https://madaidans-insecurities.github.io/

Security & Privacy Evaluations
Below lies a list of analyses regarding security and privacy-focused topics. The security assessments make no attempt at evaluating security based on the number of former vulnerabilities in a particular program. Instead, criteria involve the software's overall security posture and ease of exploitation. Primarily, the assessments include an analysis of the software's attack surface exposure, as well as the adoption of modern defensive techniques. In particular, they study the deployed exploit mitigations and the extent to which different parts of the software are compartmentalised, as is necessary to reduce the potential harm a successful exploit could produce. Note that these analyses are purely objective and do not account for threat models or other user-dependent factors.

Likewise, the privacy evaluations are focused on meaningful approaches to achieving privacy, rather than incomplete and misguided approaches, as is common elsewhere. It is important to create a clear distinction between privacy and security to avoid conflating the subjects of any particular article.
Security
Android
Firefox and Chromium
Linux
Linux Phones
Privacy
Browser Tracking
Encrypted DNS
Messengers
VPNs
Guides
The articles below are guides dedicated to improving security and privacy.
Security and Privacy Advice
Linux Hardening Guide
About
My name is "madaidan". I'm a security researcher who works on various open source projects, mainly Whonix. My website provides information on security and privacy-related topics — it aims to highlight security issues within popular technology, debunk misinformation and provide free security guidance for everyone.

DisableGoogleAnalytics

https://gitlab.com/adrian.m.miller/disablegoogleanalytics

Attempts To Disable Common Google Analytics And Ads Receivers In All Affected Packages

What it does/How it works:
On 1st run after rebooting after install the module is assuming you want it to disable the listed analytics and ad receivers, so it will:
Wait till boot is completed
Then sleep for 2 minutes
Then test that cpu usage is under 30% before running
It will then disable the analytics and ad receivers as listed below, and log its progress to /sdcard/fixgoogleanalytics.log

Common Analytics And Ad Recievers:
com.google.android.gms.analytics.AnalyticsJobService com.google.android.gms.analytics.CampaignTrackingService com.google.android.gms.measurement.AppMeasurementService com.google.android.gms.measurement.AppMeasurementJobService com.google.android.gms.analytics.AnalyticsReceiver com.google.android.gms.analytics.CampaignTrackingReceiver com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver com.google.android.gms.measurement.AppMeasurementReceiver com.google.android.gms.measurement.AppMeasurementContentProvider com.crashlytics.android.CrashlyticsInitProvider com.google.android.gms.ads.AdActivity com.google.firebase.iid.FirebaseInstanceIdService

Once complete the service.sh script will delete itself
Once that happens any further interaction is purely via the included dga script as a binary in /system/(x)bin

dga takes 2 arguments, disable or enable, though i doubt too many will be looking to enable analytics and ad receivers, unless the disabling has unwanted effects on their system, which is high time to include the usual disclaimer that you run this at your own risk and not even dga enable is garaunteed to undo the changes

Module Installation:
Download from Releases
Install the module via #Magisk app/Fox Magisk Module Manager/MRepo
Reboot

Usage:

After first run optmization has completed, any further interaction is purely via the included dga script as a binary
in /system/(x)bin:

dga takes 2 arguments, disable or enable, though i doubt too many will be looking to enable
analytics and ad receivers, unless the disabling has unwanted effects on their system, which
is high time to include the usual disclaimer that you run this at your own risk and not even
dga enable is garaunteed to undo the changes
Uninstall Note: Uninstalling the module will not reverse the changes, if your intention is to uninstall the module and re-enable the
analytics and ad receivers, please run dga enable first

Tiling Shell
Advanced Window Management for #Linux #gnome desktops

https://extensions.gnome.org/extension/7065/tiling-shell

A GNOME extension for advanced window management. It's highly configurable and offers different ways of tiling and managing your windows. The focus is on delivering the best user experience, highest stability, and full customization.

It also works with multiple monitors (even if they use different scaling), comes with a number of tiling layouts built-in but there is a layout editor to allow you to create and save customs layouts.

Tiling Shell also features the Snap Assistant, borrowed from Windows 11: just move a window to the top with your mouse and the Snap Assistant slides in and you can place the window where you want and how you want.

* Automatic tiling
* Fully customizable keyboard shortcuts to tile, move windows, change focus and more
* You can also move the window to the edge of the screen to tile it
* Right click on the window title to place the window where you want and how you want it
* Coming soon this week, Windows Suggestions: after tiling a window you get suggestions for other windows to fill the remaining tiles
...
There are other features https://github.com/domferr/tilingshell

Tiling Shell supports GNOME Shell 40 to 47 on X11 and Wayland.

What about distributed VPNs?
https://f-droid.org/en/packages/network.mysterium.vpn/ (404)
https://www.mysterium.network/

This is a repost, so that it would appear via NoGoolag.
https://t.me/c/1173753783/1000007

■■■■□ DeepSeek Jailbreak Reveals Its Entire System Prompt.

https://www.darkreading.com/application-security/deepseek-jailbreak-system-prompt

🔗 PSU Comparison Tool (Sabung PSU)

ℹ️ PSU Comparison Tool A.K.A Sabung PSU is a web-based tool designed to compare power supply units (PSUs) based on efficiency, power factor, certification, and other metrics. It provides detailed data sourced from CLEAResult certifications, helping users make informed decisions by evaluating models side by side. The tool highlights key differences and advantages between PSUs, making it valuable for enthusiasts seeking reliable and efficient components for their computer systems.

🔗 Tool / Webpage:
• https://ayra.eu.org/project/sabungpsu

Google Pixel 9 - A Long Term User Review

https://tg.sneed.cc/share/downloaded/youtu_be_a8Xr1hB5SBA.mp4

Anyone try it with GrapheneOS? Seems like it would be better on GOS. But too expensive. Hopefully prices drop like a rock, check Swappa if your in the US.

Are VPNs even safe now Hacker Explains
Duration : 30:20

#Linux #gnome GTK X11 backend deprecated
https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/8060

A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web (MotW) Windows security feature was exploited by Russian hackers as a zero-day since September 2024.

According to Trend Micro researchers, the flaw was used in SmokeLoader malware campaigns targeting the Ukrainian government and private organizations in the country.

The Mark of the Web is a Windows security feature designed to warn users that the file they're about to execute comes from untrusted sources, requesting a confirmation step via an additional prompt. Bypassing MoTW allows malicious files to run on the victim's machine without a warning.

When downloading documents and executables from the web or received as an email attachment, Windows adds a special 'Zone.Id' alternate data stream called the Mark-of-the-Web (MoTW) to the file.

When attempting to open a downloaded file, Windows will check if a MoTW exists and, if so, display additional warnings to the user, asking if they are sure they wish to run the file. Similarly, when opening a document in Word or Excel with a MoTW flag, Microsoft Office will generate additional warnings and turn off macros.

MoTW warnings in Windows
Source: BleepingComputer
As the Mark of the Web security features prevent dangerous files from automatically running, threat actors commonly attempt to find MoTW bypasses so their files automatically run and execute.

For years, cybersecurity researchers requested 7-Zip add support for the Mark of the Web, but it was only in 2022 that support for the feature was finally added.....

https://www.bleepingcomputer.com/news/security/7-zip-motw-bypass-exploited-in-zero-day-attacks-against-ukraine/

Used a PDF in a private group to lure people into...

Tehran, IRNA - An official with Meta Platforms' (META.O) said the Israeli spyware company Paragon Solutions has hacked the popular WhatsApp targeting scores of its users, including journalists and members of civil society.

The official said on Friday "WhatsApp had sent Paragon a cease-and-desist letter following the hack," the official told Reuters on Friday.
In a statement, WhatsApp said the company "will continue to protect people's ability to communicate privately".

The WhatsApp official further told Reuters it had detected an effort to hack approximately 90 users.

The official declined to say who, specifically, was targeted, but he said those targeted were based in more than two dozen countries, including several people in Europe.

He said WhatsApp users were sent malicious electronic documents that required no user interaction to compromise their targets, a so-called zero-click hack that is considered particularly stealthy.

https://en.irna.ir/news/85735967/WhatsApp-hacked-by-Israel-s-spyware-company-Paragon-Meta-says

Qubes-OS has a neat feature where you convert a pdf in a disposable VM to a bitmap which is probably the safest way.
https://blog.invisiblethings.org/2013/02/21/converting-untrusted-pdfs-into-trusted.html
https://github.com/QubesOS/qubes-app-linux-pdf-converter

Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data

Gravy Analytics has been one of the most important companies in the location data industry for years, collating smartphone location data from around the world selling some to the U.S. government. Hackers say they stole a mountain of data.

Hackers claim to have compromised Gravy Analytics, the parent company of Venntel which has sold masses of smartphone location data to the U.S. government.  The hackers said they have stolen a massive amount of data, including customer lists, information on the broader industry, and even location data harvested from smartphones which show peoples’ precise movements, and they are threatening to publish the data publicly.

The news is a crystalizing moment for the location data industry. For years, companies have harvested location information from smartphones, either through ordinary apps or the advertising ecosystem, and then built products based on that data or sold it to others.

In many cases, those customers include the U.S. government, with arms of the military, DHS, the IRS, and FBI using it for various purposes. But collecting that data presents an attractive target to hackers....

https://www.404media.co/hackers-claim-massive-breach-of-location-data-giant-threaten-to-leak-data/

https://www.wired.com/story/gravy-location-data-app-leak-rtb/

Net Switch: Isolate Apps from Internet Access

Net Switch is a Magisk module to isolate apps from accessing the internet on your Android device. This tool gives you complete control over which apps can send or receive data, improving security, privacy, and saving bandwidth.
Fully standalone, Operates fully on iptables.

More info :https://github.com/Rem01Gaming/net-switch

#magisk #firewall #privacy #afwallalterernative

■□□□□ New Attack Technique to Bypassing EDR as Low Privileged Standard User.

https://cybersecuritynews.com/bypassing-edr-as-standard-user/