Sci-Hub

The first pirate website in the world to provide mass and public access to tens of millions of research papers

A research paper is a special publication written by scientists to be read by other researchers. Papers are primary sources necessary for research – for example, they contain detailed description of new results and experiments.

At this time the widest possible distribution of research papers, as well as of other scientific or educational sources, is artificially restricted by copyright laws. Such laws effectively slow down the development of science in human society. The Sci-Hub project, running from 5th September 2011, is challenging the status quo. At the moment, Sci-Hub provides access to hundreds of thousands research papers every day, effectively bypassing any paywalls and restrictions.

https://sci-hub.do/

#science #research #papers #scihub
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

#messenger
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Overview / comparison of the current messengers

Every WhatsApp message feeds Zuckerberg's data octopus - but there are alternatives that you can use. If you want to get rid of WhatsApp, you have to look very carefully, depending on your needs, to see whether an alternative actually brings an improvement or whether you just end up jumping out of the frying pan into the fire. As a user, you are literally spoiled for choice. There are now so many messengers that it is almost impossible to evaluate or present every single one.

#messenger #overview #comparison
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

JDownloader password list: Over 400 passwords

With the Jdownloader password list from tarnkappe.info you can unpack archive files from all known websites and save frustration!

Archive files e.g. in RAR format are often encrypted with passwords and can be unpacked afterwards with JDownloader.

To save time and frustration the download manager JDownloader offers here a possibility to unpack archive files with a password list.

This password list can be inserted in the settings of the program. The exact procedure is described below.

With our password list, you can dispense with the time-consuming search for the correct password and unpack the archives directly. It doesn't get any simpler than this!

💡 https://tarnkappe.info/wp-content/uploads/jdownloader_pass.txt

1. Start the JDownloader and navigate to the settings

2. Here you will find a number of settings. Navigate to the settings of the archive unpacker

3. Enter the list in the "Password list" field

The JDownloader password list contains over 400 passwords. The list is constantly updated and extended.

https://tarnkappe.info/jdownloader-passwortliste-ueber-400-passwoerter-bei-der-tarnkappe/

#jd #downloader #password #list
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Russia warns of US hacks

Russian intelligence warns of retaliatory U.S. attacks on Russian IT infrastructure. The warning is a first in the world's largest country.

Russia warns its citizens of hacking attacks by the US. "In view of constant accusations leveled by the U.S. and its allies against the Russian Federation concerning computer attacks, as well as threats of 'retaliatory attacks' on critical IT infrastructure of the Russian Federation, the National Coordination Center for Computer Incidents (NKZKI) recommends taking measures to increase the security of IT resources," Interfax, Russia's state news agency, reports.

The NKZKI is an agency of the FSB domestic intelligence service. Until now, Russia's services have held back on public warnings. But now there is not only cause for concern, it is also anything but secret: The momentous cyber attack via SolarWinds is attributed to Russia by U.S. intelligence agencies.

The USA plans revenge

The FSB's recommendations are general: IT administrators should review their contingency plans and warn users against spearphishing. In addition, it said. Install antivirus software and keep it up-to-date, not use third-party domain name servers and, somewhat surprisingly, change passwords. However, it is not said that the U.S. retaliation will be precisely via the Internet.

https://www.interfax.ru/russia/746316

#usa #russia #NKZKI #fsb #revenge
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Parler hacker targets on Telegram groups related to QAnon

The hacker who stole user data from the controversial Twitter alternative Parler is now taking care of Telegram groups she attributes to the QAnon cosmos.

After the outage of the short messaging service Parler, users are looking for alternatives. At least in part, they seem to see them in the messenger Telegram, which has already proven itself many times as a place to go for people whose concerns can't find a home on other platforms.

Donk_Enby collects Telegram groups from the QAnon environment

A hacker, who can be found on Twitter under the account Donk_Enby, had already obtained - according to her own information - 70 terabytes of user data in the course of the Parler shutdown by Amazon and had made it publicly accessible. In doing so, she had exploited gaps in the system that the operator Parler itself had torn.

Now it has targeted the users who switched from Parler to Telegram and aggregated public invite URLs to Telegram groups from the QAnon environment via scraper. Telegram implemented the invite link feature in such a way that clicking on the link is enough to join the corresponding group and participate in the group chat. Donk_Enby has already collected over 700,000 such invite links.

https://nitter.net/donk_enby/status/1353613244695502848

#parla #telegram #qanon #hacker
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Gabe Newell says brain-computer interface tech will allow video games far beyond what human 'meat peripherals' can comprehend

The head of US gaming company Valve Corporation says a future is fast approaching where video games will use data from people's brain signals to adjust the experience they get — and even a future where people's minds can be adjusted by computers.

http://telegra.ph/Gabe-Newell-says-brain-computer-interface-tech-will-allow-video-games-far-beyond-what-human-meat-peripherals-can-comprehend-01-25

via www.tvnz.co.nz

#brain #computer #gaming #valve #interface #peripherals #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Login To HELL: The nightmares of an infosec professional in South America

"In 2014, Alberto Daniel Hill, an expert in cybersecurity, found a security issue in a medical provider’s website. In reporting the issue, it led him to become the first person imprisoned in Uruguay for a computer-related crime—a crime he didn’t commit, and one that probably never even happened.

Alberto, a hacker, was the perfect target for a judicial system that doesn’t understand cybersecurity or cybercrimes. Through police misconduct and incompetence, his life was thrown into upheaval, and he is still recovering from a system where there are no guarantees of a fair trial.

https://media.ccc.de/v/rc3-625023-login_to_hell

🎙Darknetdiaries - EP 25: Alberto
https://t.me/BlackBox_Archiv/1678

#alberto #infosec #truecrime #darknetdiaries #rc3 #ccc #cybersecurity #cybercrime #podcast #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Darknetdiaries - EP 25: Alberto

In Feb 2017, a medical provider in Uruguay got hacked. The attacker stole a bunch of patient records and then used that to conduct extortion on the provider. They said they’d release the records of everyone with HIV unless they get $60,000 worth of bitcoin.

The medical provider worked with the police to catch and arrest Alberto Hill, a 41 year old Uruguayan. Alberto had a ton of hacker paraphernalia and electronic devices at his house.

https://darknetdiaries.com/episode/25/

📺 Login To HELL: The nightmares of an infosec professional in South America
https://t.me/BlackBox_Archiv/1677

#alberto #infosec #truecrime #darknetdiaries #rc3 #ccc #cybersecurity #cybercrimes #podcast #video
🎙@cRyPtHoN_INFOSEC_DE
🎙@cRyPtHoN_INFOSEC_EN
🎙@BlackBox_Archiv
🎙@NoGoolag

"But this politician said «xyz»!"

This talk will explain what Deepfakes are, the technology behind them (GANs) and why we need to be careful when using them.

GANs (short for "Generative Adversarial Networks") have been revolutionising the generation of images and videos since 2014. While this machine learning architecture is being used in arts, science and video games, it is also abused to steal people's identities, for example by generating fake news with putting words into politician's mouths which they never said or creating porn with faces of famous actors and actresses. In this talk I will first give a short overview over what GANs are and how they work. The second part dives into the new dark world that it opened up to us and why we need to be careful - because with great power comes great responsibility.

https://media.ccc.de/v/rc3-channels-2020-108--but-this-politician-said-xyz-

#deepfakes #GANs #rc3 #ccc #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

#CRYPTOLEAKS

Peter F. Müller, investigative journalist; Paul Reuvers and Marcus Simons, Cryptomuseum Eindhoven; Markus Kompa, writer. Peter F. Müller revealed in February a delicate collaboration between BND and CIA for harvesting SIGINT via backdoors. It turned out that this was just the tip of an iceberg.

While researching a documentary about the German foreign intelligence agency Bundesnachrichtendienst (BND), Peter F. Müller came across a top secret document (MINERVA) about a delicate collaboration between BND and CIA. Since 1970 the spy agencies secretly owned and controlled the Swiss based Crypto AG, the world market leader for encrypting devices.

https://media.ccc.de/v/rc3-103955-cryptoleaks

#rc3 #ccc #cia #bnd #SIGINT #backdoors #cryptoleaks #minerva #cryptoag
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

TikTok tracks you even if you never made an account

TikTok gathers information on users and shares it with third parties, even if you’ve never made a profile. VICE reporter Riccardo Coluccini – who has used the app but had never made a TikTok account before in his life – sent a GDPR request to TikTok to find out what information the social media giant had gathered on him. At first, TikTok tried to stonewall Coluccini by saying that:

“Unfortunately, we are unable to locate an account associated with the email address.”

However, TikTok’s privacy policy clearly states that they do track users without email addresses. The language looks like this, with TikTok granting itself the right to:

“collect certain information from you when you use the Platform including when you are using the app without an account.”

💡 Finding out what TikTok knows about you

Eventually, TikTok fulfilled the GDPR request after Coluccini provided his IP address as well as his iOS device’s ID For Vendors unique identifier. Once he had his data, Coluccini noted just how much information was stored. Everything from IP address and other device fingerprinting information was stored down to what terms he searched, what videos he watched, and when. This data was synced with third parties such as Facebook, and the amount of data stored is quite large. Though, Colluccini notes that it’s similar to the data that Amazon stores, and any big tech app really.

For those that have made a TikTok profile, you can view the information that TikTok has gathered by requesting that data from TikTok.

https://www.privateinternetaccess.com/blog/tiktok-tracks-you-even-if-you-never-made-an-account/

#tiktok #tracking #bigdata #fingerprinting #privacy #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

The Six Dumbest Ideas in Computer Security

There's lots of innovation going on in security - we're inundated with a steady stream of new stuff and it all sounds like it works just great. Every couple of months I'm invited to a new computer security conference, or I'm asked to write a foreword for a new computer security book. And, thanks to the fact that it's a topic of public concern and a "safe issue" for politicians, we can expect a flood of computer security-related legislation from lawmakers. So: computer security is definitely still a "hot topic." But why are we spending all this time and money and still having problems?

Let me introduce you to the six dumbest ideas in computer security. What are they? They're the anti-good ideas. They're the braindamage that makes your $100,000 ASIC-based turbo-stateful packet-mulching firewall transparent to hackers. Where do anti-good ideas come from? They come from misguided attempts to do the impossible - which is another way of saying "trying to ignore reality." Frequently those misguided attempts are sincere efforts by well-meaning people or companies who just don't fully understand the situation, but other times it's just a bunch of savvy entrepreneurs with a well-marketed piece of junk they're selling to make a fast buck. In either case, these dumb ideas are the fundamental reason(s) why all that money you spend on information security is going to be wasted, unless you somehow manage to avoid them.

For your convenience, I've listed the dumb ideas in descending order from the most-frequently-seen. If you can avoid falling into the the trap of the first three, you're among the few true computer security elite.

#1) Default Permit
#2) Enumerating Badness
#3) Penetrate and Patch
#4) Hacking is Cool
#5) Educating Users
#6) Action is Better Than Inaction

https://www.ranum.com/security/computer_security/editorials/dumb/

#dumb #ideas #internet #security
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

The battle inside Signal

The fast-growing encrypted messaging app is making itself increasingly vulnerable to abuse. Current and former employees are sounding the alarm.

On January 6th, WhatsApp users around the world began seeing a pop-up message notifying them of upcoming changes to the service’s privacy policy. The changes were designed to enable businesses to send and store messages to WhatsApp’s 2 billion-plus users, but they came with an ultimatum: agree by February 8th, or you can no longer use the app.

The resulting furor sparked a backlash that led Facebook-owned WhatsApp to delay the policy from taking effect until May. In the meantime, though, tens of millions of users began seeking alternatives to Facebook’s suite of products. Among the biggest beneficiaries has been Signal, the encrypted messaging app whose development is funded by a nonprofit organization. Last month, according to one research firm, the six-year-old app had about 20 million users worldwide. But in a 12-hour period the Sunday after WhatsApp’s privacy policy update began, Signal added another 2 million users, an employee familiar with the matter told me. Days of temporary outages followed.

https://www.theverge.com/22249391/signal-app-abuse-messaging-employees-violence-misinformation

#signal #app #abuse #messaging #employees #violence #misinformation
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

It Wasn’t Me

All the things a bank won’t ask, but a fraudster will! Our latest film “It Wasn’t Me”, in collaboration with the DubaiPoliceHQ, gives you the do’s and don’ts of keeping your identity and account secure at all times.

Dubai Police & Emirates National Bank Dubai
https://mobile.twitter.com/EmiratesNBD_AE/status/1144261859517894658

#music #video #repost #fraud #banking #dubai
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Ultimate Online Anonymity Guide 2020

Privacy is a necessary component for the empowerment of civil society, and this premise remains valid in cyberspace. Our cybersecurity experts put their heads together to bring you a list of the most important things you can do to ensure your anonymity and privacy online. Armed with the tips and tricks they came up with, you can easily become an empowered ghost in the machine.

While the news is you can protect your location with a simple proxy service or the Tor network, these so-called anonymity services do nothing to hide your real personal information, location, or activities from your internet service provider, government surveillance, or thieves. Also, any Google search will stay attached to your browser, readily identifiable by any service wanting your real connection info. Also, even if you get the Tor browser and use it through the best proxy, it won’t hide you from websites you stay logged in to.

💡 How to Stay Anonymous Online

Protecting your internet privacy on the web can seem daunting at times. You speak of needing a new dishwasher on your smartphone with your mother. The next day, you notice ads appearing everywhere you turn online for dishwashers. Want to speak and browse the web anonymously to price check without Google bots, Siri, and Alexa spying on and tracking you?

This post will teach anyone how to take back their privacy. Let’s start with this basics check:
https://mytruemedia.com/ultimate-online-anonymity-guide/

#online #anonymity #guide
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Become Anonymous: The Ultimate Guide To Privacy, Security, & Anonymity

The ultimate & complete guide to becoming anonymous, private, and secure on the internet. Learn everything you can do to get as close as anonymous as possible! 🕵️‍♂️

This video tutorial will teach everything about passwords, 2FA, digital footprints, social media, VPNs, proxies, Tor, encrypted communication & messaging, web browsing, smartphones, computers, data privacy, real world privacy/security, FOSS (open source), anonymous shopping, and more for the web. Go Anonymous Today!

https://www.youtube.com/watch?v=a1i-3xwcSGA

#online #privacy #security #anonymity #guide #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Advertising profiles in your browser: Eyeo launches "Crumbs".

More and more companies are trying to position themselves for the post-cookie age, including adblocker manufacturer Eyeo.

With a new plugin, Eyeo, known for its AdBlock Plus browser plugin, is trying to launch a new advertising market. "Crumbs" blocks conventional advertising trackers and instead creates a user profile in the browser to play out privacy-preserving yet personalized advertising.

The browser plugin, which is currently available for Chrome and Firefox, is supposed to filter out the currently omnipresent cookie popups as well as the actual tracking techniques, such as third-party cookies or certain scripts. In addition, Crumbs sends the signal of the Global Privacy Control group to prohibit the sharing of profile information.

In addition to a complete blocking of advertising cookies, Crumbs also offers a sandbox mode, in which cookies are only accepted for appearances, but then deleted again. In addition, advertising requests are to be routed through a proxy so that advertisers cannot draw any direct conclusions about the IP address.

https://crumbs.org/

https://www.heise.de/news/Werbeprofile-im-Browser-Eyeo-startet-Crumbs-5036636.html

#crumbs #trackers #privacy #controll #adblock #browser #plugin
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Anime4You - illegal streaming portal is down forever

The portal Anime4you is gone from the internet for good. The operator has taken the site offline without warning due to private problems.

Nothing more is coming under the domain anime4you.one. There is now no way for users to somehow back up their anime because of the lack of advance notice. According to a moderator, all data has been deleted. Private reasons should have brought the operator to it. Everyone has to carry his baggage. And everyone reacts differently to the course of his life, the moderator commented on the behavior of the operator. For the Admin stood at least recently firmly that it would like to continue no longer. Many a fellow operator would have liked to take over the project together with the old data, which is now probably no longer possible.

https://tarnkappe.info/anime4you-illegales-streaming-portal-ist-down-forever/

#anime4you #streaming #down
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Firefox 85 Cracks Down on Supercookies

Trackers and adtech companies have long abused browser features to follow people around the web. Since 2018, we have been dedicated to reducing the number of ways our users can be tracked. As a first line of defense, we’ve blocked cookies from known trackers and scripts from known fingerprinting companies.

In Firefox 85, we’re introducing a fundamental change in the browser’s network architecture to make all of our users safer: we now partition network connections and caches by the website being visited. Trackers can abuse caches to create supercookies and can use connection identifiers to track users. But by isolating caches and network connections to the website they were created on, we make them useless for cross-site tracking.

💡 How does partitioning network state prevent cross-site tracking?

Like all web browsers, Firefox shares some internal resources between websites to reduce overhead. Firefox’s image cache is a good example: if the same image is embedded on multiple websites, Firefox will load the image from the network during a visit to the first website and on subsequent websites would traditionally load the image from the browser’s local image cache (rather than reloading from the network). Similarly, Firefox would reuse a single network connection when loading resources from the same party embedded on multiple websites. These techniques are intended to save a user bandwidth and time.

Unfortunately, some trackers have found ways to abuse these shared resources to follow users around the web. In the case of Firefox’s image cache, a tracker can create a supercookie by “encoding” an identifier for the user in a cached image on one website, and then “retrieving” that identifier on a different website by embedding the same image. To prevent this possibility, Firefox 85 uses a different image cache for every website a user visits. That means we still load cached images when a user revisits the same site, but we don’t share those caches across sites.

In fact, there are many different caches trackers can abuse to build supercookies. Firefox 85 partitions all of the following caches by the top-level site being visited: HTTP cache, image cache, favicon cache, HSTS cache, OCSP cache, style sheet cache, font cache, DNS cache, HTTP Authentication cache, Alt-Svc cache, and TLS certificate cache.

To further protect users from connection-based tracking, Firefox 85 also partitions pooled connections, prefetch connections, preconnect connections, speculative connections, and TLS session identifiers.

https://blog.mozilla.org/security/2021/01/26/supercookie-protections/

#mozilla #firefox #tracker #fingerprinting #supercookies #protection
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Police Robots Are Not a Selfie Opportunity, They’re a Privacy Disaster Waiting to Happen

The arrival of government-operated autonomous police robots does not look like predictions in science fiction movies. An army of robots with gun arms is not kicking down your door to arrest you. Instead, a robot snitch that looks like a rolling trash can is programmed to decide whether a person looks suspicious—and then call the human police on them. Police robots may not be able to hurt people like armed predator drones used in combat—yet—but as history shows, calling the police on someone can prove equally deadly.

Long before the 1987 movie Robocop, even before Karel Čapek invented the word robot in 1920, police have been trying to find ways to be everywhere at once. Widespread security cameras are one solution—but even a blanket of CCTV cameras couldn’t follow a suspect into every nook of public space. Thus, the vision of a police robot continued as a dream, until now. Whether they look like Boston Dynamics’ robodogs or Knightscope’s rolling pickles, robots are coming to a street, shopping mall, or grocery store near you.

The Orwellian menace of snitch robots might not be immediately apparent. Robots are fun. They dance. You can take selfies with them. This is by design. Both police departments and the companies that sell these robots know that their greatest contributions aren’t just surveillance, but also goodwill. In one brochure Knightscope sent to University of California-Hastings, a law school in the center of San Francisco, the company advertises their robot’s activity in a Los Angeles shopping district called The Bloc. It’s unclear if the robot stopped any robberies, but it did garner over 100,000 social media impressions and 426 comments. Knightscope claims the robot’s 193 million overall media impressions was worth over $5.8 million. The Bloc held a naming contest for the robot, and said it has a “cool factor” missing from traditional beat cops and security guards.

https://www.eff.org/deeplinks/2021/01/police-robots-are-not-selfie-opportunity-theyre-privacy-disaster-waiting-happen

#police #robots #privacy #disaster #eff #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag