Bpftune uses BPF to auto-tune Linux systems
Article, Comments

Garak, LLM Vulnerability Scanner
Article, Comments

Huawei developing SSD-tape hybrid amid US tech restrictions
Article, Comments

Europeans spend 575M hours clicking on cookie banners a year
Article, Comments

A programmable FPGA SoM in the tiny microSD form factor
Article, Comments

OpenStreetMap's New Vector Tiles
Article, Comments

🔕Android 16’s notification cooldown feature will save you from notification spam

Android 16 DP1 finally brings that notification cooldown feature we first spotted in the Android 15 preview!

Here's how the new notification cooldown feature works.

Here's the VPN relationship map

https://embed.kumu.io/9ced55e897e74fd807be51990b26b415#vpn-company-relationships

■■■■■ 📹 Hackers can wirelessly watch your display by HDMI radiation.

Known side-channel attack called TEMPEST (Transient Electromagnetic Pulse Emanation Standard). It involves capturing electromagnetic signals emitted by electronic devices, including HDMI cables, and reconstructing the displayed content.

Key points:

Poorly shielded HDMI cables can emit detectable radiation.

With specialized equipment, attackers can intercept these emissions wirelessly.

Shielded cables and secured environments significantly reduce this risk.

 https://www.pcworld.com/article/2413156/hackers-can-wirelessly-watch-your-screen-via-hdmi-radiation.html

Funded by Microsoft, Google, and Amazon, and with a mission to protect society…

https://freebsdfoundation.org/news-and-events/latest-news/freebsd-foundation-releases-bhyve-and-capsicum-security-audit-funded-by-alpha-omega-project/

“Establish an advisory committee
Ongoing support
The FreeBSD Foundation could help the FreeBSD Project with ongoing security-oriented support, operating as an advisory committee. With its ability to allocate resources outside of the typical product development processes of profit-oriented companies or beyond the inherent limitations of many contributions at the hobbyist level, this committee could build on the outcome presented by this report and push the initiative further. With the general FreeBSD community informed and aware of the importance of the security of the FreeBSD Operating System, the FreeBSD Foundation should be able to keep attracting the means necessary to sustain this effort from its own pool of donors and sponsors.
Guidance and resources
Regardless of its provenance, the advisory committee should provide the FreeBSD Project with an experienced group of developers with a security background. Their role could range from monitoring the state-of-the-art and corresponding security level of the FreeBSD Operating System and project infrastructure to disseminating the knowledge acquired to the FreeBSD developers and general community, including assistance in the auditing or development tasks relevant to the project.”

https://freebsdfoundation.org/wp-content/uploads/2024/11/2024_Code_Audit_Capsicum_Bhyve_FreeBSD_Foundation.pdf#page32

Looking to try Hyprland? Check out this easy guide to get started!

https://itsfoss.com/install-hyprland/

What is benchmarking in Linux? Discover why system performance checks matter.

https://itsfoss.com/benchmark-tools-linux/

Some significant changes arrived with Blender 4.3.

https://news.itsfoss.com/blender-4-3-release/

🔒 Decade-old vulnerabilities in Ubuntu Server’s needrestart package allow local attackers to gain root privileges with no user interaction.

If you’re using Ubuntu Server, these vulnerabilities could give attackers complete control over your system.

Learn more about how these flaws work: https://thehackernews.com/2024/11/decades-old-security-vulnerabilities.html

The ANY.RUN sandbox now lets you automatically detonate the latest multi-stage malware and phishing attacks.

Stages may include email attachments, URLs in QRs, rewritten links, redirects, etc.

See how it works and try it yourself ⬇️ https://thn.news/automated-interactivity-stage-tel

By 2025, Non-human identities (NHIs) will be the prime vector for cyberattacks.

As automation, AI, and IoT grow, so does the attack surface. Attackers exploit NHIs to breach systems before traditional defenses can react.

Discover how NHIDR can proactively detect and stop attacks in their tracks.

Read the full article: https://thehackernews.com/2024/11/nhis-are-future-of-cybersecurity-meet.html

🚨 WATCH OUT! Cybercriminals have unlocked a terrifying new cash-out method, using NFC technology and exploiting Google Pay and Apple Pay to steal funds from your 💳 digital wallet – no phone required.

A new technique called Ghost Tap relays NFC traffic between devices, allowing criminals to cash out in different countries, undetected.

Learn how this attack works: https://thehackernews.com/2024/11/ghost-tap-hackers-exploiting-nfcgate-to.html

notes from the webinar chat, fyi -

Here are a handful critical reports on Signal:

https://blacklistednews.com/article/79127/how-cia-created-signal-messenger.html

https://kitklarenberg.com/p/signal-facing-collapse-after-cia

https://yasha.substack.com/p/signal-is-a-government-op-85e

https://weehingthong.org/2021/01/16/signal-is-a-us-govt-operation-having-been-created-and-fund-by-a-cia-spin-off-is-it-true/

https://city-journal.org/article/signals-katherine-maher-problem

—-
Katherine Maher, head of NPR, is believed by many to be a CIA asset (think Operation Mockingbird). She is also on the board of Signal
—
WhatsApp is owned by Facebook/Meta. Not great
—
There is a service called Optery which deletes your personal data from a lot of data broker sites
—
I would not recommend proton VPN, simply because you have to download the app from Google store.

q. Is Muktivad better than Proton vpn? I definitely found that Proton VPN didn't protect me. I know that the VPN I've used so far haven't worked. Love to learn about the multivad one u recommend


a. In terms of privacy, I'd say yes. But we don't have that many VPN servers yet, honestly. So you can not choose from as many countries with us as with Proton (yet)

https://mullvad.net/en

note: The Proton VPN app can be installed via F-Droid too after some extra hurdles. It has some Anti-features that will hide the app by default.
—
Some apps require Google components to be on the phone, which GrapheneOS does not have by default. These can be added optionally in a sandboxed manner, giving the user control over all permissions. Best to use a separate user profile for this in terms of privacy.Some apps require Google components to be on the phone, which GrapheneOS does not have by default. These can be added optionally in a sandboxed manner, giving the user control over all permissions. Best to use a separate user profile for this in terms of privacy.
—
Using a SIM card to make calls and texts will always make these visible to your carrier.
Learn more here
https://takebackourtech.org/phones-who-can-we-call-on/
—
How about "unplugged" phone? Do their phones have an NSA back door?
—-
https://briarproject.org/
—-
AbovePhone can limit the phone to only use 4G
—-
AbovePhone messaging app (SMS replacement) Cheogram, is primarily for XMPP, yet offers virtual phone number service with JMP.chat too

you get a virtual/internet phone number for $5 / mo.

cheogram.com

https://JMP.chat
—-

Q. It is possible to migrate existing phone numbers into JMP.chat

A. Absolutely
We accept BTC and XMR (and so does JMP.chat
—-
has email, videoconference (Jitsi app), XMP messaging (Cheogram app), OpenStreet map, Freetube, secure applications.