Suche
Beiträge, die mit privacy getaggt sind
https://aliyesha.com/sub/articles/news/display/nd_aap_ready_elections_feb_2025
#newdelhi #delhi #india #press #news #politics #aap #bjp #elections #elections2025 #strategy #candidates #BattleReady #BattleForDelhi #FightForDelhi
Enjoy tracker free reading with us. #privacy #privacymatters
नई दिल्ली: ‘आप’ ने दिल्ली के चुनाव में उतारे 11 उम्मीदवार, 6 ‘सरप्राइज’ नामों पर सियासत।
महाराष्ट्र और झारखंड के चुनावों के बाद अब दिल्ली के चुनावी दंगल की तैयारियां तेज हो गई हैं। फरवरी में दिल्ली विधानसभा की 70 सीटों पर चुनाव होना है।दिल्ली ब्यूरो (Aliyesha)
From the erosion of privacy and the securitisation of educational spaces - that undermines the learning and growth processes - to the perpetuation of bias and discrimination, and the lack of data protection safeguards, not to mention the role of private interests, this briefing explains why we believe that iIt is crucial to ban FRT in educational spaces and stop its use now.
At the end of the briefing, we share a roadmap of key issues that it is necessary to consider for anyone thinking of introducing FRT in educational spaces to help analyse its impact on human rights."
https://privacyinternational.org/advocacy/5469/pis-briefing-critical-examination-facial-recognition-implementation-educational
#UK #FacialRecognition #Biometrics #Surveillance #Privacy #FRT
That could allow a local attacker to gain root privileges without requiring user interaction. Needrestart is a utility that scans a system to determine the services that need to be restarted after applying shared library updates.
https://blog.qualys.com/vulnerabilities-threat-research/2024/11/19/qualys-tru-uncovers-five-local-privilege-escalation-vulnerabilities-in-needrestart
#linux #ubuntu #it #security #privacy #engineer #tech #media #news
![Multiple decade-old security vulnerabilities have been disclosed in the needrestart package.
The vulnerabilities are believed to have existed since the introduction of interpreter support in needrestart 0.8, which was released on April 27, 2014.
"These needrestart exploits allow Local Privilege Escalation (LPE) which means that a local attacker is able to gain root privileges," Ubuntu said in an advisory, noting they have been addressed in version 3.8.
<https://ubuntu.com/blog/needrestart-local-privilege-escalation>
The 5 flaws are listed below:
• CVE-2024-48990 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
• CVE-2024-48991 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by winning a race condition & tricking needrestart into running their own, fake Python interpreter.
• CVE-2024-48992 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable.
• CVE-2024-11003 [CVSS score: 7.8] and CVE-2024-10224 [CVSS score: 5.3] - Two vulnerabilities that allows a local attacker to execute arbitrary shell commands as root by taking advantage of an issue in the libmodule-scandeps-perl package. (before version 1.36)](https://nerdculture.de/system/media_attachments/files/113/521/649/340/089/036/original/9c79a893744b5d47.jpeg "Multiple decade-old security vulnerabilities have been disclosed in the needrestart package.
The vulnerabilities are believed to have existed since the introduction of interpreter support in needrestart 0.8, which was released on April 27, 2014.
\"These needrestart exploits allow Local Privilege Escalation (LPE) which means that a local attacker is able to gain root privileges,\" Ubuntu said in an advisory, noting they have been addressed in version 3.8.
<https://ubuntu.com/blog/needrestart-local-privilege-escalation>
The 5 flaws are listed below:
• CVE-2024-48990 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
• CVE-2024-48991 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by winning a race condition & tricking needrestart into running their own, fake Python interpreter.
• CVE-2024-48992 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable.
• CVE-2024-11003 [CVSS score: 7.8] and CVE-2024-10224 [CVSS score: 5.3] - Two vulnerabilities that allows a local attacker to execute arbitrary shell commands as root by taking advantage of an issue in the libmodule-scandeps-perl package. (before version 1.36)")
Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart | Qualys Security Blog
The Qualys Threat Research Unit (TRU) has identified five Local Privilege Escalation (LPE) vulnerabilities within the needrestart component…Saeed Abbasi (Qualys, Inc.)
Cape has been selling a privacy-focused cellphone service to the U.S. military, now offering to high-risk members of the public
Cape runs its own mobile core, all of the software necessary to route messages, authenticate users, and basically be a telecom. Ultimately, this gives Cape the control to do more privacy-enhancing things, such as periodically give its phones a new IMEI—a unique identifier for the phone—and new IMSI—a similar identifier, but one attached to the SIM card (or eSIM in Cape’s case). The phone can also give itself a new mobile advertising identifier (MAID), which is an identifier advertising ecosystems and apps use to track peoples’ web browsing activity and is sometimes linked to their physical movement data. Cape said the IMEI and MAID rotation is handled by the custom Cape handset, which runs standard up-to-date Android.
Cape lets users create bundles of these identifiers, called “personas”, then cycle through them at different points. This means that during some attacks, a Cape phone may look like a different phone each time.
Well, this is a very interesting phone. Whether governments really want their citizens (or their terrorists or child molesters) to have these devices is another story…
The author also raises an intriguing point about why has AT&T and other phone networks not offered something like this before. The easy answer is wire-tapping requirements (remember the NSA vs PGP encryption in the 1990’s). Google could have offered encrypted email too if it wished, but reading our mail helps fuel its advertising business.
But way more shocking in the linked article, was the statement by the author that they have not owned a smartphone since 2017! I get that you can do a lot on your desktop (like I do), but even I realised that I needed that banking app to do 2FA when approving payments, or SMS for some sites still to authenticate access, and needed Waze to navigate through ever denser traffic, etc. Even the poorest of the poor in our country now at least have a feature phone.
I find it difficult enough telling many people, no, really, I don’t have WhatsApp when they want to send receipts to me via WhatsApp.
See https://www.404media.co/i-dont-own-a-cellphone-can-this-privacy-focused-network-change-that
#Blog, #privacy, #technology
https://github.com/ungoogled-software/ungoogled-chromium/issues/1675#issuecomment-2490597528
PS. You can install Ungoogled Chromium easily on macOS using Homebrew:
```shell
brew install --cask eloston-chromium
```
For more macOS setup/configuration tips see my quick gist:
https://codeberg.org/aral/gists/src/branch/main/mac-setup.md
#ungoogledChromium #chromium #chrome #minimal #newTabPage #aesthetics #accessibility #privacy #configuration #web
gists/mac-setup.md at main
gists - A place for me to post and share small, self-contained code snippets.Codeberg.org
https://aliyesha.com/sub/articles/news/display/nd_du_student_election_result_postponed
#newdelhi #delhi #india #press #news #politics #university #elections #results
Enjoy tracker free reading with us. #privacy #privacymatters
नई दिल्ली: फिर टला दिल्ली यूनिवर्सिटी छात्र संघ चुनाव का रिजल्ट।
दिल्ली विश्वविद्यालय छात्र संघ यानी डूसू चुनाव के रिजल्ट्स फिर से टाल दिए गए हैं। यूनिवर्सिटी प्रशासन के इस फैसले से छात्र खुश नहीं हैं।दिल्ली ब्यूरो (Aliyesha)
https://aliyesha.com/sub/articles/news/display/uk_villagers_support_each_other_marriages
#uttarakhand #dehradun #india #press #news #inspirational #rural #village #CommunitySupport #marriage #NewThinking
Enjoy tracker free reading with us. #privacy #privacymatters
देहरादून: कृष्णा गांव के ग्रामीणों की प्रेरणादायक पहल: सामूहिक प्रयास से बेटियों का कन्यादान।
दो साल से गम्भीर बीमारी से ग्रसित पिता की दो बेटियों का कन्यादान किया, श्रीमद्भागवत कथा की पवित्र वेदी पर।प्रेम पंचोली (Aliyesha)
T-Mobile has joined a list of major organizations like AT&T, Verizon & Lumen Technologies that have been singled out as part of what appears to be a full-blown Chinese threat actors cyber espionage campaign.
https://www.wsj.com/politics/national-security/t-mobile-hacked-in-massive-chinese-breach-of-telecom-networks-4b2d7f92
#us #telecom #companies #breach #it #security #privacy #engineer #media #tech #news
Pay or OK: Verleger warnen vor Frontalangriff auf Geschäftsmodell der Presse
Mit großer Sorge verfolgen Verlegerverbände die Überlegungen des Europäischen Datenschutzausschusses, Leitlinien für "Pur-Abo-Modelle" zu beschließen.Stefan Krempl (heise online)
https://aliyesha.com/sub/articles/news/display/hp_modern_medical_equipment_healthcare
#himachal #dharamshala #india #press #news #government #governance #medical #hospital #e-rickshaws
Enjoy tracker free reading with us. #privacy #privacymatters
Dharamshala: Modern medical equipment to be made available in Healthcare Institutions: Shandil.
Virtual meeting of Tanda College's Patient Welfare Committee held to improve healthcare facility.Rajesh (Aliyesha)
#BrendanEich #prop8 #privacy #cryptoBros https://kafeneio.social/@foufoutos/113504298348385814
Fou (@foufoutos@kafeneio.social)
The Internet Has Changed. Privacy Was Left Behind As we rushed into the Web 2 era, privacy was left behind https://odysee.com/@NaomiBrockwell:4/BRENDAN-EICH:9kafeneio
#labor / #Austech / #surveillance <https://theguardian.com/technology/2024/nov/18/australian-parliamentary-inquiry-stops-short-of-backing-social-media-ban-for-under-16s>
https://howtogetarrested.puter.site
#election #election2024 #harris #trump #protest #protestSafety #movementSecurity #mobilizing #organizing #harmReduction #resistance #activism #postElectionPrep #infosec #privacy #PreparednessNotParanoia
How To Get Arrested: A Guide for NYC and Beyond
What To Expect & How To Prepare for Getting Arrested at a DemonstrationHow To Get Arrested
Es un paso a paso de como instalar Microg en teléfonos que no cuenten con custom ROMs, espero que les guste
Y si por casualidad conocen alguna forma de no tener que usar Imgur para las imagenes (tipo usar hosting o algo asi) desde el teléfono, porfa haganmelo saber, thx
https://rentry.co/c4bc9bho
#Android #Foss #Privacy #Blog #Root
ahead of us. It will be essential to regroup, to support each other, and to protect each other.
This will affect many aspects of our lives, including data privacy.
When authoritarians want
control over their population, they seek data and they seek to kill privacy.
Because privacy means democracy,
because privacy means freedom, and
because privacy becomes a tool for popular resistance.
Be ready to fight for
your privacy rights.
This is vital.
#Privacy #PrivacyIsAHumanRight
#USpol
Microsoft’s November Patch Update fixes 91 Windows security vulnerabilities, including 4 zero-days. The critical fixes address actively exploited flaws in Windows. It is strongly recommended that users apply these updates as soon as possible to mitigate possible security risks. Updates can be installed via Windows Update.
https://msrc.microsoft.com/update-guide/
#microsoft #windows #update #it #security #privacy #engineer #media #tech #news
Then there's the senate committee smoking gun.
Nah, I think there's a strong possibility some idiots have a strategy that doesn't involve being upfront. We studied the Australia Card, and the Data Retention sell was a complete fuck up. They're probably terrified of both instances, as would be the minister.
Happy to be wrong but all this stinks of subterfuge and an attempt to get the public (and old media) to sleepwalk into a surveillance trap.
#auspol #privacy #myid
Can't think of one and the government hasn't made any argument in the media release - just 'Presto, here it is.'
Trying to anticipate what a minister will blather on about if challenged. 'We are centralising government records?' That's already been done, albeit badly.
Who or what is going to ask you to present it? Porn sites? Social media? Is that the only route this goes down? They're just going to trot out the same old criminals, paedophiles and terrorist lines aren't they. Somehow a Federal Government ID stops all that... somehow...
It's fucking perplexing.
#auspol #privacy #myid
These are fun. We'll need all the arts, legal, media, politics and tech skills we can muster. Fortunately, appears a proliferation of them abound in these here parts.
Not an easy battle to win against entrenched political parties and their old media propaganda wings but to misquote the Taliban, 'We thank god our enemies are idiots.'
https://www.ato.gov.au/media-centre/mygovid-is-now-called-myid
https://ia.acs.org.au/article/2024/not-just-kids--everyone-to-be-age-verified-for-social-.html
#auspol #privacy #myid
Not just kids: Everyone to be age verified for social media
Proposed under-16s ban has wider implications for Australians.Information Age
"How dare you use Twitter to spread your message. How dare you maintain a crypto product. I'm disappointed in you."
"You're using Google's services and therefore you don't care about privacy. AI? The horror! You don't belong here."
We gotta understand:
- Firstly, it's none of our business
- Second, who are we to judge.
I have faced this a lot of times. I receive blatant evisceration and harsh criticism and questions because I was asking for help or making a remark about my use of a big tech service. Well, it may not have been that bad, but in a situation where you're asking for and expecting help, and you I stead receive this, it definitely sucks.
There were times when I had to literally tell people that their comments are useless for me, because they really were.
We gotta understand that not all people can switch to Firefox, or daily drive GrapheneOS, or search in DuckDuckGo, or migrate to Proton Mail, or from Twitter to Mastodon.
And that should be okay with us. We can't force stuff onto people. We might instead respect individual choices while equipping them with the required information and reasons to switch to better alternatives.
No open source software (or proprietary, for that matter) is perfect. Better to acknowledge the shortcomings and collectively improve instead of vigorously fighting on them. BROWSER WARS ARE STUPID.
It would do us and the community at large a huge service if we took the time to understand the entire context before jumping in with free advice.
We are SO divided over silly things sometimes. We can do better by our people. Let's work to make this a more constructive and helpful space.
Peace.
#Privacy
#Mastodon
#Fediverse
#Technology
#Community
#Positivity
#FOSS
https://www.propublica.org/article/blumenthal-slams-gun-industry-customer-data-investigation
In response to a ProPublica investigation, Sen. Richard Blumenthal demanded answers from the gun industry about its 'covert program' to collect information on gun owners for political purposes."
#data #guns #privacy #press
—
In response to a ProPublica investigation, Sen. Richard Blumenthal demanded answers from the gun industry about its “covert program” to collect information on gun owners for #political purposes.
#News #Guns #Privacy #Politics #Business
https://propub.li/4er0KaE
Data Clean Rooms are cloud data processing services that let companies exchange and analyze data, restrained by rules that limit data use. They are typically used when two companies want to exchange limited information about their customers. For example, a newspaper and a grocery store might use a DCR to evaluate the efficacy of an advertisement by identifying grocery sales made to newspaper subscribers. However, a close examination of DCRs yields an evergreen lesson: even if privacy enhancing technologies alone can’t protect privacy and even if they address some privacy risks, they can contribute to others.
In some cases, DCRs can add privacy protections to the handling of consumer data. In others, disclosure of consumer data via DCRs presents the same privacy risks as disclosure through other means like tracking pixels. DCRs, like other technologies that claim to protect privacy, can also be used to obfuscate privacy harms."
https://www.ftc.gov/policy/advocacy-research/tech-at-ftc/2024/11/data-clean-rooms-separating-fact-fiction
#USA #FTC #DataCleanRooms #DCRs #Privacy #DataProtection
https://www.theguardian.com/media/2024/nov/13/why-the-guardian-is-no-longer-posting-on-x
“#X is a #toxic #media platform and […] its owner Elon #Musk has been able to use its influence to shape political discourse”
“we can do this because our business model does not rely on #viral content tailored to the whims of the #social media giants’ #algorithms”
↳Yes. Fake news, polarization, and controversial content are largely the results of the #ad and #privacy harvesting #business model
cc @mediapart
https://aliyesha.com/sub/articles/news/display/pb_gini_health_expands_gini_care_hospital
#punjab #mohali #india #press #news #health #medical #Diabetes #DiabetesDay #hospital #ICU #HealthCare #NewFacility
Enjoy tracker free reading with us. #privacy #privacymatters
Mohali: Gini Health Mohali expands to Gini Advanced Care Hospital with new 30-Bed ICU facility.
Gini Health, a leading provider of diabetes and hormone care, has rebranded and expanded to become Gini Advanced Care Hospital, signifying a new chapter in advanced healthcare services.Dr. Kharbanda (Aliyesha)
https://aliyesha.com/sub/articles/news/display/bh_jdu_strategic_meeting_assembly_election
#bihar #patna #india #news #press #politics #jdu #AssemblyElections #elections #elections2025
Enjoy tracker free reading with us. #privacy #privacymatters
Patna: Bihar JDU holds strategic meeting for upcoming assembly elections.
An organisational meeting of divisional in-charges, district presidents, and assembly in-charges of Bihar’s Janata Dal United (JDU) was held at the party's state headquarters.Alok Sharma (Aliyesha)
• Folgen: https://www.kuketz-blog.de/bleib-aktuell/
• Forum: https://www.kuketz-forum.de/
• Chat: https://www.kuketz-blog.de/chat/
Bleib informiert und diskutiere mit!
#blog #sicherheit #security #datenschutz #privacy #mastodon #newsletter #rss #matrix #signal #discourse #forum
Bleib aktuell
RSS, Newsletter oder Social Media: Immer informiert über neue Beiträge • IT-Sicherheit & Datenschutz aus Karlsruhewww.kuketz-blog.de
https://aliyesha.com/sub/articles/news/display/nd_today_mayor_election_mcd_2024
#newdelhi #delhi #india #press #news #politics #mayor #mcd
Enjoy tracker free reading with us. #privacy #privacymatters
नई दिल्ली: दिल्ली में आज होगा मेयर का चुनाव, एलजी ने बीजेपी पार्षद को बनाया चुनाव अधिकारी, किसका पलड़ा भारी ?
दिल्ली नगर निगम (एमसीडी) के मेयर पद के लिए गुरुवार को होने वाले चुनाव में बीजेपी की पार्षद और पूर्वी दिल्ली की पूर्व महापौर सत्या शर्मा को फिर से पीठासीन अधिकारी नियुक्त किया गया है।दिल्ली ब्यूरो (Aliyesha)
#Privacy
The emails provide deeper insight into the agency’s use of Locate X, a powerful surveillance capability that allows law enforcement officials to follow a phone, and person’s, precise movements over time at the click of a mouse. In 2023, a government oversight body found that the Secret Service, Customs and Border Protection, and Immigration and Customs Enforcement all used their access to such location data illegally. The Secret Service told 404 Media in an email last week it is no longer using the tool."
https://www.404media.co/fyi-a-warrant-isnt-needed-secret-service-says-you-agreed-to-be-tracked-with-location-data/
#USA #LocationData #Geolocation #Surveillance #Privacy #DataProtection #Intelligence #LocateX
'FYI. A Warrant Isn’t Needed': Secret Service Says You Agreed To Be Tracked With Location Data
The Secret Service has used a technology called Locate X which uses location data harvested from ordinary apps installed on phones. Because users agreed to an opaque terms of service page, the Secret Service believes it doesn't need a warrant.Joseph Cox (404 Media)
https://kolektiva.social/@tothedaring/113460078355087435
#civilDisobedience #massNoncooperation #directAction #organizing #protest #resistance #activism #MovementSecurity #MoSec #privacy #infosec #movementorganizing #harmreduction #safety #protestSafety #harris #trump #election #election2024 #democrats
frank :anarchy_bi: (he / they) (@tothedaring@kolektiva.social)
with the possibility of street action picking up again in the coming months, here's a guide i wrote to help ppl prepare for what to expect when there's a possibility of getting arrested (and maybe why they want to avoid it whenever possible) https:/…kolektiva.social
https://aliyesha.com/sub/articles/news/display/hp_cm_sukhu_kangra_tourism_capital
#himachal #dharamshala #india #press #news #kangra #airport #zoo #MilkPlant #tourism #WaterSports #PongDam
Enjoy tracker free reading with us. #privacy #privacymatters
Dharamshala: Chief Minister Sukhu to personally monitor key sectors for making Kangra the tourism capital.
Chief Minister Sukhvinder Singh Sukhu has announced his personal commitment to monitoring the progress of key sectors aimed at transforming Kangra into the tourism capital of the state.Rajesh (Aliyesha)
https://aliyesha.com/sub/articles/news/display/bh_pm_modi_lays_foundation_aiims_projects_bihar
#bihar #patna #india #news #press #politics #aiims #medical #education #doctor #bjp #pmmodi #nitishkumar #governance
Enjoy tracker free reading with us. #privacy #privacymatters
Patna: Prime Minister Narendra Modi lays foundation for AIIMS Darbhanga, launches development projects across Bihar.
Prime Minister Narendra Modi today remotely laid the foundation stone for AIIMS Darbhanga, a transformative healthcare project estimated at over ₹12,000 crore.Alok Sharma (Aliyesha)
https://gomoot.com/ecosia-e-qwant-lalternativa-europea-a-google-e-microsoft/
#ambiente #bing #blog #ecosia #eusp #google #ia #microsoft #news #picks #privacy #qwant #sostenibilità #tech #tecnologia #ue
Ecosia e Qwant: l’alternativa europea a Google e Microsoft
Nasce European Search Perspective (EUSP), l'indice di ricerca europeo come risposta di Ecosia e Qwant ai motori di ricerca americani di Google e Microsoftcristina (Gomoot : tecnologia e lifestyle)
Wired has published a guide to protecting yourself from surveillance by the US government
The guide discusses the potential increase in government surveillance under a second Trump administration and offers advice on upgrading personal privacy protections, including using end-to-end encrypted messengers and securing devices.
#privacy #security #civilrights
The data includes the employees’ name, work contact information, and what location they work at, and has more than 2.8 million lines of data, according to the post on Breach Forums. The post says the source of the data was MOVEit, which is suite of cloud data management tools.
“Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about [a] security event at one of our property management vendors that impacted several of its customers including Amazon. The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations,” an Amazon spokesperson told 404 Media in an email."
https://www.404media.co/amazon-confirms-breach-of-employee-data/
#Amazon #DataBreach #DataProtection #Privacy #Hacking #CyberSecurity
Amazon Confirms Breach of Employee Data
The breach includes the employees’ name, work contact information, and what location they work at.Joseph Cox (404 Media)
https://aliyesha.com/sub/articles/news/display/nd_school_admission_nursery_starts
#newdelhi #delhi #india #press #news #school #admission #forms #prospectus #SchoolAdmission #ImportantDates
Enjoy tracker free reading with us. #privacy #privacymatters
नई दिल्ली: राजधानी के 1700 निजी स्कूलों में नर्सरी दाखिले की दौड़ शुरू।
28 नवंबर से मिलेंगे फॉर्म, सभी ज़रूरी बातें जान लीजिए।दिल्ली ब्यूरो (Aliyesha)
https://aliyesha.com/sub/articles/news/display/hp_walnut_shower_baijnath_temple_14_nov_2024
#himachal #dharamshala #india #press #news #kangra #baijnath #LordShiva #LordVishnu #LordBrahma #BaikunthChaturdashi #Walnut #WalnutShower #religion #culture #mythology
Enjoy tracker free reading with us. #privacy #privacymatters
Dharamshala: Baijnath Shiv Temple to witness walnut shower on the 14th of November.
n 14th November, the historic Shiv Temple in Baijnath, located in Kangra district, will celebrate Baikunth Chaturdashi with a spectacular walnut shower.Rajesh (Aliyesha)
https://aliyesha.com/sub/articles/news/display/bh_darbhanga_aiims_major_step_jaiswal
#bihar #patna #india #news #press #politics #aiims #medical #education #doctor #bjp #pmmodi
Enjoy tracker free reading with us. #privacy #privacymatters
Patna: Darbhanga AIIMS is a Major Step in Healthcare: Dr. Dilip Jaiswal.
The establishment of Darbhanga AIIMS is expected to stimulate growth in Mithilanchal and generate new employment opportunities.Alok Sharma (Aliyesha)