⚡️How Big Tech Plans To Read Your Mind
@takebackourtech

The hunger for data knows no bounds. Your location history, browsing data, and communications aren't enough to satisfy the surveillance economy. Tech companies now seek data from your mind and body.

In our new investigative report, we show how companies like Apple are driving towards the “Internet of Bodies” where humans are connected to the cloud with bio-sensors, sharing their health metrics through wearable & implantable devices.

Read the full article here.

—
✌️ MORE POSTS | 🗯 CHAT GROUP | 📩 NEWSLETTER | XMPP

#signal

https://xcancel.com/kaepora/status/1810989285148971162

If you look at leading scientific publications such as those from PETS, you’ll see that:

- Signal’s “sealed sender security” is broken and bogus (Martiny et al, 2021: https://cs-people.bu.edu/kaptchuk/publications/ndss21.pdf)

- Signal has regressed in terms of deniability: eprint.iacr.org/2024/741 (+upcoming work) - Signal’s group chat benefits from lesser security guarantees: eprint.iacr.org/2017/713.pdf

- Signal’s tying of usernames to phone numbers is a slap in the face for those expecting real pseudonymity from the Signal service and continues to be unaddressed,

- Signal’s desktop client does not detect when a state has been cloned and allows for two independent devices to masquerade and authenticate as the same device,

- Signal’s use of SGX is more opaque than it could be,

But of course, all of the above and more are not something that can be brought up in polite conversation, because Signal’s own leadership has poisoned the discourse with politics and by encouraging an in-group thinking dynamic with regards to Signal.

https://xcancel.com/taviso/status/1897333770644336774

You can now jailbreak your AMD CPU! 🔥We've just released a full microcode toolchain, with source code and tutorials.

https://bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking

The code and tutorials are here if the link doesn't work!

https://github.com/google/security-research/blob/master/pocs/cpus/entrysign/zentool/docs/intro.md

CEO of #CloudFlare once said:

Matthew: Back in 2003, Lee Holloway and I started Project Honey Pot as an open-source project to track online fraud and abuse. The Project allowed anyone with a website to install a piece of code and track hackers and spammers.
We ran it as a hobby and didn't think much about it until, in 2008, the Department of Homeland Security called and said, "Do you have any idea how valuable the data you have is?" That started us thinking about how we could effectively deploy the data from Project Honey Pot, as well as other sources, in order to protect websites online. That turned into the initial impetus for CloudFlare.

(Source)
BBC reporter Zoe Kleinman wrote that Matthew Prince wanted $20,000 for the Honey Pot data. "That check showed up so fast," said Prince. Michelle Zatlyn heard the story from Prince and replied, "If they'll pay for it, other people will pay for it." Soon she and Prince cofounded CloudFlare.
From an article:

Swearing off data collection
But wait, if Cloudflare is directing your website queries, then can't it collect your browsing history for itself? Actually, they're not going to keep that data at all, Prince said.
"At no time will we record the list of where everyone is going online," Prince said. "That's creepy."
Cloudflare is working with third-party auditors at KPMG to examine their systems and guarantee they're not actually collecting your data. That privacy commitment, Prince said, is what separates Cloudflare's 1.1.1.1 from other DNS services that are free and open to the public.
[...]
Cloudflare's promise to keep your data private is impressive, said Heidi Shey, a privacy and security expert at business analyst firm Forrester. "It's a great thing that they're coming out of the gate and being up front about that," Shey said. Still, she added, "You're kind of taking what they're saying at face value."
The company will need to continue to be transparent, showing what the auditors find in their logs, for consumers to continue to trust the service, Shey said.

And more:
https://rl.bloat.cat/r/privacy/comments/d52kop/eli5_why_cloudflare_is_depicted_as_evil_and_whats/f0jrxox/

The Essential #AI Toolkit for #Journalists

List of Huggingface spaces:

- Transcribe audio or video files
- Scrape websites without coding
- Extract information from PDFs, images and handwritten documents
- Extract information from charts

and more.

https://huggingface.co/spaces/JournalistsonHF/ai-toolkit

@cybdetective

A Study on Malicious Browser Extensions in 2025

Browser extensions are additional tools developed by third parties that integrate with web browsers to extend their functionality beyond standard capabilities. However, the browser extension platform is increasingly being ex-ploited by hackers to launch sophisticated cyber threats.

These threats encompass a wide range of malicious activities, including but not limited to phishing, spying,Distributed Denial of Service (DDoS) attacks, email spamming, affil-iate fraud, malvertising, and payment fraud. This paper examines the evolving threat landscape of malicious browser extensions in 2025, focusing on Mozilla Firefox and Chrome.

Our research successfully bypassed security mechanisms of Firefox and Chrome, demonstrating that malicious exten-sions can still be developed, published, and executed within the Mozilla Add-ons Store and Chrome Web Store. These findings highlight the persisting weaknesses in browser’s vet-ting process and security framework.

#Browser

Orange Pi RV2 is a single-board PC with an 8-core #RISCV processor

https://liliputing.com/orange-pi-rv2-is-a-single-board-pc-with-an-8-core-risc-v-processor/

https://www.cnx-software.com/2025/03/08/orange-pi-rv2-low-cost-risc-v-sbc-ky-x1-octa-core-soc-2-tops-ai-accelerator/

#sbc

WARNING - Etcher Sends private information to third parties

Etcher is recommend by many people for burning image files to USB drives for distro testing, but TAILS just removed their recommendation for Etcher based on sharing information with third parties. We will talk about what's going on.

https://www.youtube.com/watch?v=ufDVKQ4C8-0

https://tails.net/news/rufus/index.en.html

#tails #etcher #linux

Stuff a Pi-hole in your router because your browser is about to betray you
Article, Comments

Free AI Detection Remover: How to Remove AI Detection from Essays 2025
https://www.gizchina.com/2025/03/10/free-ai-detection-remover-how-to-remove-ai-detection/

OnePlus Ditches the Alert Slider for a More Customizable Experience
https://www.gizchina.com/2025/03/10/oneplus-ditches-the-alert-slider-for-a-more-customizable-experience/

⚡️ Private Data Culture

Did you know that Germany kicked out Google Street View from their country? Learn how on my latest story for Manova News. We discuss the latest surveillance projects of WiFi networks, location tracking and much more. Plus you’ll get solutions on how to fight back.

If you're concerned about where your data is going, this is a must-read.

Check out the full article here: https://www.manova.news/artikel/private-datenkultur

—
✌️ MORE POSTS | 🗯 CHAT GROUP | 📩 NEWSLETTER | XMPP
Follow 🫶 @takebackourtech

Meizu Reaches 30 Markets in the First Year of Comeback
https://www.gizchina.com/2025/03/10/meizu-reaches-30-markets-in-the-first-year-of-comeback/

#A15 #Unofficial #TD #GSI # VoltageOS #AOSP

Build Date: 2025 03 12
February 2025 Security Patch

VoltageOS 4.2-20250312.103921

Changelog

Add build time to build number (allows multiple builds to be shipped in a day if needed)
Add adjustable QS clock padding to TrebleApp
Add adjustable status bar marginns to TrebleApp
Add ability to force SIM count to TrebleApp (if your device incorrectly reports the wrong number)
Add ability to treat "virtual" fingerprint sensors as real to TrebleApp (will hopefully work non-working FP readers on some devices)
Add ability to toggle on/off MAC address randomization in TrebleApp (enabled by default) - may help with people not getting an IP when connecting to WiFi
Remove Mulch webview (use Voltage default instead)
Remove Aurora Store & F-Droid extensions

Maintainer: Chrisaw
Download

@treblegsis_privacysecure_chat
@treblegsis_privacysecure_channel

#A15 #Unofficial #TD #GSI # VoltageOS #AOSP

Build Date: 2025 03 13
February 2025 Security Patch

VoltageOS 4.2-20250313.005917

Changelog

Add serious warning to "treat virtual sensors as real" about potential to cause bootloops
Fix the "Device is an engineering prototype" warning

Maintainer: Chrisaw
Download

@treblegsis_privacysecure_chat
@treblegsis_privacysecure_channel

#A15 #Unofficial #TD #GSI # VoltageOS #AOSP

Build Date: 2025 03 13
February 2025 Security Patch

VoltageOS 4.2-20250313.120122
Latest

Changelog

Potential fix for broken fingerprint reader detection

Maintainer: Chrisaw
Download

@treblegsis_privacysecure_chat
@treblegsis_privacysecure_channel