https://redlib.kittywi.re/r/firefox/comments/74yo19/cliqz_and_mozilla_as_i_understand_it_and_metadrama/
The situation with Cliqz
If anyone has additional information to add, please let me know and I will fit it in.
The experiment Mozilla intends to launch
Mozilla intends to launch a small 'experiment' in Germany, where <1% of new installs for Firefox from Mozilla.org will receive the Cliqz test pilot experiment by default.
Mozilla has a long history with Cliqz, starting with its integration as a Social API provider back in 2013, up until they became a strategic investor in Cliqz in 2016 and later that year launched the test pilot mentioned above.
The strongest concern over this experiment is that users are automatically opted in to something called Human Web, which, while it may conjure up images of mutilation and giant arachnids, means an uncomfortable amount of information is gathered from these users, though it is anonymous.
Cliqz
Cliqz is open source, and privacy focused. Their primary function is as a "quick search engine", which adds suggestions (like any search engine) to the listing that pops out when you interact with the address bar. (They also have a content blocker and full-fledged Firefox fork.)
They have had a security audit performed several times in the last few years (though, notably, their most recent certification is expired by a few months) and have been found compliant.
According to their Privacy policy, the add-on processes your history and bookmarks locally in order to suggest them - since they replaced the URL fly-out I mentioned - but it never at any point transmits this data nor does it register clicks as it does on their suggestions. For the information they do collect (more on that in a sec), they immediately strip IP addresses from their logs (which are sent as a necessary part of how the internet functions), and never record any personal information on their users.
They never make any correlations between information they receive - they do not know if any two interactions are by the same person. Interactions do not have user IDs stored with them, they do not have IPs stored with them, and they do not have linkage to any other interactions. It would be impossible to de-anonymize this data.
In order to populate the suggestions, it, like suggestions from any traditional search engine, sends your keystrokes to their servers. If you click on one of their suggestions, it sends both the query typed as well as the result you clicked on in one packet - allowing them to index X search results in interaction Y - but if you click on one of your bookmarks, your history, or the suggestions by your supplementary search engine (DuckDuckGo, Google, etc), it does not send this interaction. This works essentially the same as any browsers suggestions, just that instead of routing you to their search page (where they all record your interaction - even duckduckgo), they record it and send you directly to the result.
...However...
Read more at the link.
The situation with Cliqz
If anyone has additional information to add, please let me know and I will fit it in.
The experiment Mozilla intends to launch
Mozilla intends to launch a small 'experiment' in Germany, where <1% of new installs for Firefox from Mozilla.org will receive the Cliqz test pilot experiment by default.
Mozilla has a long history with Cliqz, starting with its integration as a Social API provider back in 2013, up until they became a strategic investor in Cliqz in 2016 and later that year launched the test pilot mentioned above.
The strongest concern over this experiment is that users are automatically opted in to something called Human Web, which, while it may conjure up images of mutilation and giant arachnids, means an uncomfortable amount of information is gathered from these users, though it is anonymous.
Cliqz
Cliqz is open source, and privacy focused. Their primary function is as a "quick search engine", which adds suggestions (like any search engine) to the listing that pops out when you interact with the address bar. (They also have a content blocker and full-fledged Firefox fork.)
They have had a security audit performed several times in the last few years (though, notably, their most recent certification is expired by a few months) and have been found compliant.
According to their Privacy policy, the add-on processes your history and bookmarks locally in order to suggest them - since they replaced the URL fly-out I mentioned - but it never at any point transmits this data nor does it register clicks as it does on their suggestions. For the information they do collect (more on that in a sec), they immediately strip IP addresses from their logs (which are sent as a necessary part of how the internet functions), and never record any personal information on their users.
They never make any correlations between information they receive - they do not know if any two interactions are by the same person. Interactions do not have user IDs stored with them, they do not have IPs stored with them, and they do not have linkage to any other interactions. It would be impossible to de-anonymize this data.
In order to populate the suggestions, it, like suggestions from any traditional search engine, sends your keystrokes to their servers. If you click on one of their suggestions, it sends both the query typed as well as the result you clicked on in one packet - allowing them to index X search results in interaction Y - but if you click on one of your bookmarks, your history, or the suggestions by your supplementary search engine (DuckDuckGo, Google, etc), it does not send this interaction. This works essentially the same as any browsers suggestions, just that instead of routing you to their search page (where they all record your interaction - even duckduckgo), they record it and send you directly to the result.
...However...
Read more at the link.
redlib.kittywi.re
Cliqz and Mozilla as I understand it, and meta-drama - r/firefox
View on Redlib, an alternative private front-end to Reddit.
Burda sells search technology with its core team to U.S. browser Brave
Hubert Burda Media has placed its search technology Cliqz (now Tailcat) and relevant development team in the U.S. company Brave Software. As a result, Hubert Burda Media will receive a stake in – and become a partner to – Brave Inc. Like Cliqz, Brave exemplifies the vision of an open Internet, in which users retain full control of their personal data and are not subject to monitoring. Brave has developed the required technology for browsing, Cliqz for searching. The two technologies are now being integrated.
https://www.burda.com/en/news/burda-sells-search-technology-its-core-team-us-bro/
Hubert Burda Media has placed its search technology Cliqz (now Tailcat) and relevant development team in the U.S. company Brave Software. As a result, Hubert Burda Media will receive a stake in – and become a partner to – Brave Inc. Like Cliqz, Brave exemplifies the vision of an open Internet, in which users retain full control of their personal data and are not subject to monitoring. Brave has developed the required technology for browsing, Cliqz for searching. The two technologies are now being integrated.
https://www.burda.com/en/news/burda-sells-search-technology-its-core-team-us-bro/
www.burda.com
Cliqz: Burda sells search technology with its core team to U.S. browser Brave | Burda News
Hubert Burda Media has placed its search technology Cliqz (now Tailcat) and relevant development team in the U.S. company Brave Software.
Forwarded from cKure
■■■■■ World's first CPU-level ransomware can "bypass every freaking traditional technology we have out there" — new firmware-based attacks could usher in new era of unavoidable ransomware.
https://www.tomshardware.com/pc-components/cpus/worlds-first-cpu-level-ransomware-can-bypass-every-freaking-traditional-technology-we-have-out-there-new-firmware-based-attacks-could-usher-in-new-era-of-unavoidable-ransomware
https://www.tomshardware.com/pc-components/cpus/worlds-first-cpu-level-ransomware-can-bypass-every-freaking-traditional-technology-we-have-out-there-new-firmware-based-attacks-could-usher-in-new-era-of-unavoidable-ransomware
Tom's Hardware
World's first CPU-level ransomware can "bypass every freaking traditional technology we have out there" — new firmware-based attacks…
A cybersecurity expert has created a proof of concept for CPU ransomware.
Media is too big
VIEW IN TELEGRAM
How to unlock high speed Wi-Fi on FreeBSD 14
Next month, #FreeBSD 14.3 is due to drop, and with it will come the recent hard work to give laptop users a modern, high speed, Wi-Fi experience.
source (yt)
Next month, #FreeBSD 14.3 is due to drop, and with it will come the recent hard work to give laptop users a modern, high speed, Wi-Fi experience.
source (yt)
https://github.com/MaintainTeam/LastPipeBender
this one is working for me. only temporary archived. still working.
this one is working for me. only temporary archived. still working.
Media is too big
VIEW IN TELEGRAM
The FINAL nail in BwE's coffin: eyewitnesses speak out. Betterwayelectronics is Luan Tahiraj
https://youtu.be/VfL4p8JvZ4s
https://youtu.be/VfL4p8JvZ4s
3️⃣ HTML to PDF Renderer: A tale of local file access and shellcode execution.
https://neodyme.io/en/blog/html_renderer_to_rce/
https://neodyme.io/en/blog/html_renderer_to_rce/
TL;DR
In a recent engagement, we found an HTML to PDF converter API endpoint that allowed us to list local directories and files on a remote server. One of the PDF files we created, revealed that the converter was using a .NET renderer framework based on Chromium 62. With this, we were able to gain remote code execution by porting a Chromium 62 exploit to the particular version of the renderer.
neodyme.io
HTML to PDF Renderer: A tale of local file access and shellcode execution
In a recent engagement, we found an HTML to PDF converter API endpoint that allowed us to list local directories and files on a remote server. One of the PDF files we created, revealed that the converter was using a .NET renderer framework based on Chromium…
Forwarded from ATT • Tech News (sidharth)
Proton threatens to leave Switzerland over new surveillance law
Switzerland's surveillance law, which currently only applies to mobile networks and ISPs, is being considered to be expanded to require social networks, messaging apps, and VPNs to identify and retain user data.
Proton, serving encrypted email and a VPN to over 100 million users, says the amendment could force it to leave Switzerland, threatening privacy and encryption. CEO Andy Yen compares it to Russia's laws, saying it would "hurt Switzerland's ability to compete globally."
Alexis Roussel, co-founder of NymVPN, promised to move if regulation passes. Some Swiss cantons and parties have opposed the changes, as it is a major violation of the right to privacy. Public consultations ended on May 6, with the government’s decision still pending.
🔗 TechRadar
🧑💻 @agamtechtricks
Switzerland's surveillance law, which currently only applies to mobile networks and ISPs, is being considered to be expanded to require social networks, messaging apps, and VPNs to identify and retain user data.
Proton, serving encrypted email and a VPN to over 100 million users, says the amendment could force it to leave Switzerland, threatening privacy and encryption. CEO Andy Yen compares it to Russia's laws, saying it would "hurt Switzerland's ability to compete globally."
Alexis Roussel, co-founder of NymVPN, promised to move if regulation passes. Some Swiss cantons and parties have opposed the changes, as it is a major violation of the right to privacy. Public consultations ended on May 6, with the government’s decision still pending.
🔗 TechRadar
🧑💻 @agamtechtricks
No deleted account found from
52 scanned users from this group 🚫👻Forwarded from Gizchina.com
No 5G, No Problem? Redmi’s New Battery Beast!
https://www.gizchina.com/2025/05/18/redmi-latest-phone-to-feature-6000-mah-battery/
https://www.gizchina.com/2025/05/18/redmi-latest-phone-to-feature-6000-mah-battery/