Forwarded from Rahul Patel
AuroraStore_3.0.4_fallback.apk
6 MB
Fallback build with Yalp's Token Dispenser, while I fix mine !
Librem One by Purism Wants to Help De-Google Your Life
https://www.omgubuntu.co.uk/2019/04/purism-privacy-android-ios-apps
https://librem.one
#librem #libremone #alternatives
https://www.omgubuntu.co.uk/2019/04/purism-privacy-android-ios-apps
https://librem.one
#librem #libremone #alternatives
OMG! Ubuntu!
Librem One Campaign Will De-Google Your Life for $7.99/m
Purism announce a suite of privacy focused mobile apps for Android and iOS devices, including a encrypted VPN and chat client, and a private e-mail service.
Forwarded from cRyPtHoN™ INFOSEC (EN)
Not Managing Open Source Opens Door for Hackers
Organizations continue to face challenges with managing open source risk, according to a new report published today by published today by Synopsys Cybersecurity Research Center (CyRC).
The annual Open Source Security and Risk Analysis (OSSRA) Report, analyzed the anonymized data of over 1,200 commercial codebases from 2018 and found that 96% contained open source components, with an average of 298 open source components per codebase. The results reflect an increase from the number of codebases in 2017, which was only 257.
https://www.infosecurity-magazine.com/news/not-managing-open-source-opens-1/
Read Via Telegram
📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
Organizations continue to face challenges with managing open source risk, according to a new report published today by published today by Synopsys Cybersecurity Research Center (CyRC).
The annual Open Source Security and Risk Analysis (OSSRA) Report, analyzed the anonymized data of over 1,200 commercial codebases from 2018 and found that 96% contained open source components, with an average of 298 open source components per codebase. The results reflect an increase from the number of codebases in 2017, which was only 257.
https://www.infosecurity-magazine.com/news/not-managing-open-source-opens-1/
Read Via Telegram
📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
/e/
A pro-privacy Android ROM and online services
https://gitlab.e.foundation/e/wiki/en/wikis/e-product-description-pro-privacy-Android-ROM-and-online-services
@mydataismydata
https://e.foundation
Analysis of /e/ by infosec-handbook:
https://infosec-handbook.eu/blog/e-foundation-first-look
Response by Gaël Duval:
https://hackernoon.com/leaving-apple-google-how-is-e-actually-google-free-1ba24e29efb9
Another critic: ewwlo.xyz
#e #/e/ #rom #services
A pro-privacy Android ROM and online services
https://gitlab.e.foundation/e/wiki/en/wikis/e-product-description-pro-privacy-Android-ROM-and-online-services
@mydataismydata
https://e.foundation
Analysis of /e/ by infosec-handbook:
https://infosec-handbook.eu/blog/e-foundation-first-look
Response by Gaël Duval:
https://hackernoon.com/leaving-apple-google-how-is-e-actually-google-free-1ba24e29efb9
Another critic: ewwlo.xyz
#e #/e/ #rom #services
Goolag adds buttons for a false sense of security
Introducing auto-delete controls for your Location History and activity data
https://www.blog.google/technology/safety-security/automatically-delete-data/
#google #location #history
Introducing auto-delete controls for your Location History and activity data
https://www.blog.google/technology/safety-security/automatically-delete-data/
#google #location #history
Google
Introducing auto-delete controls for your Location History and activity data
New auto-delete controls to manage your account data.
A doorbell company owned by Amazon wants to start producing “crime news” and it’ll definitely end well
Because what good is a panopticon if you can’t generate some clicks?
With "Ring" Amazon manufactures intercoms with video function. So far, so good. Now the company wants to turn the recorded material directly and indirectly into money and is setting up its own media department. This department will probably process the most exciting recordings in the well-known reality TV style and bring them to the people with a "journalistic" touch. Practical side effect: Ring has a suitable offer for those who are afraid of the videos.
https://www.niemanlab.org/2019/04/a-doorbell-company-owned-by-amazon-wants-to-start-producing-crime-news-and-itll-definitely-end-well/
The Doorbell Company That’s Selling Fear: Amazon-owned Ring is hiring editors to push local crime news to its users
https://www.theatlantic.com/ideas/archive/2019/05/amazon-owned-ring-wants-report-crime-news/588394/
📡 @NoGoolag
#Ring #amazon #DeleteAmazon #doorbell #crimenews #realityTV #why
Because what good is a panopticon if you can’t generate some clicks?
With "Ring" Amazon manufactures intercoms with video function. So far, so good. Now the company wants to turn the recorded material directly and indirectly into money and is setting up its own media department. This department will probably process the most exciting recordings in the well-known reality TV style and bring them to the people with a "journalistic" touch. Practical side effect: Ring has a suitable offer for those who are afraid of the videos.
https://www.niemanlab.org/2019/04/a-doorbell-company-owned-by-amazon-wants-to-start-producing-crime-news-and-itll-definitely-end-well/
The Doorbell Company That’s Selling Fear: Amazon-owned Ring is hiring editors to push local crime news to its users
https://www.theatlantic.com/ideas/archive/2019/05/amazon-owned-ring-wants-report-crime-news/588394/
📡 @NoGoolag
#Ring #amazon #DeleteAmazon #doorbell #crimenews #realityTV #why
Nieman Lab
A doorbell company owned by Amazon wants to start producing “crime news” and it’ll definitely end well
Because what good is a panopticon if you can't generate some clicks?
Forwarded from cRyPtHoN™ INFOSEC (EN)
Criminals are hiding in Telegram – but backdoors are not the answer
When it comes to an easy life, the criminals behind the fearful Anubis banking malware have become big fans of Twitter and, increasingly, the secure messaging of Telegram.
There’s nothing new in malware piggybacking on popular services but why Twitter and Telegram, and is the recent migration to secure messaging significant?
https://nakedsecurity.sophos.com/2019/05/03/criminals-are-hiding-in-telegram-but-backdoors-are-not-the-answer/
Read Via Telegram
📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
When it comes to an easy life, the criminals behind the fearful Anubis banking malware have become big fans of Twitter and, increasingly, the secure messaging of Telegram.
There’s nothing new in malware piggybacking on popular services but why Twitter and Telegram, and is the recent migration to secure messaging significant?
https://nakedsecurity.sophos.com/2019/05/03/criminals-are-hiding-in-telegram-but-backdoors-are-not-the-answer/
Read Via Telegram
📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
Forwarded from cRyPtHoN™ INFOSEC (EN)
ACLU: Border Agents Violate Constitution When They Search Electronic Devices
The American Civil Liberties Union says it has uncovered new evidence that federal border agents are violating the Constitution when they search travelers' electronic devices.
The ACLU, along with the Electronic Frontier Foundation, sued the federal government in 2017, alleging that its "warrantless and suspicionless searches" of electronic devices at the U.S. ports of entry violated the First and Fourth amendments. Lawyers now say that, through depositions of border agents, they have learned that the scope of the warrantless searches has expanded far beyond the mere enforcement of immigration and customs laws.
https://www.npr.org/2019/05/02/719337356/aclu-border-agents-violate-constitution-when-they-search-electronic-devices
Read Via Telegram
📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
The American Civil Liberties Union says it has uncovered new evidence that federal border agents are violating the Constitution when they search travelers' electronic devices.
The ACLU, along with the Electronic Frontier Foundation, sued the federal government in 2017, alleging that its "warrantless and suspicionless searches" of electronic devices at the U.S. ports of entry violated the First and Fourth amendments. Lawyers now say that, through depositions of border agents, they have learned that the scope of the warrantless searches has expanded far beyond the mere enforcement of immigration and customs laws.
https://www.npr.org/2019/05/02/719337356/aclu-border-agents-violate-constitution-when-they-search-electronic-devices
Read Via Telegram
📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
Tutanota launches Secure Connect, an encrypted contact form, to support Press Freedom. Secure Connect is an open source encrypted communication tool which lets people communicate with the representative of a website securely and anonymously.
https://tutanota.com/blog/posts/tutanota-launches-secure-connect-encrypted-contact-form
#secureconnect #tutanota #press
https://tutanota.com/blog/posts/tutanota-launches-secure-connect-encrypted-contact-form
#secureconnect #tutanota #press
Tutanota
Tutanota launches Secure Connect, an encrypted contact form, to support Press Freedom
Secure Connect is an open source encrypted communication tool which lets people communicate with the representative of a website securely and anonymously.
https://www.bleepingcomputer.com/news/software/firefox-addons-being-disabled-due-to-an-expired-certificate/
#ff
#ff
BleepingComputer
Firefox Addons Being Disabled Due to an Expired Certificate
Mozilla Firefox users are discovering that all of their addons were suddenly disabled. It turns out that this is being caused by an expired intermediary certificate used to sign Mozilla addons.
If you are having issues with extensions in your Firefox getting disabled, there was an issue with the signing certificate of Mozilla. They have already sent out a patch for that, but it requires you to enable Studies (privacy issue!!).
To bypass that, you can install the patch directly from the link below
https://storage.googleapis.com/moz-fx-normandy-prod-addons/extensions/hotfix-update-xpi-intermediate%40mozilla.com-1.0.2-signed.xpi
——————
Sources
[0] https://news.ycombinator.com/item?id=19826903
[1] https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/comment-page-6/#comment-226171
[2] https://normandy.cdn.mozilla.net/api/v1/recipe/
To bypass that, you can install the patch directly from the link below
https://storage.googleapis.com/moz-fx-normandy-prod-addons/extensions/hotfix-update-xpi-intermediate%40mozilla.com-1.0.2-signed.xpi
——————
Sources
[0] https://news.ycombinator.com/item?id=19826903
[1] https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/comment-page-6/#comment-226171
[2] https://normandy.cdn.mozilla.net/api/v1/recipe/
Mozilla Add-ons Blog
Add-ons disabled or failing to install in Firefox
Incident summary Updates - Last updated 14:35 PST May 14, 2019. We expect this to be our final update. If you are running ...
Alternative way:
Go to: https://normandy.cdn.mozilla.net/api/v1/recipe/
there, search "Update XPI signing intermediate" and you find the
Go to: https://normandy.cdn.mozilla.net/api/v1/recipe/
there, search "Update XPI signing intermediate" and you find the
addonUrl
parameter with the link to the XPIAurora Store
Aurora Store is an UnOfficial FOSS client to Google's Play Store, with an elegant design, using Aurora you can download apps,
update existing apps, search for apps, get details about in-app trackers and much more.
You can also Spoof your Device Information, Language and Region to get access to the apps that are not yet available
or restricted in your Country|Device.
Aurora Store does not require Google's Proprietary Framework (Spyware ?) to operate, it works perfectly fine with
or without GooglePlayService or MicroG. Thereby avoding the various concerned *userdata & privacy issues.
📖 Readme
https://gitlab.com/AuroraOSS/AuroraStore/blob/master/README.md
🗣 Telegram Group:
t.me/AuroraSupport
📡 Releases Channel:
t.me/AuroraOfficial
XDA:
https://forum.xda-developers.com/android/apps-games/galaxy-playstore-alternative-t3739733
4PDA
https://4pda.ru/forum/index.php?showtopic=887569
⬇️ Downloads:
- Join the telegram group for the most recent alpha and beta builds
F-Droid
https://f-droid.org/app/com.aurora.store
XDA Labs
https://labs.xda-developers.com/store/app/com.aurora.store
Nightly builds
(Not recomended for daily use)
http://auroraoss.com/Nightly
🌍 How to use GeoSpoof to download apps that are not available in your region
https://telegra.ph/Aurora-Store-GeoSpoof-08-13
📝 Translations:
https://poeditor.com/join/project/54swaCpFXJ
⌨️ Source Code:
https://gitlab.com/AuroraOSS/AuroraStore
📡 @NoGoolag
#aurora #store #playstore #alternative #yalp
Aurora Store is an UnOfficial FOSS client to Google's Play Store, with an elegant design, using Aurora you can download apps,
update existing apps, search for apps, get details about in-app trackers and much more.
You can also Spoof your Device Information, Language and Region to get access to the apps that are not yet available
or restricted in your Country|Device.
Aurora Store does not require Google's Proprietary Framework (Spyware ?) to operate, it works perfectly fine with
or without GooglePlayService or MicroG. Thereby avoding the various concerned *userdata & privacy issues.
📖 Readme
https://gitlab.com/AuroraOSS/AuroraStore/blob/master/README.md
🗣 Telegram Group:
t.me/AuroraSupport
📡 Releases Channel:
t.me/AuroraOfficial
XDA:
https://forum.xda-developers.com/android/apps-games/galaxy-playstore-alternative-t3739733
4PDA
https://4pda.ru/forum/index.php?showtopic=887569
⬇️ Downloads:
- Join the telegram group for the most recent alpha and beta builds
F-Droid
https://f-droid.org/app/com.aurora.store
XDA Labs
https://labs.xda-developers.com/store/app/com.aurora.store
Nightly builds
(Not recomended for daily use)
http://auroraoss.com/Nightly
🌍 How to use GeoSpoof to download apps that are not available in your region
https://telegra.ph/Aurora-Store-GeoSpoof-08-13
📝 Translations:
https://poeditor.com/join/project/54swaCpFXJ
⌨️ Source Code:
https://gitlab.com/AuroraOSS/AuroraStore
📡 @NoGoolag
#aurora #store #playstore #alternative #yalp
GitLab
README.md · master · Aurora OSS / AuroraStore · GitLab
An unofficial FOSS client to Google Play.
Magisk developer John Wu picks up internship at Apple
Among Android root and ROM enthusiasts, the name John Wu is well-known, being attached to the developer responsible for Magisk. Wu's systemless root solution has had a blistering development pace, repeatedly beating Google when it comes to the cat and mouse game imposed by SafetyNet and other system changes. But today the 23-year-old developer has announced a surprising career move: He's going to be an intern at Apple for the next four months.
It's fairly astounding that Google didn't try to snap him up, given both his deep familiarity with the platform and his well-recognized status among the Android enthusiast development community. Google's loss is Apple's gain, though.
https://www.androidpolice.com/2019/05/04/magisk-developer-john-wu-picks-up-internship-at-apple/
📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
Among Android root and ROM enthusiasts, the name John Wu is well-known, being attached to the developer responsible for Magisk. Wu's systemless root solution has had a blistering development pace, repeatedly beating Google when it comes to the cat and mouse game imposed by SafetyNet and other system changes. But today the 23-year-old developer has announced a surprising career move: He's going to be an intern at Apple for the next four months.
It's fairly astounding that Google didn't try to snap him up, given both his deep familiarity with the platform and his well-recognized status among the Android enthusiast development community. Google's loss is Apple's gain, though.
https://www.androidpolice.com/2019/05/04/magisk-developer-john-wu-picks-up-internship-at-apple/
📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
Please vote NO in this poll from @itsrevengeos / @RevengeOSNews
All roms should be spyware free.
Let masochism be opt-in, not by default.
All roms should be spyware free.
Let masochism be opt-in, not by default.
Forwarded from Zhenxiang Chen
Brave: Browser with its own advertising concept
I often hear the question why I don't recommend the Brave Browser and why I don't participate in the Brave Rewards program. First of all, the browser is based on Chrome - that's enough for me to avoid it as much as possible. Browsers based on Chrome are usually closely linked to Google services. As a user who is sensitive to data protection, I am happy to do without it.
I also find the "advertising concept" unconvincing. The integrated advertising blocker initially prevents advertising from being displayed. Brave then fades in its own advertising, which in the opinion of the developers is "less harmful" and does not make the user traceable on the Internet. For advertising, a fee is to be paid to the user as well as to the advertiser in the form of Basic Attention Tokens (BAT).
Currently, the browser can be operated completely free of advertising - i.e. even without advertising that displays Brave. In the future, this model may be adapted. Who decides then against the Ad Replacement, that must deactivate the integrated advertising blocker. Inevitably this means: In Brave, the user is either shown advertising from the respective website or advertising via the "Ad Replacement" concept. Unlike other browsers, the user cannot completely suppress advertising, for example via Adblocker plug-ins such as uBlock Origin. Whether this will be implemented in this way, however, is still speculation.
Final conclusion: Not recommended
https://www.kuketz-blog.de/brave-browser-mit-eigenem-werbekonzept/
📡 @NoGoolag
#brave #browser #advertising #kuketz
I often hear the question why I don't recommend the Brave Browser and why I don't participate in the Brave Rewards program. First of all, the browser is based on Chrome - that's enough for me to avoid it as much as possible. Browsers based on Chrome are usually closely linked to Google services. As a user who is sensitive to data protection, I am happy to do without it.
I also find the "advertising concept" unconvincing. The integrated advertising blocker initially prevents advertising from being displayed. Brave then fades in its own advertising, which in the opinion of the developers is "less harmful" and does not make the user traceable on the Internet. For advertising, a fee is to be paid to the user as well as to the advertiser in the form of Basic Attention Tokens (BAT).
Currently, the browser can be operated completely free of advertising - i.e. even without advertising that displays Brave. In the future, this model may be adapted. Who decides then against the Ad Replacement, that must deactivate the integrated advertising blocker. Inevitably this means: In Brave, the user is either shown advertising from the respective website or advertising via the "Ad Replacement" concept. Unlike other browsers, the user cannot completely suppress advertising, for example via Adblocker plug-ins such as uBlock Origin. Whether this will be implemented in this way, however, is still speculation.
Final conclusion: Not recommended
Source:
https://www.kuketz-blog.de/brave-browser-mit-eigenem-werbekonzept/
📡 @NoGoolag
#brave #browser #advertising #kuketz
Kuketz IT-Security Blog
Brave: Browser mit eigenem Werbekonzept
Ich erhalte oftmals die Frage, weshalb ich den Brave-Browser nicht empfehle und wieso ich nicht am Brave-Rewards-Programm teilnehme.
NoGoolag
Brave: Browser with its own advertising concept I often hear the question why I don't recommend the Brave Browser and why I don't participate in the Brave Rewards program. First of all, the browser is based on Chrome - that's enough for me to avoid it as…
TL;DR
Just read the final conclusion.