A set of new vulnerabilities in Linux-based operating systems could allow attackers to bypass mitigations for speculative attacks like Spectre and obtain sensitive information from kernel memory.

Read details: https://thehackernews.com/2021/03/new-bugs-could-let-hackers-bypass.html

The Last American Vagabond: James Corbett Interview – COVID-19 Censorship, Technocracy & The Amazing Country Of Digital Gulag

Joining me today is James Corbett, here to discuss his recent censorship as well as ‘Digital Gulag’ being built around us, and the importance of why we must act now, today, in order to stop this rising technocratic state.

https://www.thelastamericanvagabond.com/james-corbett-interview-covid-19-censorship-technocracy-the-amazing-country-of-digital-gulag/

Mp3 download link
https://media.blubrry.com/last_american_vagabond/content.blubrry.com/last_american_vagabond/James_Corbett_Interview-COVID-19_Censorship_Technocracy_The_Amazing_Country_Of_Digital_Gulag-FINAL.mp3


#censorship #goolag #patreon #youtube

Amazon started a Twitter war because Jeff Bezos was pissed

Snarky tweets targeting Senators Bernie Sanders and Elizabeth Warren came after the CEO told execs they weren’t pushing back hard enough on critics.

https://www.vox.com/recode/2021/3/28/22354604/amazon-twitter-bernie-sanders-jeff-bezos-union-alabama-elizabeth-warren

#amazon

Hi all,

On public demand I added an optional Insecure anonymous session, disabled by default.

Which basically allows you to generate GSF ID on your own device rather than the dispenser server.

This would allow you to get apps & listing from your own country, similar to v3 and also opens up bridge for Geo-Spoofing

The new preference is located at Settings > Networking > Insecure anonymous session

To apply geo-spoofing just use a VPN and set location for where ever you want to geo-spoof.

Make sure you relogin & restart Aurora Store to apply these changes. Test it & let me know if it works fine for you.

Also, stop sending me bulk messages & emails 😒, you want something just create a Gitlab issue.

Enjoy!

@AuroraSupport

15 years ago, I co-led a team trying to give 100% free Internet access to all of San Francisco starting with the poorest neighborhoods first. The network would be anonymous, with no ads, no cookies, etc. Approximately a $20-25 million gift. The result? We were chased out of town.

https://threadreaderapp.com/thread/1375962440303661057.html


Noglu:
Nice story! Oddly Sacca only ever tells half the story. What he forgets to mention is that he wanted to realise this free internet access in 2007 with the support of Google. In return, Google demanded full legal control over the City's public utility and power poles. Furthermore, Google demanded that there should be no possibility for the users of this free access to refuse to hand over personal data. You can read about this in detail here.
https://web.archive.org/web/20091009152536/http://www.sfgov.org/site/budanalyst_page.asp?id=53280


Noglu:
It's interesting, but it doesn't seem as sinister as it sounds. The report mentions several things about privacy it had already negotiated with Google at that time

Though I only searched for google and read the sorrounding sections, I ain't gonna read this entire giant-ass document at this time of the night

#sf #usa #gov #why #freeinternet

Ban Surveillance Advertising

As leaders across a broad range of issues and industries, we are united in our concern for the safety of our communities and the health of democracy. Social media giants are eroding our consensus reality and threatening public safety in service of a toxic, extractive business model. That’s why we’re joining forces in an effort to ban surveillance advertising.

Surveillance advertising – the core profit-driver for gatekeepers like Facebook and Google, as well as adtech middlemen – is the practice of extensively tracking and profiling individuals and groups, and then microtargeting ads at them based on their behavioral history, relationships, and identity.

These dominant firms curate the content each person sees on their platforms using those dossiers – not just the ads, but newsfeeds, recommendations, trends, and so forth – to keep each user hooked, so they can be served more ads and mined for more data.

Big Tech platforms amplify hate, illegal activities, and conspiracism – and feed users increasingly extreme content – because that’s what generates the most engagement and profit. Their own algorithmic tools have boosted everything from white supremacist groups and Holocaust denialism to COVID-19 hoaxes, counterfeit opioids and fake cancer cures. Echo chambers, radicalization, and viral lies are features of these platforms, not bugs—central to the business model.

And surveillance advertising is further damaging the information ecosystem by starving the traditional news industry, especially local journalism. Facebook and Google’s monopoly power and data harvesting practices have given them an unfair advantage, allowing them to dominate the digital advertising market, siphoning up revenue that once kept local newspapers afloat. So while Big Tech CEOs get richer, journalists get laid off.

https://www.bansurveillanceadvertising.com/coalition-letter

#ban #surveillance #advertising #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

#USA, Louis Rossman:
I'm crowdfunding a direct ballot initiative to bypass lobbyists/politicians & pass #Right to #Repair

https://www.youtube.com/watch?v=dWIF3ZRpf0I

Google Is Testing Its Controversial New Ad Targeting Tech in Millions of Browsrs
Article, Comments

Goolgle collects 20X more telemetry from Android devices than Apple from iOS
Article, Comments

Armv9: ARM Announces New Chip Architecture

Today, Arm introduced the Arm®v9 architecture in response to the global demand for ubiquitous specialized processing with increasingly capable security and artificial intelligence (AI). Armv9 is Arm's first new architecture in a decade, building on the success of Armv8, which today drives the best performance per watt

https://www.arm.com/company/news/2021/03/arms-answer-to-the-future-of-ai-armv9-architecture


#arm #armv9 #cpu #soc

What the hell is happening with Android One?

Google's once-pivotal program for exceptional yet affordable Android phones seems to be fading — and maybe for good reason.

Not long ago, a low-profile program called Android One looked like it could be just the one-two punch Android needed.

Android One, like lots of Google initiatives, has had a long and winding history with plenty of twists and turns. When Android One first came into the picture in 2014, it was described as an effort to "make high-quality smartphones accessible to as many people as possible." The focus was squarely on bringing affordable phones with exceptional experiences to emerging markets — places like Pakistan and India, where it could be "hard for people" to "get their hands on a high-quality smartphone," as Google put it at the time.

But that was just the start of Google's Android One ambitions. Three years later, in 2017, Google expanded the program with the launch of Android One phones in places like Japan, Taiwan, and eventually the United States. The company changed its description of the effort from that original small-scale focus to the much broader vision of a "collaboration between Google and [its] partners to deliver a software experience designed by Google," with a guarantee of reasonably timely ongoing operating system updates and an experience that'd be free from all the bloat and shenanigans baked into so many Android products.

http://telegra.ph/What-the-hell-is-happening-with-Android-One-03-31-2

via www.computerworld.com

#google #android1 #thinkabout
📡 @nogoolag @blackbox_archiv

Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google

We find that even when minimally configured and the handset is idle both iOS and Google Android share data with Apple/Google on average every 4.5 mins.

‼️ The phone IMEI, hardware serial number, SIM serial number and IMSI, handsetphone number etc are shared with Apple and Google. Both iOS and Google Android transmit telemetry, despite the user explicitly opting out of this.

💡 When a SIM is inserted both iOS and Google Android send details to Apple/Google. iOS sends the MAC addresses of nearby devices, e.g. other handsets and the home gateway, to Apple together with their GPS location. Currently there are few, if any, realistic options for preventing this data sharing.

https://www.scss.tcd.ie/doug.leith/apple_google.pdf

#apple #google #study #telemetry #data #mobilephones #pdf
📡 @nogoolag @blackbox_archiv

If You Care About Privacy, It’s Time to Try a New Web Browser

A new crop of internet browsers from Brave, DuckDuckGo and others offer stronger privacy protections than what you might be used to.

Most of us use web browsers out of habit.

If you surf the web with Microsoft Edge, that may be because you use Windows. If you use Safari, that’s probably because you are an Apple customer. If you are a Chrome user, that could be because you have a Google phone or laptop, or you downloaded the Google browser on your personal device after using it on computers at school or work.

https://www.nytimes.com/2021/03/31/technology/personaltech/online-privacy-private-browsers.html

#online #privacy #browsers #thinkabout
📡 @nogoolag @blackbox_archiv

Tracing Paper

Color printers mark printouts with barely visible codes that are used to track down currency counterfeiters, as well as everyone else.

In 2017, when a National Security Agency (NSA) whistleblower wanted to extract classified government documents from her work computer, she sought refuge in the printed page. Maybe she thought physical paper would be safer from digital surveillance than an email. So she printed the documents at her office and then mailed them to The Intercept, which broke the news with the headline, “Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election” on June 5th, 2017 at 3:44 p.m. eastern time. A few hours later, the US Department of Justice officially announced their arrest of Reality Winner, a former US Air Force officer and NSA contractor.

What happened? The Intercept contacted the NSA on May 30th asking them to verify the documents. But by sending the scanned images that included each page’s wrinkles and folds, as opposed to retyping the information, the journalists shared more than they intended to: they sent the NSA the pale yellow tracking dots that are embedded in every piece of paper that is printed by a color laser printer. The dots form rectangular grids of rows and columns, with each dot’s position corresponding to the value of a date, time, or printer model.

Together, the rows and columns constitute a machine-readable bitmap known as a machine identification code (MIC). MIC grids repeat across the page so that even if only a shred of a page is recovered, the MIC on that shred can still be decoded and traced. While neither the Justice Department’s nor the FBI’s statements about Winner’s arrest mentioned MICs, security experts strongly suggested that they played a role in helping the agencies identify her and, at the very least, corroborated other evidence linking Winner to the leak.

https://logicmag.io/security/tracing-paper/

#tracing #paper #printers #digital #surveillance
📡 @nogoolag @blackbox_archiv

I Now Own the Coinhive Domain. Here's How I'm Fighting Cryptojacking and Doing Good Things with Content Security Policies.

If you've landed on this page because you saw a strange message on a completely different website then followed a link to here, drop a note to the site owner and let them know what happened. If, on the other hand, you're on this page because you're interested in reading about the illicit use of cryptomining on compromised websites and how through fortuitous circumstances, I now own coinhive.com and am doing something useful with it, read on.

You know how people don't like ads? Yeah, me either (at least not the spammy tracky ones that invade both your privacy and your bandwidth), but I also like free content on the web and therein lies the rub; how do content producers monetise their work if they can't put ads on pages? Well naturally, you "Monetize Your Business with Your Users' CPU Power" which was Coinhives's modus operandi. That's a link to the last snapshotted version on archive.org because if you go to coinhive.com today, you'll see nothing. The website is dead. However, it's now owned by me and it's just sitting there doing pretty much nothing other than serving a little bit of JavaScript. I'll come back to that shortly, let's return to the business model of Coinhive:

So, instead of serving ads you put a JavaScript based cryptominer on your victi... sorry - visitors - browsers then whilst they're sitting there reading your content, you're harvesting Monero coin on their machine. They're paying for the CPU cycles to put money into your pocket - ingenious! But there were two massive problems with this and the first one is probably obvious: it's a sleazy business model that (usually unknowingly) exploits people's electricity bills for the personal gain of the site operator. It might only be exploiting them a little bit (how much power can an in-browser JS cryptominer really draw?), but it still feels super shady. The second problem is that due to the anonymous nature of cryptocurrency, every hacker and their dog wanted to put Coinhive on any sites they were able to run their own arbitrary JavaScript on.

https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

#coinhive #cryptojacking
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

TSMC could jack chip prices up by 25% by the end of 2021

We could be paying even more for our CPUs, GPUs, and every other chip made by Taiwan Semiconductor Manufacturing Company (TSMC) if rumors of water price increases are correct.

https://www.tweaktown.com/news/78459/tsmc-could-jack-chip-prices-up-by-25-the-end-of-2021/index.html

#cpu #chip #prices #tsmc

Wi-Fi devices set to become object sensors by 2024 under planned 802.11bf standard

Security and privacy still left to fix, preferably before launch

In three years or so, the Wi-Fi specification is scheduled to get an upgrade that will turn wireless devices into sensors capable of gathering data about the people and objects bathed in their signals.

https://www.theregister.com/2021/03/31/wifi_devices_monitoring

#wifi #bf

Windows 10 AME

Version 20H2 Dated 2021-04-01

The goal of the AME project is to provide a stable and non-intrusive build of Windows 10, without sacrificing usability and Win32 compatibility for the majority of mainstream applications. This includes the avoidance and riddance of privacy infringing automated data collection services, central to Microsoft’s strategy for the Windows 10 operating system.

This page provides a complete step-by-step description of how AME images are mastered based on Windows 10 build 20H2 with minor proceeding updates, defining a complete documentation of this project.

While large portions of this process have been automated using various scripts and Linux command line utilities, a large majority requires manual effort, with many of the steps often producing differing and sometimes non-predictable results from instance to instance, increasing the difficulty of this procedure. As such, sections where abnormal behavior may occur have been appropriately highlighted.

💡 It is also recommended that anyone attempting to reproduce the steps in this guide be moderately versed with Linux and consequently also not afraid of using the command line.

👉🏼 ISO Download:
https://t.me/amereleases/41

💡 Documentation:
https://wiki.ameliorated.info/documentation_20H2

👉🏼 Source Code:
https://git.ameliorated.info/malte/scripts

👀 Join the Discussion:
https://t.me/joinchat/TFCUAzfq6Y-Bl9vG

#ame #windows
📡 @nogoolag 📡 @blackbox_archiv

You Can’t Trust Amazon When It Feels Threatened

Last week, someone behind the @AmazonNews Twitter account took a fistful of pills, washed them down with a handle of Old Grand-Dad, and started tweeting.

They picked fights with Bernie Sanders and Elizabeth Warren. They also argued with Wisconsin’s congressional Representative Mark Pocan.

And while all of this is embarrassing and highly cringey, my problem entirely centers around a single tweet in the midst of the storm that says in part: “You don’t really believe the peeing in bottles thing, do you?”

Wait a second. Are you seriously asking if I believe in something that has been independently reported by multiple reputable media outlets?

Yes. I absolutely do. Most people will.

My problem is not that Amazon told an easily disprovable lie about something on the retail side of their business; that’s relatively minor—and, at any rate, isn’t anywhere close to my area of focus: their cloud division.

The problem is what that teaches us as customers. We should continue to trust Amazon and Amazonians that we encounter in the course of doing businesses. They’re all well-intentioned people working to do right by us, because Customer Obsession matters to them. We should also trust and continue to trust AWS official communications—when the stakes are low.

But what Amazon has just demonstrated for all the world to see is that when they’re facing a significant obstacle, when it matters to them, they’ll toss leadership principles like Earn Trust and Customer Obsession and Are Right, A Lot to the wind and say whatever’s expedient.

https://www.lastweekinaws.com/blog/you-cant-trust-amazon-when-it-feels-threatened/

#amazon #DeleteAmazon #DickPunchBezos
📡 @nogoolag 📡 @blackbox_archiv

How workplace surveillance is entering our homes and driving through our streets

The home is not the only space where workplace surveillance outside the office or factory is becoming more common. For many, work means driving a vehicle, and so installing cameras that monitor behavior there is an obvious step. Once more, AI is being applied to take such surveillance to the next level. One of the biggest rollouts of this approach is by Amazon to its 75,000 delivery vehicles

https://www.privateinternetaccess.com/blog/how-workplace-surveillance-is-entering-our-homes-and-driving-through-our-streets/

💡 http://www.itechgps.com/sites/itechbus/uploads/documents/Netradyne_Presentation.pdf

#workplace #surveillance #ai #amazon #DeleteAmazon #DickPunchBezos #netradyne #pdf #thinkabout
📡 @nogoolag 📡 @blackbox_archiv