β£οΈ Chaos Communication Camp 2019 β£οΈ
The Chaos Communication Camp in Mildenberg is an open-air hacker camp and party that takes place every four years, organized by the Chaos Computer Club (CCC). Thousands of hackers, technology freaks, artists and utopians get together for five days in the Brandenburg summer β to communicate, learn, hack and party together.
We focus on topics such as information technology, digital security, hacking, crafting, making and breaking, and we engage in creative, sceptical discourse on the interaction between technology and society.
Weβd love to see your submission for these tracks:
π‘ Arts & Culture,
π‘ Ethics, Society & Politics,
π‘ Hardware & Making,
π‘ Security & Hacking,
π‘ Science.
Apart from the official conference program on the main stages, the Chaos Communication Camp also offers space for community villages, developer and project meetings, art installations, lightning talks and numerous workshops (called βself-organized sessionsβ).
Dates & deadlines:
π‘ May 22th, 2019: Call for Participation
π‘ June 11th, 2019 (23:59 CEST): Deadline for submissions
π‘ July 10th: Notification of acceptance
π‘ August 21st β 25th, 2019: Chaos Communication Camp at Ziegeleipark Mildenberg
Submission guidelines for talks:
All lectures need to be submitted to our conference planning system under the following URL:
Please follow the instructions there. If you have any questions regarding the submission, you are welcome to contact us via mail at
Please send us a description of your suggested talk that is as complete as possible. The description is the central criterium for acceptance or rejection, so please ensure that it is as clear and complete as possible. Quality comes before quantity. Due to the non-commercial nature of the event, presentations which aim to market or promote commercial products or entities will be rejected without consideration.
#ccc #camp
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
The Chaos Communication Camp in Mildenberg is an open-air hacker camp and party that takes place every four years, organized by the Chaos Computer Club (CCC). Thousands of hackers, technology freaks, artists and utopians get together for five days in the Brandenburg summer β to communicate, learn, hack and party together.
We focus on topics such as information technology, digital security, hacking, crafting, making and breaking, and we engage in creative, sceptical discourse on the interaction between technology and society.
Weβd love to see your submission for these tracks:
π‘ Arts & Culture,
π‘ Ethics, Society & Politics,
π‘ Hardware & Making,
π‘ Security & Hacking,
π‘ Science.
Apart from the official conference program on the main stages, the Chaos Communication Camp also offers space for community villages, developer and project meetings, art installations, lightning talks and numerous workshops (called βself-organized sessionsβ).
Dates & deadlines:
π‘ May 22th, 2019: Call for Participation
π‘ June 11th, 2019 (23:59 CEST): Deadline for submissions
π‘ July 10th: Notification of acceptance
π‘ August 21st β 25th, 2019: Chaos Communication Camp at Ziegeleipark Mildenberg
Submission guidelines for talks:
All lectures need to be submitted to our conference planning system under the following URL:
https://frab.cccv.de/cfp/camp2019.Please follow the instructions there. If you have any questions regarding the submission, you are welcome to contact us via mail at
camp2019-content@cccv.de.Please send us a description of your suggested talk that is as complete as possible. The description is the central criterium for acceptance or rejection, so please ensure that it is as clear and complete as possible. Quality comes before quantity. Due to the non-commercial nature of the event, presentations which aim to market or promote commercial products or entities will be rejected without consideration.
More info:https://events.ccc.de/2019/05/22/call-for-participation-chaos-communication-camp-2019/
#ccc #camp
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
πΊ Interview with Ren Zhengfei, Founder And CEO Of Chinese Telecom Giant Huawei
Ren Zhengfei, founder and CEO of Chinese telecom giant Huawei, spoke to Time on U.S. actions against his company, the security of Huawei's product, his daughter and Huawei CFO's arrest, President Donald Trump and 5G technology.
πΊ https://www.youtube.com/watch?v=Nl2jCWDwE8w
#china #huawei #founder #interview #video #podcast
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Ren Zhengfei, founder and CEO of Chinese telecom giant Huawei, spoke to Time on U.S. actions against his company, the security of Huawei's product, his daughter and Huawei CFO's arrest, President Donald Trump and 5G technology.
πΊ https://www.youtube.com/watch?v=Nl2jCWDwE8w
#china #huawei #founder #interview #video #podcast
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
US authorities want to intercept telecommunications in Europe
The FBI could soon legally demand sensitive communication data from European Internet service providers, possibly in real time. In doing so, the European Union wants to make the Trump administration more inclined to be allowed to query "electronic evidence" directly on Facebook & Co. in return.
The EU Commission wants to negotiate an agreement with the US government that will force European Union-based Internet service providers to cooperate more with US authorities. The companies would have to grant police and secret services from the USA access to the communication of their users. European prosecutors would then also be able to issue an order for publication directly on Facebook, Apple and other Internet giants. The legal process via the judicial authorities that has been customary up to now is to be dropped. https://ec.europa.eu/info/policies/justice-and-fundamental-rights/criminal-justice/e-evidence-cross-border-access-electronic-evidence_de
The plans are part of the "E-Evidence" regulation, with which the EU wants to facilitate the publication of "electronic evidence". According to a recently published draft, this includes user data (name, date of birth, postal address, telephone number), access data (date and time of use, IP address), transaction data (transmission and reception data, location of the device, protocol used) and content data.
Agreement on implementation with the US Government
The planned EU regulation is limited to companies domiciled in the European Union. But because most of the coveted data is stored in the USA, the EU Commission is planning an implementation agreement with the US government. This would be possible within the framework of the "CLOUD Act", which the US government enacted last year. It obliges companies established in the USA to disclose inventory, traffic and content data if this appears necessary for criminal prosecution or averting danger.
The CLOUD Act also allows third countries to issue orders to US companies. An agreement necessary for this must be based on reciprocity and thus allow the US government access to companies in the partner countries. The Trump administration, however, demands a concession to be able to listen to content data in real time. Companies based in the EU would then have to transfer this data directly to US authorities.
#USA #FBI #EU #government #surveillance
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
The FBI could soon legally demand sensitive communication data from European Internet service providers, possibly in real time. In doing so, the European Union wants to make the Trump administration more inclined to be allowed to query "electronic evidence" directly on Facebook & Co. in return.
The EU Commission wants to negotiate an agreement with the US government that will force European Union-based Internet service providers to cooperate more with US authorities. The companies would have to grant police and secret services from the USA access to the communication of their users. European prosecutors would then also be able to issue an order for publication directly on Facebook, Apple and other Internet giants. The legal process via the judicial authorities that has been customary up to now is to be dropped. https://ec.europa.eu/info/policies/justice-and-fundamental-rights/criminal-justice/e-evidence-cross-border-access-electronic-evidence_de
The plans are part of the "E-Evidence" regulation, with which the EU wants to facilitate the publication of "electronic evidence". According to a recently published draft, this includes user data (name, date of birth, postal address, telephone number), access data (date and time of use, IP address), transaction data (transmission and reception data, location of the device, protocol used) and content data.
Agreement on implementation with the US Government
The planned EU regulation is limited to companies domiciled in the European Union. But because most of the coveted data is stored in the USA, the EU Commission is planning an implementation agreement with the US government. This would be possible within the framework of the "CLOUD Act", which the US government enacted last year. It obliges companies established in the USA to disclose inventory, traffic and content data if this appears necessary for criminal prosecution or averting danger.
The CLOUD Act also allows third countries to issue orders to US companies. An agreement necessary for this must be based on reciprocity and thus allow the US government access to companies in the partner countries. The Trump administration, however, demands a concession to be able to listen to content data in real time. Companies based in the EU would then have to transfer this data directly to US authorities.
More info:https://netzpolitik.org/2019/us-behoerden-wollen-telekommunikation-in-europa-abhoeren/
#USA #FBI #EU #government #surveillance
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
This media is not supported in your browser
VIEW IN TELEGRAM
Meet Doggo: Stanford's student built, four-legged robot
Putting their own twist on robots that amble through complicated landscapes, the Stanford Student Robotics clubβs Extreme Mobility team at Stanford University has developed a four-legged robot that is not only capable of performing acrobatic tricks and traversing challenging terrain but is also designed with reproducibility in mind. Anyone who wants their own version of the robot, dubbed Stanford Doggo, can consult comprehensive plans, code and a supply list that the students have made freely available online:
https://github.com/Nate711/StanfordDoggoProject
https://docs.google.com/spreadsheets/d/1MQRoZCfsMdJhHQ-ht6YvhzNvye6xDXO8vhWQql2HtlI/edit#gid=726381752
http://roboticsclub.stanford.edu/
πΊ https://www.youtube.com/watch?v=2E82o2pP9Jo
#doggo #robotic #opensource #video #podcast
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Putting their own twist on robots that amble through complicated landscapes, the Stanford Student Robotics clubβs Extreme Mobility team at Stanford University has developed a four-legged robot that is not only capable of performing acrobatic tricks and traversing challenging terrain but is also designed with reproducibility in mind. Anyone who wants their own version of the robot, dubbed Stanford Doggo, can consult comprehensive plans, code and a supply list that the students have made freely available online:
https://github.com/Nate711/StanfordDoggoProject
https://docs.google.com/spreadsheets/d/1MQRoZCfsMdJhHQ-ht6YvhzNvye6xDXO8vhWQql2HtlI/edit#gid=726381752
http://roboticsclub.stanford.edu/
πΊ https://www.youtube.com/watch?v=2E82o2pP9Jo
#doggo #robotic #opensource #video #podcast
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Itβs the middle of the night. Do you know who your iPhone is talking to?
Apple says, βWhat happens on your iPhone stays on your iPhone.β Our privacy experiment showed 5,400 hidden app trackers guzzled our data β in a single week.
Itβs 3 a.m. Do you know what your iPhone is doing?
Mine has been alarmingly busy. Even though the screen is off and Iβm snoring, apps are beaming out lots of information about me to companies Iβve never heard of. Your iPhone probably is doing the same β and Apple could be doing more to stop it.
On a recent Monday night, a dozen marketing companies, research firms and other personal data guzzlers got reports from my iPhone. At 11:43 p.m., a company called Amplitude learned my phone number, email and exact location. At 3:58 a.m., another called Appboy got a digital fingerprint of my phone. At 6:25 a.m., a tracker called Demdex received a way to identify my phone and sent back a list of other trackers to pair up with.
And all night long, there was some startling behavior by a household name: Yelp. It was receiving a message that included my IP address -β once every five minutes.
Our data has a secret life in many of the devices we use every day, from talking Alexa speakers to smart TVs. But weβve got a giant blind spot when it comes to the data companies probing our phones.
You might assume you can count on Apple to sweat all the privacy details. After all, it touted in a recent ad, βWhat happens on your iPhone stays on your iPhone.β My investigation suggests otherwise.
IPhone apps I discovered tracking me by passing information to third parties β just while I was asleep β include Microsoft OneDrive, Intuitβs Mint, Nike, Spotify, The Washington Post and IBMβs the Weather Channel. One app, the crime-alert service Citizen, shared personally identifiable information in violation of its published privacy policy.
And your iPhone doesnβt only feed data trackers while you sleep. In a single week, I encountered over 5,400 trackers, mostly in apps, not including the incessant Yelp traffic. According to privacy firm Disconnect, which helped test my iPhone, those unwanted trackers would have spewed out 1.5 gigabytes of data over the span of a month. Thatβs half of an entire basic wireless service plan from AT&T.
βThis is your data. Why should it even leave your phone? Why should it be collected by someone when you donβt know what theyβre going to do with it?β says Patrick Jackson, a former National Security Agency researcher who is chief technology officer for Disconnect. He hooked my iPhone into special software so we could examine the traffic. βI know the value of data, and I donβt want mine in any hands where it doesnβt need to be,β he told me.
Read more:
https://www.washingtonpost.com/technology/2019/05/28/its-middle-night-do-you-know-who-your-iphone-is-talking
#apple #iphone #trackers #datamining #privacy #why
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Apple says, βWhat happens on your iPhone stays on your iPhone.β Our privacy experiment showed 5,400 hidden app trackers guzzled our data β in a single week.
Itβs 3 a.m. Do you know what your iPhone is doing?
Mine has been alarmingly busy. Even though the screen is off and Iβm snoring, apps are beaming out lots of information about me to companies Iβve never heard of. Your iPhone probably is doing the same β and Apple could be doing more to stop it.
On a recent Monday night, a dozen marketing companies, research firms and other personal data guzzlers got reports from my iPhone. At 11:43 p.m., a company called Amplitude learned my phone number, email and exact location. At 3:58 a.m., another called Appboy got a digital fingerprint of my phone. At 6:25 a.m., a tracker called Demdex received a way to identify my phone and sent back a list of other trackers to pair up with.
And all night long, there was some startling behavior by a household name: Yelp. It was receiving a message that included my IP address -β once every five minutes.
Our data has a secret life in many of the devices we use every day, from talking Alexa speakers to smart TVs. But weβve got a giant blind spot when it comes to the data companies probing our phones.
You might assume you can count on Apple to sweat all the privacy details. After all, it touted in a recent ad, βWhat happens on your iPhone stays on your iPhone.β My investigation suggests otherwise.
IPhone apps I discovered tracking me by passing information to third parties β just while I was asleep β include Microsoft OneDrive, Intuitβs Mint, Nike, Spotify, The Washington Post and IBMβs the Weather Channel. One app, the crime-alert service Citizen, shared personally identifiable information in violation of its published privacy policy.
And your iPhone doesnβt only feed data trackers while you sleep. In a single week, I encountered over 5,400 trackers, mostly in apps, not including the incessant Yelp traffic. According to privacy firm Disconnect, which helped test my iPhone, those unwanted trackers would have spewed out 1.5 gigabytes of data over the span of a month. Thatβs half of an entire basic wireless service plan from AT&T.
βThis is your data. Why should it even leave your phone? Why should it be collected by someone when you donβt know what theyβre going to do with it?β says Patrick Jackson, a former National Security Agency researcher who is chief technology officer for Disconnect. He hooked my iPhone into special software so we could examine the traffic. βI know the value of data, and I donβt want mine in any hands where it doesnβt need to be,β he told me.
Read more:
https://www.washingtonpost.com/technology/2019/05/28/its-middle-night-do-you-know-who-your-iphone-is-talking
#apple #iphone #trackers #datamining #privacy #why
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
All for all - and Assange against all
Julian Assange is the only anarchist who has made world politics in the 21st century. In London he must go to court - and with him the ideas of hacker culture.
80c11049faebf441d524fb3c4cd5351c: American soldier Chelsea Manning types this character combination into a chat on March 8, 2010. It is a so-called hash value, the encrypted form of a password. Manning wants to open another door in the army's computer system from which she forwards internal documents to Wikileaks. But she can't crack the hash, hopes for her chat partner, and according to the US Department of Justice the name is Julian Assange. But even the Wikileaks founder and his team are unable to decipher the hash.
The very moment when Assange's hacking skills fail is his doom.
This Thursday, the most famous face that hacker culture has produced will be on trial in London. It is about Assange's extradition to his arch-enemy, the United States of America. The accusation: espionage as Manning's accomplice. Depending on one's point of view, this does not only call into question freedom of the press. The basic conviction of an increasingly influential subculture is also being negotiated: that all information must be freed from dark computer memories and all knowledge of domination must be removed. Everything for everyone. Assange is the only anarchist who made world politics in the 21st century.
The term "hacker" first appeared in the USA in the 1950s and has little to do with political ideas. The first mainframe computers still programmed with punched cards are found in universities. The early hackers did not want to invade foreign computer systems - there are hardly any of them yet. They want to extend the functions of computers. The word "hack" initially means solving a technical problem. In the "Tech Model Railroad Club", a model railway club at the Massachusetts Institute of Technology, the first hackers are working on improving track circuits.
Chip technology later replaced the transistor computer, computers became smaller and more affordable for private individuals. But because there were no graphical user interfaces until the 1980s, as is the case today in Windows or smartphones, owners must at least be able to program a little. To this day, movies present hacking as a superhuman skill. As an X-ray view that perceives what happens under the smooth surfaces of the devices and in nanometer-sized chip parts. Historian Julia GΓΌl Erdogan sees things differently. She says: "The goal of the early hackers was to demystify computer technology. They wanted to understand and master their new machines." Erdogan is doing his doctorate at the Centre for Contemporary Historical Research in Potsdam on hacker cultures in the FRG and GDR.
In 1984, US journalist Steven Levy formulated the so-called "hacker ethics" in the foreword to his book "Hackers". His main concern is free access to computers and knowledge. And mistrust of authorities. It is the spirit that drives Assange since he invaded military networks from his native Australia in the early 1990s. A spirit that at some point leads to his very personal hatred of foreign policy "hawks" like Hillary Clinton.
Early on in the scene, some discover the computer as a political tool. Since the 1980s, the Free Software movement has demanded that people have control over the programs they use at all times, and can change them at any time. Other hackers realize that money can be made with their knowledge. Bill Gates hacks university computers as a student, Steve Jobs and Steve Wozniak also manipulate telephone circuits by sending whistling tones at a certain frequency over the line (phreaking). Their companies Microsoft and Apple later set out to conquer the world.
Julian Assange is the only anarchist who has made world politics in the 21st century. In London he must go to court - and with him the ideas of hacker culture.
80c11049faebf441d524fb3c4cd5351c: American soldier Chelsea Manning types this character combination into a chat on March 8, 2010. It is a so-called hash value, the encrypted form of a password. Manning wants to open another door in the army's computer system from which she forwards internal documents to Wikileaks. But she can't crack the hash, hopes for her chat partner, and according to the US Department of Justice the name is Julian Assange. But even the Wikileaks founder and his team are unable to decipher the hash.
The very moment when Assange's hacking skills fail is his doom.
This Thursday, the most famous face that hacker culture has produced will be on trial in London. It is about Assange's extradition to his arch-enemy, the United States of America. The accusation: espionage as Manning's accomplice. Depending on one's point of view, this does not only call into question freedom of the press. The basic conviction of an increasingly influential subculture is also being negotiated: that all information must be freed from dark computer memories and all knowledge of domination must be removed. Everything for everyone. Assange is the only anarchist who made world politics in the 21st century.
The term "hacker" first appeared in the USA in the 1950s and has little to do with political ideas. The first mainframe computers still programmed with punched cards are found in universities. The early hackers did not want to invade foreign computer systems - there are hardly any of them yet. They want to extend the functions of computers. The word "hack" initially means solving a technical problem. In the "Tech Model Railroad Club", a model railway club at the Massachusetts Institute of Technology, the first hackers are working on improving track circuits.
Chip technology later replaced the transistor computer, computers became smaller and more affordable for private individuals. But because there were no graphical user interfaces until the 1980s, as is the case today in Windows or smartphones, owners must at least be able to program a little. To this day, movies present hacking as a superhuman skill. As an X-ray view that perceives what happens under the smooth surfaces of the devices and in nanometer-sized chip parts. Historian Julia GΓΌl Erdogan sees things differently. She says: "The goal of the early hackers was to demystify computer technology. They wanted to understand and master their new machines." Erdogan is doing his doctorate at the Centre for Contemporary Historical Research in Potsdam on hacker cultures in the FRG and GDR.
In 1984, US journalist Steven Levy formulated the so-called "hacker ethics" in the foreword to his book "Hackers". His main concern is free access to computers and knowledge. And mistrust of authorities. It is the spirit that drives Assange since he invaded military networks from his native Australia in the early 1990s. A spirit that at some point leads to his very personal hatred of foreign policy "hawks" like Hillary Clinton.
Early on in the scene, some discover the computer as a political tool. Since the 1980s, the Free Software movement has demanded that people have control over the programs they use at all times, and can change them at any time. Other hackers realize that money can be made with their knowledge. Bill Gates hacks university computers as a student, Steve Jobs and Steve Wozniak also manipulate telephone circuits by sending whistling tones at a certain frequency over the line (phreaking). Their companies Microsoft and Apple later set out to conquer the world.
So the hacker himself has always been an ambivalent figure. A system malfunctioner that makes the system better. The "penetration test", an attack on a network to find weaknesses in the defense, today means a livelihood for those hackers who then call themselves "IT security experts". But it is precisely because the hacker and his work are usually invisible that they inspire collective fantasies. The penetration of computer systems by dark powers is part of pop culture.
A decisive experience for the Federal Republic: the so-called KGB Hack
Hackers in fictitious works today are above all gloomy, like Elliot Alderson (Rami Malek), who sabotages an overpowering corporation in Mr Robot as a torn drug addict. Thanks to advisors from the scene, the series is one of the few depictions with which experts are satisfied: with digital attack techniques that really exist and without squeaky colorful visualizations of computer viruses. Assange himself probably inspired the figure of the sex-fixed transparency guru Andreas Wolf in Jonathan Franzens novel "Innocence", and James Bond's opponent in "Skyfall".
The paths to hacking are different, Beau Woods describes his as follows: "In college, people sometimes do things that annoy, and then you just want to wipe out their computers." The American works for think tanks and his NGO "i am the cavalry", which is supposed to bring hackers together with the rest of society. The black hoodie, he assures the meeting at the digital conference SXSW in Austin, he only wears ironically. It was his speciality to suddenly let foreign CD-Rom drives open from a distance.
In Germany, the Chaos Computer Club (CCC) has been making a name for itself as a group of experts since the 1980s. A decisive experience for the Federal Republic of Germany is the so-called KGB hack, which became public in 1989: A group from Hanover sold information from US-American servers to the Soviet secret service. A television program spoke of the "biggest espionage case since Guillaume", even though the information sold was anything but explosive. In public perception, however, fears of a networked world have since been linked to the practices of hackers, explains historian Erdogan.
In contrast, the actions of the "white hats", the hackers on the bright side who, unlike criminal "black hats", do not want to harm anyone, are fading. During the 1984 BTX hack, CCC members were able to access the Hamburger Sparkasse and theoretically make it about 135,000 marks easier. Theoretically, because the CCC kept the hacking largely in legal tracks and emphasized the social responsibility of the scene. The members come from an alternative left-wing milieu, from the civil rights and peace movement, which are actually considered critical of technology. But they fear the surveillance state and oppose, for example, the telecommunications monopoly of the Federal Post Office, says Erdogan.
Hacking is also taking place in the GDR. While more than three million home computers and consoles were sold in West Germany in 1986, they were rare in socialist Germany. The imported Western technology was expensive, there were only a few GDR models. The largest and best known club was the one in the House of Young Talents in East Berlin. In 1987 there were two Commodore 64 and one Atari 130 XL. The Stasi supervised the meetings, says Erdogan. Private online communication was not possible in the GDR.
For Beau Woods, hackers trigger a primeval fear of industrial society
In the 21st century, culture's detachment from the state and idealism are put to the test. Blackmailing software that cripples victims' computers until they pay is becoming increasingly lucrative. Facebook and Google offer the best experts astronomical sums to protect their products. At the most important hacker conference, the Black Hat in Las Vegas, NSA agents bring along an Enigma machine from the Wehrmacht. They wanted to bait and recruit hackers through their love of encryption and decryption.
A decisive experience for the Federal Republic: the so-called KGB Hack
Hackers in fictitious works today are above all gloomy, like Elliot Alderson (Rami Malek), who sabotages an overpowering corporation in Mr Robot as a torn drug addict. Thanks to advisors from the scene, the series is one of the few depictions with which experts are satisfied: with digital attack techniques that really exist and without squeaky colorful visualizations of computer viruses. Assange himself probably inspired the figure of the sex-fixed transparency guru Andreas Wolf in Jonathan Franzens novel "Innocence", and James Bond's opponent in "Skyfall".
The paths to hacking are different, Beau Woods describes his as follows: "In college, people sometimes do things that annoy, and then you just want to wipe out their computers." The American works for think tanks and his NGO "i am the cavalry", which is supposed to bring hackers together with the rest of society. The black hoodie, he assures the meeting at the digital conference SXSW in Austin, he only wears ironically. It was his speciality to suddenly let foreign CD-Rom drives open from a distance.
In Germany, the Chaos Computer Club (CCC) has been making a name for itself as a group of experts since the 1980s. A decisive experience for the Federal Republic of Germany is the so-called KGB hack, which became public in 1989: A group from Hanover sold information from US-American servers to the Soviet secret service. A television program spoke of the "biggest espionage case since Guillaume", even though the information sold was anything but explosive. In public perception, however, fears of a networked world have since been linked to the practices of hackers, explains historian Erdogan.
In contrast, the actions of the "white hats", the hackers on the bright side who, unlike criminal "black hats", do not want to harm anyone, are fading. During the 1984 BTX hack, CCC members were able to access the Hamburger Sparkasse and theoretically make it about 135,000 marks easier. Theoretically, because the CCC kept the hacking largely in legal tracks and emphasized the social responsibility of the scene. The members come from an alternative left-wing milieu, from the civil rights and peace movement, which are actually considered critical of technology. But they fear the surveillance state and oppose, for example, the telecommunications monopoly of the Federal Post Office, says Erdogan.
Hacking is also taking place in the GDR. While more than three million home computers and consoles were sold in West Germany in 1986, they were rare in socialist Germany. The imported Western technology was expensive, there were only a few GDR models. The largest and best known club was the one in the House of Young Talents in East Berlin. In 1987 there were two Commodore 64 and one Atari 130 XL. The Stasi supervised the meetings, says Erdogan. Private online communication was not possible in the GDR.
For Beau Woods, hackers trigger a primeval fear of industrial society
In the 21st century, culture's detachment from the state and idealism are put to the test. Blackmailing software that cripples victims' computers until they pay is becoming increasingly lucrative. Facebook and Google offer the best experts astronomical sums to protect their products. At the most important hacker conference, the Black Hat in Las Vegas, NSA agents bring along an Enigma machine from the Wehrmacht. They wanted to bait and recruit hackers through their love of encryption and decryption.
For Beau Woods, hackers trigger a primal fear of industrial society. They are the opponents of the established heroes of modernity: "Scientists and engineers tame nature, of which humans have always been afraid. Thousands of years ago, the king of the Assyrians is said to have gone into the wilderness and killed lions because humans killed them. Later, engineers would have built roads through nature and put them in order with machines. "But now there are people, hackers, who can manipulate the machines of the engineers at will, let them do their will." That irritates people. Woods says others see him like this: "The wizards have created the smartphone, but you surpass them because you can break into what they have created."
Those who have such abilities can afford a bit of arrogance. The punch line at the end of the groundbreaking "Hacker Manifesto" of 1986 is: "My crime is that I'm smarter than you, which you'll never forgive me for." A sentence like an autobiography of Julian Assange.
https://www.sueddeutsche.de/digital/julian-assange-hacker-it-sicherheit-1.4467914
#FreeAssange
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Those who have such abilities can afford a bit of arrogance. The punch line at the end of the groundbreaking "Hacker Manifesto" of 1986 is: "My crime is that I'm smarter than you, which you'll never forgive me for." A sentence like an autobiography of Julian Assange.
https://www.sueddeutsche.de/digital/julian-assange-hacker-it-sicherheit-1.4467914
#FreeAssange
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
πΊ Unboxing Social Data Algorithms - #facebook #tracking #exposed
Today I want to talk about a project named ALEX, which is the acronym for Algorithm Exposed, and one of its first output: a tool for scientific analysis of the social network personalisation algorithm, that we call fbtrex, Facebook-tracking-exposed. It works by collecting what Facebook sends to you, as your timeline. Because is personalised, it can be obtained as evidence and used to understand the algorithm logic.
πΊ Claudio Agosti @ transmediale 2019b #video #podcast
https://2019.transmediale.de/content/affects-ex-machina-unboxing-social-data-algorithms
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Today I want to talk about a project named ALEX, which is the acronym for Algorithm Exposed, and one of its first output: a tool for scientific analysis of the social network personalisation algorithm, that we call fbtrex, Facebook-tracking-exposed. It works by collecting what Facebook sends to you, as your timeline. Because is personalised, it can be obtained as evidence and used to understand the algorithm logic.
πΊ Claudio Agosti @ transmediale 2019b #video #podcast
https://2019.transmediale.de/content/affects-ex-machina-unboxing-social-data-algorithms
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
FOTN_2018_Final Booklet_11_1_2018.pdf
8.4 MB
Freedom on the Net 2018
The Rise of Digital Authoritarianism
This booklet is a summary of findings for the 2018 edition of Freedom on the Net. Narrative reports of the 65 countries assessed in this yearβs study and a full list of contributors can be found on our website at www.freedomonthenet.org
https://freedomhouse.org/sites/default/files/FOTN_2018_Final%20Booklet_11_1_2018.pdf
#thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
The Rise of Digital Authoritarianism
This booklet is a summary of findings for the 2018 edition of Freedom on the Net. Narrative reports of the 65 countries assessed in this yearβs study and a full list of contributors can be found on our website at www.freedomonthenet.org
https://freedomhouse.org/sites/default/files/FOTN_2018_Final%20Booklet_11_1_2018.pdf
#thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Forwarded from cRyPtHoNβ’ INFOSEC (DE)
πΊ Error 451: Unavailable for leagl reasons - Jetzt im Livestream - Gulaschprogrammiernacht 19
Die GPN ist ein vom Entropia e. V. β Chaos Computer Club (CCC) veranstalteter Kongress, der sich als eine Hackveranstaltung mit dem Fokus auf Programmieren, Basteln und kreatives Schaffen versteht. WΓ€hrend die KonferenzteilnehmerInnen an ihren Projekten arbeiten und Ideen austauschen, kΓΆnnen sich interessierte GΓ€ste in lockerer AtmosphΓ€re ΓΌber diese informieren und die VortrΓ€ge besuchen. Der Schwerpunkt liegt im Bereich IT/Technik, aber auch andere Themenbereichen wie Gesellschaft, Kunst oder Philosophie werden angesprochen. Der Name ist Programm: Es wird Gulasch in groΓen Mengen gereicht.
πΊ Error 451 #CCC #Video #Livestream
https://streaming.media.ccc.de/gpn19/medientheater
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Die GPN ist ein vom Entropia e. V. β Chaos Computer Club (CCC) veranstalteter Kongress, der sich als eine Hackveranstaltung mit dem Fokus auf Programmieren, Basteln und kreatives Schaffen versteht. WΓ€hrend die KonferenzteilnehmerInnen an ihren Projekten arbeiten und Ideen austauschen, kΓΆnnen sich interessierte GΓ€ste in lockerer AtmosphΓ€re ΓΌber diese informieren und die VortrΓ€ge besuchen. Der Schwerpunkt liegt im Bereich IT/Technik, aber auch andere Themenbereichen wie Gesellschaft, Kunst oder Philosophie werden angesprochen. Der Name ist Programm: Es wird Gulasch in groΓen Mengen gereicht.
πΊ Error 451 #CCC #Video #Livestream
https://streaming.media.ccc.de/gpn19/medientheater
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
πΊ The Dark History of the Minimum Wage
Thereβs something strange about the idea of a minimum wage. Itβs one of those subjects that everyone has a strong opinion about, even if they have no idea what makes actual economic sense. But perhaps the most surprising thing of all is that the minimum wage has a dirty secret that most economists donβt want you to know about. Today we explore The Dark History of the Minimum Wage.
πΊ https://www.corbettreport.com/the-dark-history-of-the-minimum-wage/
#corbettreport #why #video #podcast
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Thereβs something strange about the idea of a minimum wage. Itβs one of those subjects that everyone has a strong opinion about, even if they have no idea what makes actual economic sense. But perhaps the most surprising thing of all is that the minimum wage has a dirty secret that most economists donβt want you to know about. Today we explore The Dark History of the Minimum Wage.
πΊ https://www.corbettreport.com/the-dark-history-of-the-minimum-wage/
#corbettreport #why #video #podcast
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
This media is not supported in your browser
VIEW IN TELEGRAM
Audit-Protokoll-Analysis with Palantir Gotham
πΊ https://archive.org/details/youtube-i4f381YNQdQ
#BigData #surveillance #police #eu #palantir #software #gotham #peterthiel #ebay
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
πΊ https://archive.org/details/youtube-i4f381YNQdQ
#BigData #surveillance #police #eu #palantir #software #gotham #peterthiel #ebay
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Two keys for all eventualities - Nitrokey (Part1)
1. increased safety requirements
The protection of digital identity is more important today than ever. Stolen online accounts can cause considerable damage if they are stolen and left in the wrong hands. At the same time, the number of data breaches is rising steadily - hardly a week goes by without at least one database of stolen accounts (user name and password) appearing somewhere on the Internet. In the worst case, the provider concerned did not protect the user passwords used or only inadequately protected them with a (cryptographic) hash function that was considered insecure.
Too often secret information falls into the wrong hands and the checking system cannot recognize whether Hildegard MΓΌller is actually Hildegard MΓΌller or whether her account data is being misused by a third party. A remedy against account misuse is to check additional properties or information via two-factor authentication (2FA), which is also controlled by so-called security tokens.
Security tokens or USB security sticks (Security Keys), however, offer other functions in addition to the 2FA that can contribute to increasing (personal) security. Among other things, the private key for e-mail or hard disk encryption can be securely stored on the stick. Such and other application scenarios are presented in the article series "Nitrokey" using the Nitrokey as an example.
2nd Nitrokey
Nitrokey is an open-source USB stick that enables secure encryption and signing of data, among other things. Depending on the Nitrokey version, such a USB stick supports different application scenarios:
ππΌ S/MIME email and disk encryption (X.509, PKCS#11)
ππΌ OpenPGP/GnuPG Email Encryption
ππΌ Login or authentication via two-factor authentication
ππΌ One-Time-Password (English)
ππΌ Universal Second Factor (U2F) via FIDO-Standard
ππΌ Integrated password manager
ππΌ Encrypted storage space on the USB stick (+Hidden Volumes)
ππΌ Possibility to update the firmware
The Nitrokey variants also differed in the supported cryptosystems, key lengths and Co..:
ππΌ RSA key lengths from 1024 - 4096 bits
ππΌ ECC key length from 192 - 521 bit
ππΌ Number of key pairs that can be stored on the stick 3 / 38
ππΌ Elliptical curve algorithms NIST P, Brainpool, Curve25519 and SECG/Koblitz
β οΈ Advice:
Only the Nitrokey Start controls the elliptical curve Curve25519, which is one of the SaveCurves - the only curve where the choice of curve is completely transparent and therefore back doors can practically be excluded.
The purpose of such a nitrokey is, apart from the 2FA, the secure storage of the secret or private (RSA) key. This is protected against loss or theft by a tamper-proof smartcard (+user pin). In practice, this means that the private key does not leave the secure environment and all crypto operations (encryption, decryption, authentication, etc.) using the private key are performed on the smart card or stick. Ideally, the private key cannot be read by malware and can even withstand physical attacks.
Both hardware and software of the Nitrokey are open source. The keys are supported by Windows, Linux and macOS.
2.1 Nitrokey Storage 2 and Nitrokey FIDO U2F
For this article series I use two Keys:
ππΌ Nitrokey Storage 2 (16 GB)
ππΌ Nitrokey FIDO U2F
Why two Keys? Because so far only the Nitrokey FIDO U2F supports the 2FA via FIDO U2F, which I would like to introduce in the article series as well. For most users a combination of Nitrokey Pro 2 and Nitrokey FIDO U2F will be sufficient. In case of doubt you should check again which application scenarios are suitable for you and then purchase the appropriate key(s).
2.2 YubiKey vs. Nitrokey
Nitrokey is located in Germany, Berlin. YubiKey was originally founded in Sweden in 2007 and is now based in Silicon Valley, USA. Unlike the Nitrokey, the hardware of the YubiKey is not open source. This does not mean per se that YubiKeys are generally insecure or not trustworthy, but it does mean:
1. increased safety requirements
The protection of digital identity is more important today than ever. Stolen online accounts can cause considerable damage if they are stolen and left in the wrong hands. At the same time, the number of data breaches is rising steadily - hardly a week goes by without at least one database of stolen accounts (user name and password) appearing somewhere on the Internet. In the worst case, the provider concerned did not protect the user passwords used or only inadequately protected them with a (cryptographic) hash function that was considered insecure.
Too often secret information falls into the wrong hands and the checking system cannot recognize whether Hildegard MΓΌller is actually Hildegard MΓΌller or whether her account data is being misused by a third party. A remedy against account misuse is to check additional properties or information via two-factor authentication (2FA), which is also controlled by so-called security tokens.
Security tokens or USB security sticks (Security Keys), however, offer other functions in addition to the 2FA that can contribute to increasing (personal) security. Among other things, the private key for e-mail or hard disk encryption can be securely stored on the stick. Such and other application scenarios are presented in the article series "Nitrokey" using the Nitrokey as an example.
2nd Nitrokey
Nitrokey is an open-source USB stick that enables secure encryption and signing of data, among other things. Depending on the Nitrokey version, such a USB stick supports different application scenarios:
ππΌ S/MIME email and disk encryption (X.509, PKCS#11)
ππΌ OpenPGP/GnuPG Email Encryption
ππΌ Login or authentication via two-factor authentication
ππΌ One-Time-Password (English)
ππΌ Universal Second Factor (U2F) via FIDO-Standard
ππΌ Integrated password manager
ππΌ Encrypted storage space on the USB stick (+Hidden Volumes)
ππΌ Possibility to update the firmware
The Nitrokey variants also differed in the supported cryptosystems, key lengths and Co..:
ππΌ RSA key lengths from 1024 - 4096 bits
ππΌ ECC key length from 192 - 521 bit
ππΌ Number of key pairs that can be stored on the stick 3 / 38
ππΌ Elliptical curve algorithms NIST P, Brainpool, Curve25519 and SECG/Koblitz
β οΈ Advice:
Only the Nitrokey Start controls the elliptical curve Curve25519, which is one of the SaveCurves - the only curve where the choice of curve is completely transparent and therefore back doors can practically be excluded.
The purpose of such a nitrokey is, apart from the 2FA, the secure storage of the secret or private (RSA) key. This is protected against loss or theft by a tamper-proof smartcard (+user pin). In practice, this means that the private key does not leave the secure environment and all crypto operations (encryption, decryption, authentication, etc.) using the private key are performed on the smart card or stick. Ideally, the private key cannot be read by malware and can even withstand physical attacks.
Both hardware and software of the Nitrokey are open source. The keys are supported by Windows, Linux and macOS.
2.1 Nitrokey Storage 2 and Nitrokey FIDO U2F
For this article series I use two Keys:
ππΌ Nitrokey Storage 2 (16 GB)
ππΌ Nitrokey FIDO U2F
Why two Keys? Because so far only the Nitrokey FIDO U2F supports the 2FA via FIDO U2F, which I would like to introduce in the article series as well. For most users a combination of Nitrokey Pro 2 and Nitrokey FIDO U2F will be sufficient. In case of doubt you should check again which application scenarios are suitable for you and then purchase the appropriate key(s).
2.2 YubiKey vs. Nitrokey
Nitrokey is located in Germany, Berlin. YubiKey was originally founded in Sweden in 2007 and is now based in Silicon Valley, USA. Unlike the Nitrokey, the hardware of the YubiKey is not open source. This does not mean per se that YubiKeys are generally insecure or not trustworthy, but it does mean:
ππΌ no independent check of the source code / implementation possible
ππΌ thus only limited possibility to check for rear doors or security gaps
According to my understanding of IT security, I would not entrust highly sensitive information such as the private, secret (RSA) key to any proprietary hardware if possible - if alternatives are available. And these are available, because the Nitrokey is based on open source software and hardware. The YubiKey's advantages include its lower purchase price and the ability to communicate wirelessly via NFC. However, when it comes to security issues and the relatively small price differences, the cost argument should not play a serious role. The possibility to communicate via NFC may be practical, but personally I see it as a possible attack vector.
If one compares the websites of both providers with Webbkoll, the following picture emerges:
ππΌ YubiKey website: 11 cookies, 37 external requests to 21 different third party sources
ππΌ Google Doubleclick (Advertising)
ππΌ Google Analytics (Tracking)
ππΌ Hotjar (Analytik)
ππΌ Google Fonts (Fonts)
ππΌ ...(....)
ππΌ Nitrokey website: 3 cookies, 1 request to a third party source
ππΌ Bootstrap (font)
If someone advertises a service or product in the area of IT security / data protection / privacy etc., but already puts his own website in the sand like YubiKey, then this does not leave a good impression. The responsible persons do not seem to be aware of the risks for the security and privacy of a visitor, which can be associated with the integration of externally hosted content such as JavaScript code. I would even go so far as to say that there is simply a lack of competence and awareness here. The external image of the company is of course only one thing and ultimately this does not have to have a negative effect on the YubiKeys themselves. However, the external image is also a kind of business card and YubiKey doesn't look good here.
Ultimately, of course, everyone has to decide for themselves which manufacturer they trust and which application scenarios should be implemented in practice. Personally, I have opted for Nitrokey's open source solution, which I have been using for years.
E-mail encryption:
Using OpenPGP/GnuPG, it is possible to encrypt or sign e-mails. For this purpose, an RSA key pair (4096 bit) is created and the advantages and disadvantages of key generation directly on the nitrokey are also discussed. The Nitrokey is then integrated into the Thunderbird e-mail client.
OpenSSH public key authentication:
The newly created RSA key pair can also be used for authentication for SSH access to a root server. The public part of the keys is stored on the server and both client and server are configured.
Secure web login via two-factor authentication (2FA):
Authentication on web pages / services is possible via an additional factor using various procedures. Common are one-time passwords (OTP / TOTP) and FIDO U2F. The website USB-Dongle-Auth lists services that support OTP, FIDO U2F or new methods like FIDO2. I will present OTP and FIDO U2F as part of the article series.
Android connection:
The Nitrokey can also be used in combination with an Android smartphone. This requires a USB OTG enabled Android device and a USB OTG cable to connect the Nitrokey to the device. For this scenario I have purchased a USB OTG cable for my Android test device and will demonstrate how email encryption using OpenPGP/GnuPG is done using OpenKeychain and K-9 Mail - the private key should never be placed in the context of the insecure smartphone environment.
β οΈ Advice:
Maybe I will present further application scenarios (hardware-encrypted mass storage, password manager). At the moment the four mentioned scenarios are planned.
ππΌ thus only limited possibility to check for rear doors or security gaps
According to my understanding of IT security, I would not entrust highly sensitive information such as the private, secret (RSA) key to any proprietary hardware if possible - if alternatives are available. And these are available, because the Nitrokey is based on open source software and hardware. The YubiKey's advantages include its lower purchase price and the ability to communicate wirelessly via NFC. However, when it comes to security issues and the relatively small price differences, the cost argument should not play a serious role. The possibility to communicate via NFC may be practical, but personally I see it as a possible attack vector.
If one compares the websites of both providers with Webbkoll, the following picture emerges:
ππΌ YubiKey website: 11 cookies, 37 external requests to 21 different third party sources
ππΌ Google Doubleclick (Advertising)
ππΌ Google Analytics (Tracking)
ππΌ Hotjar (Analytik)
ππΌ Google Fonts (Fonts)
ππΌ ...(....)
ππΌ Nitrokey website: 3 cookies, 1 request to a third party source
ππΌ Bootstrap (font)
If someone advertises a service or product in the area of IT security / data protection / privacy etc., but already puts his own website in the sand like YubiKey, then this does not leave a good impression. The responsible persons do not seem to be aware of the risks for the security and privacy of a visitor, which can be associated with the integration of externally hosted content such as JavaScript code. I would even go so far as to say that there is simply a lack of competence and awareness here. The external image of the company is of course only one thing and ultimately this does not have to have a negative effect on the YubiKeys themselves. However, the external image is also a kind of business card and YubiKey doesn't look good here.
Ultimately, of course, everyone has to decide for themselves which manufacturer they trust and which application scenarios should be implemented in practice. Personally, I have opted for Nitrokey's open source solution, which I have been using for years.
E-mail encryption:
Using OpenPGP/GnuPG, it is possible to encrypt or sign e-mails. For this purpose, an RSA key pair (4096 bit) is created and the advantages and disadvantages of key generation directly on the nitrokey are also discussed. The Nitrokey is then integrated into the Thunderbird e-mail client.
OpenSSH public key authentication:
The newly created RSA key pair can also be used for authentication for SSH access to a root server. The public part of the keys is stored on the server and both client and server are configured.
Secure web login via two-factor authentication (2FA):
Authentication on web pages / services is possible via an additional factor using various procedures. Common are one-time passwords (OTP / TOTP) and FIDO U2F. The website USB-Dongle-Auth lists services that support OTP, FIDO U2F or new methods like FIDO2. I will present OTP and FIDO U2F as part of the article series.
Android connection:
The Nitrokey can also be used in combination with an Android smartphone. This requires a USB OTG enabled Android device and a USB OTG cable to connect the Nitrokey to the device. For this scenario I have purchased a USB OTG cable for my Android test device and will demonstrate how email encryption using OpenPGP/GnuPG is done using OpenKeychain and K-9 Mail - the private key should never be placed in the context of the insecure smartphone environment.
β οΈ Advice:
Maybe I will present further application scenarios (hardware-encrypted mass storage, password manager). At the moment the four mentioned scenarios are planned.
4. conclusion
Securing your online accounts through (reasonable) two-factor authentication (2FA) is an essential contribution to protecting your digital identity. This is possible, for example, with the Nitrokey Security Stick, which also supports a whole range of other application scenarios. Unfortunately, there is currently no Nitrokey that offers the functions of a Nitrokey Pro 2 and also combines FIDO U2F / FIDO 2 in a single key.
In the next part of the article series we will put the Nitrokey Storage 2 (alternative Nitrokey Pro 2) into operation for the first time and generate a 4096-bit RSA key pair, which we can later use for different application scenarios such as e-mail encryption or OpenSSH public key authentication.
Source and more info:
https://www.kuketz-blog.de/zwei-schluessel-fuer-alle-faelle-nitrokey-teil1/
#Nitrokey #SecurityKeys #usb #guide #kuketz #part1
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Securing your online accounts through (reasonable) two-factor authentication (2FA) is an essential contribution to protecting your digital identity. This is possible, for example, with the Nitrokey Security Stick, which also supports a whole range of other application scenarios. Unfortunately, there is currently no Nitrokey that offers the functions of a Nitrokey Pro 2 and also combines FIDO U2F / FIDO 2 in a single key.
In the next part of the article series we will put the Nitrokey Storage 2 (alternative Nitrokey Pro 2) into operation for the first time and generate a 4096-bit RSA key pair, which we can later use for different application scenarios such as e-mail encryption or OpenSSH public key authentication.
Source and more info:
https://www.kuketz-blog.de/zwei-schluessel-fuer-alle-faelle-nitrokey-teil1/
#Nitrokey #SecurityKeys #usb #guide #kuketz #part1
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Prevent the Online Ad Industry from Misusing Your Data - Join the #StopSpyingOnUs Campaign
Liberties has organised a series of complaints across Europe to call the attention of national data protection offices to the risks of the behavioural advertising industry. Join us and send your complaint to defend privacy of Europeans together.
https://www.liberties.eu/en/campaigns/stop-spying-on-us-fix-ad-tech-campaign/307
#StopSpyingOnUs
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Liberties has organised a series of complaints across Europe to call the attention of national data protection offices to the risks of the behavioural advertising industry. Join us and send your complaint to defend privacy of Europeans together.
https://www.liberties.eu/en/campaigns/stop-spying-on-us-fix-ad-tech-campaign/307
#StopSpyingOnUs
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
πΊ The Adtech Crisis and Disinformation - how real-time bidding works
Dr Johnny Ryan's speech at the European Data Protection Supervisor's 2019 conference on disinformation
πΊ https://vimeo.com/317245633 #adtech #disinformation #video #podcast
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Dr Johnny Ryan's speech at the European Data Protection Supervisor's 2019 conference on disinformation
πΊ https://vimeo.com/317245633 #adtech #disinformation #video #podcast
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
This media is not supported in your browser
VIEW IN TELEGRAM
Videos show police violence at Vienna Climate Demo
The policemen are said to have carried out a mock execution - a method of torture that causes the victim mortal fear. In fact, the videos show a person almost being run over by a police car.
The arrested person is fixed by two policemen. They then push him under an emergency vehicle - the head only a few centimetres away from the left rear wheel of the car.
Shortly afterwards, the car leaves. The policemen pull the person out under the vehicle at the last second. Not much is missing and the head of the person lying on the ground would have been rolled over.
http://www.tagesschau.de/faktenfinder/polizeigewalt-113.html
https://mobile.twitter.com/florianklenk/status/1135947374306705410
https://www.welt.de/politik/ausland/article194794581/Oesterreich-Videos-zeigen-Polizeigewalt-bei-Wiener-Klima-Demo.html
#vienna #police #violence #climate #demo
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
The policemen are said to have carried out a mock execution - a method of torture that causes the victim mortal fear. In fact, the videos show a person almost being run over by a police car.
The arrested person is fixed by two policemen. They then push him under an emergency vehicle - the head only a few centimetres away from the left rear wheel of the car.
Shortly afterwards, the car leaves. The policemen pull the person out under the vehicle at the last second. Not much is missing and the head of the person lying on the ground would have been rolled over.
http://www.tagesschau.de/faktenfinder/polizeigewalt-113.html
https://mobile.twitter.com/florianklenk/status/1135947374306705410
https://www.welt.de/politik/ausland/article194794581/Oesterreich-Videos-zeigen-Polizeigewalt-bei-Wiener-Klima-Demo.html
#vienna #police #violence #climate #demo
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
AVARE - Tamed Data Octopuses
The consumer, often unintentionally, becomes a data source. Researchers from Karlsruhe have developed software that gives users control over their personal data.
Download and more info:
https://avare.app/
https://projects.aifb.kit.edu/avare/Avare_App_Installation.pdf
GitHub:
https://github.com/privacy-avare/PRIVACY-AVARE
#avare #userdata #privacy #protection #android #app #opensource #video
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
The consumer, often unintentionally, becomes a data source. Researchers from Karlsruhe have developed software that gives users control over their personal data.
Download and more info:
https://avare.app/
https://projects.aifb.kit.edu/avare/Avare_App_Installation.pdf
GitHub:
https://github.com/privacy-avare/PRIVACY-AVARE
#avare #userdata #privacy #protection #android #app #opensource #video
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Error 451 - Analyzing the eMail Tracking Ecosystem
Online tracking is not exclusive to websites, but also widespread in eMails. We built an open platform to detect eMail tracking, and we'd like to show some results and invite you to participate.
These days, tracking on websites is old news - we all know that it is happening, and we have our established defenses like ad blockers. However, website-based tracking tells only half the story, because many companies also track their eMails to see if you open them, and if you click any links. This area of online privacy has been mostly overlooked in the past, and not a lot of defenses exist.
πΊ Error 451 #CCC #eMail #tracking #Video
https://media.ccc.de/v/gpn19-59-analyzing-the-email-tracking-ecosystem
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Online tracking is not exclusive to websites, but also widespread in eMails. We built an open platform to detect eMail tracking, and we'd like to show some results and invite you to participate.
These days, tracking on websites is old news - we all know that it is happening, and we have our established defenses like ad blockers. However, website-based tracking tells only half the story, because many companies also track their eMails to see if you open them, and if you click any links. This area of online privacy has been mostly overlooked in the past, and not a lot of defenses exist.
πΊ Error 451 #CCC #eMail #tracking #Video
https://media.ccc.de/v/gpn19-59-analyzing-the-email-tracking-ecosystem
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN