uploaded a video of the exploit to YouTube as an unlisted video so that he could show it to the relevant parties.
https://nakedsecurity.sophos.com/2018/12/14/youtube-is-reading-text-in-users-videos/

Read Via Telegram

#google #youtube #privacy #url
📡@cRyPtHoN_INFOSEC_EN

Signature spoofing support seems to be broken in (some?) custom ROMs with latest (Dec 5) Security patch. The workaround is to patch the ROM with latest nanodroid patcher.
Link:
https://downloads.nanolx.org/NanoDroid/Stable/NanoDroid-patcher-20.3.20181208.zip


#MicroG #Nanodroid #Nanodroid_patcher

Hello everybody, I am happy that from today we can also welcome the team and members of Energized ⚡️ Protection in the BlackBox Security/Datenschutz/Support DE group, to offer support, but also exchange experiences and knowledge in German language.
Unite knowledge, share knowledge and help others, that is BlackBox Security/Data Protection/Support DE😊

Hallo zusammen, ich freue mich das wir ab heute auch das Team und Mitglieder von Energized ⚡️ Protection bei BlackBox Security/Datenschutz/Support DE begrüßen können, um bei Bedarf Unterstützung, aber auch Erfahrungs Austausch und eine Sammlung an Wissen in Deutscher Sprache zu bieten.
Wissen vereinen, Wissen teilen und anderen helfen, dass ist BlackBox Security/Datenschutz/Support DE 😊
https://t.iss.one/BlackBox_Security_Datenschutz_DE

📡 @cRyPtHoN™INFOSEC_DE

Vulnerabilities in Google Drive and Google Photos allowed others to steal your files

https://blog.avatao.com/How-I-could-steal-your-photos-from-Google


📡 @NoGoolag
#google #drive #photos #vulnerability #bug #leak #why

DOH (DNS Over HTTPS) Server App - Prerelease Version

By courtesy of Daniel (Frostnerd) the current and brand new DOH Sever App. This version does not yet contain any functions (e.g. start at boot etc.), but is completely re-encoded.

As usual, this app does not contain advertising, tracking, home calls or whatever. We certainly wouldn't recommend it to you if that were the case. And of course, this App is opensource too.
https://git.frostnerd.com/PublicAndroidApps/smokescreen

In the near future there will also be a "keweon Edition", which contains the keweon servers by default. But there will be an extra version of the new DNS Changer app for f-droid, because Googel doesn't tolerate real AdBlockers in the store.

This version is stable, but it is still a pre-release version and there will be more features to add.
The battery consumption is already much lower than with Intra e.g., just be surprised.
Ideas, complaints and any helpful comments can be shared with the hashtags #Bugreport #smokescreen in the BlackBox Security/Data Protection/Support DE group.

🔽🔽🔽Download DoH DNS Changer App 🔽🔽🔽
https://t.iss.one/BlackBox_Security_Datenschutz_DE

#smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock
📡 BlackBox Security/Datenschutz/Support DE

📡 BlackBox Security/Datenschutz/Support DE #smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock

AdAway

Open source ad blocker for Android using the hosts file

https://adaway.org

⬇️ Download Stable
https://f-droid.org/app/org.adaway

⬇️ Download Preview builds
https://androidfilehost.com/?w=files&flid=249276&sort_by=date&sort_dir=DESC

📖 Readme
https://github.com/AdAway/AdAway/blob/master/README.md

📖 Wiki
https://github.com/AdAway/AdAway/wiki

https://github.com/AdAway/AdAway/wiki/HostsSources

🗣 XDA
https://forum.xda-developers.com/showthread.php?t=2190753


📡 @NoGoolag
#adaway #block #ads #hosts

List to block MIUI spyware reporting back to xiaomi servers. The list is huge

Add this link in Adaway -> Host sources :

https://gist.githubusercontent.com/eboye/ef2f8c3e9e3b32c0980ff1a226770b1c/raw/36afd2333c781b5682bf602580a7935649d794b2/adaway-miui-blocklist

Don't worry if it says
Local: not avaliable, Online: not avaliable
It should be working, just test any address from the list

( From @ eboye
https://gist.github.com/eboye/ef2f8c3e9e3b32c0980ff1a226770b1c )


📡 @NoGoolag
#miui #spyware #block #hosts

CHEF-KOCH

Firefox Hardening
https://github.com/CHEF-KOCH/FFCK

user.js -- Firefox configuration hardening
https://github.com/CHEF-KOCH/user.js

Chromium Hardening
https://github.com/CHEF-KOCH/Chromium-hardening

Thunderbird user.js hardening
https://github.com/CHEF-KOCH/TBCK


Android Privacy Data Protection Tools
https://github.com/CHEF-KOCH/Android-Privacy-Data-Protection-Tools-Mega-Thread

POTARC - Privacy Online Test And Resource Compendium
https://github.com/CHEF-KOCH/Online-Privacy-Test-Resource-List

DNScrypt proxy blacklist filter
A basic filter list designed for the blacklist mechanism in DNSCryp-Proxy v2
https://github.com/CHEF-KOCH/dnscrypt-proxy-blacklist-filter

DarkWeb pages overview
Shows Deep Web specific pages, software and other related information.
https://github.com/CHEF-KOCH/ProjectX

CHEF-KOCH Warez list
https://github.com/CHEF-KOCH/Warez

Android Unbound DNS-over-TLS
https://github.com/CHEF-KOCH/Android-Unbound-DNSoverTLS

Windows Gaming Tweaks
https://github.com/CHEF-KOCH/GamingTweaks


https://chef-koch.github.io
https://github.com/CHEF-KOCH
https://gitlab.com/CHEF-KOCH


📡 @NoGoolag
#ck #chef #koch #hardening #ff #chrome #chromium #alternatives

personalDNSfilter

Block ads via local VPN connection and custom DNS (optional).

~ Features:
- Open source
- Lightweight (<150 KB approx.)
- Negligible RAM consumption (10 MB approx.)
- Battery friendly
- Inbuilt DNS changer (Can use Custom DNS)
- Hosts blocking
- Domain blocking
- Support manual adding domain for whitelisting & blacklisting
- Inbuilt app filter (Can bypass certain apps from being filtered)
- No privacy mining (Your data is your data)

~ Bonus feature:
- Can act as network logger also (User can see what app is making request)

>Source:
https://github.com/IngoZenz/personaldnsfilter

>XDA:
https://forum.xda-developers.com/android/apps-games/app-personaldnsfilter-block-malware-t3567898

>Web:
https://www.zenz-solutions.de/personaldnsfilter/

>Telegram:
https://t.iss.one/pdnsf


#pdnsf #pdf #dns

personalHTTPproxy

Use local http proxy for ad blocking (Required APN configuration to work).

~ Features:
- Open source
- Lightweight (<100 KB)
- Negligible RAM consumption (10 MB approx.)
- Battery friendly
- Hosts blocking
- Support wildcard blocking
- Support for whitelisting & blacklisting
- Only intercept http/https connection
- Can act as real http/https proxy (For bypassing blocked websites with ad blocked)
- No privacy mining (Your data is your data)

~ Bonus feature:
- Can act as network logger also (User can see what app is making request)

>Source:
https://github.com/IngoZenz/personalhttpproxy

>XDA:
https://forum.xda-developers.com/android/apps-games/app-personal-httpproxy-android-block-t3339874

>Web:
https://www.zenz-solutions.de/personalhttpproxy/

>Telegram:
https://t.iss.one/pdnsf


#phttpp #php #http #proxy

DOH (DNS Over HTTPS) Server App

New SmokeScreen Version Alpha-1.0 (Build 8):

- The notification doesn't make sounds anymore
- The notification now shows how many entries are cached
- Added logging which collects some debug info for me (only locally on your device, you can send the logs to me by hand)
🔆 🔆
SmokeScreen DNS Changer APP Neue Version Alpha-1.0 (Build 8):
- Die Benachrichtigung erzeugt keine Geräusche mehr.
- Die Benachrichtigung zeigt nun an, wie viele Einträge zwischengespeichert werden.
- Protokollierung hinzugefügt, die einige Debug-Informationen für mich sammelt (nur lokal auf Ihrem Gerät, Sie können die Protokolle von Hand an mich senden).

#smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock #Bugreport
Download🔽🔽🔽

📡 BlackBox▪️Security▪️Datenschutz▪️Support

#smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock #Bugreport

SmokeScreen DOH (DNS Over HTTPS) Server App

❓What does this app do?
This app establishes a local dummy VPN -- it doesn't connect to a VPN server and only handles your DNS packets -- to receive DNS requests your phone is sending and forwards them to a Dns-over-https server of your choice. It offers a lot of flexibility, is easy to use and doesn't use many resources. Type #doh, #dns or #alpha to get started.

❓ Who is behind it?
The app is being developed by me, Ch4t4r (or Daniel Wolf if you'd like). I'm 21 years old and a software engineer from Germany. I study computer sciences. You might have seen my DnsChanger application: https://play.google.com/store/apps/details?id=com.frostnerd.dnschanger
Source codes to my apps can be accessed here: git.frostnerd.com

❓ How Do I get help?
You have multiple choices for receiving help. Either post here in our TG support group https://t.iss.one/joinchat/I54nRleveRG3xwAa3StNCg , send me a pm, or an E-Mail to [email protected].
I do answer technical questions as well.

❓ Is this App open source?
Yes. The source code can be found here: smokescreen.app/source

❓ Which server do you recommend?
I recommend the Keweon Dns-over-https server. This server blocks ads and tracking; keweon.com
telegram group english here: https://t.iss.one/keweon
telegram group german here: https://t.iss.one/keweonDE

#smokescreen #Frostnerd #DNSChanger #keweon #keineWerbung #Adblock #Bugreport #Support

OpenWPM

OpenWPM is a web privacy measurement framework which makes it easy to collect data for privacy studies on a scale of thousands to millions of websites. OpenWPM is built on top of Firefox, with automation provided by Selenium. It includes several hooks for data collection. Check out the instrumentation section below for more details.
https://github.com/mozilla/OpenWPM

#privacy #cookies #surveillance #firefox
📡@cRyPtHoN_INFOSEC_EN