Forwarded from NoGoolag
g.co, Google's official URL shortcut, is compromised
(update: or Google Workspace's domain verification, see bottom) People are actively having their Google accounts stolen.
https://gist.github.com/zachlatta/f86317493654b550c689dc6509973aa4
Comments
(update: or Google Workspace's domain verification, see bottom) People are actively having their Google accounts stolen.
https://gist.github.com/zachlatta/f86317493654b550c689dc6509973aa4
Comments
Gist
almost_pwned.md
GitHub Gist: instantly share code, notes, and snippets.
Forwarded from NoGoolag
#Android #web #browsers
Ungoogled Chromium (forked from cromite) with Bromite patches and additional codecs
https://github.com/macchrome/droidchrome/releases
https://chromium.woolyss.com/#android
Cromite is another example of ungoogled chromium without the extra codecs from the above link, but cromite includes more patches as noted at github.
https://github.com/uazo/cromite
Fdroid repo
For an Android Firefox based browser, use IronFox
https://gitlab.com/ironfox-oss/IronFox/-/releases
Fdroid repo
These can be added to Obtainium to download the latest release when they are available
https://github.com/ImranR98/Obtainium
Ungoogled Chromium (forked from cromite) with Bromite patches and additional codecs
https://github.com/macchrome/droidchrome/releases
https://chromium.woolyss.com/#android
Cromite is another example of ungoogled chromium without the extra codecs from the above link, but cromite includes more patches as noted at github.
https://github.com/uazo/cromite
Fdroid repo
https://www.cromite.org/fdroid/repo?fingerprint=49f37e74dee483dca2b991334fb5a0200787430d0b5f9a783dd5f13695e9517bFor an Android Firefox based browser, use IronFox
https://gitlab.com/ironfox-oss/IronFox/-/releases
Fdroid repo
https://fdroid.ironfoxoss.org/fdroid/repo?fingerprint=c5e291b5a571f9c8cd9a9799c2c94e02ec9703948893f2ca756d67b94204f904These can be added to Obtainium to download the latest release when they are available
https://github.com/ImranR98/Obtainium
GitHub
Releases · macchrome/droidchrome
Contribute to macchrome/droidchrome development by creating an account on GitHub.
Forwarded from NoGoolag
#Linux devices have a unique identifier called machine-id. Here is how to change it.
Posted on February 24, 2021
What is a machine-id, and why should you randomize it? From the machine-id man pages, it is defined as:
In an effort to promote privacy, having a unique and unchanging identifier tied to your device seems like the wrong approach. It’s quite possible that poorly coded or even maliciously coded software could fetch this ID from your system. Let’s make sure that even if that does happen, that the value is constantly changing so that your device can not be uniquely identified as your device.
This is an incredibly simple and quick adjustment to your default Linux system. What we’re doing is showing you how to either adjust this value manually by hand, or by running a cronjob to change this value every minute with a new, randomized value.
Before we begin, a disclaimer: We’ve tested this on our own work desktops and development environments and I’ve tested it on my daily driver desktop. We have not found that anything has ‘broken’ because of this, but this is untested in many environments and may not be suitable for your use. It’s always reversible if you later wish to continue with a single, uniquely identifying ID attached to your device(s).
Debian / Ubuntu systems
To check your machine-id, open up your terminal and enter the following:
The output should look a little something like this:
You’ll note that this value is also stored in /var/lib/dbus/machine-id and that a symlink between the two exist. Any change to one file, will be reflected in the other.
If you reboot your device, you’ll notice that this value remains unchanged. So, let’s change it ourselves!
Method 1: Manually.
Method 2 is automatically, every minute, as ran by a cron-job. If you don’t want to fully commit to that, you can change your machine-id by hand manually whenever you feel like it.
Step 1, remove the old machine-id file.
Step 2, recreate the machine-id file.
Step 3, confirm that /etc/machine-id (and /var/lib/dbus/machine-id) now show a new value, different from the original.
That’s it! You should see two lines in your output with matching IDs that differ from the original machine-id you had in the beginning.
You’ve changed your device’s uniquely identifying machine-id. This change will survive device reboots and will remain the same until you create a new one.
Method 2: Changing every 1 minute, automatically.
If the above didn’t satisfy your needs, than feel free to automate the creation of a new machine-id by creating a cronjob entry that will generate a new ID every minute.
Step 1, open up your crontab file.
Step 2, enter at the bottom of the file the following:
Save and Exit.
Step 3, wait a minute and confirm that your machine-id value has changed:
You should see two new matching values, that differs from the original value you had at the start. Wait a minute and run the step 3 command again, and you’ll see that these values have changed.
Posted on February 24, 2021
What is a machine-id, and why should you randomize it? From the machine-id man pages, it is defined as:
This ID uniquely identifies the host. It should be considered “confidential”, and must not be exposed in untrusted environments, in particular on the network. If a stable unique identifier that is tied to the machine is needed for some application, the machine ID or any part of it must not be used directly.
https://www.man7.org/linux/man-pages/man5/machine-id.5.html
In an effort to promote privacy, having a unique and unchanging identifier tied to your device seems like the wrong approach. It’s quite possible that poorly coded or even maliciously coded software could fetch this ID from your system. Let’s make sure that even if that does happen, that the value is constantly changing so that your device can not be uniquely identified as your device.
This is an incredibly simple and quick adjustment to your default Linux system. What we’re doing is showing you how to either adjust this value manually by hand, or by running a cronjob to change this value every minute with a new, randomized value.
Before we begin, a disclaimer: We’ve tested this on our own work desktops and development environments and I’ve tested it on my daily driver desktop. We have not found that anything has ‘broken’ because of this, but this is untested in many environments and may not be suitable for your use. It’s always reversible if you later wish to continue with a single, uniquely identifying ID attached to your device(s).
Debian / Ubuntu systems
To check your machine-id, open up your terminal and enter the following:
cat /etc/machine-id The output should look a little something like this:
a9976154f0084a3782892638656ad9fd You’ll note that this value is also stored in /var/lib/dbus/machine-id and that a symlink between the two exist. Any change to one file, will be reflected in the other.
me@virtbox-testing:~$ cat /etc/machine-id a9976154f0084a3782892638656ad9fd me@virtbox-testing:~$ cat /var/lib/dbus/machine-id a9976154f0084a3782892638656ad9fd If you reboot your device, you’ll notice that this value remains unchanged. So, let’s change it ourselves!
Method 1: Manually.
Method 2 is automatically, every minute, as ran by a cron-job. If you don’t want to fully commit to that, you can change your machine-id by hand manually whenever you feel like it.
Step 1, remove the old machine-id file.
sudo rm /etc/machine-id Step 2, recreate the machine-id file.
sudo systemd-machine-id-setup Step 3, confirm that /etc/machine-id (and /var/lib/dbus/machine-id) now show a new value, different from the original.
cat /etc/machine-id && cat /var/lib/dbus/machine-id That’s it! You should see two lines in your output with matching IDs that differ from the original machine-id you had in the beginning.
me@virtbox-testing:~$ cat /etc/machine-id && cat /var/lib/dbus/machine-id a78badce3e73beced163bbef7e55232a a78badce3e73beced163bbef7e55232a You’ve changed your device’s uniquely identifying machine-id. This change will survive device reboots and will remain the same until you create a new one.
Method 2: Changing every 1 minute, automatically.
If the above didn’t satisfy your needs, than feel free to automate the creation of a new machine-id by creating a cronjob entry that will generate a new ID every minute.
Step 1, open up your crontab file.
sudo crontab -e Step 2, enter at the bottom of the file the following:
*/1 * * * * sudo rm /etc/machine-id && sudo systemd-machine-id-setup Save and Exit.
Step 3, wait a minute and confirm that your machine-id value has changed:
cat /etc/machine-id && cat /var/lib/dbus/machine-id You should see two new matching values, that differs from the original value you had at the start. Wait a minute and run the step 3 command again, and you’ll see that these values have changed.
Forwarded from NoGoolag
You’ll see that the command, when ran a minute or more apart, will produce new values now.
In closing
Uniquely identifying ID’s are rarely a good thing when you take privacy into consideration, and although these items have their purpose in limited use cases it doesn’t appear that generating a new unique ID every minute has any downsides.
What do you think? Is this a pointless privacy practice or a needed, but often overlooked part in maintaining privacy in the modern age? Let us know in the comments below.
Additional Thoughts
After publishing this article, we received some feedback that I’d like to touch base on here.
Testing the high privacy, pro-anonymity Tails-OS shows that you receive a new machine-id after every reboot. Props to Tails-OS!
Testing the privacy and anonymity promoting Whonix-OS shows that they do not issue a new machine-ID after every reboot.
A commenter on a [RAMBLE] post mentions that MXLinux does not use systemd, and thus does not use a machine-id.
Here is a list of Linux operating systems that do not use systemd. (And will not have a machine-id)
Yes, there are other uniquely identifying aspects on all systems. From device serial numbers to MAC addresses. The purpose of this post was to discuss a lesser discussed unique identifer: machine-id.
me@virtbox-testing:~$ cat /etc/machine-id && cat /var/lib/dbus/machine-id b722903d87994e24b6378289262c3021 b722903d87994e24b6378289262c3021 me@virtbox-testing:~$ cat /etc/machine-id && cat /var/lib/dbus/machine-id 4352c41ad7fb4a05a54b0942c5c27cb0 4352c41ad7fb4a05a54b0942c5c27cb0 In closing
Uniquely identifying ID’s are rarely a good thing when you take privacy into consideration, and although these items have their purpose in limited use cases it doesn’t appear that generating a new unique ID every minute has any downsides.
What do you think? Is this a pointless privacy practice or a needed, but often overlooked part in maintaining privacy in the modern age? Let us know in the comments below.
Additional Thoughts
After publishing this article, we received some feedback that I’d like to touch base on here.
Testing the high privacy, pro-anonymity Tails-OS shows that you receive a new machine-id after every reboot. Props to Tails-OS!
Testing the privacy and anonymity promoting Whonix-OS shows that they do not issue a new machine-ID after every reboot.
A commenter on a [RAMBLE] post mentions that MXLinux does not use systemd, and thus does not use a machine-id.
Here is a list of Linux operating systems that do not use systemd. (And will not have a machine-id)
Yes, there are other uniquely identifying aspects on all systems. From device serial numbers to MAC addresses. The purpose of this post was to discuss a lesser discussed unique identifer: machine-id.
Forwarded from NoGoolag
Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025
https://www.bleepingcomputer.com/news/security/hackers-get-886-250-for-49-zero-days-at-pwn2own-automotive-2025/
https://samcurry.net/hacking-subaru
Comments
#cars
https://www.bleepingcomputer.com/news/security/hackers-get-886-250-for-49-zero-days-at-pwn2own-automotive-2025/
https://samcurry.net/hacking-subaru
Comments
#cars
BleepingComputer
Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025
The Pwn2Own Automotive 2025 hacking contest has ended with security researchers collecting $886,250 after exploiting 49 zero-days.
Forwarded from NoGoolag
DeepSeek officially announces another open-source AI model, Janus-Pro-7B.
This model generates images and beats OpenAI's DALL-E 3 and Stable Diffusion across multiple benchmarks. 🔗
This model generates images and beats OpenAI's DALL-E 3 and Stable Diffusion across multiple benchmarks. 🔗
Forwarded from NoGoolag
This media is not supported in your browser
VIEW IN TELEGRAM
Delete OpenAI now, DeeCCPseek is the final solution to AI
Forwarded from NoGoolag
JUST IN - Chinese DeepSeek AI temporarily limits new user registrations due to "large-scale malicious attacks" on its services.
Meanwhile, NVIDIA's share price is dropping like a stone. Last down over 16%.
@disclosetv
Meanwhile, NVIDIA's share price is dropping like a stone. Last down over 16%.
@disclosetv