Privacy
- How to opt out of the privacy nightmare that comes with new Hondassherwood.news How to opt out of the privacy nightmare that comes with new Hondas
I was the first person to ask my Honda dealer how to turn off data sharing. It didn't go well....
There are lots of reasons to want to shut off your car’s data collection. The Mozilla Foundation has called modern cars “surveillance machines on wheels” and ranked them worse than any other product category last year, with all 25 car brands they reviewed failing to offer adequate privacy protections.
With sensors, microphones, and cameras, cars collect way more data than needed to operate the vehicle. They also share and sell that information to third parties, something many Americans don’t realize they’re opting into when they buy these cars. Companies are quick to flaunt their privacy policies, but those amount to pages upon pages of legalese that leave even professionals stumped about what exactly car companies collect and where that information might go.
So what can they collect?
“Pretty much everything,” said Misha Rykov, a research associate at the Mozilla Foundation, who worked on the car-privacy report. “Sex-life data, biometric data, demographic, race, sexual orientation, gender — everything.” . . .
- Introducing Defense against AI-guided Traffic Analysis (DAITA) | Mullvad VPNmullvad.net Introducing Defense against AI-guided Traffic Analysis (DAITA) | Mullvad VPN
Even if you have encrypted your traffic with a VPN (or the Tor Network), advanced traffic analysis is a growing threat against your privacy. Therefore, we now introduce DAITA.
- Finland warns of Android malware attacks breaching bank accountswww.bleepingcomputer.com Finland warns of Android malware attacks breaching bank accounts
Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts.
- It's possible to back up my Whatsapp chats without using Google accounts?
The only way that Whatsapp let you back up your chats is using by linking a Google account, but I'm not sure is there's some workaround like a third parties apps that let you back up your chats.
I know that using a third parties apps to this purpose is unsafe, but I'm just giving an example.
- IMEI extremely important question
How many times I can change IMEI without harm to device via AT command? For example if I will change IMEI 3 times a day (sometimes) and 7 times (most commonly) a week (1 per day) via AT command won’t it harm device?
I need extra lawyer of security as I will go to dictatorship country for 1 week as reporter n. This is extremely critical.
Please ask the highest level of your engineer team.
P.S: I am using Mudi v2 with blue-merle
- What is Windows 11 'AI Explorer'? Everything you need to know about Microsoft's upcoming defining AI PC feature (this will be used for tracking)www.windowscentral.com What is Windows 11 'AI Explorer'? Everything you need to know about Microsoft's upcoming defining AI PC feature
Windows 11 will be supercharged with AI designed to enhance productivity and search across the OS.
- Roku OS home screen is getting video ads for the first timearstechnica.com Roku OS home screen is getting video ads for the first time
Meanwhile, Roku keeps making more money.
- Donate to individual instances or to LibRedirect
I wish I could donate to each individual instance but they are too many, and I can't donate to all the ones I use because they are also too many, and I would also like to donate to LibRedirect but I don't know if I should donate to each individual instance I use or to LibRedirect...
- Question - Android / GrOS certs
So, this may be G-custom OS specific, or Android generally.
I was looking through the security settings, and when going to Settings-Security-More-Encryption and Credentials, I see that there are a plethora of CA Root certs installed. I recognize some (Digicert, Comodo, etc), but there are a lot that are just numbers and letters, and some from Beijing China, etc.
I don't recall ever installing ANY certs, so I suppose these are all preinstalled (they show under the System tab, not the User tab.)
Can they be installed by regular apps?
I disabled any that weren't recognizable like Amazon, Google, Digicert, and Comodo.
Are these dozens of other Certs necessary, and are they safe to be on my device? Are they preinstalled with G-Custom OS, or did they somehow sneak into my system settings?
I have too much to do a factory reset at this point and it would only be a last resort.
I also have Mullvad, Proton, and a personal WG vps on my phone, would those add certs to the "storage"?
I know I named brands in here but I'm not promoting anything, I don't want to break something making changes, that's all.
Thanks in advance.
- Google is feeling pretty pumped about a new way of showing you ads on YouTubewww.androidauthority.com Google is feeling pretty pumped about a new way of showing you ads on YouTube
Google says pause ads on YouTube are getting a very positive reaction from advertisers. The company could roll them out widely soon.
- New Brokewell malware takes over Android devices, steals datawww.bleepingcomputer.com New Brokewell malware takes over Android devices, steals data
Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches.
- Reddit, AI spam bots explore new ways to show ads in your feedarstechnica.com Reddit, AI spam bots explore new ways to show ads in your feed
Reddit says its "communities are naturally commercial."
Fuck Reddit. I use Redlib for browsing :)
https://github.com/redlib-org/redlib
- Nova Launcher has been acquired by analytics company Branchwww.androidpolice.com Nova Launcher has been acquired by analytics company Branch
Hopefully, this isn’t the end of an era for Android launchers
- Introducing Dark Web Monitoring for credential leaks | Protonproton.me Introducing Dark Web Monitoring for credential leaks | Proton
With Dark Web Monitoring, you can have Proton watch for data leaks, ensuring you can change the passwords to accounts affected by a breach.
- How Political Campaigns Use Your Data to Target Youwww.eff.org How Political Campaigns Use Your Data to Target You
Data about potential voters—who they are, where they are, and how to reach them—is an extremely valuable commodity during an election year. And while the right to a secret ballot is a cornerstone of the democratic process, your personal information is gathered, used, and sold along the way. It's...
- Dutch government says it may stop using Facebook over privacy concernswww.cnbc.com Dutch government says it may stop using Facebook over privacy concerns
The Netherlands' digital mininster said the government will be forced to stop using Facebook pages if it doesn't get clarity on its concerns from Meta.
- Microsoft wants to hide the 'Sign out' button in Windows 11 behind a Microsoft 365 adwww.neowin.net Microsoft wants to hide the 'Sign out' button in Windows 11 behind a Microsoft 365 ad
The latest Windows 11 preview build in the Beta Channel delivers a rather odd change to the Start menu. For some reason, the "Sign out" button is hidden behind a Microsoft 365 ad and other banners.
- Israel is killing people based on being in the same Whatsapp groupblog.paulbiggar.com Meta and Lavender
A little-discussed detail in the Lavender AI article is that Israel is killing people based on being in the same Whatsapp group [1] as a suspected militant [2]. Where are they getting this data? Is WhatsApp sharing it? Lavender is Israel's system of "pre-crime" [3] - they use AI to
- Microsoft will now urge you to ditch local accounts on Windows 10www.xda-developers.com Microsoft will now urge you to ditch local accounts on Windows 10
Microsoft is now nagging Windows 10 customers to switch to a Microsoft account instead of using a local account.
- Google ad impersonates Whales Market to push wallet drainer malwarewww.bleepingcomputer.com Google ad impersonates Whales Market to push wallet drainer malware
A legitimate-looking Google Search advertisement for the crypto trading platform 'Whales Market' redirects visitors to a wallet-draining phishing site that steals all of your assets.
- SoumniBot malware exploits Android bugs to evade detectionwww.bleepingcomputer.com SoumniBot malware exploits Android bugs to evade detection
A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure.
- Google to crack down on third-party YouTube apps that block adswww.bleepingcomputer.com Google to crack down on third-party YouTube apps that block ads
YouTube announced yesterday that third-party applications that block ads while watching YouTube videos violates its Terms of Service (ToS), and it will soon start taking action against the apps.
- What search engines are you using ?
As the title says! My choice, for now, is Leta, directly from Mullvad. I really like because there are no ads by deafult, which is particular important since those ads usually lead to malware.
Otherwise, i like mojeek (same reason).
They both have a strong privacy policy and search results are good enough for me.
Leta: https://leta.mullvad.net/faq
Mojeek: https://www.mojeek.com/about/privacy :)
- Roku says 576,000 user accounts hacked after second security incident | TechCrunchtechcrunch.com Roku says 576,000 user accounts hacked after second security incident | TechCrunch
Roku said it discovered malicious hackers compromised more than half a million user accounts while investigating an earlier spate of account hacks.
- Government spyware is another reason to use an ad blocker | TechCrunchtechcrunch.com Government spyware is another reason to use an ad blocker | TechCrunch
Spyware makers are reportedly working on targeting individuals with stealthy data-stealing malware using online banner ads.
- Microsoft now testing app ads in Windows 11's Start menuwww.bleepingcomputer.com Microsoft now testing app ads in Windows 11's Start menu
Microsoft has started testing ads in the Windows 11 Start menu, a new experiment the company says will help users find new "great" apps in the Microsoft Store.
- Price of zero-day exploits rises as companies harden products against hackers | TechCrunchtechcrunch.com Price of zero-day exploits rises as companies harden products against hackers | TechCrunch
Tools that allow government hackers to break into iPhones and Android phones, popular software like the Chrome and Safari browsers, and chat apps like
This is a good news!
- Microsoft employees exposed internal passwords in security lapse | TechCrunchtechcrunch.com Microsoft employees exposed internal passwords in security lapse | TechCrunch
The tech giant secured a cloud storage server that was inadvertently spilling Microsoft internal data and credentials to the open internet.
- How can I verify the ownership of an IP-address? - 26.26.26.x
Recently discovered the following two addresses in my DNS-filter,
26.26.26.1
and26.26.26.2
. How can I confirm that these belong to? These are both public-ip addresses but seems to be owned by the US Military?If I look at https://www.abuseipdb.com/check/26.26.26.2, it says it belongs to:
- ISP: DoD Network Information Center
- Type: Military
- Country: US.
What does this mean? As far as I've researched, its got something to do with Socks protocol? This Github repo I found seems to be using it too, but why is it used? If anyone knows, id very much appreciate your help.
https://github.com/PeterCxy/SocksDroid/blob/master/app/src/main/groovy/net/typeblog/socks/SocksVpnService.groovy
- Proton and Standard Notes are joining forces | Protonproton.me Proton and Standard Notes are joining forces | Proton
Proton and the end-to-end encrypted note-taking app Standard Notes are joining forces. We’ve long been admirers and are excited to welcome Mo and his team.
- Automattic buys Beeper for $125MM, launches closed-source "privacy" apptechcrunch.com WordPress.com owner Automattic acquires multiservice messaging app Beeper for $125M | TechCrunch
The deal, which was for $125 million according to sources close to the matter, is Automattic's second acquisition of a cross-platform messaging solution.
Curious how none of the coverage of this purchase mention that the app isn't open-source, which makes all of their claims of "end-to-end encryption" worthless
WordPress.com owner Automattic acquires multiservice messaging app Beeper for $125M
By Sarah Perez (@sarahpereztc) 2024-04-09
WordPress.com owner Automattic is acquiring Beeper, the company behind the iMessage-on-Android solution that was referenced by the Department of Justice in its antitrust lawsuit against Apple. The deal, which was for \$125 million according to sources close to the matter, is Automattic's second acquisition of a cross-platform messaging solution after buying Texts.com last October.
| [!Screenshot of the Beeper app](https://techcrunch.com/2024/04/09/wordpress-com-owner-automattic-acquires-multi-service-messaging-app-beeper-for-125m/) | |:--:| | Image Credits: Beepercaption |
That acquisition made Texts.com founder Kishan Bagaria Automattic's new head of Messaging, a role that will now be held by Beeper founder Eric Migicovsky, previously the founder of the Pebble smartwatch and a Y Combinator partner.
Reached for comment, Automattic said it has started the process of onboarding the Beeper team and is "excited about the progress made" so far but couldn't yet share more about its organizational updates, or what Bagaria's new title would be. However, we're told he is staying to work on Beeper as well.
| [!Screenshot of the Beeper app](https://techcrunch.com/2024/04/09/wordpress-com-owner-automattic-acquires-multi-service-messaging-app-beeper-for-125m/) | |:--:| | Image Credits: Beepercaption |
Beeper and Texts.com's teams of 25 and 15, respectively, will join together to take the best of each company's product and merge it into one platform, according to Migicovsky.
"\[Texts.com\] built an amazing app that's more desktop-centric and iOS-centric," he said. "So we'll be folding the best parts of those into our app. But going forward, the Beeper brand will apply to all of the messaging efforts at Automattic," he said, adding, "Kishan ... I've known him for years now --- there's not too many other people in the world that are doing what we do --- and it was great to be able to combine forces with them."
The deal, which closed on April 1, represents a big bet from Automattic: that the future of messaging will be open source and will work across services, instead of being tied up in proprietary platforms, like Meta's WhatsApp or Apple's iMessage. In fact, Migicovsky says, the eventual plan after shifting people to the Beeper cross-platform app for managing their messages is to move them to Beeper's own chat protocol --- an open source protocol called Matrix --- under the hood.
| [!Screenshot of the Beeper app](https://techcrunch.com/2024/04/09/wordpress-com-owner-automattic-acquires-multi-service-messaging-app-beeper-for-125m/) | |:--:| | Image Credits: Beepercaption |
Automattic had previously made a strategic investment of \$4.6 million), another company building on Matrix, and it contributes annually to Matrix.org.
Matrix, a sort of "spiritual successor" to XMPP, as Migicovsky describes it, offers an open source, end-to-end encrypted client and server communications system, where servers can federate with one another, similar to open source Twitter/X alternative Mastodon. However, instead of focusing on social networking, like Mastodon, it focuses on messaging.
Migicovsky said the acquisition came about because running Beeper costs quite a bit of money and it was either time to raise more funding or find a buyer. To date, Beeper had raised \$16 million in outside funding, including an \$8 million Series A from Initialized. Other investors include YC, Samsung Next and Liquid2 Ventures, and angels Garry Tan, Kevin Mahaffey and Niv Dror, and the group SV Angel.
"I've known Matt \[Mullenweg, Automattic founder and CEO\] for years now," Migicovsky said, adding that the WordPress.com founder had shown commitment to open source technology, like Beeper, where about half its product is already open source. "We were looking to find a partner that could financially support this. One of the reasons why there are no other people building this type of app is it costs a surprisingly large amount of money to build a damn good chat app," Migicovsky noted.
As for Beeper's products, the company has now briefed the DOJ on what happened when Apple blocked its newer app, Beeper Mini, which aimed to bring iMessage to Android. That solution is no longer being updated as a result of Apple's moves.
| [!Screenshot of the Beeper website](https://techcrunch.com/2024/04/09/wordpress-com-owner-automattic-acquires-multi-service-messaging-app-beeper-for-125m/) | |:--:| | Image Credits: Beepercaption |
Beeper on Android launches to all
The company is instead releasing an updated version of its core app, Beeper, on Android. Unlike Beeper Mini, which focuses only on iMessage, the main app connects with 14 services, including Messenger, WhatsApp, Telegram, Signal, Instagram DM, LinkedIn, Twitter/X, Discord, Google Messages and others. Android is its biggest platform by users, as 70% are on Google's smartphone OS.
In this rewritten version of Beeper, the company is starting to roll out fully end-to-end encrypted messages across Signal. That will be soon followed by WhatsApp, Messenger and Google Messages.
Because of Apple's restrictions, iMessage only works if you have an iPhone in the mix, Migicovsky says, and will not be a focus for Beeper, given the complications it saw with Apple's shutdown of Beeper Mini. However, Beeper is hopeful regulations could change things, pointing to the DOJ lawsuit and FCC investigation. In the meantime, Beeper supports RCS, which solves iMessage to Android problems like low-res images and videos, lack of typing indicators and encryption.
With the launch out of beta, the new app includes a new icon, updated design, instant chat opens and sends, the ability to add and modify chat networks directly on Android (no desktop app needed), local caching of all chats on the device and full message search.
The 10,000 Android beta testers already on Beeper will need to download the new app manually from Google Play --- it won't automatically update.
| [!Screenshot of the Beeper website](https://techcrunch.com/2024/04/09/wordpress-com-owner-automattic-acquires-multi-service-messaging-app-beeper-for-125m/) | |:--:| | Image Credits: Beepercaption |
In addition, the 466,000 or so people on Beeper's waitlist will now be able to try the product. They'll join over 115,000 users who have already downloaded the app, which is now used by tens of thousands daily. The app runs on Android, iPhone, iPad, ChromeOS, macOS, Windows and Linux.
The team expects to have feature parity across platforms in a matter of months as they overhaul the iOS and desktop apps.
In time, they plan to add other services to Beeper as well, including Google Voice, Snapchat and Microsoft Teams. Beeper also offers a widget API so developers can build on top of Beeper. Plus, since Matrix is an open standard, developers will be able to build alternative clients for Beeper, as well.
The app will generate revenue via a premium subscription, where the final price may be a couple of dollars per month, but pricing decisions haven't yet been fully nailed down. Beeper is currently free to use.
Like Automattic, Beeper's team is remotely distributed, with employees in Brazil, the U.K., Germany and the U.S. At present, Texts.com will continue to operate as the teams begin to integrate the two messaging apps.
- Secure Operating Systems (Microkernels seems to be the future)
cross-posted from: https://sh.itjust.works/post/17506000
> I am not satisfied with Linux's security and have been researching alternative open source OS for privacy and security > So far only thing that's ready to use is GrapheneOS (Based on Android) but that's not available on desktop (Though when Android release Desktop mode it may become viable) > >Qubes OS is wrapper around underlying operating systems, so it doesn’t really fix for example Linux’s security holes it just kinda sandbox/virtualize them > > OpenBSD is more secure than Linux on a base level but lack mitigations and patches that are added to linux overtime and it's security practices while good for it's time is outdated now > > RedoxOS (Written in Rust) got some nice ideas but sticks to same outdated practices and doesn't break the wheel too much, and security doesn't seems to be main focus of OS > > Haiku and Serenity are outright worse than Linux, especially Haiku as it's single user only > > Serenity adopted Pledge and Unveil from OpenBSD but otherwise lacks basic security features > > All new security paradigms seems to be happening in microkernels and these are the ones that caught my eyes > > None of these are ready to be used as daily driver OS but in future (hopefully) it may change > > Genode seems to be far ahead of game than everything else > > Ironclad Written in ADA > > Atmosphere And Mesosphere Open Source Re-implementation of Nintendo Switch's Horizon OS, I didn't expected this to be security-oriented but seems like Nintendo has done a very solid job > > Then there are Managarm, HelenOS, Theseus but I couldn't figure out how secure they are > > Finally there is Kicksecure from creators of Whonix, Kicksecure is a linux distro that plans to fix Linux's security problems > > if you know of any other OS please share it here
- AT&T resets account passcodes after millions of customer records leak online | TechCrunchtechcrunch.com AT&T resets account passcodes after millions of customer records leak online | TechCrunch
A security researcher told TechCrunch that leaked AT&T customer data contained encrypted account passcodes that can be easily unscrambled.
- OpenAI and Google reportedly used transcriptions of YouTube videos to train their AI modelswww.engadget.com OpenAI and Google reportedly used transcriptions of YouTube videos to train their AI models
A report by The New York Times claims both OpenAI and Google transcribed videos from YouTube and used these texts to train their AI models, possibly violating copyrights. OpenAI reportedly transcribed more than one million hours of YouTube videos.
- Discord now requiring phone number to login?
Seems like discord is asking people to verify their accounts with phone numbers nowadays. I guess I won't be using it anymore? :🤷
- Anti-virus/malware desktop software recommendations?
This is not for me but for family and friends who are mostly oblivious to privacy issues. I can generally steer them towards more privacy orientated software but not for anti-virus/malware. I know prevention is better than cure and altering behaviour to avoid them to start with is the best defence but I cannot for the life of me understand how some family end up with so damn much malware on their PCs. They're not going to change their behaviour any time soon, if ever. So antivirus it is.
Apart from ClamAV, is there any anti-malware software that respects privacy? Paid is fine (since most are already paying anyway).