Tech companies could change these things to make your life easier and protect your digital security and privacy.
Why haven’t they yet?
https://fixitalready.eff.org/#/
📡 @NoGoolag
#fixitalready #why
Why haven’t they yet?
https://fixitalready.eff.org/#/
📡 @NoGoolag
#fixitalready #why
Android: IMSI Leaking during GPS Positioning
First of all, the basics:
Assisted GPS (abbreviated as A-GPS) is a system that usually significantly improves the time it takes to fix a satellite-based positioning system (GPS) for the first time - so GPS positioning is accelerated. How does this work? With mobile phones, the approximate location is already known from the radio cell in which your device is registered. This approximate location is then sent via the Secure User Plane Location Protocol (SUPL) to a SUPL server, which uses this information to limit the search range for the satellite signals and thus enables fast GPS positioning. Communication with the SUPL server takes place via TCP/IP or SMS.
Android systems use such a SUPL server to accelerate GPS positioning. However, the problem is that your IMSI number is also transmitted to the SUPL server when you make a request - which would not actually be necessary from a technical point of view.
The problem: The combination of the IMSI number with the radio cell ID enables the operator of a SUPL server to uniquely identify a user as soon as the smartphone locates or limits the location via a SUPL request. The SUPL protocol is therefore actually relatively sensible, but we do not know what the operators of the SUPL servers do with this information.
With my test devices I have now tried to find out when such a SUPL request is sent. Result: Whenever your GPS is activated and an app wants to query the location. It doesn't matter which mode you have chosen:
High accuracy:
Use GPS, WLAN, Bluetooth or mobile networks to determine your location.
Energy-saving mode:
Use WLAN, Bluetooth or mobile networks to determine your position.
Device only:
Use GPS to locate.
This means: Even if you have selected the mode "Device only", a request will be sent via A-GPS or SUPL-Request. The question is now which SUPL server or operator receives the radio cell information together with the IMSI number?
This is quite different - even with LineageOS. You can find out if you open the following file (root assumed) on your Android:
supl.google.com: Google
supl.sonyericsson.com: Sony
supl.qxwz.com: SUPL Server in China
supl.nokia.com: Nokia
If your GPS is activated, a SUPL request is sent to the SUPL_HOST - but this does not happen every time. You can force it after a device restart in combination with an app that wants to determine the GPS location. Sometimes it was also necessary to deactivate the WLAN interface.
Now you have to ask yourself if a quick GPS position determination via SUPL is important to you or maybe your privacy. If it's your privacy, you'll need to make the following changes to gps.conf and then restart your device:
With tcpdump you can check directly on the device if SUPL requests are still being sent:
How SUPL Reveals My Identity And Location To Google When I Use GPS. If you can help to answer this question, please feel free to contact me via email or use the forum thread.
With a "toy" like the HackRF One, mobile phone traffic on this level could certainly be recorded.
📡 @NoGoolag
#android #IMSI #leaking #GPS #positioning #guide #kuketz
First of all, the basics:
Assisted GPS (abbreviated as A-GPS) is a system that usually significantly improves the time it takes to fix a satellite-based positioning system (GPS) for the first time - so GPS positioning is accelerated. How does this work? With mobile phones, the approximate location is already known from the radio cell in which your device is registered. This approximate location is then sent via the Secure User Plane Location Protocol (SUPL) to a SUPL server, which uses this information to limit the search range for the satellite signals and thus enables fast GPS positioning. Communication with the SUPL server takes place via TCP/IP or SMS.
Android systems use such a SUPL server to accelerate GPS positioning. However, the problem is that your IMSI number is also transmitted to the SUPL server when you make a request - which would not actually be necessary from a technical point of view.
The problem: The combination of the IMSI number with the radio cell ID enables the operator of a SUPL server to uniquely identify a user as soon as the smartphone locates or limits the location via a SUPL request. The SUPL protocol is therefore actually relatively sensible, but we do not know what the operators of the SUPL servers do with this information.
With my test devices I have now tried to find out when such a SUPL request is sent. Result: Whenever your GPS is activated and an app wants to query the location. It doesn't matter which mode you have chosen:
High accuracy:
Use GPS, WLAN, Bluetooth or mobile networks to determine your location.
Energy-saving mode:
Use WLAN, Bluetooth or mobile networks to determine your position.
Device only:
Use GPS to locate.
This means: Even if you have selected the mode "Device only", a request will be sent via A-GPS or SUPL-Request. The question is now which SUPL server or operator receives the radio cell information together with the IMSI number?
This is quite different - even with LineageOS. You can find out if you open the following file (root assumed) on your Android:
/etc/system/gps.confor
/vendor/etc/gps.confThere you can search for the following entries:
SUPL_HOST=supl.google.comPreviously identified as SUPL_HOST or operator:
SUPL_PORT=7275 (may vary)
supl.google.com: Google
supl.sonyericsson.com: Sony
supl.qxwz.com: SUPL Server in China
supl.nokia.com: Nokia
If your GPS is activated, a SUPL request is sent to the SUPL_HOST - but this does not happen every time. You can force it after a device restart in combination with an app that wants to determine the GPS location. Sometimes it was also necessary to deactivate the WLAN interface.
Now you have to ask yourself if a quick GPS position determination via SUPL is important to you or maybe your privacy. If it's your privacy, you'll need to make the following changes to gps.conf and then restart your device:
SUPL_HOST=localhost⚠️Note: It is not sufficient to comment out the lines. Then a fallback becomes active. Where the fallback information came from I could not find out yet.
SUPL_PORT=7275
With tcpdump you can check directly on the device if SUPL requests are still being sent:
tcpdump -i any -s0 port 7275Unfortunately, one question remains unanswered: Does the proprietary baseband possibly send a SUPL request on its own and bypasses the Android operating system? In any case, this is indicated by the following article:
How SUPL Reveals My Identity And Location To Google When I Use GPS. If you can help to answer this question, please feel free to contact me via email or use the forum thread.
With a "toy" like the HackRF One, mobile phone traffic on this level could certainly be recorded.
Source and more infohttps://www.kuketz-blog.de/android-imsi-leaking-bei-gps-positionsbestimmung/
📡 @NoGoolag
#android #IMSI #leaking #GPS #positioning #guide #kuketz
Cloudflare – The bad, the worse and the ugly?
What is Cloudflare and why not to use Cloudflare!
Cloudflare, the operator of the probably best-known content delivery network, is not only very popular with black copiers. Credit card fraudsters, phishing site operators, blackmailers and terrorists also like to use the services of the Californian company. Volker Rieck takes a closer look.
In the USA, a large technology company is about to go public. Cloudflare from San Francisco wants to collect almost 3.5 billion dollars on the stock exchange in the first half of the year with the support of the investment bank Goldman Sachs. However, there are heavy shadows over Cloudflare. The spectrum of his customers ranges from credit card fraudsters and spammers to sites that operate copyright infringement as a business model and terrorist sites. Even US embargoes are undermined.
💡 What is Cloudflare?
The service of Cloudflare is the supply of a content Delivery network (CDN) - also content distribution network called. That is simplified said a type of turbo for web pages, so that these are delivered world-wide fast and surely. Cloudflare hangs itself thereby between the web page and/or the servers of its customers and the visitor of the side and/or user of a service and provides by purposeful control and distribution of the Traffics for a correspondingly high speed. In this way Cloudflare can offer also protection against overload attacks (DDoS) in the net.
💡 However, it offers a hidden feature:
the company anonymizes its customers.
By doing so, Cloudflare will put a screen over the original website or its server, making the operator of this site almost untraceable. If, for example, you want to know where a certain website is hosted, you only receive Cloudflare data, but you can neither identify the original computer center nor the IP address, which would be necessary, among other things, for prosecuting legal violations.
Civil law inquiries are useless, because Cloudflare only provides the naming of a computer center, which is worthless without the respective IP address. This would be roughly comparable to the information of an address in a high-rise building with thousands of residents, where there are no bell signs.
Read the full article inside TG (🇬🇧)
https://t.iss.one/BlackBox_Archiv/163
Or the original (🇩🇪)
(TG) https://t.iss.one/BlackBox_Archiv/166
(Web) https://tarnkappe.info/cloudflare-the-bad-the-worse-and-the-ugly/
📡 @NoGoolag
#cloudflare #dns #truth #why
What is Cloudflare and why not to use Cloudflare!
Cloudflare, the operator of the probably best-known content delivery network, is not only very popular with black copiers. Credit card fraudsters, phishing site operators, blackmailers and terrorists also like to use the services of the Californian company. Volker Rieck takes a closer look.
In the USA, a large technology company is about to go public. Cloudflare from San Francisco wants to collect almost 3.5 billion dollars on the stock exchange in the first half of the year with the support of the investment bank Goldman Sachs. However, there are heavy shadows over Cloudflare. The spectrum of his customers ranges from credit card fraudsters and spammers to sites that operate copyright infringement as a business model and terrorist sites. Even US embargoes are undermined.
💡 What is Cloudflare?
The service of Cloudflare is the supply of a content Delivery network (CDN) - also content distribution network called. That is simplified said a type of turbo for web pages, so that these are delivered world-wide fast and surely. Cloudflare hangs itself thereby between the web page and/or the servers of its customers and the visitor of the side and/or user of a service and provides by purposeful control and distribution of the Traffics for a correspondingly high speed. In this way Cloudflare can offer also protection against overload attacks (DDoS) in the net.
💡 However, it offers a hidden feature:
the company anonymizes its customers.
By doing so, Cloudflare will put a screen over the original website or its server, making the operator of this site almost untraceable. If, for example, you want to know where a certain website is hosted, you only receive Cloudflare data, but you can neither identify the original computer center nor the IP address, which would be necessary, among other things, for prosecuting legal violations.
Civil law inquiries are useless, because Cloudflare only provides the naming of a computer center, which is worthless without the respective IP address. This would be roughly comparable to the information of an address in a high-rise building with thousands of residents, where there are no bell signs.
Read the full article inside TG (🇬🇧)
https://t.iss.one/BlackBox_Archiv/163
Or the original (🇩🇪)
(TG) https://t.iss.one/BlackBox_Archiv/166
(Web) https://tarnkappe.info/cloudflare-the-bad-the-worse-and-the-ugly/
📡 @NoGoolag
#cloudflare #dns #truth #why
Protect freedom on radio devices: raise your voice today!
We are facing a EU regulation which may make it impossible to install a custom piece of software on most radio decives like wiki routers, smartphones and embedded devices.
https://blog.mehl.mx/2019/protect-freedom-on-radio-devices-raise-your-voice-today
Link to provide negative feedback:
https://ec.europa.eu/info/law/better-regulation/initiatives/ares-2018-6621038_en
📡 @NoGoolag
#eu
We are facing a EU regulation which may make it impossible to install a custom piece of software on most radio decives like wiki routers, smartphones and embedded devices.
https://blog.mehl.mx/2019/protect-freedom-on-radio-devices-raise-your-voice-today
Link to provide negative feedback:
https://ec.europa.eu/info/law/better-regulation/initiatives/ares-2018-6621038_en
📡 @NoGoolag
#eu
mehl.mx
Max Mehl | Protect freedom on radio devices: raise your voice today!
We are facing a EU regulation which may make it impossible to install a custom piece of software on most radio decives like WiFi routers, smartphones and embedded devices. You can now give feedback on …
The Secrets Hidden in Our Google Location Data
🎧 🇬🇧 The Secrets Hidden in Our Google Location Data
This week on Decrypted, Bloomberg Technology’s Alistair Barr and Pia Gadkari explore the myriad secrets that our location data can reveal and some of the ways it can be used against us.
📻 The #secrets #hidden in Our #google #location #data #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
This week on Decrypted, Bloomberg Technology’s Alistair Barr and Pia Gadkari explore the myriad secrets that our location data can reveal and some of the ways it can be used against us.
📻 The #secrets #hidden in Our #google #location #data #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Forwarded from BlackBox (EN)
Smart Phones for Privacy & Security
Smartphones are inherently bad for privacy. You've basically got a tracking device in your pocket, pinging off cell towers and locking onto GPS satellites. All the while, the handset's data connection ensures that tracking cookies, advertising IDs, and usage stats follow you around the internet.
So no, there's no such thing as a perfectly secure and truly private smartphone, let's get that out of the way now. But in the information age, you practically need a smartphone just to get by in society, so the question then becomes: Which phone manages to be the lesser of all the evils?
With critical vulnerabilities such as the KRACK exploit and Blueborne, not to mention the FBI attempting to find a backdoor into practically every phone, that's a hard question to answer. So to find the most security-hardened devices, we tested the top smartphones on the market, looking for key factors like encryption strength, biometrics, hardware-assisted security, VPN availability, and security patch timeframes. Our research narrowed the list down to five great phones, so let's discuss how well each of these devices protects your privacy.
Key Comparison Points
When it came to comparing our five finalist phones, these were the key differentiating factors for privacy and security:
✳️ Biometrics
✳️ Authentication Methods
✳️ Encryption
✳️ Hardware-Stored Keys
✳️ Hardware Security Modules
✳️ Sandboxed User Accounts
✳️ Restrict Ad Tracking
✳️ Always-On VPN
✳️ Block Internet Access for Apps
✳️ Data Wipe After Failed Login
✳️ DNS over TLS
✳️ Force Password to Unlock Phone
✳️ Restrict Usage of Data Port
✳️ Anti-Theft Protection
✳️ Built-in Password Manager
✳️ Password Generator
✳️ Autofill Passwords
✳️ Password Protected Apps
✳️ Password Protected Files
✳️ Stock Security Center App
✳️ Security Patch Timeframe
✳️ Bug Bounties
#tips #smartphones #security #privacy
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
Smartphones are inherently bad for privacy. You've basically got a tracking device in your pocket, pinging off cell towers and locking onto GPS satellites. All the while, the handset's data connection ensures that tracking cookies, advertising IDs, and usage stats follow you around the internet.
So no, there's no such thing as a perfectly secure and truly private smartphone, let's get that out of the way now. But in the information age, you practically need a smartphone just to get by in society, so the question then becomes: Which phone manages to be the lesser of all the evils?
With critical vulnerabilities such as the KRACK exploit and Blueborne, not to mention the FBI attempting to find a backdoor into practically every phone, that's a hard question to answer. So to find the most security-hardened devices, we tested the top smartphones on the market, looking for key factors like encryption strength, biometrics, hardware-assisted security, VPN availability, and security patch timeframes. Our research narrowed the list down to five great phones, so let's discuss how well each of these devices protects your privacy.
Key Comparison Points
When it came to comparing our five finalist phones, these were the key differentiating factors for privacy and security:
✳️ Biometrics
✳️ Authentication Methods
✳️ Encryption
✳️ Hardware-Stored Keys
✳️ Hardware Security Modules
✳️ Sandboxed User Accounts
✳️ Restrict Ad Tracking
✳️ Always-On VPN
✳️ Block Internet Access for Apps
✳️ Data Wipe After Failed Login
✳️ DNS over TLS
✳️ Force Password to Unlock Phone
✳️ Restrict Usage of Data Port
✳️ Anti-Theft Protection
✳️ Built-in Password Manager
✳️ Password Generator
✳️ Autofill Passwords
✳️ Password Protected Apps
✳️ Password Protected Files
✳️ Stock Security Center App
✳️ Security Patch Timeframe
✳️ Bug Bounties
#tips #smartphones #security #privacy
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
1. Social network targeted legislators around the world, promising or threatening to withhold investment
Facebook has targeted politicians around the world – including the former UK chancellor, George Osborne – promising investments and incentives while seeking to pressure them into lobbying on Facebook’s behalf against data privacy legislation, an explosive new leak of internal Facebook documents has revealed.
https://www.theguardian.com/technology/2019/mar/02/facebook-global-lobbying-campaign-against-data-privacy-laws-investment
2. German data protectors alerted about Facebook's internal spy department
Facebook's proprietary security team collected location data from ex-employees it considers a threat to the company.
Does Facebook also play private police in Germany? The Hamburg data protection commissioner demands answers from Facebook.
https://netzpolitik.org/2019/deutsche-datenschuetzer-alarmiert-wegen-facebooks-spitzelabteilung/
3. Facebook pressured Canada to ease up on data rules, U.K. reports say Social Sharing
Internal documents leaked to U.K. journalists show Facebook's global lobbying operations
Facebook promised to open a data centre in Canada to create jobs, in exchange for the federal government offering assurances that it would not impose its jurisdiction over the company's non-Canadian data.
https://www.cbc.ca/news/politics/facebook-canada-data-pressure-1.5041063
#DeleteFacebook #fb #why #leak
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
Facebook has targeted politicians around the world – including the former UK chancellor, George Osborne – promising investments and incentives while seeking to pressure them into lobbying on Facebook’s behalf against data privacy legislation, an explosive new leak of internal Facebook documents has revealed.
https://www.theguardian.com/technology/2019/mar/02/facebook-global-lobbying-campaign-against-data-privacy-laws-investment
2. German data protectors alerted about Facebook's internal spy department
Facebook's proprietary security team collected location data from ex-employees it considers a threat to the company.
Does Facebook also play private police in Germany? The Hamburg data protection commissioner demands answers from Facebook.
https://netzpolitik.org/2019/deutsche-datenschuetzer-alarmiert-wegen-facebooks-spitzelabteilung/
3. Facebook pressured Canada to ease up on data rules, U.K. reports say Social Sharing
Internal documents leaked to U.K. journalists show Facebook's global lobbying operations
Facebook promised to open a data centre in Canada to create jobs, in exchange for the federal government offering assurances that it would not impose its jurisdiction over the company's non-Canadian data.
https://www.cbc.ca/news/politics/facebook-canada-data-pressure-1.5041063
#DeleteFacebook #fb #why #leak
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
Here are the data brokers quietly buying and selling your personal information
You’ve probably never heard of many of the data firms registered under a new law, but they’ve heard a lot about you.
It’s no secret that your personal data is routinely bought and sold by dozens, possibly hundreds, of companies. What’s less known is who those companies are, and what exactly they do.
https://www.fastcompany.com/90310803/here-are-the-data-brokers-quietly-buying-and-selling-your-personal-information
📡 @NoGoolag
#BigData #privacy #mydata #why #data #brokers
You’ve probably never heard of many of the data firms registered under a new law, but they’ve heard a lot about you.
It’s no secret that your personal data is routinely bought and sold by dozens, possibly hundreds, of companies. What’s less known is who those companies are, and what exactly they do.
https://www.fastcompany.com/90310803/here-are-the-data-brokers-quietly-buying-and-selling-your-personal-information
📡 @NoGoolag
#BigData #privacy #mydata #why #data #brokers
Europe dictators want to forbid the installation of third party software (like android ROMs, openwrt, iot...) in radio devices (smartphones, routers, iot...)
https://blog.mehl.mx/2019/protect-freedom-on-radio-devices-raise-your-voice-today/
You can insult them here, today is the last day:
https://ec.europa.eu/info/law/better-regulation/initiatives/ares-2018-6621038_en
#eu
https://blog.mehl.mx/2019/protect-freedom-on-radio-devices-raise-your-voice-today/
You can insult them here, today is the last day:
https://ec.europa.eu/info/law/better-regulation/initiatives/ares-2018-6621038_en
#eu
mehl.mx
Max Mehl | Protect freedom on radio devices: raise your voice today!
We are facing a EU regulation which may make it impossible to install a custom piece of software on most radio decives like WiFi routers, smartphones and embedded devices. You can now give feedback on …
Why Democracies Die: The Reason Privacy Is the Source of Power in the 21st Century
https://medium.com/privateid-blog/why-democracies-die-the-reason-privacy-is-the-source-of-power-in-the-21st-century-4883906d910
#why
https://medium.com/privateid-blog/why-democracies-die-the-reason-privacy-is-the-source-of-power-in-the-21st-century-4883906d910
#why
Medium
Why Democracies Die: The Reason Privacy Is the Source of Power in the 21st Century
Listen to the PrivateID Podcast. Download this episode here (right click/save as..)
🔏 NoGooLag group - Avoid gapps n spyware! - well known to be a cult
https://t.iss.one/joinchat/FyFlS0X2D7f6YNvdxhEsfw
🔏 Privacy & Security - Group discussion for anything related to Privacy and Security.
https://t.iss.one/Privacy101Security
🔏 BlackBox Security - Latest news and discussions about security - privacy and democracy threats
https://t.iss.one/joinchat/Ev2mTVbTsZTMNLFeIztFjQ
https://t.iss.one/joinchat/FyFlS0X2D7f6YNvdxhEsfw
🔏 Privacy & Security - Group discussion for anything related to Privacy and Security.
https://t.iss.one/Privacy101Security
🔏 BlackBox Security - Latest news and discussions about security - privacy and democracy threats
https://t.iss.one/joinchat/Ev2mTVbTsZTMNLFeIztFjQ
Forwarded from cRyPtHoN™ INFOSEC (EN)
Open source breaches up by over 70 percent
A quarter of firms confirmed or suspected a web application breach in the past 12 months.
Open source breaches have increased by 71 percent over the last five years, while 26 percent of companies reported a confirmed or suspected web application breach in the past year alone, according to a new survey.
https://www.scmagazineuk.com/open-source-breaches-70-percent/article/1577919
Read Via Telegram
#opensource #vulnerability #hacking
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
A quarter of firms confirmed or suspected a web application breach in the past 12 months.
Open source breaches have increased by 71 percent over the last five years, while 26 percent of companies reported a confirmed or suspected web application breach in the past year alone, according to a new survey.
https://www.scmagazineuk.com/open-source-breaches-70-percent/article/1577919
Read Via Telegram
#opensource #vulnerability #hacking
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
And the mass is walking!
#Article13Demo in #Frankfurt has become so big that it has been converted into a walking demo! #SaveYourInternet #article13 #Uploadfilter
https://twitter.com/uploadfilter/status/1102997023933022208?s=09
#Uploadfilter #Artikel13 #NoUploadFilter #demo #CreateAwareness #getactive #SaveTheInternet #FreeSpeach
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
#Article13Demo in #Frankfurt has become so big that it has been converted into a walking demo! #SaveYourInternet #article13 #Uploadfilter
https://twitter.com/uploadfilter/status/1102997023933022208?s=09
#Uploadfilter #Artikel13 #NoUploadFilter #demo #CreateAwareness #getactive #SaveTheInternet #FreeSpeach
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
🎧 🇬🇧 Silk Road [Part 1- 2 - 3]
The Silk Road was an ancient network of trade routes that started in China in the 2nd century B.C. Via a combination of roads, and sea routes, goods like silk, paper and spices were transported from the producers in Asia to markets in Europe. Eventually, it wasn’t just goods that were traded – there were also ideas, customs, religions and even diseases.
The Silk Road expanded throughout different continents and civilizations for several centuries. It connected Asia, Europe, Africa and the Middle East. A marketplace across the world.
Two major expansions can be traced back to the Silk Road. One of these was the introduction of Buddhism into China. The second was the Black Death.
📻 Part 1:
https://t.iss.one/BlackBox_Archiv/212
📻 Part 2:
https://t.iss.one/BlackBox_Archiv/213
📻 Part 3:
https://t.iss.one/BlackBox_Archiv/214
#SilkRoad #darknet #podcast #DEA
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
The Silk Road was an ancient network of trade routes that started in China in the 2nd century B.C. Via a combination of roads, and sea routes, goods like silk, paper and spices were transported from the producers in Asia to markets in Europe. Eventually, it wasn’t just goods that were traded – there were also ideas, customs, religions and even diseases.
The Silk Road expanded throughout different continents and civilizations for several centuries. It connected Asia, Europe, Africa and the Middle East. A marketplace across the world.
Two major expansions can be traced back to the Silk Road. One of these was the introduction of Buddhism into China. The second was the Black Death.
📻 Part 1:
https://t.iss.one/BlackBox_Archiv/212
📻 Part 2:
https://t.iss.one/BlackBox_Archiv/213
📻 Part 3:
https://t.iss.one/BlackBox_Archiv/214
#SilkRoad #darknet #podcast #DEA
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Google is working on securely storing Digital Driver's Licenses in Android
https://www.xda-developers.com/google-android-digital-drivers-license
📡 @NoGoolag
#google #driver #license #id #why
https://www.xda-developers.com/google-android-digital-drivers-license
📡 @NoGoolag
#google #driver #license #id #why
XDA Developers
Google is working on securely storing Digital Driver’s Licenses in Android
Android R could support securely storing mobile driver's licenses on devices like the Google Pixel 2, Google Pixel 3, or Google Pixel 4.
Generic System Image (GSI) list (arm - arm64)
Here's a up to date collection of available GSI ROMs, in order to keep it easy to choose what you want.
You will find:
✅Official Android 9 Pie
✅Unofficial Android 9 Pie
✅Android 8 Oreo
https://github.com/phhusson/treble_experimentations/wiki/Generic-System-Image-%28GSI%29-list
How to flash a Generic System Image (GSI) on Project Treble supported devices
https://www.xda-developers.com/flash-generic-system-image-project-treble-device/
📡 @NoGoolag
#GSI #ROM #android #pie #oreo #official #unofficial
Here's a up to date collection of available GSI ROMs, in order to keep it easy to choose what you want.
You will find:
✅Official Android 9 Pie
✅Unofficial Android 9 Pie
✅Android 8 Oreo
https://github.com/phhusson/treble_experimentations/wiki/Generic-System-Image-%28GSI%29-list
How to flash a Generic System Image (GSI) on Project Treble supported devices
https://www.xda-developers.com/flash-generic-system-image-project-treble-device/
📡 @NoGoolag
#GSI #ROM #android #pie #oreo #official #unofficial
Forwarded from cRyPtHoN™ INFOSEC (EN)
Patch immediately: Chrome zero-day flaw is being attacked now
Google's head of Chrome security has warned all Chrome users to update the browser immediately to patch to a zero day flaw that was being exploited now.
Google issued a warning about the attacks yesterday in an update to a post about a Chrome update released on March 1 that contained one security fix.
https://www.cso.com.au/article/658538/patch-immediately-chrome-zero-day-flaw-being-attacked-now/
Read Via Telegram
#deletechrome #deletegoogle
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
Google's head of Chrome security has warned all Chrome users to update the browser immediately to patch to a zero day flaw that was being exploited now.
Google issued a warning about the attacks yesterday in an update to a post about a Chrome update released on March 1 that contained one security fix.
https://www.cso.com.au/article/658538/patch-immediately-chrome-zero-day-flaw-being-attacked-now/
Read Via Telegram
#deletechrome #deletegoogle
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
Forwarded from cRyPtHoN™ INFOSEC (EN)
NSA quietly abandons controversial surveillance programme
For the past six months the US National Security Agency has not been collecting metadata on Americans' calls and texts domestically, marking the quiet end to a controversial surveillance programme enacted by the 2001 Patriot Act.
For the past six months the US National Security Agency has not been collecting metadata on Americans’ calls and texts domestically, marking the quiet end to a controversial surveillance programme enacted by the 2001 Patriot Act, a congressional aide said Saturday.
https://www.scmagazineuk.com/nsa-quietly-abandons-controversial-surveillance-programme/article/1578032
Read Via Telegram
#nsa #surveillance #privacy
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
For the past six months the US National Security Agency has not been collecting metadata on Americans' calls and texts domestically, marking the quiet end to a controversial surveillance programme enacted by the 2001 Patriot Act.
For the past six months the US National Security Agency has not been collecting metadata on Americans’ calls and texts domestically, marking the quiet end to a controversial surveillance programme enacted by the 2001 Patriot Act, a congressional aide said Saturday.
https://www.scmagazineuk.com/nsa-quietly-abandons-controversial-surveillance-programme/article/1578032
Read Via Telegram
#nsa #surveillance #privacy
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
Forwarded from cRyPtHoN™ INFOSEC (EN)
Labs survey finds privacy concerns, distrust of social media rampant with all age groups
Before Cambridge Analytica made Facebook an unwilling accomplice to a scandal by appropriating and misusing more than 50 million users’ data, the public was already living in relative unease over the privacy of their information online.
The Cambridge Analytica incident, along with other, seemingly day-to-day headlines about data breaches pouring private information into criminal hands, has eroded public trust in corporations’ ability to protect data, as well as their willingness to use the data in ethically responsible ways.
https://blog.malwarebytes.com/security-world/2019/03/labs-survey-finds-privacy-concerns-distrust-of-social-media-rampant-with-all-age-groups/
#FacebookDigitalGangsters #socialmedia #privacy
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
Before Cambridge Analytica made Facebook an unwilling accomplice to a scandal by appropriating and misusing more than 50 million users’ data, the public was already living in relative unease over the privacy of their information online.
The Cambridge Analytica incident, along with other, seemingly day-to-day headlines about data breaches pouring private information into criminal hands, has eroded public trust in corporations’ ability to protect data, as well as their willingness to use the data in ethically responsible ways.
https://blog.malwarebytes.com/security-world/2019/03/labs-survey-finds-privacy-concerns-distrust-of-social-media-rampant-with-all-age-groups/
#FacebookDigitalGangsters #socialmedia #privacy
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_ES
It's not just the walls that have ears. It's also the hard drives....
From hard drive to over-heard drive: Boffins convert spinning rust into eavesdropping mic
Scientists at the University of Michigan and Zhejiang University in China have found a method to detect human voices through hard drives. The process uses the vibrations of the platters, which are caused by acoustic signals.
Eggheads at the University of Michigan in the US, and Zhejiang University in China, have found that hard disk drives (HDDs) can be turned into listening devices, using malicious firmware and signal processing calculations.
For a study titled "Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone," computer scientists Andrew Kwong, Wenyuan Xu, and Kevin Fu describe an acoustic side-channel that can be accessed by measuring how sound waves make hard disk parts vibrate.
"Our research demonstrates that the mechanical components in magnetic hard disk drives behave as microphones with sufficient precision to extract and parse human speech," their paper, obtained by The Register ahead of its formal publication, stated. "These unintentional microphones sense speech with high enough fidelity for the Shazam service to recognize a song recorded through the hard drive."
https://www.theregister.co.uk/2019/03/07/hard_drive_eavesdropping/
#surveillance #harddrive #eavesdropping
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
From hard drive to over-heard drive: Boffins convert spinning rust into eavesdropping mic
Scientists at the University of Michigan and Zhejiang University in China have found a method to detect human voices through hard drives. The process uses the vibrations of the platters, which are caused by acoustic signals.
Eggheads at the University of Michigan in the US, and Zhejiang University in China, have found that hard disk drives (HDDs) can be turned into listening devices, using malicious firmware and signal processing calculations.
For a study titled "Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone," computer scientists Andrew Kwong, Wenyuan Xu, and Kevin Fu describe an acoustic side-channel that can be accessed by measuring how sound waves make hard disk parts vibrate.
"Our research demonstrates that the mechanical components in magnetic hard disk drives behave as microphones with sufficient precision to extract and parse human speech," their paper, obtained by The Register ahead of its formal publication, stated. "These unintentional microphones sense speech with high enough fidelity for the Shazam service to recognize a song recorded through the hard drive."
https://www.theregister.co.uk/2019/03/07/hard_drive_eavesdropping/
#surveillance #harddrive #eavesdropping
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
This media is not supported in your browser
VIEW IN TELEGRAM
Adware Apps in Google Play Simulate Uninstall for Persistence
Three adware apps discovered in Google Play use a special trick to ensure they stay on the victim device for a longer time.
📺 https://twitter.com/LukasStefanko/status/1102889352118616064/video/1
https://www.bleepingcomputer.com/news/security/adware-apps-in-google-play-simulate-uninstall-for-persistence/
📡 @NoGoolag
#adware #apps #playstore
Three adware apps discovered in Google Play use a special trick to ensure they stay on the victim device for a longer time.
📺 https://twitter.com/LukasStefanko/status/1102889352118616064/video/1
https://www.bleepingcomputer.com/news/security/adware-apps-in-google-play-simulate-uninstall-for-persistence/
📡 @NoGoolag
#adware #apps #playstore