❗️Advice:
As soon as you block all Google IP addresses, you will of course no longer be able to use the Google service or you will no longer be shown captchas on websites - this may lead to the situation that you will no longer be able to solve the Google captchas. If you block all Google IP addresses, you should be aware that this will not work via mobile browsers, especially when registering websites. Alternatively, you can use the Tor desktop browser or Tor Android browser. https://blog.torproject.org/new-release-tor-browser-android-10a2

5. conclusion

What's the saying?

"Trust is good - control is better."

AFWall+ is an indispensable tool for the article series "Take back control! It was therefore a special concern of mine to present the iptables firewall interface in detail. It should become clear by the above explanations that even an alternative or "free" system like LineageOS does not protect us per se from the establishment of data connections to the "outside" or to Google and Co.

Even in the standard configuration, AFWall+ provides valuable services. But only the CustomScripts and the additional small tweaks, such as redirecting all (mobile) DNS requests to the provider I trust or blocking the IP address spaces of known data collectors, are the icing on the cake.

In the following article of the article series we will put the alternative App-Store F-Droid into operation. A Mecca for critical users who value free and open source applications or FOSS apps.

Source and more info (german):
https://www.kuketz-blog.de/afwall-digitaler-tuervorsteher-take-back-control-teil4/

#android #NoGoogle #guide #part1 #part2 #part4 #AFWall #kuketz
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

How healthy is the internet?

Our 2019 compilation of research and stories explains what’s key to a healthier internet across five issues, from personal experience to global concerns.

https://internethealthreport.org/2019/

#report #pdf #internet #healthy #research
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🎧 As Amazon Gets Bigger, Sellers Feel the Squeeze

Jason Boyce built a successful business selling sports equipment on Amazon. As the platform has grown, Amazon has pushed sellers to lower prices, shorten delivery times and compete harder for every sale. This week on Decrypted, we explore whether entrepreneurs like Jason have reached a breaking point. They now face a competitor who’s potentially unbeatable: Amazon itself.

📻 https://www.bloomberg.com/news/audio/2019-04-22/as-amazon-gets-bigger-sellers-feel-the-squeeze-podcast
#Amazon #DeleteAmazon #Bloomberg #Podcast

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

📺 Crashes of Convenience: Michael Hastings

Michael Hastings was that rarest of breeds: a mainstream reporter who wasn’t afraid to rail against the system, kick back against the establishment, and bite the hand that feeds him. On the morning of June 18, 2013, he died in a fiery car crash. But now details are emerging that he was on the verge of breaking an important new story about the CIA, and believed he was being investigated by the FBI. Now even a former counter-terrorism czar is admitting Hastings’ car may have been cyber-hijacked. Join us this week on The Corbett Report as we explore the strange details surrounding the untimely death of Michael Hastings. https://en.wikipedia.org/wiki/Michael_Hastings_(journalist)

📺 https://www.corbettreport.com/crashes-of-convenience-michael-hastings-video/
#Hastings #corbettreport #carcrash #convenience #video #podcast

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🎧 The 31st Human Right

This week, on a riveting edition of Down the Security Rabbithole Podcast Raf sits down with Richie Etwaru, a human data ethicist and Founder and CEO of Hu-manity.co.

What's a human data ethicist, you ask? Listen to the podcast, and find out.

Highlights from this week's show include...

👉 Richie walks us through data ownership as a fundamental human right, including why now is the right time in history

👉 Raf and Richie discuss the principles of data ownership and how they're different from privacy or security

👉 Richie discusses data ownership as a great leveling factor for society

👉 SO much more...

📻 #DtSR Episode 343 #podcast
http://podcast.wh1t3rabbit.net/dtsr-episode-343-the-31st-human-right

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

And the Net forgets: The Utopia of the Eternal Memory

The Internet offers undreamt-of possibilities. But it is not permanent. What can be found online today will disappear tomorrow in digital nirvana - with serious consequences, especially for journalism.

The Internet forgets nothing, so the widespread belief. But appearances are deceptive. While we type, scroll, wipe, liken and post and drive the digital knowledge store to new, dizzying heights day after day, its foundations rot faster than they can be saved from decay. Old websites disappear, links lead nowhere after just a few years. This will have dramatic consequences for journalism and public memory in particular. Digital journalism is a fine thing. However, it is not constant in time.

To understand why, it is worth taking a look into the past. The mass loss of information is not a phenomenon of modernity, it can be found again and again in history. The cause does not lie in a lack of knowledge about correct archiving, but in our attitude. The reliable protection of information over long periods of time is a deliberate act. It requires the awareness that something should be preserved and decisions about what should be preserved and how.

The beginning of book printing in the West in the 15th century is a good example of this. Many early books were found on paper on a medium that, compared to parchment, does not necessarily stand for longevity - they were often not considered valuable enough to be preserved due to their mass availability. Accordingly, little has been preserved of them. Even in monastery libraries, for many the ultimate repository of knowledge, not everything was preserved. Old manuscripts or early printed books were often exchanged for newer ones and the old copies were then misused, for example as basic material for book covers or inner book covers.

The drama was repeated in modern times. Large parts of the American film stock from the first four decades of cinema are now considered lost. In particular, films made before the beginning of the sound film era around 1928 have hardly survived - some estimates speak of just 10 percent that have survived. Here, too, an insecure carrier medium is to blame. The nitrate film used was highly flammable and often went up in flames by itself. But here, too, the well-known lack of interest in preservation is to be found. The studios needed space in their camps, silent films were considered almost worthless in the age of sound film. What one could get rid of was wasted, the rest destroyed.

Paper lives longer

So it seems we've made the same mistakes over and over again. The web is no exception. Digital data may be tempting at first glance - they can be copied endlessly, are machine-readable, can be stored in large quantities in the smallest space - but what is lost here is usually irretrievable. Even paper beats the longevity of a server hard disk by several hundred years.

Added to this is the short life cycle of the file formats used. Adobe Flash, the dominant software for displaying multimedia content on the World Wide Web at the turn of the millennium, has long since retreated two decades later and will no longer be supported by Adobe since 2020. Other software formats and operating systems are also constantly changing, with serious consequences. Within a few years, old files can no longer be used on new devices, and if so, then often only with considerable restrictions. In the digital world, archiving is becoming more complicated than ever due to the combination of carrier media and software environment.

Also in the Web we meet again and again the question after the will to the preservation of the existing. All too often we forget that the structure of the Internet has not been designed to store information. There was never an exact plan, an executing instance, let alone a clearly defined goal. There was never any talk of a long-term archive.

And just as the net and its contents do not belong to anyone alone, there is also no central place for archiving the contents. Even if initiatives like Archive.org try to store as many websites as possible, they fail with their limited means because of the sheer mass. In 1994, three years after the invention of the World Wide Web, there were only about 2700 websites. In 2019 there are more than 1.6 billion, and the trend is rising. It is hardly possible to conserve such a living organism, especially not while it is running and especially not when more and more content is being created within the walled gardens of the major platforms or within encrypted messaging services.

When journalism is suddenly gone

"Why should we care?" one might ask, of course. But it is impossible for us to predict which of the many pieces of information we produce will help future generations better understand our time. After all, some have recognized the danger. Vinton Cerf, one of the developers of the Internet, warned that if you rely on the durability of digital data and the everlasting existence of the web, mankind is heading for a "forgotten century".

But nowhere is the danger of digital memory loss more evident than in journalism. Even if print is holding its own bravely, the journalism of the early 21st century takes place predominantly online and digitally. But in view of the dazzling new world, hardly anyone asks whether the beautiful products of the new era will still be accessible in the future. A newspaper page is comparatively easy to archive, a website with elaborate multimedia content is not.

Without prior warning, older websites and web content from some newspapers can no longer be correctly displayed with newer browsers, or will disappear completely at noon. One should actually expect media houses to give sufficient thought to this problem. But far from it, as a new study by the Tow Center at Columbia University in New York shows: The scientists Sharon Ringel and Angela Woodall found that out of 21 American newspapers and news organizations surveyed, 19 had no guidelines or routines, not even informal archiving practices, to present their digital material to posterity.

Apart from the fact that organizations surveyed failed to archive the articles on their own websites, no publications were stored on social media platforms - all virtual places where journalism happens today. Responding to these omissions, respondents repeatedly replied that the focus of journalism for them was on "what's new" and "what's happening now" - and there are still some back-ups and Internet archives in need. But a back-up is not archiving. Backup copies are useless if the technology around them changes. And the Internet Archive doesn't back everything up for a long time and only conserves it irregularly. It does not have access to platforms.

Ultimately, however, the long-term preservation of digital journalistic content fails not only because of a lack of will, but also because of the effort and costs involved. Not every media company can (and wants) afford archivists who are constantly developing new methods for safeguarding its content and keeping it accessible in the future. Local and small media houses in particular often do not have the financial leeway to do so. And even if the necessary measures are taken: If a media house closes, it is far from guaranteed that the digital archive will continue to exist elsewhere. If the associated websites are also no longer operated, sooner or later nothing will remain of the fruits of journalistic work - a more than painful loss for journalists, scientists and not least the public of the future.

What should be archived?

Many questions will inevitably arise in this process. Which media content should be archived, by whom and how often? And are we only interested in the articles? Or videos, graphics and interactive applications? And what about readers' comments and discussions on articles in social networks? They are uncomfortable questions without simple answers, but they have to be asked.

The idea of archives may not be as "sexy" as ideas of the beautiful new world of digital possibilities. At a time when the press is struggling with completely different problems, it is not high on the agenda. But without reliable archives, not only do we risk certain versions of history gaining the upper hand later if there is nothing to correct them - we also risk the historical gaps in knowledge that will inevitably open up in the future being even greater than those of the past. But if we want to learn from history, journalism owes it to future generations to counteract it with all their might.

Source and original text:
https://www.nzz.ch/feuilleton/internet-und-datenspeicher-das-nerz-vergisst-doch-ld.1476987

#report #thinkabout #eternal #memory
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Android Captive Portal Check: 204-HTTP response from captiveportal.kuketz.de

Each time your Android device connects to a WLAN, the system performs a Captive Portal Check. Android wants to ensure that your device has not only received an IP address from the access point, but that it can also actually reach destinations on the Internet.

Android sends a request for verification to the address "connectivitycheck.gstatic.com". If the request is successful or answered with the HTTP response code 204, access to the Internet is available. With this request, the system transmits information to Google about the IP address of the connection, the time of Internet access and which browser is currently being used.

If you block this request to Google via AFWall+ or anywhere else on your network, a small cross will appear in the WLAN icon in the Android menu bar. Depending on the Android version, you will also see a message saying that there is no Internet available. Especially data protection-conscious users don't want to send a "ping" to Google every time they go online. There is now a solution for this for all users with root access on their devices.

👉 Android Nougat (7.x) | Oreo (8.x)
You open a terminal and enter the following:

su
settings put global captive_portal_http_url "http://captiveportal.kuketz.de"
settings put global captive_portal_https_url "http://captiveportal.kuketz.de"

Please note that in the third line at the URL you have to consciously omit the s of https.

👉 Android Pie (9.x)
You open a terminal and enter the following:

su
settings put global captive_portal_http_url "http://captiveportal.kuketz.de"
settings put global captive_portal_https_url "https://captiveportal.kuketz.de"
settings put global captive_portal_fallback_url "http://captiveportal.kuketz.de"
settings put global captive_portal_other_fallback_urls "http://captiveportal.kuketz.de"

Then we can query the URL via curl (from a computer):

curl -I http://captiveportal.kuketz.de

As an answer, you get:

HTTP/1.1 204 No Content
[...]

This is exactly the answer your Android phone expects. One or the other will wonder why the HTTPS URL does not work. Let's have a look at the output:

curl -I https://captiveportal.kuketz.de

As an answer you will then receive:

HTTP/2 204

Android Nougat and Oreo cannot cope with this - Android Pie, on the other hand, uses the HTTPS URL. Either the "No Content" at the end is missing or Android expects a HTTP 1.x response. On port 443 my nginx webserver generally responds with HTTP/2 - unfortunately this cannot be changed because at least one other virtual host is listening via HTTP/2.

Temporarily (until Android 9) you can either use the HTTP URL or you can use HTTP/1 to host yourself. Via nginx this is relatively simple. Here is my configuration:

## SITE HANDLING HTTP ##
server {
## INIT ##
listen 80;
server_name captiveportal.kuketz.de;
root /var/www/sites/captiveportal.kuketz.de;

## LOGS ##
access_log off;
error_log off;

## SECURITY HEADER ##
include /etc/nginx/conf/headers.conf;
add_header Content-Security-Policy "default-src 'none'";

## ENTER HERE ##
location / {
# Let's encrypt location
location ^~ /.well-known/acme-challenge {
default_type text/plain;
}
location = /.well-known/acme-challenge/ {
return 444;
}
## CAPTIVE PORTAL RESPONSE
location / {
return 204;
}
}
}

## SITE HANDLING HTTPS ##
server {
## INIT ##
listen 443 ssl;
server_name captiveportal.kuketz.de;
root /var/www/sites/captiveportal.kuketz.de;

## LOGS ##
access_log off;
error_log off;

## SECURITY HEADER ##
include /etc/nginx/conf/headers-ssl.conf;
add_header Content-Security-Policy "default-src 'none'";

## SSL ##
ssl on;
ssl_certificate /etc/ssl/certs/captiveportal.kuketz_ecdsa.pem;
ssl_certificate_key /etc/ssl/private/captiveportal.kuketz_ecdsa.key;
# OCSP-Stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_stapling_file /etc/ssl/certs/captiveportal.kuketz_ocspresponse.der;

## CAPTIVE PORTAL RESPONSE
location / {
return 204;
}
}

The decisive thing is actually only this small part:

## CAPTIVE PORTAL RESPONSE
location / {
return 204;
}

This will allow nginx to respond to requests on the domain "captiveportal.kuketz.de" with an HTTP-204 status code. This should also work with Apache (not verified):

RewriteEngine On
RewriteCond %{REQUEST_URI} /
RewriteRule $ / [R=204,L]

Conclusion:
Now you can use my service or host the Connectiviy-Check yourself. Google won't get any more data via this function.

Source and more info (german):
https://www.kuketz-blog.de/android-captive-portal-check-204-http-antwort-von-captiveportal-kuketz-de/

#android #captiveportal #check #HTTP #guide #kuketz
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Fishing in the Piracy Stream: How the Dark Web of Entertainment is Exposing Consumers to Harm

https://www.digitalcitizensalliance.org/clientuploads/directory/Reports/DCA_Fishing_in_the_Piracy_Stream_v6.pdf
#piracy #stream #malware
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🇪🇸 La policía británica exige a las presuntas víctimas de una violación que entreguen los datos de su móvil

La Fiscalía defiende la medida para evitar absoluciones por falta de acceso a las pruebas

A primera vista es un dilema entre la garantía de un juicio justo y el derecho a la intimidad. Aparentemente, porque las asociaciones en defensa de las mujeres víctimas de delitos sexuales denuncian que lo que se pretende es cuestionar la actitud o la moralidad de las agredidas, en vez de centrarse en los hechos objetivos con relevancia penal. La policía del Reino Unido trabaja ya en los casos de violación con un formulario digital en el que se requiere a las presuntas víctimas que permitan a los investigadores el acceso a los datos de sus teléfonos móviles. El caso de Liam Allan alteró el modo de proceder de la acusación pública. Este estudiante universitario fue acusado en 2017 de 12 delitos contra la libertad sexual, acabó siendo absuelto después de que la Fiscalía entregara a la defensa el contenido de mensajes de las víctimas que aparentemente le exoneraban. Un año después, la cifra de presuntos violadores formalmente acusados había descendido en un 23% en el Reino Unido.

"Tenemos un problema extremadamente grave con la persecución de los casos de violación en este país, y es un hecho probado que la mayoría de los violadores consiguen esquivar el castigo. Parte de las causas reside en que las investigaciones se centran demasiado a menudo en la personalidad de las mujeres, en su honestidad o en su historial sexual —a pesar de todas las normas diseñadas precisamente para prevenir que esto ocurra—, en vez de centrarse en las acciones o el comportamiento del acusado", ha denunciado Rachel Krys, vicedirectora de End Violence Against Women Coalition (Coalición para el Fin de la Violencia contra las Mujeres).

Más de 90.000 agentes de policía y personal administrativo han participado en cursos de formación en los que se insiste en la obligación de entregar a los abogados defensores de cualquier acusado de violación las pruebas que puedan resultar relevantes para su estrategia, y de hacerlo cuanto antes. El formulario que se da ya a las presuntas víctimas les deja claro que no están obligadas a entregar sus móviles, pero acompaña esta información de la siguiente advertencia: "Si usted no da su consentimiento para que la policía acceda a los datos de su teléfono, tendrá la oportunidad de explicar los motivos de su negativa. Si rechaza dar permiso a la policía para que investigue o para que la Fiscalía pueda revelar material que permitiría al acusado tener un juicio justo, es posible que la investigación o la acusación formal no pueden seguir adelante", dice el formulario.

La policía justifica la necesidad del formulario en que es el único modo de obtener un consentimiento general de la víctima —el consentimiento sigue siendo obligatorio para hacer uso de esa información— ante un volumen de información que puede ser desorbitado. Si se imprimiera en folios tamaño A4 el contenido medio de un teléfono inteligente convencional, explica el asesor de la Policía Metropolitana, Nick Ephgrave, el resultado final serían millones de folios. Por eso en la actualidad las fuerzas de seguridad están utilizando métodos de Inteligencia Artificial para hacer un rastreo más selectivo de la información.

Defensores y detractores del nuevo método coinciden en la necesidad de dar mayor cobertura legal y claridad a una investigación en detalles tan personales de la víctima. "Con el formulario, las víctimas obtienen indicaciones más precisas de cómo se usarán sus datos. Porque la acumulación de tal volumen de información de datos personales, sin que haya un método consistente y claro a la hora de determinar su relevancia, es un problema que nos preocupa", ha dicho Katie Russell, cofundadora de Rape Crisis England and Wales (Crisis de Violaciones en Inglaterra y Gales). Esta organización, sin embargo, comparte el temor de que el acceso a toda esa información personal se vuelva en contra de la presunta víctima. "Las estadísticas nos muestran constantemente que los delitos de violación o abuso sexual registran históricamente un número menor de denuncias, comparados con otros delitos graves. Entre los motivos de este dato, según nos cuentan las víctimas en los centros de atención de Rape Crisis, está la desconfianza que tienen hacia el sistema de justicia y el temor a que acaben siendo ellas las que se sientan objeto de investigación o juzgadas", ha dicho en un comunicado.
https://elpais.com/sociedad/2019/04/29/actualidad/1556544192_229884.html

#justicia #privacidad
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

RFID keys can be cloned

The Secvest alarm system from Abus can be conveniently activated and deactivated using an RFID key. But the keys can be copied within seconds. A solution to the security problem is not in sight.

Vulnerability Details:

SySS GmbH found out that the RFID technology used by the ABUS Secvest
wireless alarm system and its ABUS proximity keys (MIFARE Classic RFID
tags) is vulnerable to RFID cloning attacks.

The information stored on the used proximity keys can be read easily in
a very short time from distances up to 1 meter, depending on the used
RFID reader. A working cloned RFID token is ready for use within a
couple of seconds using freely available tools.

Thus, an attacker with one-time access to the information of an ABUS
proximity key for an ABUS Secvest wireless alarm system is able to
create a rogue RFID token that can be used to deactivate the alarm
system in an unauthorized manner.

PoC:
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-005.txt

Video:
https://t.me/BlackBox_Archiv/344

#ABUS #Alarmsystem #RFID #cloned #security #risk #poc
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

📺 ABUS Secvest Proximity Key Cloning PoC Attack Proof of Concept (PoC)
https://youtu.be/sPyXTQXTEcQ

#ABUS #Alarmsystem #RFID #cloned #security #risk #poc #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🇪🇸 La mitad de los compradores de Amazon prefiere ceder sus datos a Bezos que al Gobierno

Una encuesta revela que el envío rápido es el principal motivo de los clientes para suscribirse al servicio Prime.

Si los usuarios de Amazon tuvieran que elegir a quién confiar sus datos personales, un 55,5% elegiría a Jeff Bezos. Un 48,1% los confiaría a su lugar de trabajo, un 25% al Gobierno y solo un 9,3% a Facebook. Estos datos han sido extraídos de una encuesta con varias opciones de respuesta realizada por Investing.com a más de 1.000 compradores de Amazon en Estados Unidos.

Otra muestra de la confianza que los usuarios de Amazon tienen en la tecnológica es el servicio de Amazon Key, que permite la entrega de paquetes a domicilio aunque no haya nadie en casa, puesto en marcha en Estados Unidos. Desde Investing.com señalan que “ese nivel de confianza es difícil de conseguir y muy apreciado en el sector minorista en general”.

Los resultados de la encuesta revelan que la generación milenial es la que en mayor medida opta por el servicio Prime. Y es que el envío rápido es lo que más valora el 73% de los encuestados, seguido por un 48,2% que elige esta modalidad por el servicio de televisión que ofrece el marketplace.

Desde el punto de vista de la retención de clientes, los beneficios de ser Prime pueden fomentar la fidelidad de los compradores, según el informe. Más del 80% de los usuarios estuvieron subscritos al servicio durante al menos un año y más de un tercio (37%) son miembros Prime desde hace cuatro años o más.

Cambios en los hábitos de consumo

El comercio electrónico ha pasado factura a las grandes superficies comerciales. En España, hasta el mes de abril, los centros comerciales han perdido un 5% de visitantes. Esta tendencia está llevando a que las grandes superficies busquen convertirse en centros de experiencias más allá de las compras.

Los usuarios de Amazon contribuyen a este déficit de visitantes. Según la encuesta, el 43% ha dejado de comprar en centros comerciales. Además, casi uno de cada tres compradores aseguran realizar pedidos en Amazon, al menos, una vez al mes.

El gasto mensual está en los 120 dólares y, aunque el surtido de productos en Amazon cada vez es más amplio, los libros siguen siendo su producto estrella. El 49% de los encuestados “buscaron libros y audiolibros a través de la web de venta minorista, y el 48% hizo lo mismo para sus compras de electrónica”.

Desde Investing.com señalan que “como resultado de unos precios extremadamente competitivos y de su relación con las pequeñas editoriales independientes, algunos analistas han llegado a decir que Amazon ha creado un monopolio de la industria del libro”.

Los compradores se sienten también menos inclinados a buscar en otros sitios películas, música y juegos (37%), productos de belleza y salud (30%) y ropa, zapatos y joyas (26%).

Crecimiento continuo

La mayoría de los compradores no cree que Amazon haya tocado techo tampoco. El 88% de los encuestados cree que seguirá creciendo, diversificándose hacia otras industrias. Uno de cada 4 compradores prevé que la empresa irrumpirá a continuación en el sector de los servicios de reparto, seguido del de los productos farmacéuticos (19%), la inteligencia artificial (13%) y la salud (9%).

Los inversores coinciden en que Amazon va a seguir creciendo. Las acciones de la compañía crecen alrededor de un 30% desde principios de año. El primer trimestre de 2019 supuso unos ingresos por encima de los 59.700 millones de dólares para este gigante del comercio electrónico
https://www.elespanol.com/economia/empresas/20190505/mitad-compradores-amazon-prefiere-ceder-bezos-gobierno/394711521_0.html

#amazon #privacidad
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

📺 Wir verändern gerade die Debatte
Mein Grundeinkommen bei Anne Will

Anlass der Anne-Will-Sendung waren die zunächst vollmundigen Versprechen der SPD, Hartz IV überwinden zu wollen. Dazu kamen aus der Partei zwei halbgare Vorschläge, die zwar das Wort Grundeinkommen benutzen, aber nicht im Geringsten etwas damit zu tun haben. Konkreter wurde der Vorschlag von Grünen-Chef Robert Habeck. Seine Garantiesicherung kommt unserer Meinung nach einem Grundeinkommen noch am nächsten.

📺 https://www.mein-grundeinkommen.de/news/unser-auftritt-bei-anne-will
https://www.youtube.com/watch?v=bLcPOjv2KFE

#Grundeinkommen #Video #Podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Secure WLAN

The wireless connection to the Internet, WLAN, is a practical thing. But due to software errors, comfort functions and carelessly configured routers, the home WLAN can quickly become a gateway for attackers. With simple tips, however, you can protect yourself against it - and that is highly recommended. Because if an intruder commits a crime via your WLAN (e.g. copyright infringement), you are liable as the subscriber. The following five measures help to protect your WLAN more effectively from uninvited guests:

✅ Long WPA/WPA2 password:
Use a password manager like KeePassXC or the Diceware method (6 words or more) to generate a password or passphrase with at least 32 characters. Due to the length of the password alone, an attacker is faced with an almost unsolvable task when trying to crack your password using a brute force attack. Note: The encryption is only as good as the password used.

✅ Social-Engineering:
Ideally you only use WLANs that you have set up personally or that you trust. If a WLAN with the same SSID name as your WLAN suddenly appears in the list of available WLANs, you should become suspicious and not log in or reveal any passwords. If your WLAN connection breaks down several times abruptly, it is most likely an Evil Twin attack.

✅ Deactivation of comfort functions:
You should generally disable the Wi-Fi Protected Setup (WPS) comfort function. Due to various implementation errors, WPS is always the target of attacks such as Pixie-Dust. Furthermore it is advisable to deactivate functions like "remote access" and similar completely. This considerably reduces the attack area of your WLAN.

✅ Get security updates:
Regularly checks whether (security) updates are available for your access point or router and imports them promptly.

✅ Reduce transmission power / switch off:
Wireless networks often radiate their signal far beyond the actually necessary transmission or reception range. The stronger the WLAN signal, the easier it is to carry out some of the attacks. Many router manufacturers offer the possibility to reduce the transmission power. First selects the lowest transmission power and then checks whether all devices in the desired radius can still establish a connection. It is generally advisable to deactivate the WLAN completely overnight using the schedule or night switch function.

You should not allow foreign devices that you do not control to access your WLAN. If you still wish to offer guest access, you should disconnect it from the protected or private WLAN:

✅ Separate router:
Uses a second router or access point that allows guests to log into a separate guest WLAN. Ideally, you should join a free radio initiative and allow guests or other people free access to the Internet - then you are also exempt from interference liability.

✅ Guest access:
Some routers, such as the Fritz!Box, offer guest access and allow guests to access the Internet via an additional wireless network. Thus the guest devices are (logically) completely separated from the home network or your devices.

Source and more Info:
https://www.kuketz-blog.de/empfehlungsecke/#wifi-absichern

#WIFI #setup #Secure #guide #kuketz
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

📺 It’s Time to Break Up Facebook
A founder of Facebook says it should be broken up.

📺 https://www.nytimes.com/2019/05/09/opinion/sunday/chris-hughes-facebook-zuckerberg.html
#DeleteFacebook #video #podcast

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

The cost of music

Albums and single songs can be enjoyed today mainly via streaming. But what effects does this have on the climate?

Thanks to the Internet, nobody has to deal with physical data carriers anymore. Whether it's a book (replaced by e-books), a CD (replaced by downloads and streaming) or a film (ditto): almost any content you want can go directly to our PCs, smartphones or tablets. Since it is no longer necessary to drive media through the area with trucks, and since pressing plants and printing plants with their complex (and energy-guzzling) infrastructure can be eliminated, one should actually assume that this is good for the climate and saves CO2.

Music has become cheaper
But this is not always the case. Researchers at the University of Glasgow have now pointed this out by looking at the environmental impact of the increasingly popular streaming offers for music. The team led by musicologist Matt Brennan, who collaborated with colleagues at the University of Oslo, conducted a study entitled "The Cost of Music" on the economic impact of modern music distribution. The researchers have agreed that music has become much cheaper since it is available free of charge on a subscription basis.

But this is not particularly ecological. Kyle Devine, junior professor of music in the Norwegian capital, believes that the decline of CDs and records has reduced plastic waste from the music industry. "From the perspective of CO2 emissions, however, the switch to streaming to Internet-connected devices has led to significantly higher emissions. He relates this assessment to the entire history of music.

Servers eat electricity
The reason for this is the infrastructure required for streaming - starting with the servers of the music companies, the network operators and all the way to the end customer device. Brennan & Co. have calculated that the storage and processing of digital music consumes "enormous power and energy resources". For this purpose, they converted the plastic production required for the production of sound carriers into climate gas units and compared it with the streaming requirements. The result: CO2 emissions are significantly higher than in the past - even compared to the boom phases of vinyl and CD sales.

Of course, it depends a lot on how the infrastructure is operated. Not every streaming provider is an environmental sinner. Apple, for example, points out that all its data centers run on renewable energy. However, the company also uses service providers such as Amazon Web Services or Microsoft Azure because its own capacities are not sufficient. What is particularly clear is that streaming, even if it does not look like it due to its immaterial appearance, has a climate effect that cannot be neglected. There's only one thing that helps here: once again pick up the old-fashioned CD, which has probably been in the house for years and has long since earned its climate budget.

PDF🇬🇧:
https://www.gla.ac.uk/media/media_643298_en.pdf

Source🇩🇪:
https://www.heise.de/tr/artikel/Die-Kosten-der-Musik-4404091.html

#Thinkabout #music #climate #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES