Fallback build with Yalp's Token Dispenser, while I fix mine !

Librem One by Purism Wants to Help De-Google Your Life

https://www.omgubuntu.co.uk/2019/04/purism-privacy-android-ios-apps

https://librem.one

#librem #libremone #alternatives

Not Managing Open Source Opens Door for Hackers

Organizations continue to face challenges with managing open source risk, according to a new report published today by published today by Synopsys Cybersecurity Research Center (CyRC).

The annual Open Source Security and Risk Analysis (OSSRA) Report, analyzed the anonymized data of over 1,200 commercial codebases from 2018 and found that 96% contained open source components, with an average of 298 open source components per codebase. The results reflect an increase from the number of codebases in 2017, which was only 257.
https://www.infosecurity-magazine.com/news/not-managing-open-source-opens-1/

Read Via Telegram

📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN

/e/

A pro-privacy Android ROM and online services

https://gitlab.e.foundation/e/wiki/en/wikis/e-product-description-pro-privacy-Android-ROM-and-online-services

@mydataismydata

https://e.foundation

Analysis of /e/ by infosec-handbook:
https://infosec-handbook.eu/blog/e-foundation-first-look

Response by Gaël Duval:
https://hackernoon.com/leaving-apple-google-how-is-e-actually-google-free-1ba24e29efb9

Another critic: ewwlo.xyz

#e #/e/ #rom #services

Goolag adds buttons for a false sense of security

Introducing auto-delete controls for your Location History and activity data

https://www.blog.google/technology/safety-security/automatically-delete-data/

#google #location #history

A doorbell company owned by Amazon wants to start producing “crime news” and it’ll definitely end well
Because what good is a panopticon if you can’t generate some clicks?

With "Ring" Amazon manufactures intercoms with video function. So far, so good. Now the company wants to turn the recorded material directly and indirectly into money and is setting up its own media department. This department will probably process the most exciting recordings in the well-known reality TV style and bring them to the people with a "journalistic" touch. Practical side effect: Ring has a suitable offer for those who are afraid of the videos.

https://www.niemanlab.org/2019/04/a-doorbell-company-owned-by-amazon-wants-to-start-producing-crime-news-and-itll-definitely-end-well/

The Doorbell Company That’s Selling Fear: Amazon-owned Ring is hiring editors to push local crime news to its users
https://www.theatlantic.com/ideas/archive/2019/05/amazon-owned-ring-wants-report-crime-news/588394/


📡 @NoGoolag
#Ring #amazon #DeleteAmazon #doorbell #crimenews #realityTV #why

Criminals are hiding in Telegram – but backdoors are not the answer

When it comes to an easy life, the criminals behind the fearful Anubis banking malware have become big fans of Twitter and, increasingly, the secure messaging of Telegram.

There’s nothing new in malware piggybacking on popular services but why Twitter and Telegram, and is the recent migration to secure messaging significant?
https://nakedsecurity.sophos.com/2019/05/03/criminals-are-hiding-in-telegram-but-backdoors-are-not-the-answer/

Read Via Telegram

📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN

ACLU: Border Agents Violate Constitution When They Search Electronic Devices

The American Civil Liberties Union says it has uncovered new evidence that federal border agents are violating the Constitution when they search travelers' electronic devices.

The ACLU, along with the Electronic Frontier Foundation, sued the federal government in 2017, alleging that its "warrantless and suspicionless searches" of electronic devices at the U.S. ports of entry violated the First and Fourth amendments. Lawyers now say that, through depositions of border agents, they have learned that the scope of the warrantless searches has expanded far beyond the mere enforcement of immigration and customs laws.
https://www.npr.org/2019/05/02/719337356/aclu-border-agents-violate-constitution-when-they-search-electronic-devices

Read Via Telegram

📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN

Tutanota launches Secure Connect, an encrypted contact form, to support Press Freedom. Secure Connect is an open source encrypted communication tool which lets people communicate with the representative of a website securely and anonymously.

https://tutanota.com/blog/posts/tutanota-launches-secure-connect-encrypted-contact-form


#secureconnect #tutanota #press

If you are having issues with extensions in your Firefox getting disabled, there was an issue with the signing certificate of Mozilla. They have already sent out a patch for that, but it requires you to enable Studies (privacy issue!!).

To bypass that, you can install the patch directly from the link below

https://storage.googleapis.com/moz-fx-normandy-prod-addons/extensions/hotfix-update-xpi-intermediate%40mozilla.com-1.0.2-signed.xpi

——————

Sources

[0] https://news.ycombinator.com/item?id=19826903
[1] https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/comment-page-6/#comment-226171
[2] https://normandy.cdn.mozilla.net/api/v1/recipe/

Alternative way:

Go to: https://normandy.cdn.mozilla.net/api/v1/recipe/

there, search "Update XPI signing intermediate" and you find the addonUrl parameter with the link to the XPI

Aurora Store

Aurora Store is an UnOfficial FOSS client to Google's Play Store, with an elegant design, using Aurora you can download apps,
update existing apps, search for apps, get details about in-app trackers and much more.

You can also Spoof your Device Information, Language and Region to get access to the apps that are not yet available
or restricted in your Country|Device.

Aurora Store does not require Google's Proprietary Framework (Spyware ?) to operate, it works perfectly fine with
or without GooglePlayService or MicroG. Thereby avoding the various concerned *userdata & privacy issues.

📖 Readme
https://gitlab.com/AuroraOSS/AuroraStore/blob/master/README.md

🗣 Telegram Group:
t.me/AuroraSupport

📡 Releases Channel:
t.me/AuroraOfficial

XDA:
https://forum.xda-developers.com/android/apps-games/galaxy-playstore-alternative-t3739733

4PDA
https://4pda.ru/forum/index.php?showtopic=887569


⬇️ Downloads:
- Join the telegram group for the most recent alpha and beta builds

F-Droid
https://f-droid.org/app/com.aurora.store

XDA Labs
https://labs.xda-developers.com/store/app/com.aurora.store

Nightly builds
(Not recomended for daily use)
http://auroraoss.com/Nightly


🌍 How to use GeoSpoof to download apps that are not available in your region
https://telegra.ph/Aurora-Store-GeoSpoof-08-13

📝 Translations:
https://poeditor.com/join/project/54swaCpFXJ

⌨️ Source Code:
https://gitlab.com/AuroraOSS/AuroraStore


📡 @NoGoolag
#aurora #store #playstore #alternative #yalp

Magisk developer John Wu picks up internship at Apple

Among Android root and ROM enthusiasts, the name John Wu is well-known, being attached to the developer responsible for Magisk. Wu's systemless root solution has had a blistering development pace, repeatedly beating Google when it comes to the cat and mouse game imposed by SafetyNet and other system changes. But today the 23-year-old developer has announced a surprising career move: He's going to be an intern at Apple for the next four months.

It's fairly astounding that Google didn't try to snap him up, given both his deep familiarity with the platform and his well-recognized status among the Android enthusiast development community. Google's loss is Apple's gain, though.

https://www.androidpolice.com/2019/05/04/magisk-developer-john-wu-picks-up-internship-at-apple/

📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN

Please vote NO in this poll from @itsrevengeos / @RevengeOSNews

All roms should be spyware free.
Let masochism be opt-in, not by default.

Brave: Browser with its own advertising concept

I often hear the question why I don't recommend the Brave Browser and why I don't participate in the Brave Rewards program. First of all, the browser is based on Chrome - that's enough for me to avoid it as much as possible. Browsers based on Chrome are usually closely linked to Google services. As a user who is sensitive to data protection, I am happy to do without it.

I also find the "advertising concept" unconvincing. The integrated advertising blocker initially prevents advertising from being displayed. Brave then fades in its own advertising, which in the opinion of the developers is "less harmful" and does not make the user traceable on the Internet. For advertising, a fee is to be paid to the user as well as to the advertiser in the form of Basic Attention Tokens (BAT).

Currently, the browser can be operated completely free of advertising - i.e. even without advertising that displays Brave. In the future, this model may be adapted. Who decides then against the Ad Replacement, that must deactivate the integrated advertising blocker. Inevitably this means: In Brave, the user is either shown advertising from the respective website or advertising via the "Ad Replacement" concept. Unlike other browsers, the user cannot completely suppress advertising, for example via Adblocker plug-ins such as uBlock Origin. Whether this will be implemented in this way, however, is still speculation.

Final conclusion: Not recommended

Source:

https://www.kuketz-blog.de/brave-browser-mit-eigenem-werbekonzept/

📡 @NoGoolag
#brave #browser #advertising #kuketz