privacy
- 3D-Printed USB Dead Man Switch (Prototype Demo)www.buskill.in 3D-Printable BusKill Prototype Demo - BusKill
Demo of our DIY USB Dead Man Switch (prototype) with a 3D-Printable Case triggering a lockscreen when the kill-cord's connection is severed.
Today we're ecstatic to publish our first demo showing a homemade BusKill Cable (in the prototype 3D-printed case) triggering a lockscreen.
| [!3D-Printed USB Dead Man Switch (Prototype Demo)](https://www.buskill.in/3d-print-2024-05/) | |:--:| | Watch the 3D-Printed USB Dead Man Switch (Prototype Demo) for more info youtube.com/v/vFTQatw94VU |
In our last update, I showed a video demo where I successfully triggered a lockscreen using a BusKill prototype without the 3D-printed body for the case and N35 disc magnets. I realized that the N35 disc magnets were not strong enough. In this update, I show a demo with the prototype built inside a 3D-printed case and with (stronger) N42 and N52 cube magnets.
What is BusKill?
BusKill is a laptop kill-cord. It's a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.
| [!What is BusKill? (Explainer Video)](https://www.buskill.in/#demo) | |:--:| | Watch the BusKill Explainer Video for more info youtube.com/v/qPwyoD_cQR4 |
If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys -- thus keeping your encrypted data safe from thieves that steal your device.
Why?
While we do what we can to allow at-risk folks to purchase BusKill cables anonymously, there is always the risk of interdiction.
We don't consider hologram stickers or tamper-evident tape/crisps/glitter to be sufficient solutions to supply-chain security. Rather, the solution to these attacks is to build open-source, easily inspectable hardware whose integrity can be validated without damaging the device and without sophisticated technology.
Actually, the best way to confirm the integrity of your hardware is to build it yourself. Fortunately, BusKill doesn't have any circuit boards, microcontrollers, or silicon; it's trivial to print your own BusKill cable -- which is essentially a USB extension cable with a magnetic breakaway in the middle
Mitigating interdiction via 3D printing is one of many reasons that Melanie Allen has been diligently working on prototyping a 3D-printable BusKill cable this year. In this article, we hope to showcase her progress and provide you with some OpenSCAD and
.stl
files you can use to build your own version of the prototype, if you want to help us test and improve the design.Print BusKill
[!Photo of the 3D-Printed BusKill Prototype](https://www.buskill.in/3d-print-2024-05/)
If you'd like to reproduce our experiment and print your own BusKill cable prototype, you can download the stl files and read our instructions here:
Iterate with us!
If you have access to a 3D Printer, you have basic EE experience, or you'd like to help us test our 3D printable BusKill prototype, please let us know. The whole is greater than the sum of its parts, and we're eager to finish-off this 3D printable BusKill prototype to help make this security-critical tool accessible to more people world-wide!
- Automattic buys Beeper for $125MM, launches closed-source "privacy" apptechcrunch.com WordPress.com owner Automattic acquires multiservice messaging app Beeper for $125M | TechCrunch
The deal, which was for $125 million according to sources close to the matter, is Automattic's second acquisition of a cross-platform messaging solution.
Curious how none of the coverage of this purchase mention that the app isn't open-source, which makes all of their claims of "end-to-end encryption" worthless
WordPress.com owner Automattic acquires multiservice messaging app Beeper for $125M
By Sarah Perez (@sarahpereztc) 2024-04-09
WordPress.com owner Automattic is acquiring Beeper, the company behind the iMessage-on-Android solution that was referenced by the Department of Justice in its antitrust lawsuit against Apple. The deal, which was for \$125 million according to sources close to the matter, is Automattic's second acquisition of a cross-platform messaging solution after buying Texts.com last October.
| [!Screenshot of the Beeper app](https://techcrunch.com/2024/04/09/wordpress-com-owner-automattic-acquires-multi-service-messaging-app-beeper-for-125m/) | |:--:| | Image Credits: Beepercaption |
That acquisition made Texts.com founder Kishan Bagaria Automattic's new head of Messaging, a role that will now be held by Beeper founder Eric Migicovsky, previously the founder of the Pebble smartwatch and a Y Combinator partner.
Reached for comment, Automattic said it has started the process of onboarding the Beeper team and is "excited about the progress made" so far but couldn't yet share more about its organizational updates, or what Bagaria's new title would be. However, we're told he is staying to work on Beeper as well.
| [!Screenshot of the Beeper app](https://techcrunch.com/2024/04/09/wordpress-com-owner-automattic-acquires-multi-service-messaging-app-beeper-for-125m/) | |:--:| | Image Credits: Beepercaption |
Beeper and Texts.com's teams of 25 and 15, respectively, will join together to take the best of each company's product and merge it into one platform, according to Migicovsky.
"\[Texts.com\] built an amazing app that's more desktop-centric and iOS-centric," he said. "So we'll be folding the best parts of those into our app. But going forward, the Beeper brand will apply to all of the messaging efforts at Automattic," he said, adding, "Kishan ... I've known him for years now --- there's not too many other people in the world that are doing what we do --- and it was great to be able to combine forces with them."
The deal, which closed on April 1, represents a big bet from Automattic: that the future of messaging will be open source and will work across services, instead of being tied up in proprietary platforms, like Meta's WhatsApp or Apple's iMessage. In fact, Migicovsky says, the eventual plan after shifting people to the Beeper cross-platform app for managing their messages is to move them to Beeper's own chat protocol --- an open source protocol called Matrix --- under the hood.
| [!Screenshot of the Beeper app](https://techcrunch.com/2024/04/09/wordpress-com-owner-automattic-acquires-multi-service-messaging-app-beeper-for-125m/) | |:--:| | Image Credits: Beepercaption |
Automattic had previously made a strategic investment of \$4.6 million), another company building on Matrix, and it contributes annually to Matrix.org.
Matrix, a sort of "spiritual successor" to XMPP, as Migicovsky describes it, offers an open source, end-to-end encrypted client and server communications system, where servers can federate with one another, similar to open source Twitter/X alternative Mastodon. However, instead of focusing on social networking, like Mastodon, it focuses on messaging.
Migicovsky said the acquisition came about because running Beeper costs quite a bit of money and it was either time to raise more funding or find a buyer. To date, Beeper had raised \$16 million in outside funding, including an \$8 million Series A from Initialized. Other investors include YC, Samsung Next and Liquid2 Ventures, and angels Garry Tan, Kevin Mahaffey and Niv Dror, and the group SV Angel.
"I've known Matt \[Mullenweg, Automattic founder and CEO\] for years now," Migicovsky said, adding that the WordPress.com founder had shown commitment to open source technology, like Beeper, where about half its product is already open source. "We were looking to find a partner that could financially support this. One of the reasons why there are no other people building this type of app is it costs a surprisingly large amount of money to build a damn good chat app," Migicovsky noted.
As for Beeper's products, the company has now briefed the DOJ on what happened when Apple blocked its newer app, Beeper Mini, which aimed to bring iMessage to Android. That solution is no longer being updated as a result of Apple's moves.
| [!Screenshot of the Beeper website](https://techcrunch.com/2024/04/09/wordpress-com-owner-automattic-acquires-multi-service-messaging-app-beeper-for-125m/) | |:--:| | Image Credits: Beepercaption |
Beeper on Android launches to all
The company is instead releasing an updated version of its core app, Beeper, on Android. Unlike Beeper Mini, which focuses only on iMessage, the main app connects with 14 services, including Messenger, WhatsApp, Telegram, Signal, Instagram DM, LinkedIn, Twitter/X, Discord, Google Messages and others. Android is its biggest platform by users, as 70% are on Google's smartphone OS.
In this rewritten version of Beeper, the company is starting to roll out fully end-to-end encrypted messages across Signal. That will be soon followed by WhatsApp, Messenger and Google Messages.
Because of Apple's restrictions, iMessage only works if you have an iPhone in the mix, Migicovsky says, and will not be a focus for Beeper, given the complications it saw with Apple's shutdown of Beeper Mini. However, Beeper is hopeful regulations could change things, pointing to the DOJ lawsuit and FCC investigation. In the meantime, Beeper supports RCS, which solves iMessage to Android problems like low-res images and videos, lack of typing indicators and encryption.
With the launch out of beta, the new app includes a new icon, updated design, instant chat opens and sends, the ability to add and modify chat networks directly on Android (no desktop app needed), local caching of all chats on the device and full message search.
The 10,000 Android beta testers already on Beeper will need to download the new app manually from Google Play --- it won't automatically update.
| [!Screenshot of the Beeper website](https://techcrunch.com/2024/04/09/wordpress-com-owner-automattic-acquires-multi-service-messaging-app-beeper-for-125m/) | |:--:| | Image Credits: Beepercaption |
In addition, the 466,000 or so people on Beeper's waitlist will now be able to try the product. They'll join over 115,000 users who have already downloaded the app, which is now used by tens of thousands daily. The app runs on Android, iPhone, iPad, ChromeOS, macOS, Windows and Linux.
The team expects to have feature parity across platforms in a matter of months as they overhaul the iOS and desktop apps.
In time, they plan to add other services to Beeper as well, including Google Voice, Snapchat and Microsoft Teams. Beeper also offers a widget API so developers can build on top of Beeper. Plus, since Matrix is an open standard, developers will be able to build alternative clients for Beeper, as well.
The app will generate revenue via a premium subscription, where the final price may be a couple of dollars per month, but pricing decisions haven't yet been fully nailed down. Beeper is currently free to use.
Like Automattic, Beeper's team is remotely distributed, with employees in Brazil, the U.K., Germany and the U.S. At present, Texts.com will continue to operate as the teams begin to integrate the two messaging apps.
- Secure Operating Systems (Microkernels seems to be the future)
cross-posted from: https://sh.itjust.works/post/17506000
> I am not satisfied with Linux's security and have been researching alternative open source OS for privacy and security > So far only thing that's ready to use is GrapheneOS (Based on Android) but that's not available on desktop (Though when Android release Desktop mode it may become viable) > >Qubes OS is wrapper around underlying operating systems, so it doesn’t really fix for example Linux’s security holes it just kinda sandbox/virtualize them > > OpenBSD is more secure than Linux on a base level but lack mitigations and patches that are added to linux overtime and it's security practices while good for it's time is outdated now > > RedoxOS (Written in Rust) got some nice ideas but sticks to same outdated practices and doesn't break the wheel too much, and security doesn't seems to be main focus of OS > > Haiku and Serenity are outright worse than Linux, especially Haiku as it's single user only > > Serenity adopted Pledge and Unveil from OpenBSD but otherwise lacks basic security features > > All new security paradigms seems to be happening in microkernels and these are the ones that caught my eyes > > None of these are ready to be used as daily driver OS but in future (hopefully) it may change > > Genode seems to be far ahead of game than everything else > > Ironclad Written in ADA > > Atmosphere And Mesosphere Open Source Re-implementation of Nintendo Switch's Horizon OS, I didn't expected this to be security-oriented but seems like Nintendo has done a very solid job > > Then there are Managarm, HelenOS, Theseus but I couldn't figure out how secure they are > > Finally there is Kicksecure from creators of Whonix, Kicksecure is a linux distro that plans to fix Linux's security problems > > if you know of any other OS please share it here
- Telegram’s peer-to-peer SMS login service is a privacy nightmaretechcrunch.com Telegram’s peer-to-peer SMS login service is a privacy nightmare | TechCrunch
Telegram has introduced new feature that grants users a free premium sub in exchange for utilizing their phone number as a relay for OTPs.
- Twitter front-end Nitter dies as Musk wins war against third-party servicesarstechnica.com Twitter front-end Nitter dies as Musk wins war against third-party services
Musk's changes kill service that let you view tweets without going to Twitter.
- Skiff is shutting down
> As we begin to shift focus to our shared efforts with Notion, we will be closing down Skiff's product suite after a 6-month sunset period
- Your Slack DMs aren’t as private as you think - Voxwww.vox.com Your Slack DMs aren’t as private as you think
How your employer (and others) can get your Slack messages.
- U.S., Dozens of Rogue California Police Agencies Still Sharing Driver Locations with Anti-Abortion Stateswww.eff.org Dozens of Rogue California Police Agencies Still Sharing Driver Locations with Anti-Abortion States
California Attorney General Rob Bonta should crack down on police agencies that still violate Californians’ privacy by sharing automated license plate reader information with out-of-state government agencies, putting abortion seekers and providers at particular risk, the Electronic Frontier Foundati...
The EFF and ACLU letter lists 35 specific police agencies which either have informed the civil liberties organizations that they plan to keep sharing ALPR information with out-of-state law enforcement, or have failed to confirm their compliance with the law in response to inquiries by the organizations.
“We urge your office to explore all potential avenues to ensure that state and local law enforcement agencies immediately comply,” the letter said. “We are deeply concerned that the information could be shared with agencies that do not respect California’s commitment to civil rights and liberties and are not covered by California’s privacy protections.”
- FBI Overstepped Authority in Warrantless Search of Hundreds of Safe Deposit Boxes, Court Rulestheintercept.com FBI Overstepped Authority in Warrantless Search of Hundreds of Safe Deposit Boxes, Court Rules
The 9th Circuit compared the FBI searches to the “abuses of power” that “led to adoption of the Fourth Amendment in the first place.”
- Murena (the /e/ Foundation brand) introduces Murena Mobile - a privacy-focused mobile plan
they're not mentioning how exactly is it privacy focused, sadly. still, perhaps worth looking into.
- I am just curious how zero-width unicode is displayed on Lemmy posts. ("stenography")
Curtains forcing their will against the wind, children sleep, exchanging dreams with seraphim. The city drags itself awake on subway straps; and I, an alarm, awake as a rumor of war, lie stretching into dawn, unasked and unheeded.
- Riot Games Now Requires Kernel-Level Anti-Cheat Software for League of Legends, Following Valorant's Implementationtuta.com Riot Requires Kernel Level Anti-Cheat Software
League of Legends and Valorant Players Being Forced to Run Closed Source Low-Level Software.
cross-posted from: https://lemmy.world/post/10958052
> Vanguard, the controversial anti-cheat software initially attached to Valorant, is now also coming to League of Legends. > > Summary: > > The article discusses Riot Games' requirement for players to install their Vanguard anti-cheat software, which runs at the kernel level, in order to play their games such as League of Legends and Valorant. The software aims to combat cheating by scanning for known vulnerabilities and blocking them, as well as monitoring for suspicious activity while the game is being played. However, the use of kernel-level software raises concerns about privacy and security, as it grants the company complete access to users' devices. > > The article highlights that Riot Games is owned by Tencent, a Chinese tech giant that has been involved in censorship and surveillance activities in China. This raises concerns that Vanguard could potentially be used for similar purposes, such as monitoring players' activity and restricting free speech in-game. > > Ultimately, the decision to install Vanguard rests with players, but the article urges caution and encourages players to consider the potential risks and implications before doing so.
- Maker Naomi Wu is Silenced by Chinese Authorities (And Why I Blame Elon Musk)skepchick.org Maker Naomi Wu is Silenced by Chinese Authorities (And Why I Blame Elon Musk)
There’s a really disturbing situation happening in China that I think it’s important everyone know about as soon as possible. The very talented maker Naomi Wu, aka Sexy Cyborg, has revealed that Ch…
- FTC bans X-Mode from selling phone location data, and orders firm to delete collected datatechcrunch.com FTC bans X-Mode from selling phone location data, and orders firm to delete collected data | TechCrunch
The first of its kind settlement prohibits X-Mode, now known as Outlogic, from sharing and selling users' sensitive information to others.
- LAPD wants to remotely access 10,000 public and private security camerasboingboing.net LAPD wants to remotely access 10,000 public and private security cameras
LAPD is about to reveal a new tool for surveillance termed LAPD live. Following the approval of next year's budget, LAPD will be able to remotely access live footage from…
- Google settles $5 billion privacy lawsuit over tracking people using 'incognito mode'apnews.com Google settles $5 billion privacy lawsuit over tracking people using 'incognito mode'
Google agreed to settle a $5 billion privacy lawsuit alleging it spied on users who used the “incognito" mode in its Chrome browser to track internet use.
- A year of surveillance in France: a short satirical tale by La Quadrature du Netvideo.lqdn.fr A year of surveillance in France: a short satirical tale by La Quadrature du Net
Fighting against surveillance has never been easy. But in the past year it has been specially tough in France. This talk is about shedding light on the many situations where the French State used surveillance to increase repression, mainly against activists, during the last months. Not to despair of...
Fighting against surveillance has never been easy. But in the past year it has been specially tough in France. This talk is about shedding light on the many situations where the French State used surveillance to increase repression, mainly against activists, during the last months. Not to despair of this, but willing to provide a sincere overview to the rest of the world, La Quadrature du Net proposes to depict this situation as a satirical tale, with its own characters, plots and suspense. We want to show the political tension going on right now in France and how the checks and balances are lacking to stop this headlong rush to a surveillance state.
Looking back to France in 2023, what do we see? Implementation of new technologies such as drones, DNA marking or new generation of spywares. Also, an intensification of political surveillance, either by law enforcement deploying disproportionate means of investigations towards environmental activists or intelligence services using cameras or GPS beacons to spy on places or people that they find too radical. It was also the year of the “8 December” case, a judicial case where among other things, encrypted communications of the prosecuted persons were considered as signs of "clandestinity" that reveal criminal intentions.
On top of this, we also had to deal with the legalization of biometric surveillance for the Olympics and massive censorship of social networks when riots erupted in suburbs against police violence.
This talk is about showing the reality of the situation at stake right now in France, and how it could influence the rest of Europe. At the end, we hope to raise awareness in the international community and start thinking about how, together, we can put pressure on a country who uses its old reputation to pretend to be respectful of human rights.
Source: https://media.ccc.de/v/37c3-12309-a_year_of_surveillance_in_france_a_short_satirical_tale_by_la_quadrature_du_net
French version: https://video.lqdn.fr/w/rXmBKD6NcfxWxJEPHUZc4Z
German version: https://video.lqdn.fr/w/315ZAQFMTMG7wqiMDdGvsi
- Indian journalists targeted by Israeli spyware again: What do we know?www.aljazeera.com Indian journalists targeted by Israeli spyware again: What do we know?
A forensic investigation reveals that the Pegasus software was recently used to target Indian journalists.
- Valetudo: Free your vacuum from the cloud
Valetudo: Free your vacuum from the cloud https://valetudo.cloud/ @privacy
- A Palestinian student deleted her social media. Israel revoked her permitwww.972mag.com A Palestinian student deleted her social media. Israel revoked her permit
Police accused a West Bank medical student at an Israeli hospital of 'blocking' friends online. Weeks later, she was barred from returning.
- Unblocking User Freedom: the right to use adblockers - FSFEfsfe.org Unblocking User Freedom: the right to use adblockers - FSFE
Companies increasingly aim to control how users interact with their content online, threatening user freedom. As more companies crack down on browser exten...
- Trump Allies Are Giddy About House Intelligence Committee's Surveillance Billtheintercept.com Trump Allies Are Giddy About House Intelligence Committee's Surveillance Bill
The committee is pushing a bill that civil liberties experts say would amount to the largest expansion of domestic surveillance in decades.
- Activists are voicing concerns over Atlanta’s proposed ski-mask banitsgoingdown.org Activists are voicing concerns over Atlanta’s proposed ski-mask ban
Report from the Atlanta Community Press Collective on recent proposal by a member of the Atlanta City Council to prohibit the wearing of ski masks "or other items that conceal the identity of the wearer." By: Matt Scott During Monday’s regular council meeting, Atlanta City Council Member Antonio Lew...
- Online Atrocity Database Exposed Thousands of Vulnerable People in Congotheintercept.com Online Atrocity Database Exposed Thousands of Vulnerable People in Congo
NYU and Human Rights Watch accidentally doxxed up to 8,000 victims, journalists, and activists due to a basic security error.
- Israeli Spyware Firm NSO Demands “Urgent” Meeting With Blinken Amid Gaza War Lobbying Efforttheintercept.com Israeli Spyware Firm NSO Demands “Urgent” Meeting With Blinken Amid Gaza War Lobbying Effort
As it helps Israel find Hamas hostages in Gaza, NSO Group, which the U.S. put on a blacklist in 2021, intensified its lobbying push.
- Israel's ‘thought police’ law ramps up dangers for Palestinianswww.972mag.com Israel's ‘thought police’ law ramps up dangers for Palestinians
Rights advocates warn the draconian law will enable unprecedented surveillance, raising Palestinian fears of arrest for their online activity.
Excerpt:
> in recent weeks Israeli police have been stopping Palestinian Jerusalemites on the street and searching their phones, culling through their Telegram news channels or WhatsApp chats. Ahmed said he has experienced unprecedented levels of police harassment and has given up on searching for jobs, let alone going to work in West Jerusalem’s hospitality industry. “When I leave the house, I delete Instagram, I delete Telegram, I archive all my chats,” he told +972. “I don’t know what [the authorities] will flag now.”
- The end of anonymity on Chinese social mediarestofworld.org The end of anonymity on Chinese social media
Forced to use real names on platforms like Weibo, Chinese influencers quit social media instead.
- Is there any point not using WhatsApp if I use Instagram already?
I use Instagram as the one social media platform that all my friends are on, plus I sometimes watch reels to kill time. However, as a privacy-conscious person, this is obviously not great for privacy. Is there, then, any good reason to still abstain from using WhatsApp?
- YouTube blames ad blockers for slow load times, and it has nothing to do with your browserwww.androidauthority.com YouTube blames ad blockers for slow load times, and it has nothing to do with your browser
YouTube has clarified in a statement that users who use ad blockers will have a suboptimal experience regardless of their browser.
- Mullvad: Moving our Encrypted DNS servers to run in RAM. Is cost-free, and available to anyone that wishes to have a trustworthy, audited Encrypted DNS service with optional content blocking.mullvad.net Moving our Encrypted DNS servers to run in RAM | Mullvad VPN
We recently announced the completion of our migration to remove all traces of disks in use on our VPN infrastructure.
- Oregon Police Obsessively Spied on Activists for Years, Even After Pipeline Fight Endedtheintercept.com Oregon Police Obsessively Spied on Activists for Years, Even After Pipeline Fight Ended
Internal emails obtained by Siskiyou Rising Tide and Information for Public Use show police treating even the most placid social justice activities as sites of criminal threat.
- Cryptographers Devise an Approach for Total Search Privacywww.quantamagazine.org Cryptographers Devise an Approach for Total Search Privacy | Quanta Magazine
Three researchers have found a long-sought way to pull information from large databases secretly, moving us closer to fully private internet searches.
- WhatsApp used to be one of my favorite apps. Now, I can't stand it | Digital Trendswww.digitaltrends.com WhatsApp used to be one of my favorite apps. Now, I can't stand it | Digital Trends
After starting out as a hub of meaningful conversations, WhatsApp has now devolved into a digital billboard filled with spam messages and unnecessary features.
- AI Cameras Took Over One Small American Town. Now They're Everywherewww.404media.co AI Cameras Took Over One Small American Town. Now They're Everywhere
Hundreds of documents obtained by 404 Media show how Fusus, a system for linking a town’s security cameras into one central hub and adding AI to them, has spread across the country.
- Historic agreement on child sexual abuse proposal (CSAR): European Parliament wants to remove chat control and safeguard secure encryptionwww.patrick-breyer.de Historic agreement on child sexual abuse proposal (CSAR): European Parliament wants to remove chat control and safeguard secure encryption
This week, the European Parliament's negotiators reached a broad majority agreement on a common position concerning the controversial EU chat control bill. The Commission’s bill proposes bulk scanning and reporting of private messages for allegedly suspicious content by using error-prone algorithms,
This week, the European Parliament’s negotiators reached a broad majority agreement on a common position concerning the controversial EU chat control bill. The Commission’s bill proposes bulk scanning and reporting of private messages for allegedly suspicious content by using error-prone algorithms, including „artificial intelligence“. But the European Parliament’s position removes indiscriminate chat control and allows only for a targeted surveillance of specific individuals and groups reasonably suspicious of being linked to child sexual abuse material, with a judicial warrant. End-to-end encrypted messengers are exempted. Instead, internet services will have to design their services more securely and thus effectively prevent the sexual exploitation of children.