NewsGuard is checking @AntiSpiegel. So let's check NewsGuard now! 🔰
#News #FakeNews #Medien #media

The iPhone 11 Pro’s Location Data Puzzler

👉🏼 Video:
https://youtu.be/37_3hd_SK24

👉🏼 Read more:
https://krebsonsecurity.com/2019/12/the-iphone-11-pros-location-data-puzzler/

#hmm #thinkabout #crapple #cr #apple #evil #privacy

You can hack anything - you just shouldn't get caught - #OpSec for data travellers

In this introductory talk we give an overview of the #risks of the #hacking #hobby: doors that are broken in, house searches and high legal fees obscure the enjoyment of free hacking.

Here it is worthwhile for the #hacking offspring to learn from the mistakes of others. We give classic examples of mistakes in #operational #security so that you don't have to make them.

📺 🇬🇧 🇫🇷 🇩🇪
https://media.ccc.de/v/35c3-9716-du_kannst_alles_hacken_du_darfst_dich_nur_nicht_erwischen_lassen

#video #CCC #Linus
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Workers fired from Google plan federal labor complaint

SAN FRANCISCO (AP) — Four workers fired from Google last week are planning to file a federal labor complaint against the company, claiming it unfairly retaliated against them for organizing workers around social causes.

The former employees said Tuesday they are preparing to file unfair labor practice charges with the National Labor Relations Board this week. All four were fired Nov. 25 for what Google said were violations of its data security policy.

https://apnews.com/3bc4b99c14bf4f1c9271c74099fa5224

Read Via Telegram

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡 @NoGoolag

Librem 5 backers have begun receiving their Linux phones

The first Librem 5 backers have begun receiving mostly working prototype devices.

When Ars spoke to Purism founder and CEO Todd Weaver two weeks ago, the Librem 5 had been "shipping" for a month but not to backers—only to Purism employees and inside developers. Weaver talked a little about the unexpected hardware issues the company had been experiencing late in the game, including a batch of phone boards missing a 10kOhm resistor, and he gave us an updated schedule for when the phones would resume shipping. More importantly, Weaver said backers would begin receiving their phones by the first week of December.

https://arstechnica.com/gadgets/2019/12/librem-5-backers-receiving-their-linux-phones/

Read Via Telegram

HERE and HERE

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag

Own Your Digital Identity

Together with a jewelry designer, Kaspersky shows how to avoid the risks of biometric authentication while retaining its convenience

You are the only person in this world who has your fingerprints, your irises, your facial features, your DNA. As such, it’s incredibly convenient to use them for authentication, proving that you are you. You probably already use it – to unlock your phone, to get a visa for another country, and maybe even to access your office.

https://www.kaspersky.com/blog/future-of-biometrics/

Read Via Telegram

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag

Kashmiris Are Disappearing From WhatsApp

Kashmiris enduring their region's ongoing internet blackout are losing their WhatsApp accounts because of the platform's policy on inactive accounts.

On Wednesday, #Kashmiris began #disappearing from #WhatsApp — and no one initially knew why. #Citizens of the disputed geographical territory, whose autonomy the #Indian #government revoked in August, abruptly and inexplicably began departing WhatsApp groups in which they had long participated, leaving behind only a “[Phone number] left” message.

It's been four months since India’s government shut down Kashmir’s internet services, cutting off the region from the rest of the world. Because of this, some observers suspected that the Kashmiris who disappeared from their WhatsApp #groups this week did not do so on their own and may not even know anything has changed.

In a comment provided after this story's publication, a spokesperson for #Facebook, which owns WhatsApp, said the disappearances were the result of the messaging app's policy on inactive accounts.

"To maintain security and limit data retention, WhatsApp accounts generally expire after 120 days of inactivity," they wrote. "When that happens, those accounts automatically exit their WhatsApp groups. People will need to be re-added to groups upon regaining access to the Internet and joining WhatsApp again."

The spokesperson did not respond to questions from BuzzFeed News about how many Kashmiris were affected. Those whose profiles have expired will have to re-register on WhatsApp and recreate their profiles on the platform.

👉🏼 Read more:
https://www.buzzfeednews.com/article/pranavdixit/hundreds-of-kashmiris-are-disappearing-from-their-whatsapp

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Here is the next utility app, called AppWarden.

Min SDk 22

Basic features :
1. Allows you to audit all apps, activities, permissions, services, receivers, providers, certificates, fingerprints.
2. Allow you to find detailed trackers, provider is Exodus, will add others too.
3. Shows recently used apps and stats

Upcoming features:
1. In-app permission auditing
2. Killing suspicious services.
3. Static code analysis using classyshark


You need to manually grant usage access as of now from settings.

Advanced control is root only

I'm open to Suggestions & Feature requests, kindly give your valuable feedback.

https://t.me/AuroraOSS

Android Vulnerability Exposes Almost All Apps To Attacks

Android threats continue to hit users, and recently, security researchers revealed a newly discovered Android vulnerability called ‘StrandHogg.’ It allows malware to act as a legit app to attack Android users, which is Google’s operating system. This treacherous Android vulnerability could give hackers access to your private photos and SMS and steal your login credentials, monitor your movements, spy using your phone’s camera, and even record your phone’s conversations, reveals Promon, a Norwegian security company.

The security researchers at Promon made an investigation into real-life malware that takes advantage of the serious flaw. They discovered that all of the top 500 most popular apps are at risk, and all versions of Android are affected, including the latest Android 10.

https://www.ibtimes.com/android-vulnerability-exposes-almost-all-apps-attacks-2879979

Earlier Post - HERE

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡 @NoGoolag

We can no longer pretend that Google is a positive force in the world.
https://notochrome.org/

There is a simple first step that every internet user can take to make things a little better. Seek out a better web browser to replace Google Chrome and tell everyone to do the same.

No to Chrome is designed as a starting point for anyone who uses the internet to send a message to Google that their relentless disregard for our rights, dignity, democracy and communities will not be tolerated.

There are many ways protest against Google ranging from Tweets to full boycotts but No to Chrome is designed to be for anyone who uses the internet to participate easily and immediately.


#deletegoogle #notochrome #deletegapps #deletechrome #chrome #google #evil

Congratulations, YouTube... Now Show Your Work

Earlier this week, #YouTube finally acknowledged their #recommendation #engine suggests harmful content. It’s a small step in the right direction, but YouTube still has a long history of dismissing independent #researchers. We created a #timeline to prove it.

Over the past year and some, it’s been like clockwork.

First: a news story emerges about YouTube’s recommendation engine harming users. Take your pick: The #algorithm has radicalized young adults in the U.S., sowed division in #Brazil, spread state-sponsored #propaganda in #HongKong, and more.

Then: YouTube responds. But not by admitting fault or detailing a solution. Instead, the company issues a statement diffusing blame, criticising the research methodologies used to investigate their recommendations, and vaguely promising that they’re working on it.

In a blog post earlier this week, YouTube acknowledged that their recommendation engine has been suggesting borderline content to users and posted a timeline showing that they’ve dedicated significant resources towards fixing this problem for several years. What they fail to acknowledge is how they have been evading and dismissing journalists and academics who have been highlighting this problem for years. Further, there is still a glaring absence of publicly verifiable data that supports YouTube’s claims that they are fixing the problem.

That’s why today, #Mozilla is publishing an #inventory of YouTube’s responses to external #research into their recommendation engine. Our timeline chronicles 14 responses — all evasive or dismissive — issued over the span of 22 months. You can find them below, in reverse chronological order.

💡 We noticed a few trends across these statements:

‼️ YouTube often claims it’s addressing the issue by tweaking its algorithm, but provides almost no detail into what, exactly, those tweaks are

‼️ YouTube claims to have data that disproves independent research — but, refuses to share that data

‼️ YouTube dismisses independent research into this topic as misguided or anecdotal, but refuses to allow third-party access to its data in order to confirm this

👉🏼 Read more:
https://foundation.mozilla.org/en/blog/congratulations-youtube-now-show-your-work/

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Privacy Analysis of Tiktok’s App and Website (#PoC)

I did a detailed privacy check of the Tiktok app and website. Tiktok commits multiple breaches of law, trust, transparency and data protection.

Here are all technical and legal details. You can read a less technical article about it at the Süddeutsche Zeitung (german).

This is my setup: I used #mitmproxy to route all #app #traffic for #analysis. See in this #video how device information, usage time and watched videos are sent to #Appsflyer and #Facebook.

Hard to believe that this is covered by „legitimate interest“ and transparency: Entered search terms are sent to Facebook...

👉🏼 Read more:
https://rufposten.de/blog/2019/12/05/privacy-analysis-of-tiktoks-app-and-website/

#TikTok #PoC
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

YouTube alternatives

Major YouTube Changes Going To Hit Soon
These Alternatives Are Where You Need To Go

https://invidio.us/watch?v=sMVYAsrO8Z4

https://www.youtube.com/watch?v=sMVYAsrO8Z4


📡 @News4AChange
#yt #YouTube #alternatives #wearechange

Google could soon prevent Android users from sideloading apps

—> https://phandroid.com/2019/12/06/google-could-soon-prevent-android-users-from-sideloading-apps/

#deletegoogle #android #deleteandroid #useaosp #why #thinkabout #delete #play #store #google #evil #lockdown

Conservative government giving NHS data to Amazon for free, documents reveal

US company will be able to access all ‘healthcare information, including without limitation symptoms, causes, and definitions’

#NHS #data on the #health of the #population is being handed over to #Amazon at no charge under a controversial deal between the #USA giant and the #Department of Health and Social Care.

While individual patient data is not being given to the company, a copy of the December 2018 contract between Amazon and the #DHSC reveals the company will be able to profit from its access to a range of NHS information.

Health secretary Matt #Hancock hailed the deal with Amazon in July as a way to help give patients better medical advice using #technology such as #Alexa, which uses Amazon’s #algorithm to answer key question.

Campaigners from #Privacy International obtained a copy of the contract using freedom of information laws. The full contract reveals the deal goes far beyond medical advice for use by Alexa.

It states the company will be able to access all “healthcare information, including without limitation symptoms, causes, and definitions, and all related copyrightable content, data, information and other materials”, the DHSC has.

The contract allows Amazon to use this data in a number of ways – not just providing advice to UK users.

👉🏼 Read more:
https://www.independent.co.uk/news/health/amazon-nhs-data-access-uk-government-contract-a9237901.html

#DeleteAmazon #UK #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Behind the One-Way Mirror: A Deep Dive Into the Technology of Corporate Surveillance

https://www.eff.org/wp/behind-the-one-way-mirror


#corp #surveillance #why #eff

Viral video of Chinese man interrogation reminds the West of the horrors of the Chinese Social Credit system. The man was questioned over his social media (WeChat and QQ) activity.
https://reclaimthenet.org/china-man-chair-interrogation-social-credit/

https://redd.it/e89d5y
@r_privacy

I would like to point out that the original article and this post is misleading.
This is government repression, but entirely unrelated to the social credit system, and would have occoured in 2002 all the same.
I would also like to use this chance to correct a misconception with the social credit system:
- there is no nationwide score — certain regional credit beureaus may put out regional scores synchronized with the nationwide credit database, but otherwise there is no set score, and only an arbitrary rating between "trustworthy" and "untrustworthy" not visible to the holder.

The media should not lump entirely unrelated concepts together; This is repression, and the social credit system is in a way a tool for repression, but the instrument of repression used here is clearly not the social credit system.

Wikipedia Fraud EXPOSED: Troll farms and the CIA have hijacked the once open platform | Zero Hedge | Zero Hedge
https://www.zerohedge.com/news/2019-12-09/wikipedia-fraud-exposed-troll-farms-and-cia-have-hijacked-once-open-platform

Scientists Crack Longest, Most Complex Encryption Key Ever

It took a total computing time of 35 million hours.

🔵 Scientists have set a record by extending the longest cracked encryption from 232 digits to 240.

🔵 These numbers are still far smaller than the values used in real cryptography, making this a computing rather than hacking victory.

🔵 Multiplying gigantic prime numbers together is the secure backbone of RSA encryption.

https://www.popularmechanics.com/science/math/a30149512/longest-encryption-ever-cracked/

Read Via Telegram

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag

Replicant needs your help to liberate Android in 2020

Support it now!

https://www.fsf.org/blogs/community/replicant-needs-your-help-to-liberate-android-in-2020


#replicant #android #phone #mobile #alternatives #fsf