Exposing Your Face Isn't a More Hygienic Way to Pay

A company called PopID has created an identity-management system that uses face recognition. Their first use case is as a system for in-store, point of sale payments using face recognition as authorization for payment.

They are promoting it as a tool for restaurants, claiming that it is pandemic-friendly because it is contactless.

Nonetheless, the PopID payment system is less secure than alternatives, unfriendly to privacy, and is likely riskier than other payment alternatives for anyone concerned about catching COVID-19. On top of these issues, PopID is pitching it as a screening tool for COVID-19 infection, another task that it's completely unsuited for.

👉🏼 Equities issues

It's important that payment systems not disadvantage cash payments, which have the best social equity. Many people are under-banked and in hard times such as these, many people use cash as a way to help them manage their budgets and spending. Cash is also the most privacy-friendly way to pay. As convenient as other systems are, and despite cash not being contactless, we need to protect people's ability to use cash1.

PopID is a charge-up-and-spend system. To lower their costs, PopID has its users charge up an account wn ith them using a credit card or debit card, and payments are deducted from that. Charge-and-spend systems are good for the store, and less good for the person using them; they amount to an interest-free loan that the consumer gives the merchant. This is no small thing: Starbucks, PayPal, and Walmart all have billions in interest-free loans from their customers. This further disadvantages people with budgets, as it requires them to give PopID money before it is spent and keep a balance in their system in anticipation of spending it.

👀 👉🏼 https://www.eff.org/deeplinks/2020/09/exposing-your-face-isnt-more-hygienic-way-pay

#eff #face #recognition #PopID #contactless #pay
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

They're Deleting My Channel - But They Don't Even Know Why!!?!

I need your help! This may be my last ever YouTube video... Please share it to raise awareness. Thank you!

https://www.invidiou.site/watch?v=hAEdFRoOYs0


#youtube #google #copyright #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Surveillance Company Explains How to Keep Facebook From Detecting Fake Accounts in Leaked Manual

A leaked manual from Blackdot Solutions, a British company that offers social media monitoring services, included a step-by-step guide on how to create fake profiles on Facebook and LinkedIn.

A company that markets an online investigations platform for government agencies, banks, and other businesses says publicly that it's based on open source intelligence. But a leaked user manual obtained by Motherboard shows that, in reality, the company teaches customers how to create fake Facebook and LinkedIn accounts to gather information about people that is normally protected by their privacy settings on those platforms.

The guide also explains how to avoid detection by Facebook.

https://www.vice.com/en_us/article/jgxzvg/surveillance-company-explains-how-to-keep-facebook-from-detecting-fake-accounts-in-leaked-manual

#Facebook #fake #accounts #surveillance #firm

Gig Economy Company Launches Uber, But for Evicting People

A company called Civvl says evicting people is the "FASTEST GROWING MONEY MAKING GIG DUE TO COVID-19."

"SINCE COVID-19 MANY AMERICANS FELL BEHIND IN ALL ASPECTS," reads the website copy. The button below this statement is not for a GoFundMe, or a petition for calling for rent relief. Instead, it is the following call to action, from a company called Civvl: "Be hired as eviction crew."

During a time of great economic and general hardship, Civvl aims to be, essentially, Uber, but for evicting people. Seizing on a pandemic-driven nosedive in employment and huge uptick in number-of-people-who-can't-pay-their-rent, Civvl aims to make it easy for landlords to hire process servers and eviction agents as gig workers.

Helena Duncan, a Chicago-based paralegal who also participates in housing activism, saw a Craigslist post from Civvl while searching for jobs. The ad alarmed her.

"It's fucked up that there will be struggling working-class people who will be drawn to gigs like furniture-hauling or process-serving for a company like Civvl, evicting fellow working-class people from their homes so they themselves can make rent," she told Motherboard.

https://www.vice.com/en_us/article/ep435n/gig-economy-company-launches-uber-but-for-evicting-people

#US #Gig #economy #firm #civvl

Former YouTube content moderator describes horrors of the job in new lawsuit

A former YouTube moderator is suing YouTube, accusing it of failing to protect workers who have to catch and remove violent videos posted to the site.

The suit filed Monday in California Superior Court in San Mateo says the plaintiff was required to watch murders, abortions, child rape, animal mutilation and suicides. As a part of moderator training, the company allegedly presented a video of a “smashed open skull with people eating from it,” a woman who was kidnapped and beheaded by a cartel and a person’s head being run over by a tank.

YouTube parent company Google faces increasing pressure to control content spanning violence and misinformation — particularly as it approaches the 2020 U.S. election and antitrust investigations from state attorneys general, the Department of Justice and Congress.

https://www.cnbc.com/2020/09/22/former-youtube-content-moderator-describes-horrors-of-the-job-in-lawsuit.html

#US #California #Google #Youtube #lawsuit

The Supply of Disinformation Will Soon Be Infinite

Disinformation campaigns used to require a lot of human effort, but artificial intelligence will take them to a whole new level.

Someday soon, the reading public will miss the days when a bit of detective work could identify completely fictitious authors. Consider the case of “Alice Donovan.” In 2016, a freelance writer by that name emailed the editors of CounterPunch, a left-leaning independent media site, to pitch a story. Her Twitter profile identified her as a journalist. Over a period of 18 months, Donovan pitched CounterPunch regularly; the publication accepted a handful of her pieces, and a collection of left-leaning sites accepted others.

https://www.theatlantic.com/ideas/archive/2020/09/future-propaganda-will-be-computer-generated/616400/

Rightsholders Ask Europe for Broad “Know Your Customer” Checks to Deter Piracy

In a letter sent to the European Commission, a large group of anti-piracy organizations and copyright holders calls for stricter online identity checks. As part of Europe's planned Digital Services Act, online services such as hosting companies, domain registrars, and advertisers, should be required to perform "know your customer" checks. This can help to combat all sorts of illegal activity including online piracy.

Anonymity is a great good on the Internet but increasingly there are calls for stricter identity checks.

Such requirements are not new. In daily life many people have encountered situations where they had to prove their identity. When opening a bank account, for example. But online it is rare.

If it’s up to a large group of organizations with ties to copyright industries, this should change. They call for stricter policies so that hosting companies, domain registrars, and advertisers must properly check who their customers are.

This message was sent in a letter to the European Commission this week. The signatories include anti-piracy outfits such as MPA, BREIN, BPI, IFPI, and RettighedsAlliancen, as well as the international brands Heineken, Nike, and Philips. Together, they call for thorough “know your customer” requirements.

https://torrentfreak.com/rightsholders-ask-europe-for-broad-know-your-customer-checks-to-deter-piracy-200923/

#Europe #KYC #piracy

Suzhou city takes a page from China’s social credit system with Civility Code that rates citizens’ behaviour through a smartphone app

A Chinese city’s plan to score citizens by how “civil” they are has prompted comparisons to Black Mirror and China’s last imperial dynasty.
Authorities in the eastern city of Suzhou, west of Shanghai, introduced a new function designed to measure a person’s civic performance. The new “Sucheng Wenmingma”, which roughly translates as “Suzhou Civility Code”, aims to encourage people to follow traffic rules, take part in voluntary services, sort their trash and do other things that make them model citizens in the eyes of the government. The code is accessed via a smartphone app.

During a brief trial last week, the app actively tracked users’ traffic performance, the Southern Metropolis Daily reported. For each infraction, such as running a red light, 50 points were deducted from the starting total of 1,000 points. A user could gain back lost points by taking part in voluntary traffic management activities.

https://www.scmp.com/abacus/tech/article/3100516/suzhou-city-takes-page-chinas-social-credit-system-civility-code-rates

#Asia #China #social #credit #system

🚨NEW: A law is in force *today* requiring venues to collect our personal data, or else be fined £500. Pubs, cafés, restaurants, even workplace canteens must refuse entry to anyone who doesn’t want to share this data.

This change is huge. It's a mass recording of our movements.

#UK

https://nitter.net/BigBrotherWatch/status/1306909468018475008#m

DHS Admits Facial Recognition Photos Were Hacked, Released on Dark Web

Traveler’s faces, license plates, and care information were hacked from a subcontractor called Perceptics and released on the dark web.

The Department of Homeland Security (DHS) finally acknowledged Wednesday that photos that were part of a facial recognition pilot program were hacked from a Customs and Border Control subcontractor and were leaked on the dark web last year.

Among the data, which was collected by a company called Perceptics, was a trove of traveler’s faces, license plates, and care information. The information made its way to the Dark Web, despite DHS claiming it hadn’t. In a newly released report about the incident, the DHS Office of Inspector General admitted that 184,000 images were stolen and at least 19 of them were posted to the Dark Web.

https://www.vice.com/en_us/article/m7jzbb/dhs-admits-facial-recognition-photos-were-hacked-released-on-dark-web

#US #DHS #face #recognition #photos #hacked

Rockefeller Foundation Paper Published in 2010 Predicted How a Pandemic Can be Used as an Excuse to Establish Global Authoritarian Power

The Rockefeller Foundation published a report in May 2010 in cooperation with the Global Business Network of futurologist Peter Schwartz. It was called Scenarios for the Future of Technology and International Development. The first scenario, titled, “Lock Step”, describes a world of total government control and authoritarian leadership. It envisions a future where a pandemic would allow national leaders to flex their authority and impose airtight rules and restrictions that would remain after the pandemic faded. The first half of this scenario already has unfolded. Will it continue as predicted? The information on Lock Step begins at about the two-thirds point of the article. The Rockefeller report in its entirety can be downloaded here. [The importance of this document cannot be overstated.] -GEG

https://needtoknow.news/2020/03/rockefeller-foundation-paper-published-in-2010-predicted-how-a-pandemic-can-be-used-as-an-excuse-to-establish-global-authoritarian-power


#rockefeller #pandemic #coronavirus #foreknowledge

Amazon Unveils Drone That Films Inside Your Home. What Could Go Wrong?

On social media, people had some concerns about the Ring Always Home Cam. To put it mildly.

When Amazon’s chief executive, Jeff Bezos, promised in 2013 that drones would soon be flying everywhere delivering packages, a miniature camera whirring through homes and recording video was probably not what people envisioned.

But on Thursday, Amazon’s Ring division unveiled the $249 Ring Always Home Cam, a small drone that hums as it flies around houses filming everything, ostensibly for security purposes.

https://www.nytimes.com/2020/09/24/technology/amazon-ring-drone.html

#Amazon #Ring #drone #home #security #surveillance

The Blurred Lines and Closed Loops of Google Search

Seemingly small design tweaks to the search results interface may change how and where people find information online.

January 13 was a fairly eventful day, at least for pre-pandemic times. Cory Booker dropped out of the presidential race. LSU trounced Clemson in the college football national championship game. Attorney general William Barr asked Apple to unlock an iPhone. And Google pushed out a seemingly tiny tweak to how it displays search ads for desktop computers.

Previously, the search engine had marked paid results with the word “Ad” in a green box, tucked beneath the headline next to a matching green display URL. Now, all of a sudden, the “Ad” and the URL shifted above the headline, and both were rendered in discreet black; the box disappeared.

https://www.wired.com/story/blurred-lines-closed-loops-google-search/

#Google #search #ads

Anti-Piracy Coalition Wants Operators of Pirate Bay, YTS, 1337x, EZTV Uncovered

Anti-piracy coalition ACE is continuing its crackdown on pirate sites, targeting several high profile actors. Represented by the MPA, the group requests a DMCA subpoena that requires Cloudflare to hand over personal information and account details relating to the operators of The Pirate Bay, YTS, 1337x, EZTV, Seasonvar, Tamilrockers, Lordfilms, and many others.

As one of the leading CDN and DDoS protection services, Cloudflare is used by millions of websites across the globe. This includes many pirate sites.

Copyright holders would ideally like the company to cease its ties with these platforms, but Cloudflare sees things differently. It positions itself as a neutral third-party intermediary that will only take action in response to valid court orders.

Cloudflare DMCA Subpoenas

Thus far, court orders that have required Cloudflare to block or terminate a pirate site have been very limited. More commonly, rightsholders obtain DMCA subpoenas from US courts requiring the CDN provider to hand over information it has on the operators of pirate sites.

https://torrentfreak.com/anti-piracy-coalition-wants-cloudflare-to-expose-operators-of-pirate-bay-yts-1337x-and-others-200923/

#piracy #DMCA

Polish police shut down hacker super-group involved in bomb threats, ransomware, SIM swapping

The hackers also distributed Windows and Android malware, and even ran 50 fake online stores where they defrauded buyers.

Polish authorities have shut down today a hacker super-group that has had its fingers in a multitude of cybercrime operations, such as ransomware attacks, malware distribution, SIM swapping, banking fraud, running fake online stores, and even making bomb threats at the behest of paying customers.

Four suspects where arrested this week, and four more are under investigation.

According to reports in Polish media, the hackers have been under investigation since May 2019, when they sent a first bomb threat to a school in the town of Łęczyca.

https://www.zdnet.com/article/polish-police-shut-down-hacker-super-group-involved-in-bomb-threats-ransomware-sim-swapping/

#Europe #Poland #hackers #group

Looks Like the Windows XP Source Code Just Leaked on 4chan

Would you believe more than 1% of computers worldwide are still using Windows XP? Incredibly, there are still millions of people using 19-year-old operating system. And a recent development — if it bears out — is another reason people need to make the switch to something newer.

On Thursday, users on 4chan posted what they claimed was the source code of Windows XP.

Posting an image of a screenshot allegedly of the source code in front of Window’s XP iconic Bliss background, one user wrote ‘sooooo Windows XP Source code leaked’. Another Redditor helpfully has uploaded the code as a torrent, assisting in its spread.

While there is no confirmation that this code is definitely Windows XP, independent researchers have begun to pick through the source code and believe it stands up to scrutiny.

👀 👉🏼 https://www.gizmodo.com.au/2020/09/looks-like-the-windows-xp-source-code-just-leaked-on-4chan/

👀 👉🏼 https://nitter.net/RoninDey/status/1309275918943301636

#windows #xp #sourcecode #leaked
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Wyden and Warren Demand Investigation into IRS Warrantless Location Tracking

A unit of the IRS previously bought access to location data harvested from ordinary apps installed on peoples’ phones to try and identify individuals.

Ron Wyden and Elizabeth Warren want a formal investigation into the IRS' use of smartphone location data to track Americans without a warrant.

On Thursday, the two Senators sent a letter to the body tasked with oversight of the IRS demanding it investigate how a section of the IRS bought access to this data.

The news highlights the continued tread of law enforcement agencies obtaining location data that would ordinarily require a warrant to do, by simply purchasing the data from commercial providers instead.

https://www.vice.com/en_us/article/xg8by3/irs-phone-tracking-warrant-wyden-warren

#US #IRS #phone #tracking #privacy #surveillance

Free VPNs are bad for your privacy

VPNs are in high demand as Americans scramble to keep access to TikTok and WeChat amid a looming government ban. There are dozens of free VPNs out there that promise to protect your privacy by keeping you anonymous on the internet and hiding your browsing history.

Don’t believe it. Free VPNs are bad for you.

The internet is a hostile place for the privacy-minded. Internet providers can sell your browsing history, governments can spy on you and tech titans collect huge amounts of data to track you across the web. Many have turned to VPNs, or virtual private networks, thinking that they can protect you from snoopers and spies.

But where VPNs try to solve a problem, they can also expose you to far greater privacy risks.

TechCrunch’s Romain Dillet has an explainer on what a VPN is. In short, VPNs were first designed for employees to virtually connect to their office network from home or while on a business trip. These days, VPNs are more widely used for hiding your online internet traffic, and tricking streaming services into thinking you’re another country when you’re not. That same technique also helps activists and dissidents bypass censorship systems in their own countries.

https://techcrunch.com/2020/09/24/free-vpn-bad-for-privacy/

#VPN #privacy #censorship

How to Secure Anything

Security engineering is the discipline of building secure systems.

Its lessons are not just applicable to computer security. In fact, in this repo, I aim to document a process for securing anything, whether it's a medieval castle, an art museum, or a computer network.

💡What is security engineering?

Security engineering isn't about adding a bunch of controls to something.

It's about coming up with security properties you'd like a system to have, choosing mechanisms that enforce these properties, and assuring yourself that your security properties hold.

👀 👉🏼 https://github.com/veeral-patel/how-to-secure-anything

#howto #guide #security #secure #anything
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Federal Agency Compromised by Malicious Cyber Actor

The Cybersecurity and Infrastructure Security Agency (CISA) responded to a recent threat actor’s cyberattack on a federal agency’s enterprise network. By leveraging compromised credentials, the cyber threat actor implanted sophisticated malware—including multi-stage malware that evaded the affected agency’s anti-malware protection—and gained persistent access through two reverse Socket Secure (SOCKS) proxies that exploited weaknesses in the agency’s firewall.

💡 For a downloadable copy of IOCs, see:
https://us-cert.cisa.gov/sites/default/files/publications/AR20-268A.stix.xml

👀 👉🏼 https://us-cert.cisa.gov/ncas/analysis-reports/ar20-268a

👀 👉🏼 https://www.zdnet.com/article/cisa-says-a-hacker-breached-a-federal-agency

#cisa #hacker #breach #breached #federal #agency
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag