Android Captive Portal Check: 204-HTTP response from captiveportal.kuketz.de
Each time your Android device connects to a WLAN, the system performs a Captive Portal Check. Android wants to ensure that your device has not only received an IP address from the access point, but that it can also actually reach destinations on the Internet.
Android sends a request for verification to the address "connectivitycheck.gstatic.com". If the request is successful or answered with the HTTP response code 204, access to the Internet is available. With this request, the system transmits information to Google about the IP address of the connection, the time of Internet access and which browser is currently being used.
If you block this request to Google via AFWall+ or anywhere else on your network, a small cross will appear in the WLAN icon in the Android menu bar. Depending on the Android version, you will also see a message saying that there is no Internet available. Especially data protection-conscious users don't want to send a "ping" to Google every time they go online. There is now a solution for this for all users with root access on their devices.
👉 Android Nougat (7.x) | Oreo (8.x)
You open a terminal and enter the following:
👉 Android Pie (9.x)
You open a terminal and enter the following:
Temporarily (until Android 9) you can either use the HTTP URL or you can use HTTP/1 to host yourself. Via nginx this is relatively simple. Here is my configuration:
Each time your Android device connects to a WLAN, the system performs a Captive Portal Check. Android wants to ensure that your device has not only received an IP address from the access point, but that it can also actually reach destinations on the Internet.
Android sends a request for verification to the address "connectivitycheck.gstatic.com". If the request is successful or answered with the HTTP response code 204, access to the Internet is available. With this request, the system transmits information to Google about the IP address of the connection, the time of Internet access and which browser is currently being used.
If you block this request to Google via AFWall+ or anywhere else on your network, a small cross will appear in the WLAN icon in the Android menu bar. Depending on the Android version, you will also see a message saying that there is no Internet available. Especially data protection-conscious users don't want to send a "ping" to Google every time they go online. There is now a solution for this for all users with root access on their devices.
👉 Android Nougat (7.x) | Oreo (8.x)
You open a terminal and enter the following:
su
settings put global captive_portal_http_url "http://captiveportal.kuketz.de"
settings put global captive_portal_https_url "http://captiveportal.kuketz.de"
Please note that in the third line at the URL you have to consciously omit the s of https.👉 Android Pie (9.x)
You open a terminal and enter the following:
su
settings put global captive_portal_http_url "http://captiveportal.kuketz.de"
settings put global captive_portal_https_url "https://captiveportal.kuketz.de"
settings put global captive_portal_fallback_url "http://captiveportal.kuketz.de"
settings put global captive_portal_other_fallback_urls "http://captiveportal.kuketz.de"
Then we can query the URL via curl (from a computer):curl -I http://captiveportal.kuketz.de
As an answer, you get:HTTP/1.1 204 No Content
[...]
This is exactly the answer your Android phone expects. One or the other will wonder why the HTTPS URL does not work. Let's have a look at the output:curl -I https://captiveportal.kuketz.de
As an answer you will then receive:HTTP/2 204
Android Nougat and Oreo cannot cope with this - Android Pie, on the other hand, uses the HTTPS URL. Either the "No Content" at the end is missing or Android expects a HTTP 1.x response. On port 443 my nginx webserver generally responds with HTTP/2 - unfortunately this cannot be changed because at least one other virtual host is listening via HTTP/2.Temporarily (until Android 9) you can either use the HTTP URL or you can use HTTP/1 to host yourself. Via nginx this is relatively simple. Here is my configuration:
## SITE HANDLING HTTP ##
server {
## INIT ##
listen 80;
server_name captiveportal.kuketz.de;
root /var/www/sites/captiveportal.kuketz.de;
## LOGS ##
access_log off;
error_log off;
## SECURITY HEADER ##
include /etc/nginx/conf/headers.conf;
add_header Content-Security-Policy "default-src 'none'";
## ENTER HERE ##
location / {
# Let's encrypt location
location ^~ /.well-known/acme-challenge {
default_type text/plain;
}
location = /.well-known/acme-challenge/ {
return 444;
}
## CAPTIVE PORTAL RESPONSE
location / {
return 204;
}
}
}
## SITE HANDLING HTTPS ##
server {
## INIT ##
listen 443 ssl;
server_name captiveportal.kuketz.de;
root /var/www/sites/captiveportal.kuketz.de;
## LOGS ##
access_log off;
error_log off;
## SECURITY HEADER ##
include /etc/nginx/conf/headers-ssl.conf;
add_header Content-Security-Policy "default-src 'none'";
## SSL ##
ssl on;
ssl_certificate /etc/ssl/certs/captiveportal.kuketz_ecdsa.pem;
ssl_certificate_key /etc/ssl/private/captiveportal.kuketz_ecdsa.key;
# OCSP-Stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_stapling_file /etc/ssl/certs/captiveportal.kuketz_ocspresponse.der;
## CAPTIVE PORTAL RESPONSE
location / {
return 204;
}
}
The decisive thing is actually only this small part:## CAPTIVE PORTAL RESPONSE
location / {
return 204;
}
This will allow nginx to respond to requests on the domain "captiveportal.kuketz.de" with an HTTP-204 status code. This should also work with Apache (not verified):RewriteEngine On
RewriteCond %{REQUEST_URI} /
RewriteRule $ / [R=204,L]
Conclusion: Now you can use my service or host the Connectiviy-Check yourself. Google won't get any more data via this function.
Source and more info (german):
https://www.kuketz-blog.de/android-captive-portal-check-204-http-antwort-von-captiveportal-kuketz-de/
#android #captiveportal #check #HTTP #guide #kuketz
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
DCA_Fishing_in_the_Piracy_Stream_v6.pdf
1.4 MB
Fishing in the Piracy Stream: How the Dark Web of Entertainment is Exposing Consumers to Harm
https://www.digitalcitizensalliance.org/clientuploads/directory/Reports/DCA_Fishing_in_the_Piracy_Stream_v6.pdf
#piracy #stream #malware
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
https://www.digitalcitizensalliance.org/clientuploads/directory/Reports/DCA_Fishing_in_the_Piracy_Stream_v6.pdf
#piracy #stream #malware
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
🇪🇸 La policía británica exige a las presuntas víctimas de una violación que entreguen los datos de su móvil
La Fiscalía defiende la medida para evitar absoluciones por falta de acceso a las pruebas
A primera vista es un dilema entre la garantía de un juicio justo y el derecho a la intimidad. Aparentemente, porque las asociaciones en defensa de las mujeres víctimas de delitos sexuales denuncian que lo que se pretende es cuestionar la actitud o la moralidad de las agredidas, en vez de centrarse en los hechos objetivos con relevancia penal. La policía del Reino Unido trabaja ya en los casos de violación con un formulario digital en el que se requiere a las presuntas víctimas que permitan a los investigadores el acceso a los datos de sus teléfonos móviles. El caso de Liam Allan alteró el modo de proceder de la acusación pública. Este estudiante universitario fue acusado en 2017 de 12 delitos contra la libertad sexual, acabó siendo absuelto después de que la Fiscalía entregara a la defensa el contenido de mensajes de las víctimas que aparentemente le exoneraban. Un año después, la cifra de presuntos violadores formalmente acusados había descendido en un 23% en el Reino Unido.
"Tenemos un problema extremadamente grave con la persecución de los casos de violación en este país, y es un hecho probado que la mayoría de los violadores consiguen esquivar el castigo. Parte de las causas reside en que las investigaciones se centran demasiado a menudo en la personalidad de las mujeres, en su honestidad o en su historial sexual —a pesar de todas las normas diseñadas precisamente para prevenir que esto ocurra—, en vez de centrarse en las acciones o el comportamiento del acusado", ha denunciado Rachel Krys, vicedirectora de End Violence Against Women Coalition (Coalición para el Fin de la Violencia contra las Mujeres).
Más de 90.000 agentes de policía y personal administrativo han participado en cursos de formación en los que se insiste en la obligación de entregar a los abogados defensores de cualquier acusado de violación las pruebas que puedan resultar relevantes para su estrategia, y de hacerlo cuanto antes. El formulario que se da ya a las presuntas víctimas les deja claro que no están obligadas a entregar sus móviles, pero acompaña esta información de la siguiente advertencia: "Si usted no da su consentimiento para que la policía acceda a los datos de su teléfono, tendrá la oportunidad de explicar los motivos de su negativa. Si rechaza dar permiso a la policía para que investigue o para que la Fiscalía pueda revelar material que permitiría al acusado tener un juicio justo, es posible que la investigación o la acusación formal no pueden seguir adelante", dice el formulario.
La policía justifica la necesidad del formulario en que es el único modo de obtener un consentimiento general de la víctima —el consentimiento sigue siendo obligatorio para hacer uso de esa información— ante un volumen de información que puede ser desorbitado. Si se imprimiera en folios tamaño A4 el contenido medio de un teléfono inteligente convencional, explica el asesor de la Policía Metropolitana, Nick Ephgrave, el resultado final serían millones de folios. Por eso en la actualidad las fuerzas de seguridad están utilizando métodos de Inteligencia Artificial para hacer un rastreo más selectivo de la información.
La Fiscalía defiende la medida para evitar absoluciones por falta de acceso a las pruebas
A primera vista es un dilema entre la garantía de un juicio justo y el derecho a la intimidad. Aparentemente, porque las asociaciones en defensa de las mujeres víctimas de delitos sexuales denuncian que lo que se pretende es cuestionar la actitud o la moralidad de las agredidas, en vez de centrarse en los hechos objetivos con relevancia penal. La policía del Reino Unido trabaja ya en los casos de violación con un formulario digital en el que se requiere a las presuntas víctimas que permitan a los investigadores el acceso a los datos de sus teléfonos móviles. El caso de Liam Allan alteró el modo de proceder de la acusación pública. Este estudiante universitario fue acusado en 2017 de 12 delitos contra la libertad sexual, acabó siendo absuelto después de que la Fiscalía entregara a la defensa el contenido de mensajes de las víctimas que aparentemente le exoneraban. Un año después, la cifra de presuntos violadores formalmente acusados había descendido en un 23% en el Reino Unido.
"Tenemos un problema extremadamente grave con la persecución de los casos de violación en este país, y es un hecho probado que la mayoría de los violadores consiguen esquivar el castigo. Parte de las causas reside en que las investigaciones se centran demasiado a menudo en la personalidad de las mujeres, en su honestidad o en su historial sexual —a pesar de todas las normas diseñadas precisamente para prevenir que esto ocurra—, en vez de centrarse en las acciones o el comportamiento del acusado", ha denunciado Rachel Krys, vicedirectora de End Violence Against Women Coalition (Coalición para el Fin de la Violencia contra las Mujeres).
Más de 90.000 agentes de policía y personal administrativo han participado en cursos de formación en los que se insiste en la obligación de entregar a los abogados defensores de cualquier acusado de violación las pruebas que puedan resultar relevantes para su estrategia, y de hacerlo cuanto antes. El formulario que se da ya a las presuntas víctimas les deja claro que no están obligadas a entregar sus móviles, pero acompaña esta información de la siguiente advertencia: "Si usted no da su consentimiento para que la policía acceda a los datos de su teléfono, tendrá la oportunidad de explicar los motivos de su negativa. Si rechaza dar permiso a la policía para que investigue o para que la Fiscalía pueda revelar material que permitiría al acusado tener un juicio justo, es posible que la investigación o la acusación formal no pueden seguir adelante", dice el formulario.
La policía justifica la necesidad del formulario en que es el único modo de obtener un consentimiento general de la víctima —el consentimiento sigue siendo obligatorio para hacer uso de esa información— ante un volumen de información que puede ser desorbitado. Si se imprimiera en folios tamaño A4 el contenido medio de un teléfono inteligente convencional, explica el asesor de la Policía Metropolitana, Nick Ephgrave, el resultado final serían millones de folios. Por eso en la actualidad las fuerzas de seguridad están utilizando métodos de Inteligencia Artificial para hacer un rastreo más selectivo de la información.
Defensores y detractores del nuevo método coinciden en la necesidad de dar mayor cobertura legal y claridad a una investigación en detalles tan personales de la víctima. "Con el formulario, las víctimas obtienen indicaciones más precisas de cómo se usarán sus datos. Porque la acumulación de tal volumen de información de datos personales, sin que haya un método consistente y claro a la hora de determinar su relevancia, es un problema que nos preocupa", ha dicho Katie Russell, cofundadora de Rape Crisis England and Wales (Crisis de Violaciones en Inglaterra y Gales). Esta organización, sin embargo, comparte el temor de que el acceso a toda esa información personal se vuelva en contra de la presunta víctima. "Las estadísticas nos muestran constantemente que los delitos de violación o abuso sexual registran históricamente un número menor de denuncias, comparados con otros delitos graves. Entre los motivos de este dato, según nos cuentan las víctimas en los centros de atención de Rape Crisis, está la desconfianza que tienen hacia el sistema de justicia y el temor a que acaben siendo ellas las que se sientan objeto de investigación o juzgadas", ha dicho en un comunicado.
https://elpais.com/sociedad/2019/04/29/actualidad/1556544192_229884.html
#justicia #privacidad
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
https://elpais.com/sociedad/2019/04/29/actualidad/1556544192_229884.html
#justicia #privacidad
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
El País
La policía británica exige a las presuntas víctimas de una violación que entreguen los datos de su móvil
La Fiscalía defiende la medida para evitar absoluciones por falta de acceso a las pruebas
Forwarded from cRyPtHoN™ INFOSEC (DE)
Mein Grundeinkommen
Verlosung & Lesung am 13.05.2019 in Berlin
https://www.mein-grundeinkommen.de/
#Grundeinkommen
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Verlosung & Lesung am 13.05.2019 in Berlin
https://www.mein-grundeinkommen.de/
#Grundeinkommen
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
RFID keys can be cloned
The Secvest alarm system from Abus can be conveniently activated and deactivated using an RFID key. But the keys can be copied within seconds. A solution to the security problem is not in sight.
Vulnerability Details:
SySS GmbH found out that the RFID technology used by the ABUS Secvest
wireless alarm system and its ABUS proximity keys (MIFARE Classic RFID
tags) is vulnerable to RFID cloning attacks.
The information stored on the used proximity keys can be read easily in
a very short time from distances up to 1 meter, depending on the used
RFID reader. A working cloned RFID token is ready for use within a
couple of seconds using freely available tools.
Thus, an attacker with one-time access to the information of an ABUS
proximity key for an ABUS Secvest wireless alarm system is able to
create a rogue RFID token that can be used to deactivate the alarm
system in an unauthorized manner.
PoC:
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-005.txt
Video:
https://t.me/BlackBox_Archiv/344
#ABUS #Alarmsystem #RFID #cloned #security #risk #poc
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
The Secvest alarm system from Abus can be conveniently activated and deactivated using an RFID key. But the keys can be copied within seconds. A solution to the security problem is not in sight.
Vulnerability Details:
SySS GmbH found out that the RFID technology used by the ABUS Secvest
wireless alarm system and its ABUS proximity keys (MIFARE Classic RFID
tags) is vulnerable to RFID cloning attacks.
The information stored on the used proximity keys can be read easily in
a very short time from distances up to 1 meter, depending on the used
RFID reader. A working cloned RFID token is ready for use within a
couple of seconds using freely available tools.
Thus, an attacker with one-time access to the information of an ABUS
proximity key for an ABUS Secvest wireless alarm system is able to
create a rogue RFID token that can be used to deactivate the alarm
system in an unauthorized manner.
PoC:
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-005.txt
Video:
https://t.me/BlackBox_Archiv/344
#ABUS #Alarmsystem #RFID #cloned #security #risk #poc
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Media is too big
VIEW IN TELEGRAM
📺 ABUS Secvest Proximity Key Cloning PoC Attack Proof of Concept (PoC)
https://youtu.be/sPyXTQXTEcQ
#ABUS #Alarmsystem #RFID #cloned #security #risk #poc #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
https://youtu.be/sPyXTQXTEcQ
#ABUS #Alarmsystem #RFID #cloned #security #risk #poc #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
🇪🇸 La mitad de los compradores de Amazon prefiere ceder sus datos a Bezos que al Gobierno
Una encuesta revela que el envío rápido es el principal motivo de los clientes para suscribirse al servicio Prime.
Si los usuarios de Amazon tuvieran que elegir a quién confiar sus datos personales, un 55,5% elegiría a Jeff Bezos. Un 48,1% los confiaría a su lugar de trabajo, un 25% al Gobierno y solo un 9,3% a Facebook. Estos datos han sido extraídos de una encuesta con varias opciones de respuesta realizada por Investing.com a más de 1.000 compradores de Amazon en Estados Unidos.
Otra muestra de la confianza que los usuarios de Amazon tienen en la tecnológica es el servicio de Amazon Key, que permite la entrega de paquetes a domicilio aunque no haya nadie en casa, puesto en marcha en Estados Unidos. Desde Investing.com señalan que “ese nivel de confianza es difícil de conseguir y muy apreciado en el sector minorista en general”.
Los resultados de la encuesta revelan que la generación milenial es la que en mayor medida opta por el servicio Prime. Y es que el envío rápido es lo que más valora el 73% de los encuestados, seguido por un 48,2% que elige esta modalidad por el servicio de televisión que ofrece el marketplace.
Desde el punto de vista de la retención de clientes, los beneficios de ser Prime pueden fomentar la fidelidad de los compradores, según el informe. Más del 80% de los usuarios estuvieron subscritos al servicio durante al menos un año y más de un tercio (37%) son miembros Prime desde hace cuatro años o más.
Cambios en los hábitos de consumo
El comercio electrónico ha pasado factura a las grandes superficies comerciales. En España, hasta el mes de abril, los centros comerciales han perdido un 5% de visitantes. Esta tendencia está llevando a que las grandes superficies busquen convertirse en centros de experiencias más allá de las compras.
Los usuarios de Amazon contribuyen a este déficit de visitantes. Según la encuesta, el 43% ha dejado de comprar en centros comerciales. Además, casi uno de cada tres compradores aseguran realizar pedidos en Amazon, al menos, una vez al mes.
El gasto mensual está en los 120 dólares y, aunque el surtido de productos en Amazon cada vez es más amplio, los libros siguen siendo su producto estrella. El 49% de los encuestados “buscaron libros y audiolibros a través de la web de venta minorista, y el 48% hizo lo mismo para sus compras de electrónica”.
Desde Investing.com señalan que “como resultado de unos precios extremadamente competitivos y de su relación con las pequeñas editoriales independientes, algunos analistas han llegado a decir que Amazon ha creado un monopolio de la industria del libro”.
Los compradores se sienten también menos inclinados a buscar en otros sitios películas, música y juegos (37%), productos de belleza y salud (30%) y ropa, zapatos y joyas (26%).
Crecimiento continuo
La mayoría de los compradores no cree que Amazon haya tocado techo tampoco. El 88% de los encuestados cree que seguirá creciendo, diversificándose hacia otras industrias. Uno de cada 4 compradores prevé que la empresa irrumpirá a continuación en el sector de los servicios de reparto, seguido del de los productos farmacéuticos (19%), la inteligencia artificial (13%) y la salud (9%).
Los inversores coinciden en que Amazon va a seguir creciendo. Las acciones de la compañía crecen alrededor de un 30% desde principios de año. El primer trimestre de 2019 supuso unos ingresos por encima de los 59.700 millones de dólares para este gigante del comercio electrónico
https://www.elespanol.com/economia/empresas/20190505/mitad-compradores-amazon-prefiere-ceder-bezos-gobierno/394711521_0.html
#amazon #privacidad
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Una encuesta revela que el envío rápido es el principal motivo de los clientes para suscribirse al servicio Prime.
Si los usuarios de Amazon tuvieran que elegir a quién confiar sus datos personales, un 55,5% elegiría a Jeff Bezos. Un 48,1% los confiaría a su lugar de trabajo, un 25% al Gobierno y solo un 9,3% a Facebook. Estos datos han sido extraídos de una encuesta con varias opciones de respuesta realizada por Investing.com a más de 1.000 compradores de Amazon en Estados Unidos.
Otra muestra de la confianza que los usuarios de Amazon tienen en la tecnológica es el servicio de Amazon Key, que permite la entrega de paquetes a domicilio aunque no haya nadie en casa, puesto en marcha en Estados Unidos. Desde Investing.com señalan que “ese nivel de confianza es difícil de conseguir y muy apreciado en el sector minorista en general”.
Los resultados de la encuesta revelan que la generación milenial es la que en mayor medida opta por el servicio Prime. Y es que el envío rápido es lo que más valora el 73% de los encuestados, seguido por un 48,2% que elige esta modalidad por el servicio de televisión que ofrece el marketplace.
Desde el punto de vista de la retención de clientes, los beneficios de ser Prime pueden fomentar la fidelidad de los compradores, según el informe. Más del 80% de los usuarios estuvieron subscritos al servicio durante al menos un año y más de un tercio (37%) son miembros Prime desde hace cuatro años o más.
Cambios en los hábitos de consumo
El comercio electrónico ha pasado factura a las grandes superficies comerciales. En España, hasta el mes de abril, los centros comerciales han perdido un 5% de visitantes. Esta tendencia está llevando a que las grandes superficies busquen convertirse en centros de experiencias más allá de las compras.
Los usuarios de Amazon contribuyen a este déficit de visitantes. Según la encuesta, el 43% ha dejado de comprar en centros comerciales. Además, casi uno de cada tres compradores aseguran realizar pedidos en Amazon, al menos, una vez al mes.
El gasto mensual está en los 120 dólares y, aunque el surtido de productos en Amazon cada vez es más amplio, los libros siguen siendo su producto estrella. El 49% de los encuestados “buscaron libros y audiolibros a través de la web de venta minorista, y el 48% hizo lo mismo para sus compras de electrónica”.
Desde Investing.com señalan que “como resultado de unos precios extremadamente competitivos y de su relación con las pequeñas editoriales independientes, algunos analistas han llegado a decir que Amazon ha creado un monopolio de la industria del libro”.
Los compradores se sienten también menos inclinados a buscar en otros sitios películas, música y juegos (37%), productos de belleza y salud (30%) y ropa, zapatos y joyas (26%).
Crecimiento continuo
La mayoría de los compradores no cree que Amazon haya tocado techo tampoco. El 88% de los encuestados cree que seguirá creciendo, diversificándose hacia otras industrias. Uno de cada 4 compradores prevé que la empresa irrumpirá a continuación en el sector de los servicios de reparto, seguido del de los productos farmacéuticos (19%), la inteligencia artificial (13%) y la salud (9%).
Los inversores coinciden en que Amazon va a seguir creciendo. Las acciones de la compañía crecen alrededor de un 30% desde principios de año. El primer trimestre de 2019 supuso unos ingresos por encima de los 59.700 millones de dólares para este gigante del comercio electrónico
https://www.elespanol.com/economia/empresas/20190505/mitad-compradores-amazon-prefiere-ceder-bezos-gobierno/394711521_0.html
#amazon #privacidad
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
El Español
La mitad de los compradores de Amazon prefiere ceder sus datos a Bezos que al Gobierno
OBSERVATORIO DIGITAL. Una encuesta revela que el envío rápido es el principal motivo de los clientes para suscribirse al servicio Prime.
👍1
Media is too big
VIEW IN TELEGRAM
📺 Wir verändern gerade die Debatte
Mein Grundeinkommen bei Anne Will
Anlass der Anne-Will-Sendung waren die zunächst vollmundigen Versprechen der SPD, Hartz IV überwinden zu wollen. Dazu kamen aus der Partei zwei halbgare Vorschläge, die zwar das Wort Grundeinkommen benutzen, aber nicht im Geringsten etwas damit zu tun haben. Konkreter wurde der Vorschlag von Grünen-Chef Robert Habeck. Seine Garantiesicherung kommt unserer Meinung nach einem Grundeinkommen noch am nächsten.
📺 https://www.mein-grundeinkommen.de/news/unser-auftritt-bei-anne-will
https://www.youtube.com/watch?v=bLcPOjv2KFE
#Grundeinkommen #Video #Podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Mein Grundeinkommen bei Anne Will
Anlass der Anne-Will-Sendung waren die zunächst vollmundigen Versprechen der SPD, Hartz IV überwinden zu wollen. Dazu kamen aus der Partei zwei halbgare Vorschläge, die zwar das Wort Grundeinkommen benutzen, aber nicht im Geringsten etwas damit zu tun haben. Konkreter wurde der Vorschlag von Grünen-Chef Robert Habeck. Seine Garantiesicherung kommt unserer Meinung nach einem Grundeinkommen noch am nächsten.
📺 https://www.mein-grundeinkommen.de/news/unser-auftritt-bei-anne-will
https://www.youtube.com/watch?v=bLcPOjv2KFE
#Grundeinkommen #Video #Podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Secure WLAN
The wireless connection to the Internet, WLAN, is a practical thing. But due to software errors, comfort functions and carelessly configured routers, the home WLAN can quickly become a gateway for attackers. With simple tips, however, you can protect yourself against it - and that is highly recommended. Because if an intruder commits a crime via your WLAN (e.g. copyright infringement), you are liable as the subscriber. The following five measures help to protect your WLAN more effectively from uninvited guests:
✅ Long WPA/WPA2 password:
Use a password manager like KeePassXC or the Diceware method (6 words or more) to generate a password or passphrase with at least 32 characters. Due to the length of the password alone, an attacker is faced with an almost unsolvable task when trying to crack your password using a brute force attack. Note: The encryption is only as good as the password used.
✅ Social-Engineering:
Ideally you only use WLANs that you have set up personally or that you trust. If a WLAN with the same SSID name as your WLAN suddenly appears in the list of available WLANs, you should become suspicious and not log in or reveal any passwords. If your WLAN connection breaks down several times abruptly, it is most likely an Evil Twin attack.
✅ Deactivation of comfort functions:
You should generally disable the Wi-Fi Protected Setup (WPS) comfort function. Due to various implementation errors, WPS is always the target of attacks such as Pixie-Dust. Furthermore it is advisable to deactivate functions like "remote access" and similar completely. This considerably reduces the attack area of your WLAN.
✅ Get security updates:
Regularly checks whether (security) updates are available for your access point or router and imports them promptly.
✅ Reduce transmission power / switch off:
Wireless networks often radiate their signal far beyond the actually necessary transmission or reception range. The stronger the WLAN signal, the easier it is to carry out some of the attacks. Many router manufacturers offer the possibility to reduce the transmission power. First selects the lowest transmission power and then checks whether all devices in the desired radius can still establish a connection. It is generally advisable to deactivate the WLAN completely overnight using the schedule or night switch function.
You should not allow foreign devices that you do not control to access your WLAN. If you still wish to offer guest access, you should disconnect it from the protected or private WLAN:
✅ Separate router:
Uses a second router or access point that allows guests to log into a separate guest WLAN. Ideally, you should join a free radio initiative and allow guests or other people free access to the Internet - then you are also exempt from interference liability.
✅ Guest access:
Some routers, such as the Fritz!Box, offer guest access and allow guests to access the Internet via an additional wireless network. Thus the guest devices are (logically) completely separated from the home network or your devices.
Source and more Info:
https://www.kuketz-blog.de/empfehlungsecke/#wifi-absichern
#WIFI #setup #Secure #guide #kuketz
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
The wireless connection to the Internet, WLAN, is a practical thing. But due to software errors, comfort functions and carelessly configured routers, the home WLAN can quickly become a gateway for attackers. With simple tips, however, you can protect yourself against it - and that is highly recommended. Because if an intruder commits a crime via your WLAN (e.g. copyright infringement), you are liable as the subscriber. The following five measures help to protect your WLAN more effectively from uninvited guests:
✅ Long WPA/WPA2 password:
Use a password manager like KeePassXC or the Diceware method (6 words or more) to generate a password or passphrase with at least 32 characters. Due to the length of the password alone, an attacker is faced with an almost unsolvable task when trying to crack your password using a brute force attack. Note: The encryption is only as good as the password used.
✅ Social-Engineering:
Ideally you only use WLANs that you have set up personally or that you trust. If a WLAN with the same SSID name as your WLAN suddenly appears in the list of available WLANs, you should become suspicious and not log in or reveal any passwords. If your WLAN connection breaks down several times abruptly, it is most likely an Evil Twin attack.
✅ Deactivation of comfort functions:
You should generally disable the Wi-Fi Protected Setup (WPS) comfort function. Due to various implementation errors, WPS is always the target of attacks such as Pixie-Dust. Furthermore it is advisable to deactivate functions like "remote access" and similar completely. This considerably reduces the attack area of your WLAN.
✅ Get security updates:
Regularly checks whether (security) updates are available for your access point or router and imports them promptly.
✅ Reduce transmission power / switch off:
Wireless networks often radiate their signal far beyond the actually necessary transmission or reception range. The stronger the WLAN signal, the easier it is to carry out some of the attacks. Many router manufacturers offer the possibility to reduce the transmission power. First selects the lowest transmission power and then checks whether all devices in the desired radius can still establish a connection. It is generally advisable to deactivate the WLAN completely overnight using the schedule or night switch function.
You should not allow foreign devices that you do not control to access your WLAN. If you still wish to offer guest access, you should disconnect it from the protected or private WLAN:
✅ Separate router:
Uses a second router or access point that allows guests to log into a separate guest WLAN. Ideally, you should join a free radio initiative and allow guests or other people free access to the Internet - then you are also exempt from interference liability.
✅ Guest access:
Some routers, such as the Fritz!Box, offer guest access and allow guests to access the Internet via an additional wireless network. Thus the guest devices are (logically) completely separated from the home network or your devices.
Source and more Info:
https://www.kuketz-blog.de/empfehlungsecke/#wifi-absichern
#WIFI #setup #Secure #guide #kuketz
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Media is too big
VIEW IN TELEGRAM
📺 It’s Time to Break Up Facebook
A founder of Facebook says it should be broken up.
📺 https://www.nytimes.com/2019/05/09/opinion/sunday/chris-hughes-facebook-zuckerberg.html
#DeleteFacebook #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
A founder of Facebook says it should be broken up.
📺 https://www.nytimes.com/2019/05/09/opinion/sunday/chris-hughes-facebook-zuckerberg.html
#DeleteFacebook #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
The cost of music
Albums and single songs can be enjoyed today mainly via streaming. But what effects does this have on the climate?
Thanks to the Internet, nobody has to deal with physical data carriers anymore. Whether it's a book (replaced by e-books), a CD (replaced by downloads and streaming) or a film (ditto): almost any content you want can go directly to our PCs, smartphones or tablets. Since it is no longer necessary to drive media through the area with trucks, and since pressing plants and printing plants with their complex (and energy-guzzling) infrastructure can be eliminated, one should actually assume that this is good for the climate and saves CO2.
Music has become cheaper
But this is not always the case. Researchers at the University of Glasgow have now pointed this out by looking at the environmental impact of the increasingly popular streaming offers for music. The team led by musicologist Matt Brennan, who collaborated with colleagues at the University of Oslo, conducted a study entitled "The Cost of Music" on the economic impact of modern music distribution. The researchers have agreed that music has become much cheaper since it is available free of charge on a subscription basis.
But this is not particularly ecological. Kyle Devine, junior professor of music in the Norwegian capital, believes that the decline of CDs and records has reduced plastic waste from the music industry. "From the perspective of CO2 emissions, however, the switch to streaming to Internet-connected devices has led to significantly higher emissions. He relates this assessment to the entire history of music.
Servers eat electricity
The reason for this is the infrastructure required for streaming - starting with the servers of the music companies, the network operators and all the way to the end customer device. Brennan & Co. have calculated that the storage and processing of digital music consumes "enormous power and energy resources". For this purpose, they converted the plastic production required for the production of sound carriers into climate gas units and compared it with the streaming requirements. The result: CO2 emissions are significantly higher than in the past - even compared to the boom phases of vinyl and CD sales.
Of course, it depends a lot on how the infrastructure is operated. Not every streaming provider is an environmental sinner. Apple, for example, points out that all its data centers run on renewable energy. However, the company also uses service providers such as Amazon Web Services or Microsoft Azure because its own capacities are not sufficient. What is particularly clear is that streaming, even if it does not look like it due to its immaterial appearance, has a climate effect that cannot be neglected. There's only one thing that helps here: once again pick up the old-fashioned CD, which has probably been in the house for years and has long since earned its climate budget.
PDF🇬🇧:
https://www.gla.ac.uk/media/media_643298_en.pdf
Source🇩🇪:
https://www.heise.de/tr/artikel/Die-Kosten-der-Musik-4404091.html
#Thinkabout #music #climate #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Albums and single songs can be enjoyed today mainly via streaming. But what effects does this have on the climate?
Thanks to the Internet, nobody has to deal with physical data carriers anymore. Whether it's a book (replaced by e-books), a CD (replaced by downloads and streaming) or a film (ditto): almost any content you want can go directly to our PCs, smartphones or tablets. Since it is no longer necessary to drive media through the area with trucks, and since pressing plants and printing plants with their complex (and energy-guzzling) infrastructure can be eliminated, one should actually assume that this is good for the climate and saves CO2.
Music has become cheaper
But this is not always the case. Researchers at the University of Glasgow have now pointed this out by looking at the environmental impact of the increasingly popular streaming offers for music. The team led by musicologist Matt Brennan, who collaborated with colleagues at the University of Oslo, conducted a study entitled "The Cost of Music" on the economic impact of modern music distribution. The researchers have agreed that music has become much cheaper since it is available free of charge on a subscription basis.
But this is not particularly ecological. Kyle Devine, junior professor of music in the Norwegian capital, believes that the decline of CDs and records has reduced plastic waste from the music industry. "From the perspective of CO2 emissions, however, the switch to streaming to Internet-connected devices has led to significantly higher emissions. He relates this assessment to the entire history of music.
Servers eat electricity
The reason for this is the infrastructure required for streaming - starting with the servers of the music companies, the network operators and all the way to the end customer device. Brennan & Co. have calculated that the storage and processing of digital music consumes "enormous power and energy resources". For this purpose, they converted the plastic production required for the production of sound carriers into climate gas units and compared it with the streaming requirements. The result: CO2 emissions are significantly higher than in the past - even compared to the boom phases of vinyl and CD sales.
Of course, it depends a lot on how the infrastructure is operated. Not every streaming provider is an environmental sinner. Apple, for example, points out that all its data centers run on renewable energy. However, the company also uses service providers such as Amazon Web Services or Microsoft Azure because its own capacities are not sufficient. What is particularly clear is that streaming, even if it does not look like it due to its immaterial appearance, has a climate effect that cannot be neglected. There's only one thing that helps here: once again pick up the old-fashioned CD, which has probably been in the house for years and has long since earned its climate budget.
PDF🇬🇧:
https://www.gla.ac.uk/media/media_643298_en.pdf
Source🇩🇪:
https://www.heise.de/tr/artikel/Die-Kosten-der-Musik-4404091.html
#Thinkabout #music #climate #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
The voice of journalism
Columbia Journalism Review - Facebook?
With all that has transpired between Facebook and the media industry over the past couple of years—the repeated algorithm changes, the head fakes about switching to video, the siphoning off of a significant chunk of the industry’s advertising revenue—most publishers approach the giant social network with skepticism, if not outright hostility. And yet, the vast majority of them continue to partner with Facebook, to distribute their content on its platform, and even accept funding and resources from it.
Given that Facebook has not only helped hollow out newsrooms across the country but arguably lowered the overall quality of civic discussion, repeatedly flouted laws around privacy in ways that have served the needs of foreign actors like the Russian government, and played a key role in fomenting violence in countries like Myanmar and India, it’s worth asking: Is it enough to be skeptical? Or is there an ethical case to be made that media companies, and the journalists who work for them, should sever their ties to Facebook completely?
The argument in favor of staying on Facebook is obvious: the social network has immense reach—2 billion monthly active users—, which provides publishers with the potential to increase their readership. Facebook also has billions of dollars to spread around, whether it’s through advertising revenue sharing, or by funding journalism initiatives, to which it recently committed a total of $300 million over the next three years. Together, Facebook, Twitter, and Google have become the biggest journalism funders in the world, a sad irony given their effects on the business.
Traffic from Facebook has been declining for many publishers, as the social network tweaks its algorithm to focus more on personal sharing. But even so, Facebook continues to drive a lot of revenue. So if you’re a publisher and you want to stay in business, you really have no choice but to work with it. The only other option is to continue to publish to a smaller and smaller group of readers, bringing in smaller amounts of ad revenue every year. Many media outlets have done the math, and decided they have no other option but to play ball—even if means playing ball with a company that not only owns the ball, but also the stadium, and all the uniforms, and the broadcast rights for all the games.
Some take the case even further. At a recent journalism conference in Perugia, City University of New York journalism professor Jeff Jarvis moderated a panel entitled “Criticize Facebook? Sure. Leave? Why?” Jarvis has argued that media companies shouldn’t just passively use Facebook, but should take advantage of the company’s knowledge about how social networks function to learn how to serve their audiences better. (The News Integrity Initiative, which Jarvis helped create, receives funding from Facebook, but he says this doesn’t affect his views about the company).
The panel featured Jesper Doub, a former Der Spiegel journalist who is now Facebook’s director of news partnerships for the EMEA region, Jennifer Brandel of Hearken, former Guardian editor-in-chief Alan Rusbridger, and James Ball, a UK journalist. While many on the panel (apart from Doub) were skeptical of Facebook’s relationship with the media, most seemed to agree with Ball that, despite a multitude of sins, media companies still needed to be on the platform because “that’s where the people are.” Individuals might want to quit the social network, Ball said, but media companies would be stupid to do the same.
Read more:
https://www.cjr.org/the_new_gatekeepers/should-the-media-quit-facebook.php
#DeleteFacebook #journalism #news #publishers #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Columbia Journalism Review - Facebook?
With all that has transpired between Facebook and the media industry over the past couple of years—the repeated algorithm changes, the head fakes about switching to video, the siphoning off of a significant chunk of the industry’s advertising revenue—most publishers approach the giant social network with skepticism, if not outright hostility. And yet, the vast majority of them continue to partner with Facebook, to distribute their content on its platform, and even accept funding and resources from it.
Given that Facebook has not only helped hollow out newsrooms across the country but arguably lowered the overall quality of civic discussion, repeatedly flouted laws around privacy in ways that have served the needs of foreign actors like the Russian government, and played a key role in fomenting violence in countries like Myanmar and India, it’s worth asking: Is it enough to be skeptical? Or is there an ethical case to be made that media companies, and the journalists who work for them, should sever their ties to Facebook completely?
The argument in favor of staying on Facebook is obvious: the social network has immense reach—2 billion monthly active users—, which provides publishers with the potential to increase their readership. Facebook also has billions of dollars to spread around, whether it’s through advertising revenue sharing, or by funding journalism initiatives, to which it recently committed a total of $300 million over the next three years. Together, Facebook, Twitter, and Google have become the biggest journalism funders in the world, a sad irony given their effects on the business.
Traffic from Facebook has been declining for many publishers, as the social network tweaks its algorithm to focus more on personal sharing. But even so, Facebook continues to drive a lot of revenue. So if you’re a publisher and you want to stay in business, you really have no choice but to work with it. The only other option is to continue to publish to a smaller and smaller group of readers, bringing in smaller amounts of ad revenue every year. Many media outlets have done the math, and decided they have no other option but to play ball—even if means playing ball with a company that not only owns the ball, but also the stadium, and all the uniforms, and the broadcast rights for all the games.
Some take the case even further. At a recent journalism conference in Perugia, City University of New York journalism professor Jeff Jarvis moderated a panel entitled “Criticize Facebook? Sure. Leave? Why?” Jarvis has argued that media companies shouldn’t just passively use Facebook, but should take advantage of the company’s knowledge about how social networks function to learn how to serve their audiences better. (The News Integrity Initiative, which Jarvis helped create, receives funding from Facebook, but he says this doesn’t affect his views about the company).
The panel featured Jesper Doub, a former Der Spiegel journalist who is now Facebook’s director of news partnerships for the EMEA region, Jennifer Brandel of Hearken, former Guardian editor-in-chief Alan Rusbridger, and James Ball, a UK journalist. While many on the panel (apart from Doub) were skeptical of Facebook’s relationship with the media, most seemed to agree with Ball that, despite a multitude of sins, media companies still needed to be on the platform because “that’s where the people are.” Individuals might want to quit the social network, Ball said, but media companies would be stupid to do the same.
Read more:
https://www.cjr.org/the_new_gatekeepers/should-the-media-quit-facebook.php
#DeleteFacebook #journalism #news #publishers #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Media is too big
VIEW IN TELEGRAM
📺 Citizen Scoring in the EU - it happens at home, not only in China!
re:publica
Several EU governments use automated decision-making systems to score citizens, either to spot welfare fraud, detect whether children are in danger of neglect, or determine how much care elderly or disabled persons should get. AlgorithmWatch's research shows that these systems are deployed much more widely than commonly known in many countries in Europe, and that they lack oversight and accountability.
📺 https://www.youtube.com/watch?v=HVkumdj-97s
#scoring #EU #China #why #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
re:publica
Several EU governments use automated decision-making systems to score citizens, either to spot welfare fraud, detect whether children are in danger of neglect, or determine how much care elderly or disabled persons should get. AlgorithmWatch's research shows that these systems are deployed much more widely than commonly known in many countries in Europe, and that they lack oversight and accountability.
📺 https://www.youtube.com/watch?v=HVkumdj-97s
#scoring #EU #China #why #video #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Audio
🎧 Steganography enables sophisticated OceanLotus payloads.
Researchers at Blackberry Cylance have been tracking payload obfuscation techniques employed by OceanLotus (APT32), specifically steganography used to hide code within seemingly benign image files. Tom Bonner is director of threat research at Blackberry Cylance, and he joins us to share their findings.
📻 #ResearchSaturday #Steganography #OceanLotus #payloads #podcast
https://www.thecyberwire.com/podcasts/cw-podcasts-rs-2019-05-11.html
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Researchers at Blackberry Cylance have been tracking payload obfuscation techniques employed by OceanLotus (APT32), specifically steganography used to hide code within seemingly benign image files. Tom Bonner is director of threat research at Blackberry Cylance, and he joins us to share their findings.
📻 #ResearchSaturday #Steganography #OceanLotus #payloads #podcast
https://www.thecyberwire.com/podcasts/cw-podcasts-rs-2019-05-11.html
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Product placement
Did you get the advertising message?
From "House of Cards" to "Stranger Things": Streaming services like Netflix and Amazon manipulate their audience with advertising - almost unnoticed.
Every viewer of the Netflix horror series Stranger Things knows that the favourite food of the mysterious main character Eleven is Eggo's ready-made wafers. Not only because the girl constantly feeds the waffles, the waffles also play a leading role in several scenes and already at the end of the first season give the viewer an indication of Eleven's serial fate. Even in the mobile phone game for the series you have to collect the waffles, and the viewer is also unusually well informed about the culinary preferences of other characters: The high school boy Steve Harrington loves Fast Food by Kentucky Fried Chicken, as he reveals in the first episode of the second season. An entire scene is set up around a table full of clearly visible cups and cardboard buckets from the restaurant chain. "I love KFC," says Steve Harrington and then even says the official advertising slogan in the English language: "It's finger lickin' good."
Streaming services like Netflix or Amazon Prime Video don't show advertising blocks like linear television, but they're still not free of advertising. A large part of the own productions of the streaming services as well as the purchased contents contain product placements. At Netflix it is said to be about three quarters, at Amazon almost all.
Even in the science fiction series "The Expanse", whose told world has little to do with the present, a few Fedex containers were accommodated. Often the clothes of the characters look conspicuously like the collection of a fashion discounter. Currently, fans of the fantasy series "Game of Thrones" are discussing whether a Starbuck's coffee mug that has accidentally been left on the set could be surreptitious advertising. And Frank Underwood from the Netflix series "House of Cards" regularly played real-life computer games and talked to other characters about them when he wasn't training with his Waterrower, a rowing machine with a real water tank. Allegedly, the sales figures of the training device rose steeply at the start of every new season of the series.
Currently fans of "Game of Thrones" are discussing a Starbuck's coffee mug
Product placement is a billion market. Also because the important target group of under 50s with above-average incomes is difficult to reach via linear television. They often have subscriptions to streaming services and no TV at all. This is why there are now agencies such as Saint Elmo's that specialise in placing products in digital entertainment formats. The company's website says: "Your advertising messages don't reach the target group? Stop advertising - start with content marketing! Your advertising is more effective if it is not perceived as such. But as exciting, useful, contemporary content. Then it also works with the target group." This often works very well - the serial producers have little inhibitions to use real existing waffles as plotter elements or an advertising slogan as punchline.
There could only be problems with German law. For streaming services, the State Broadcasting Treaty is applied here, according to which product placements are permitted, but must be marked at the beginning of the programme. Illegal surreptitious advertising occurs when the product placement is not marked or "if it takes place in return for payment or similar consideration". So are Elevens Eggos and Steve Harrington's chicken legs surreptitious advertising? Netflix has included a reference to product placement before many of its formats as required in the broadcasting contract.
Did you get the advertising message?
From "House of Cards" to "Stranger Things": Streaming services like Netflix and Amazon manipulate their audience with advertising - almost unnoticed.
Every viewer of the Netflix horror series Stranger Things knows that the favourite food of the mysterious main character Eleven is Eggo's ready-made wafers. Not only because the girl constantly feeds the waffles, the waffles also play a leading role in several scenes and already at the end of the first season give the viewer an indication of Eleven's serial fate. Even in the mobile phone game for the series you have to collect the waffles, and the viewer is also unusually well informed about the culinary preferences of other characters: The high school boy Steve Harrington loves Fast Food by Kentucky Fried Chicken, as he reveals in the first episode of the second season. An entire scene is set up around a table full of clearly visible cups and cardboard buckets from the restaurant chain. "I love KFC," says Steve Harrington and then even says the official advertising slogan in the English language: "It's finger lickin' good."
Streaming services like Netflix or Amazon Prime Video don't show advertising blocks like linear television, but they're still not free of advertising. A large part of the own productions of the streaming services as well as the purchased contents contain product placements. At Netflix it is said to be about three quarters, at Amazon almost all.
Even in the science fiction series "The Expanse", whose told world has little to do with the present, a few Fedex containers were accommodated. Often the clothes of the characters look conspicuously like the collection of a fashion discounter. Currently, fans of the fantasy series "Game of Thrones" are discussing whether a Starbuck's coffee mug that has accidentally been left on the set could be surreptitious advertising. And Frank Underwood from the Netflix series "House of Cards" regularly played real-life computer games and talked to other characters about them when he wasn't training with his Waterrower, a rowing machine with a real water tank. Allegedly, the sales figures of the training device rose steeply at the start of every new season of the series.
Currently fans of "Game of Thrones" are discussing a Starbuck's coffee mug
Product placement is a billion market. Also because the important target group of under 50s with above-average incomes is difficult to reach via linear television. They often have subscriptions to streaming services and no TV at all. This is why there are now agencies such as Saint Elmo's that specialise in placing products in digital entertainment formats. The company's website says: "Your advertising messages don't reach the target group? Stop advertising - start with content marketing! Your advertising is more effective if it is not perceived as such. But as exciting, useful, contemporary content. Then it also works with the target group." This often works very well - the serial producers have little inhibitions to use real existing waffles as plotter elements or an advertising slogan as punchline.
There could only be problems with German law. For streaming services, the State Broadcasting Treaty is applied here, according to which product placements are permitted, but must be marked at the beginning of the programme. Illegal surreptitious advertising occurs when the product placement is not marked or "if it takes place in return for payment or similar consideration". So are Elevens Eggos and Steve Harrington's chicken legs surreptitious advertising? Netflix has included a reference to product placement before many of its formats as required in the broadcasting contract.
In the new directives for audiovisual media adopted by the European Parliament in 2018 but not yet implemented, the existing provisions on the handling of advertising were extended to streaming services. Children in particular should then be better protected from advertising. According to the new directives, product placements are still permitted if they are labelled accordingly and the product is not highlighted.
Until the Directives have been converted into national law, the Interstate Broadcasting Treaty, which has already been applied in one case, will apply: Earlier this year, the Bavarian Regulatory Authority for New Media (BLM) prohibited Amazon Prime Video from providing an episode of the eighth season of "Pastewka" on suspicion of surreptitious advertising. The episode was largely set in a media market. The production company Brainpool denied a product placement, the electronics market had been rented. Media Markt also denied having booked a product placement. The case has now been resolved out of court: Amazon shows a new cut of the episode, with which BLM also agrees.
And then, of course, there's the free mobile game until the next season starts.
However, product placement and surreptitious advertising is not only a legal issue. The embedding of products and the linking of different content and media simply corresponds to the logic of such platforms for digital content. The free mobile game to "Stranger Things" is not only a nice pastime until the next season, but also expands the environment for possible advertising content and binds viewers to the digital infrastructure of companies. This is because the game is likely to be played on a device on which the Netflix app is installed. It's not far from the game to the next series marathon. For a company like Amazon, product placements in its Prime Video content offer completely different possibilities than just customer retention: The Internet department store, which Amazon still is first and foremost, is only a few clicks away.
If products can be placed in this way, would political influence on the content of streaming services not also be conceivable? Can't ideologies be integrated into fictional content in the same way, or even more subtly? This is not yet a problem for the large streaming services, as they defend themselves against overly clear political positioning in order to reach as many viewers as possible. But in social networks, political messages - often wrapped in seemingly harmless parodies or memes - in combination with scandalizing algorithms have become a big problem.
There are websites like Infowars that have recognized these possibilities in digital space at an early stage and sell the right survival equipment for their lurid catastrophe news. The product placements show the power of manipulation inherent in digital media. The paragraphs of the Interstate Broadcasting Treaty alone are not enough to get a grip on this.
https://www.sueddeutsche.de/medien/netflix-amazon-streaming-product-placement-1.4441198
#netflix #amazon #DeleteAmazon #streaming #advertising #manipulation #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Until the Directives have been converted into national law, the Interstate Broadcasting Treaty, which has already been applied in one case, will apply: Earlier this year, the Bavarian Regulatory Authority for New Media (BLM) prohibited Amazon Prime Video from providing an episode of the eighth season of "Pastewka" on suspicion of surreptitious advertising. The episode was largely set in a media market. The production company Brainpool denied a product placement, the electronics market had been rented. Media Markt also denied having booked a product placement. The case has now been resolved out of court: Amazon shows a new cut of the episode, with which BLM also agrees.
And then, of course, there's the free mobile game until the next season starts.
However, product placement and surreptitious advertising is not only a legal issue. The embedding of products and the linking of different content and media simply corresponds to the logic of such platforms for digital content. The free mobile game to "Stranger Things" is not only a nice pastime until the next season, but also expands the environment for possible advertising content and binds viewers to the digital infrastructure of companies. This is because the game is likely to be played on a device on which the Netflix app is installed. It's not far from the game to the next series marathon. For a company like Amazon, product placements in its Prime Video content offer completely different possibilities than just customer retention: The Internet department store, which Amazon still is first and foremost, is only a few clicks away.
If products can be placed in this way, would political influence on the content of streaming services not also be conceivable? Can't ideologies be integrated into fictional content in the same way, or even more subtly? This is not yet a problem for the large streaming services, as they defend themselves against overly clear political positioning in order to reach as many viewers as possible. But in social networks, political messages - often wrapped in seemingly harmless parodies or memes - in combination with scandalizing algorithms have become a big problem.
There are websites like Infowars that have recognized these possibilities in digital space at an early stage and sell the right survival equipment for their lurid catastrophe news. The product placements show the power of manipulation inherent in digital media. The paragraphs of the Interstate Broadcasting Treaty alone are not enough to get a grip on this.
https://www.sueddeutsche.de/medien/netflix-amazon-streaming-product-placement-1.4441198
#netflix #amazon #DeleteAmazon #streaming #advertising #manipulation #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Forwarded from cRyPtHoN™ INFOSEC (DE)
Media is too big
VIEW IN TELEGRAM
📺 Software-Rebellen - Die Macht des Teilens
Auf dem Softwaremarkt stehen sich zwei Modelle gegenüber: die sogenannte proprietäre Software der großen Unternehmen und die freie Software, die allen Bürgern kostenlos zur Verfügung steht. Die Doku zeigt anhand von Beispielen aus Indien, den USA und Europa, wie anonyme Entwickler und bekannte Persönlichkeiten versuchen, einer neuen Art des Wissenskapitalismus entgegenzuwirken.
📺 #Software #Rebellen Die Macht des Teilens #Doku #ArteF #Video #Podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Auf dem Softwaremarkt stehen sich zwei Modelle gegenüber: die sogenannte proprietäre Software der großen Unternehmen und die freie Software, die allen Bürgern kostenlos zur Verfügung steht. Die Doku zeigt anhand von Beispielen aus Indien, den USA und Europa, wie anonyme Entwickler und bekannte Persönlichkeiten versuchen, einer neuen Art des Wissenskapitalismus entgegenzuwirken.
📺 #Software #Rebellen Die Macht des Teilens #Doku #ArteF #Video #Podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
F-Droid: Free and Open Source Apps - Take back control! (Part 5)
1. app store with class
By installing LineageOS, we have abandoned our proprietary Android systems and taken control of outbound data traffic with AFWall+. But our journey is far from over, because to get rid of Google and to regain control we have to break away from the Google Play Store.
Most apps from the Google Play Store contain an above-average number of tracker and advertising modules. In the foreseeable future, this business model will probably not change because Android is a self-service data store with which (questionable) developers make a lot of money. Indirectly, Google also earns a lot of money - so Android users can wait in vain for an improvement.
In this article I would like to introduce you to the alternatives App-Store F-Droid. F-Droid is a consumer-friendly alternative to Google's Play Store, which only offers "free" and "open source" apps for download. The two properties "free" and "open source" mean basically nothing else than that the app source code can be viewed, used, changed and further developed by anyone. With its strict "Free Open Source Software (FOSS)" concept, F-Droid clearly sets itself apart from the Google Play Store and other comparable stores.
2. F-Droid Store
In the long run, your goal should be to replace the proprietary apps from the Google Play Store with open source apps from the F-Droid Store, which neither transmit unsolicited sensitive data nor are crammed with tracker and advertising modules. In my experience, it's far less work to resort to privacy-friendly apps from the outset than to teach data-hungry apps or services to "behave". For this reason, the main source for your apps should be the F-Droid Store, because the article series "Take back control!
2.1 The lack of transparency of data processing
In my opinion, we can only achieve the greatest possible control over our data if we or other people (except the app developer) are able to understand the functionality of the installed apps. Furthermore, by disclosing the source code, a developer shows that he does not (only) have financial interests in the foreground and also signals that he does not want to "hide" anything with regard to the program code. This openness is an essential step towards more transparency of the application.
And yes, I am aware that some apps are so complex that even the openness of the developers described above does not guarantee that there are no mysterious code snippets hidden in the source code of the app, whose meaningfulness and meaning can hardly be explained. Therefore, you can never be 100% sure that the app will spy on you even with these apps. Therefore we should not blindly trust the FOSS apps.
In my opinion, however, the disclosure of the source code is a step in the right direction, because it allows someone with the appropriate resources to check the code themselves and, if necessary, adapt it to their needs. A big disadvantage of the mostly proprietary apps, which are located in the Google Play Store, is the lack of transparency of data processing. Because with these proprietary apps we don't know and often can't check what they actually do (without our knowledge).
Under references I list various security and data protection problems. More than half of the entries listed there concern proprietary apps from the Google Play Store. With this in mind, I think it's essential to get as many apps as possible from the F-Droid Store, even if we have to cut back on app selection there. I am aware that this is not always easy. But in the sense of the article series "Take back control! a desirable and necessary goal.
1. app store with class
By installing LineageOS, we have abandoned our proprietary Android systems and taken control of outbound data traffic with AFWall+. But our journey is far from over, because to get rid of Google and to regain control we have to break away from the Google Play Store.
Most apps from the Google Play Store contain an above-average number of tracker and advertising modules. In the foreseeable future, this business model will probably not change because Android is a self-service data store with which (questionable) developers make a lot of money. Indirectly, Google also earns a lot of money - so Android users can wait in vain for an improvement.
In this article I would like to introduce you to the alternatives App-Store F-Droid. F-Droid is a consumer-friendly alternative to Google's Play Store, which only offers "free" and "open source" apps for download. The two properties "free" and "open source" mean basically nothing else than that the app source code can be viewed, used, changed and further developed by anyone. With its strict "Free Open Source Software (FOSS)" concept, F-Droid clearly sets itself apart from the Google Play Store and other comparable stores.
2. F-Droid Store
In the long run, your goal should be to replace the proprietary apps from the Google Play Store with open source apps from the F-Droid Store, which neither transmit unsolicited sensitive data nor are crammed with tracker and advertising modules. In my experience, it's far less work to resort to privacy-friendly apps from the outset than to teach data-hungry apps or services to "behave". For this reason, the main source for your apps should be the F-Droid Store, because the article series "Take back control!
2.1 The lack of transparency of data processing
In my opinion, we can only achieve the greatest possible control over our data if we or other people (except the app developer) are able to understand the functionality of the installed apps. Furthermore, by disclosing the source code, a developer shows that he does not (only) have financial interests in the foreground and also signals that he does not want to "hide" anything with regard to the program code. This openness is an essential step towards more transparency of the application.
And yes, I am aware that some apps are so complex that even the openness of the developers described above does not guarantee that there are no mysterious code snippets hidden in the source code of the app, whose meaningfulness and meaning can hardly be explained. Therefore, you can never be 100% sure that the app will spy on you even with these apps. Therefore we should not blindly trust the FOSS apps.
In my opinion, however, the disclosure of the source code is a step in the right direction, because it allows someone with the appropriate resources to check the code themselves and, if necessary, adapt it to their needs. A big disadvantage of the mostly proprietary apps, which are located in the Google Play Store, is the lack of transparency of data processing. Because with these proprietary apps we don't know and often can't check what they actually do (without our knowledge).
Under references I list various security and data protection problems. More than half of the entries listed there concern proprietary apps from the Google Play Store. With this in mind, I think it's essential to get as many apps as possible from the F-Droid Store, even if we have to cut back on app selection there. I am aware that this is not always easy. But in the sense of the article series "Take back control! a desirable and necessary goal.
2.2 F-Droid Store Features
With the F-Droid Store, an alternative app store has established itself. Critical users who value free and open source applications will particularly benefit from the FOSS apps available there. The lower selection of apps in the F-Droid Store compared to the Google Play Store may seem a bit "frightening" at first glance. Apps, which you know from the Google Play Store so far, you will probably search in F-Droid in vain. In the F-Droid Store, however, you'll also find useful open source alternatives to most of Google Play's apps, which you should definitely give a chance to
Especially users, for whom data protection or the protection of secrets plays an important role, such as lawyers or doctors, should always take care for ethical reasons alone not to install (proprietary) apps, where the data processing is intransparent and thus there is always the danger that apps access information of their clients or patients, which in turn can also be associated with criminal and professional consequences.
Despite the sympathy I have for F-Droid Store, I don't want to hide the fact that this alternative app distribution channel also has a few special features and "shortcomings", which are briefly described in the following:
Use at your own risk:
In the terms of use for the F-Droid Store, the operators point out that despite all efforts they cannot completely guarantee that no malware is offered through the F-Droid Store.
However, before releasing an app, F-Droid operators check the source code of the app to be discontinued for potential security or "privacy" issues. If they don't find any problems, compile them and make the app available in the F-Droid Store. Because this procedure is not a deep or complete "code audit", the F-Droid Store should not be seen as a guarantee for a malware-free marketplace. Rather, we must always have a healthy mistrust of these apps as well. The question as to whether an app is defective or not can often only be answered by extensive and extensive long-term tests of the app.
The F-Droid operator (understandably) cannot and will not perform these tests. A first "shortcoming" of the F-Droid Store is therefore that a new app to be discontinued is generally not or cannot be fully tested. This is different, at least according to Google, e.g. at the Google Play Store. Before a new app is added to the Google Play Store, so-called bouncers automatically check it for "malware". The apps are executed in a virtual environment (similar to antivirus scanners) and screened by the main system for their behavior and functionality. This measure sounds very promising, but as the following examples illustrate, Google cannot guarantee a malware-free store:
With the F-Droid Store, an alternative app store has established itself. Critical users who value free and open source applications will particularly benefit from the FOSS apps available there. The lower selection of apps in the F-Droid Store compared to the Google Play Store may seem a bit "frightening" at first glance. Apps, which you know from the Google Play Store so far, you will probably search in F-Droid in vain. In the F-Droid Store, however, you'll also find useful open source alternatives to most of Google Play's apps, which you should definitely give a chance to
Especially users, for whom data protection or the protection of secrets plays an important role, such as lawyers or doctors, should always take care for ethical reasons alone not to install (proprietary) apps, where the data processing is intransparent and thus there is always the danger that apps access information of their clients or patients, which in turn can also be associated with criminal and professional consequences.
Despite the sympathy I have for F-Droid Store, I don't want to hide the fact that this alternative app distribution channel also has a few special features and "shortcomings", which are briefly described in the following:
Use at your own risk:
In the terms of use for the F-Droid Store, the operators point out that despite all efforts they cannot completely guarantee that no malware is offered through the F-Droid Store.
However, before releasing an app, F-Droid operators check the source code of the app to be discontinued for potential security or "privacy" issues. If they don't find any problems, compile them and make the app available in the F-Droid Store. Because this procedure is not a deep or complete "code audit", the F-Droid Store should not be seen as a guarantee for a malware-free marketplace. Rather, we must always have a healthy mistrust of these apps as well. The question as to whether an app is defective or not can often only be answered by extensive and extensive long-term tests of the app.
The F-Droid operator (understandably) cannot and will not perform these tests. A first "shortcoming" of the F-Droid Store is therefore that a new app to be discontinued is generally not or cannot be fully tested. This is different, at least according to Google, e.g. at the Google Play Store. Before a new app is added to the Google Play Store, so-called bouncers automatically check it for "malware". The apps are executed in a virtual environment (similar to antivirus scanners) and screened by the main system for their behavior and functionality. This measure sounds very promising, but as the following examples illustrate, Google cannot guarantee a malware-free store: