Forwarded from Hacker News
Krebs on Security
MasterCard DNS Error Went Unnoticed for Years
The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration persisted for…
Forwarded from Hacker News
GitHub
GitHub - slu4coder/Minimal-64x4-Home-Computer: My DIY home computer with VGA and PS/2 and 4x(!) the processing power of a Commodore…
My DIY home computer with VGA and PS/2 and 4x(!) the processing power of a Commodore C64 or Apple II. - slu4coder/Minimal-64x4-Home-Computer
Forwarded from Hacker News
IEEE Spectrum
A Spy Satellite You’ve Never Heard of Helped Win the Cold War
Engineers at the Naval Research Lab launched a spy satellite program called Parcae and revolutionized signals intelligence at the height of the Cold War. The program relied on computers to sift through intelligence data, providing a technological edge at…
Forwarded from Hacker News
f-droid.org
A Look Back at 2024: F-Droid's Progress and What’s Coming in 2025 | F-Droid - Free and Open Source Android App Repository
With 2024 now behind us, we wanted to take a moment to reflect on the growth and achievements we accomplished as a community last year, and celebrate the inc...
Forwarded from Hacker News
GitHub
GitHub - rany2/edge-tts: Use Microsoft Edge's online text-to-speech service from Python WITHOUT needing Microsoft Edge or Windows…
Use Microsoft Edge's online text-to-speech service from Python WITHOUT needing Microsoft Edge or Windows or an API key - rany2/edge-tts
Forwarded from Hacker News
Bert Hubert's writings
Shifting Cyber Norms: Microsoft security POST-ing to you - Bert Hubert's writings
tl;dr: Microsoft and other email security scanners will visit the links in email you transmit, and run the JavaScript in those links, including calls that lead to POSTs going out. This used to be unacceptable, since POSTs have side effects. Yet here we are.…
Forwarded from Libreware
Warning for #Android gapps traitors:
Uninstall the application:
https://play.google.com/store/apps/details?id=com.google.android.safetycore
Be careful on GrapheneOS too if you have Google services installed.
While GrapheneOS will stop it from auto installing, it can nag you about installing it. And it won't tell you what it really is. Nor will most online resources.
https://grapheneos.org/releases
https://discuss.grapheneos.org/d/19193-android-system-safety-core
If you don't have GrapheneOS, it's going to automatically install itself again at some point after uninstalling it.
Locating the App
Go to Settings → Apps (or Apps & Notifications) → Show system apps. Look for “Android System SafetyCore.”
Check whether the app has any special permissions (e.g., internet access).
Uninstalling or Disabling
In many cases, you can uninstall an update or at least disable the app. Check the available options in the app info.
This is client side scanning. It's a way to spy on your device before it's encrypted.
Other information on the topic:
https://www.androidauthority.com/google-messages-nudes-3499420/
https://www.androidauthority.com/android-system-key-verifier-3499353/
Uninstall the application:
Android System SafetyCore, which has been automatically installed on most devices. It is used by Google to scan your data, just like Apple has been doing on iOS, but you have the choice to uninstall it. If you don't have it yet, watch out for it being installed silently over the next few days!https://play.google.com/store/apps/details?id=com.google.android.safetycore
Be careful on GrapheneOS too if you have Google services installed.
While GrapheneOS will stop it from auto installing, it can nag you about installing it. And it won't tell you what it really is. Nor will most online resources.
Sandboxed Google Play compatibility layer: stop Play Store from attempting to auto-install some system component packages, such as "Android System SafetyCore" (com.google.android.safetycore) and "Android System Key Verifier" (com.google.android.contactkeys)
https://grapheneos.org/releases
The phone is asking me to install this app, anyone knows information about if its truly need it or not? Im with the Google Play Services sandbox install
https://discuss.grapheneos.org/d/19193-android-system-safety-core
If you don't have GrapheneOS, it's going to automatically install itself again at some point after uninstalling it.
Locating the App
Go to Settings → Apps (or Apps & Notifications) → Show system apps. Look for “Android System SafetyCore.”
Check whether the app has any special permissions (e.g., internet access).
Uninstalling or Disabling
In many cases, you can uninstall an update or at least disable the app. Check the available options in the app info.
This is client side scanning. It's a way to spy on your device before it's encrypted.
Other information on the topic:
https://www.androidauthority.com/google-messages-nudes-3499420/
https://www.androidauthority.com/android-system-key-verifier-3499353/
Forwarded from Libreware
The functionality provided by Google's new Android System SafetyCore app available through the Play Store is covered here:
https://security.googleblog.com/2024/10/5-new-protections-on-google-messages.html
Neither this app or the Google Messages app using it are part of GrapheneOS and neither will be, but GrapheneOS users can choose to install and use both. Google Messages still works without the new app.
The app doesn't provide client-side scanning used to report things to Google or anyone else. It provides on-device machine learning models usable by applications to classify content as being spam, scams, malware, etc. This allows apps to check content locally without sharing it with a service and mark it with warnings for users.
It's unfortunate that it's not open source and released as part of the Android Open Source Project and the models also aren't open let alone open source. It won't be available to GrapheneOS users unless they go out of the way to install it.
We'd have no problem with having local neural network features for users, but they'd have to be open source. We wouldn't want anything saving state by default. It'd have to be open source to be included as a feature in GrapheneOS though, and none of it has been so it's not included.
Google Messages uses this new app to classify messages as spam, malware, nudity, etc. Nudity detection is an optional feature which blurs media detected as having nudity and makes accessing it require going through a dialog.
Apps have been able to ship local AI models to do classification forever. Most apps do it remotely by sharing content with their servers. Many apps have already have client or server side detection of spam, malware, scams, nudity, etc.
Classifying things like this is not the same as trying to detect illegal content and reporting it to a service. That would greatly violate people's privacy in multiple ways and false positives would still exist. It's not what this is and it's not usable for it.
GrapheneOS has all the standard hardware acceleration support for neural networks but we don't have anything using it. All of the features they've used it for in the Pixel OS are in closed source Google apps. A lot is Pixel exclusive. The features work if people install the apps.
https://xcancel.com/GrapheneOS/status/1888280836426084502
https://security.googleblog.com/2024/10/5-new-protections-on-google-messages.html
Neither this app or the Google Messages app using it are part of GrapheneOS and neither will be, but GrapheneOS users can choose to install and use both. Google Messages still works without the new app.
The app doesn't provide client-side scanning used to report things to Google or anyone else. It provides on-device machine learning models usable by applications to classify content as being spam, scams, malware, etc. This allows apps to check content locally without sharing it with a service and mark it with warnings for users.
It's unfortunate that it's not open source and released as part of the Android Open Source Project and the models also aren't open let alone open source. It won't be available to GrapheneOS users unless they go out of the way to install it.
We'd have no problem with having local neural network features for users, but they'd have to be open source. We wouldn't want anything saving state by default. It'd have to be open source to be included as a feature in GrapheneOS though, and none of it has been so it's not included.
Google Messages uses this new app to classify messages as spam, malware, nudity, etc. Nudity detection is an optional feature which blurs media detected as having nudity and makes accessing it require going through a dialog.
Apps have been able to ship local AI models to do classification forever. Most apps do it remotely by sharing content with their servers. Many apps have already have client or server side detection of spam, malware, scams, nudity, etc.
Classifying things like this is not the same as trying to detect illegal content and reporting it to a service. That would greatly violate people's privacy in multiple ways and false positives would still exist. It's not what this is and it's not usable for it.
GrapheneOS has all the standard hardware acceleration support for neural networks but we don't have anything using it. All of the features they've used it for in the Pixel OS are in closed source Google apps. A lot is Pixel exclusive. The features work if people install the apps.
https://xcancel.com/GrapheneOS/status/1888280836426084502
Google Online Security Blog
5 new protections on Google Messages to help keep you safe
Posted by Jan Jedrzejowicz, Director of Product, Android and Business Communications; Alberto Pastor Nieto, Sr. Product Manager Google Messa...
Forwarded from Libreware
#Systemd Adding The Ability to Boot Directly Into A Disk Image Downloaded Via HTTP
https://www.phoronix.com/news/systemd-disk-image-boot-HTTP
#Linux #backdoor
https://www.phoronix.com/news/systemd-disk-image-boot-HTTP
#Linux #backdoor
Phoronix
Systemd Adding The Ability to Boot Directly Into A Disk Image Downloaded Via HTTP
Systemd lead developer Lennart Poettering has been working on adding the ability to let systemd boot directly into a disk image downloaded via HTTP within the initial RAM disk (initrd) during the Linux boot process.
Forwarded from Libreware
Krita
Free and open source digital painting application. It is for artists who want to create professional work from start to end. Krita is used by comic book artists, illustrators, concept artists, matte and texture painters and in the digital VFX industry.
https://krita.org
https://invent.kde.org/graphics/krita
Download
https://cdn.kde.org/ci-builds/graphics/krita/
#AI plugin
https://kritaaidiffusion.com
#image #editor #paint
Free and open source digital painting application. It is for artists who want to create professional work from start to end. Krita is used by comic book artists, illustrators, concept artists, matte and texture painters and in the digital VFX industry.
https://krita.org
https://invent.kde.org/graphics/krita
Download
https://cdn.kde.org/ci-builds/graphics/krita/
#AI plugin
https://kritaaidiffusion.com
#image #editor #paint
GitLab
Graphics / Krita · GitLab
Krita is a free and open source cross-platform application that offers an end-to-end solution for creating digital art files from scratch built on the KDE and Qt frameworks.
Forwarded from Libreware
kitty
The fast, feature-rich, GPU based #terminal emulator
Uses GPU and SIMD vector CPU instructions for best in class
Uses threaded rendering for absolutely minimal latency
Performance tradeoffs can be tuned
Capable Scriptable Composable Cross-platform Innovative
To get started see Quickstart.
https://sw.kovidgoyal.net/kitty/
With software, such as "Kitty", it is possible to read documents, images and other graphical formats with these software:
https://github.com/dsanson/termpdf.py
http://www.kraxel.org/blog/linux/fbida/
https://github.com/itsjunetime/tdf
It means, that we no longer need GTK+ (which dropped support for X11), Qt and other graphical toolkits in order to have a full operational computer.
The fast, feature-rich, GPU based #terminal emulator
Uses GPU and SIMD vector CPU instructions for best in class
Uses threaded rendering for absolutely minimal latency
Performance tradeoffs can be tuned
Capable Scriptable Composable Cross-platform Innovative
To get started see Quickstart.
https://sw.kovidgoyal.net/kitty/
With software, such as "Kitty", it is possible to read documents, images and other graphical formats with these software:
https://github.com/dsanson/termpdf.py
http://www.kraxel.org/blog/linux/fbida/
https://github.com/itsjunetime/tdf
It means, that we no longer need GTK+ (which dropped support for X11), Qt and other graphical toolkits in order to have a full operational computer.
kitty
If you live in the terminal, kitty is made for YOU! The fast, feature-rich, GPU based terminal emulator. Fast Uses GPU and SIMD vector CPU instructions for best in class performance, Uses threaded ...
Forwarded from Mishaal's Android News Feed
The OnePlus Watch 3 is launching next week!
OnePlus has confirmed its next flagship smartwatch is launching next Tuesday in the U.S., Canada, and Europe.
The OnePlus Watch 3 will have class-leading battery life (up to 120 hours in Smart Mode, up to 16 days in Power Saver Mode) thanks to its large 631mAh Silicon NanoStack battery and Dual-Engine Architecture (Snapdragon W5 chipset for performance plus BES2800 MCU for efficiency).
It'll come in two colors: Emerald Titanium and Obsidian Titanium. It'll have a stainless steel casing, a titanium alloy bezel with PVD coating, and a 2D Sapphire Crystal display.
The OnePlus Watch 2 was my favorite smartwatch of 2024, and it's still the one I wear today. If OnePlus just improves on the formula, then the Watch 3 will probably be my favorite watch of 2025.
OnePlus has confirmed its next flagship smartwatch is launching next Tuesday in the U.S., Canada, and Europe.
The OnePlus Watch 3 will have class-leading battery life (up to 120 hours in Smart Mode, up to 16 days in Power Saver Mode) thanks to its large 631mAh Silicon NanoStack battery and Dual-Engine Architecture (Snapdragon W5 chipset for performance plus BES2800 MCU for efficiency).
It'll come in two colors: Emerald Titanium and Obsidian Titanium. It'll have a stainless steel casing, a titanium alloy bezel with PVD coating, and a 2D Sapphire Crystal display.
The OnePlus Watch 2 was my favorite smartwatch of 2024, and it's still the one I wear today. If OnePlus just improves on the formula, then the Watch 3 will probably be my favorite watch of 2025.
Forwarded from Mishaal's Android News Feed
🗺 This app lets you use Samsung's tracker tags with any Android phone
Tired of poor performance with Google's Find My Device network? The new uTag app by Kieron Quinn lets you use a Galaxy SmartTag with any Android phone.
More details👇
🔗 https://www.androidauthority.com/smarttags-non-samsung-3523131/
Tired of poor performance with Google's Find My Device network? The new uTag app by Kieron Quinn lets you use a Galaxy SmartTag with any Android phone.
More details👇
🔗 https://www.androidauthority.com/smarttags-non-samsung-3523131/
Android Authority
This app lets you use Samsung's tracker tags with any Android phone
A new app called uTag lets you use Samsung SmartTags with any Android device. Here's how it works and how to get it.