Zum Inhalt der Seite gehen

Suche

Beiträge, die mit privacy getaggt sind


‘आप’ ने दिल्ली के चुनाव में उतारे 11 उम्मीदवार, 6 ‘सरप्राइज’ नामों पर सियासत।

https://aliyesha.com/sub/articles/news/display/nd_aap_ready_elections_feb_2025

#newdelhi #delhi #india #press #news #politics #aap #bjp #elections #elections2025 #strategy #candidates #BattleReady #BattleForDelhi #FightForDelhi

Enjoy tracker free reading with us. #privacy #privacymatters


"The rapid expansion of educational technologies (EdTech) has introduced serious concerns about human rights protection in educational spaces. This briefing explores the impact of facial recognition technology (FRT) and heightened surveillance in these settings, highlighting many complex and multifaceted issues that demand careful consideration from a human rights perspective.

From the erosion of privacy and the securitisation of educational spaces - that undermines the learning and growth processes - to the perpetuation of bias and discrimination, and the lack of data protection safeguards, not to mention the role of private interests, this briefing explains why we believe that iIt is crucial to ban FRT in educational spaces and stop its use now.

At the end of the briefing, we share a roadmap of key issues that it is necessary to consider for anyone thinking of introducing FRT in educational spaces to help analyse its impact on human rights."

https://privacyinternational.org/advocacy/5469/pis-briefing-critical-examination-facial-recognition-implementation-educational

#UK #FacialRecognition #Biometrics #Surveillance #Privacy #FRT


5 Vulnerabilities found in Ubuntu's Needrestart.

That could allow a local attacker to gain root privileges without requiring user interaction. Needrestart is a utility that scans a system to determine the services that need to be restarted after applying shared library updates.

https://blog.qualys.com/vulnerabilities-threat-research/2024/11/19/qualys-tru-uncovers-five-local-privilege-escalation-vulnerabilities-in-needrestart

#linux #ubuntu #it #security #privacy #engineer #tech #media #news
Multiple decade-old security vulnerabilities have been disclosed in the needrestart package.

The vulnerabilities are believed to have existed since the introduction of interpreter support in needrestart 0.8, which was released on April 27, 2014.

"These needrestart exploits allow Local Privilege Escalation (LPE) which means that a local attacker is able to gain root privileges," Ubuntu said in an advisory, noting they have been addressed in version 3.8.

<https://ubuntu.com/blog/needrestart-local-privilege-escalation>

The 5 flaws are listed below:

• CVE-2024-48990 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
• CVE-2024-48991 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by winning a race condition & tricking needrestart into running their own, fake Python interpreter.
• CVE-2024-48992 [CVSS score: 7.8] - A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable.
• CVE-2024-11003 [CVSS score: 7.8] and CVE-2024-10224 [CVSS score: 5.3] - Two vulnerabilities that allows a local attacker to execute arbitrary shell commands as root by taking advantage of an issue in the libmodule-scandeps-perl package. (before version 1.36)


Cape has been selling a privacy-focused cellphone service to the U.S. military, now offering to high-risk members of the public


Smartphone screen showing title Dashboard. Below that is text stating Good morning, you are rotating personas every 6 hours. Below that it lists the previous persona rotations with the date and time of each.
Cape runs its own mobile core, all of the software necessary to route messages, authenticate users, and basically be a telecom. Ultimately, this gives Cape the control to do more privacy-enhancing things, such as periodically give its phones a new IMEI—a unique identifier for the phone—and new IMSI—a similar identifier, but one attached to the SIM card (or eSIM in Cape’s case). The phone can also give itself a new mobile advertising identifier (MAID), which is an identifier advertising ecosystems and apps use to track peoples’ web browsing activity and is sometimes linked to their physical movement data. Cape said the IMEI and MAID rotation is handled by the custom Cape handset, which runs standard up-to-date Android.

Cape lets users create bundles of these identifiers, called “personas”, then cycle through them at different points. This means that during some attacks, a Cape phone may look like a different phone each time.

Well, this is a very interesting phone. Whether governments really want their citizens (or their terrorists or child molesters) to have these devices is another story…

The author also raises an intriguing point about why has AT&T and other phone networks not offered something like this before. The easy answer is wire-tapping requirements (remember the NSA vs PGP encryption in the 1990’s). Google could have offered encrypted email too if it wished, but reading our mail helps fuel its advertising business.

But way more shocking in the linked article, was the statement by the author that they have not owned a smartphone since 2017! I get that you can do a lot on your desktop (like I do), but even I realised that I needed that banking app to do 2FA when approving payments, or SMS for some sites still to authenticate access, and needed Waze to navigate through ever denser traffic, etc. Even the poorest of the poor in our country now at least have a feature phone.

I find it difficult enough telling many people, no, really, I don’t have WhatsApp when they want to send receipts to me via WhatsApp.

See https://www.404media.co/i-dont-own-a-cellphone-can-this-privacy-focused-network-change-that
#Blog, #privacy, #technology


How to set up a mimimal/blank new tab page on Ungoogled Chromium that conforms to your system’s dark mode setting:

https://github.com/ungoogled-software/ungoogled-chromium/issues/1675#issuecomment-2490597528

PS. You can install Ungoogled Chromium easily on macOS using Homebrew:

```shell
brew install --cask eloston-chromium
```

For more macOS setup/configuration tips see my quick gist:

https://codeberg.org/aral/gists/src/branch/main/mac-setup.md

#ungoogledChromium #chromium #chrome #minimal #newTabPage #aesthetics #accessibility #privacy #configuration #web


फिर टला दिल्ली यूनिवर्सिटी छात्र संघ चुनाव का रिजल्ट।

https://aliyesha.com/sub/articles/news/display/nd_du_student_election_result_postponed

#newdelhi #delhi #india #press #news #politics #university #elections #results

Enjoy tracker free reading with us. #privacy #privacymatters


कृष्णा गांव के ग्रामीणों की प्रेरणादायक पहल: सामूहिक प्रयास से बेटियों का कन्यादान।

https://aliyesha.com/sub/articles/news/display/uk_villagers_support_each_other_marriages

#uttarakhand #dehradun #india #press #news #inspirational #rural #village #CommunitySupport #marriage #NewThinking

Enjoy tracker free reading with us. #privacy #privacymatters


T-Mobile US monitoring China's 'Industry-wide Attack' amid fresh Security Breach Fears.

T-Mobile has joined a list of major organizations like AT&T, Verizon & Lumen Technologies that have been singled out as part of what appears to be a full-blown Chinese threat actors cyber espionage campaign.

https://www.wsj.com/politics/national-security/t-mobile-hacked-in-massive-chinese-breach-of-telecom-networks-4b2d7f92

#us #telecom #companies #breach #it #security #privacy #engineer #media #tech #news
U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information.

The adversaries, tracked as Salt Typhoon, breached the company as part of a "monthslong campaign" designed to harvest cellphone communications of "high-value intelligence targets." It's not clear what information was taken, if any, during the malicious activity.

"T-Mobile is closely monitoring this industry-wide attack, and at this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts to customer information," a spokesperson for the company was quoted as saying to The Wall Street Journal. "We will continue to monitor this closely, working with industry peers and the relevant authorities."
The FBI and CISA noted that the cyber-attacks the telecoms providers resulted in the "theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to US law enforcement requests pursuant to court orders."

Previous reports suggested that the Chinese snoops, after breaking into the telco’s networks, accessed the wiretapping backdoor-like systems used for court-ordered surveillance and targeted phones belonging to people affiliated with US Democratic presidential candidate Kamala Harris, as well as Republican president-elect Donald Trump and VP-elect JD Vance.

<https://www.fbi.gov/news/press-releases/joint-statement-from-fbi-and-cisa-on-the-peoples-republic-of-china-targeting-of-commercial-telecommunications-infrastructure>


Pay or OK: Verleger warnen vor Frontalangriff auf Geschäftsmodell der Presse​ | heise online https://www.heise.de/news/Pay-or-OK-Verleger-warnen-vor-Frontalangriff-auf-Geschaeftsmodell-der-Presse-10048105.html #Datenschutz #privacy #DSGVO #GDPR #journalism #Journalismus


Today on Interviews With Homophobes…

#BrendanEich #prop8 #privacy #cryptoBros https://kafeneio.social/@foufoutos/113504298348385814


“A parliamentary committee examining the impact of #SocialMedia on #Australian society has recommended users be given the power to alter, reset or turn off #algorithms, as well as be provided with greater #privacy protections but has stopped short of recommending a #ban on under-16s accessing social media.”

#labor / #Austech / #surveillance <https://theguardian.com/technology/2024/nov/18/australian-parliamentary-inquiry-stops-short-of-backing-social-media-ban-for-under-16s>


with the possibility of street action picking up again in the coming months, here's a guide i wrote to help ppl prepare for what to expect when there's a possibility of getting arrested (and maybe why they want to avoid it whenever possible)

https://howtogetarrested.puter.site

#election #election2024 #harris #trump #protest #protestSafety #movementSecurity #mobilizing #organizing #harmReduction #resistance #activism #postElectionPrep #infosec #privacy #PreparednessNotParanoia


Decidí hacer una pequeña publicación en esta plataforma de microblogging ya que el blog de TKZ no parece usar markdown (y a mi me encanta jaja)

Es un paso a paso de como instalar Microg en teléfonos que no cuenten con custom ROMs, espero que les guste :catjam:

Y si por casualidad conocen alguna forma de no tener que usar Imgur para las imagenes (tipo usar hosting o algo asi) desde el teléfono, porfa haganmelo saber, thx :NKO_regalo:

https://rentry.co/c4bc9bho

#Android #Foss #Privacy #Blog #Root
Portada del blog, de color beige con el icono de Google y una equis en el medio y al lado la frase "No More Google"


There is a long battle
ahead of us. It will be essential to regroup, to support each other, and to protect each other.

This will affect many aspects of our lives, including data privacy.

When authoritarians want
control over their population, they seek data and they seek to kill privacy.

Because privacy means democracy,
because privacy means freedom, and
because privacy becomes a tool for popular resistance.

Be ready to fight for
your privacy rights.

This is vital.

#Privacy #PrivacyIsAHumanRight
#USpol


Microsoft fixes 91 Vulnerabilities & 4 Zero-Days.

Microsoft’s November Patch Update fixes 91 Windows security vulnerabilities, including 4 zero-days. The critical fixes address actively exploited flaws in Windows. It is strongly recommended that users apply these updates as soon as possible to mitigate possible security risks. Updates can be installed via Windows Update.

https://msrc.microsoft.com/update-guide/

#microsoft #windows #update #it #security #privacy #engineer #media #tech #news
It is worth noting that, four vulnerabilities are rated as critical, including two remote code executions and two elevations of privilege flaws.

The two actively exploited zero-day vulnerabilities are:

• CVE-2024-43451: An NTLM Hash Disclosure Spoofing Vulnerability that exposes NTLMv2 hashes to remote attackers with minimal user interaction, such as selecting or right-clicking a malicious file.
• CVE-2024-49039: A Windows Task Scheduler Elevation of Privilege Vulnerability allowing attackers to execute RPC functions typically restricted to privileged accounts, potentially leading to unauthorized code execution or resource access.

Additionally, two publicly disclosed but not actively exploited vulnerabilities were addressed:

• CVE-2024-49040: A Microsoft Exchange Server Spoofing Vulnerability enabling threat actors to spoof sender email addresses to local recipients.
• CVE-2024-49041: A Windows MSHTML Platform Spoofing Vulnerability that could be leveraged to deceive users into interacting with malicious content.

The 91 vulnerabilities fixed in this update are categorized as follows:

• 3 Spoofing vulnerabilities
• 4 Denial of Service vulnerabilities
• 1 Information Disclosure vulnerability
• 26 Elevation of Privilege vulnerabilities
• 2 Security Feature Bypass vulnerabilities
• 52 Remote Code Execution vulnerabilities.


Of course, I could just be a paranoid online conspiracy idiot but the timing is curious - dumping all this stuff right before summer, flying the social media kids ban flag while hinting an online certification system will be required to implement it while simultaneously rejigging myGov into myID .

Then there's the senate committee smoking gun.

Nah, I think there's a strong possibility some idiots have a strategy that doesn't involve being upfront. We studied the Australia Card, and the Data Retention sell was a complete fuck up. They're probably terrified of both instances, as would be the minister.

Happy to be wrong but all this stinks of subterfuge and an attempt to get the public (and old media) to sleepwalk into a surveillance trap.

#auspol #privacy #myid


What's a reasonable argument *for* a Federal Government digital ID? Like what actual use is it (apart from the surveillance aspect). What will it bring to the table that isn't already covered?

Can't think of one and the government hasn't made any argument in the media release - just 'Presto, here it is.'

Trying to anticipate what a minister will blather on about if challenged. 'We are centralising government records?' That's already been done, albeit badly.

Who or what is going to ask you to present it? Porn sites? Social media? Is that the only route this goes down? They're just going to trot out the same old criminals, paedophiles and terrorist lines aren't they. Somehow a Federal Government ID stops all that... somehow...

It's fucking perplexing.

#auspol #privacy #myid


Welp, all signs point to a looming privacy battle with the Australian Government who seem set on sneaking in a comprehensive surveillance system data matching tax, health and other government records to social media accounts. People's Republic of China would approve.

These are fun. We'll need all the arts, legal, media, politics and tech skills we can muster. Fortunately, appears a proliferation of them abound in these here parts.

Not an easy battle to win against entrenched political parties and their old media propaganda wings but to misquote the Taliban, 'We thank god our enemies are idiots.'

https://www.ato.gov.au/media-centre/mygovid-is-now-called-myid

https://ia.acs.org.au/article/2024/not-just-kids--everyone-to-be-age-verified-for-social-.html

#auspol #privacy #myid
Marketing image for Australian Government's 'myID' initiative. 

Portrays two smart phones, one at an angle, the other forward facing showing the 'myGovID' logo and 'myID' logos respectively.


Lot of extremists here, unfortunately.

"How dare you use Twitter to spread your message. How dare you maintain a crypto product. I'm disappointed in you."

"You're using Google's services and therefore you don't care about privacy. AI? The horror! You don't belong here."

We gotta understand:
  • Firstly, it's none of our business
  • Second, who are we to judge.
We don't know the context of that person's life. We don't know under what circumstances are they having to use those services.

I have faced this a lot of times. I receive blatant evisceration and harsh criticism and questions because I was asking for help or making a remark about my use of a big tech service. Well, it may not have been that bad, but in a situation where you're asking for and expecting help, and you I stead receive this, it definitely sucks.

There were times when I had to literally tell people that their comments are useless for me, because they really were.

We gotta understand that not all people can switch to Firefox, or daily drive GrapheneOS, or search in DuckDuckGo, or migrate to Proton Mail, or from Twitter to Mastodon.

And that should be okay with us. We can't force stuff onto people. We might instead respect individual choices while equipping them with the required information and reasons to switch to better alternatives.

No open source software (or proprietary, for that matter) is perfect. Better to acknowledge the shortcomings and collectively improve instead of vigorously fighting on them. BROWSER WARS ARE STUPID.

It would do us and the community at large a huge service if we took the time to understand the entire context before jumping in with free advice.

We are SO divided over silly things sometimes. We can do better by our people. Let's work to make this a more constructive and helpful space.

Peace.

#Privacy
#Mastodon
#Fediverse
#Technology
#Community
#Positivity
#FOSS


"Senator Slams Gun Industry’s 'Invasive and Dangerous' Sharing of Customer Data With Political Operatives"

https://www.propublica.org/article/blumenthal-slams-gun-industry-customer-data-investigation

In response to a ProPublica investigation, Sen. Richard Blumenthal demanded answers from the gun industry about its 'covert program' to collect information on gun owners for political purposes."

#data #guns #privacy #press


Senator Slams Gun Industry’s “Invasive and Dangerous” Sharing of Customer #Data With Political Operatives


In response to a ProPublica investigation, Sen. Richard Blumenthal demanded answers from the gun industry about its “covert program” to collect information on gun owners for #political purposes.

#News #Guns #Privacy #Politics #Business

https://propub.li/4er0KaE


"Don’t judge a book by its cover – how a technology is named doesn’t tell you how it is used. This is the case with Data Clean Rooms (“DCRs”), which are not rooms, do not clean data, and have complicated implications for user privacy, despite their squeaky-clean name.

Data Clean Rooms are cloud data processing services that let companies exchange and analyze data, restrained by rules that limit data use. They are typically used when two companies want to exchange limited information about their customers. For example, a newspaper and a grocery store might use a DCR to evaluate the efficacy of an advertisement by identifying grocery sales made to newspaper subscribers. However, a close examination of DCRs yields an evergreen lesson: even if privacy enhancing technologies alone can’t protect privacy and even if they address some privacy risks, they can contribute to others.

In some cases, DCRs can add privacy protections to the handling of consumer data. In others, disclosure of consumer data via DCRs presents the same privacy risks as disclosure through other means like tracking pixels. DCRs, like other technologies that claim to protect privacy, can also be used to obfuscate privacy harms."

https://www.ftc.gov/policy/advocacy-research/tech-at-ftc/2024/11/data-clean-rooms-separating-fact-fiction

#USA #FTC #DataCleanRooms #DCRs #Privacy #DataProtection


→ Why the #Guardian is no longer posting on X
https://www.theguardian.com/media/2024/nov/13/why-the-guardian-is-no-longer-posting-on-x

“#X is a #toxic #media platform and […] its owner Elon #Musk has been able to use its influence to shape political discourse”

“we can do this because our business model does not rely on #viral content tailored to the whims of the #social media giants’ #algorithms
↳Yes. Fake news, polarization, and controversial content are largely the results of the #ad and #privacy harvesting #business model

cc @mediapart


Gini Health Mohali expands to Gini Advanced Care Hospital with new 30-Bed ICU facility.

https://aliyesha.com/sub/articles/news/display/pb_gini_health_expands_gini_care_hospital

#punjab #mohali #india #press #news #health #medical #Diabetes #DiabetesDay #hospital #ICU #HealthCare #NewFacility

Enjoy tracker free reading with us. #privacy #privacymatters


Bihar JDU holds strategic meeting for upcoming assembly elections.

https://aliyesha.com/sub/articles/news/display/bh_jdu_strategic_meeting_assembly_election

#bihar #patna #india #news #press #politics #jdu #AssemblyElections #elections #elections2025

Enjoy tracker free reading with us. #privacy #privacymatters


Wenn du über aktuelle Beiträge informiert werden möchtest, kannst du dem Blog auf verschiedenen Kanälen folgen, dich mit uns austauschen und aktiv am Diskurs teilnehmen. 👇

• Folgen: https://www.kuketz-blog.de/bleib-aktuell/
• Forum: https://www.kuketz-forum.de/
• Chat: https://www.kuketz-blog.de/chat/

Bleib informiert und diskutiere mit!

#blog #sicherheit #security #datenschutz #privacy #mastodon #newsletter #rss #matrix #signal #discourse #forum


दिल्ली में आज होगा मेयर का चुनाव, एलजी ने बीजेपी पार्षद को बनाया चुनाव अधिकारी, किसका पलड़ा भारी ?

https://aliyesha.com/sub/articles/news/display/nd_today_mayor_election_mcd_2024

#newdelhi #delhi #india #press #news #politics #mayor #mcd

Enjoy tracker free reading with us. #privacy #privacymatters


The ATO is sending me text messages despite my communications preferences clearly telling them not to do this. This time I've lodged a formal complaint with themselves. The next time I'll lodge it with Scamwatch

#Privacy
Communications preferences screen from my ATO MyGov account  which says "All ATO communications will be sent to your myGov inbox or your postal address that we have on record."


"Officials inside the Secret Service clashed over whether they needed a warrant to use location data harvested from ordinary apps installed on smartphones, with some arguing that citizens have agreed to be tracked with such data by accepting app terms of service, despite those apps often not saying their data may end up with the authorities, according to hundreds of pages of internal Secret Service emails obtained by 404 Media.

The emails provide deeper insight into the agency’s use of Locate X, a powerful surveillance capability that allows law enforcement officials to follow a phone, and person’s, precise movements over time at the click of a mouse. In 2023, a government oversight body found that the Secret Service, Customs and Border Protection, and Immigration and Customs Enforcement all used their access to such location data illegally. The Secret Service told 404 Media in an email last week it is no longer using the tool."

https://www.404media.co/fyi-a-warrant-isnt-needed-secret-service-says-you-agreed-to-be-tracked-with-location-data/

#USA #LocationData #Geolocation #Surveillance #Privacy #DataProtection #Intelligence #LocateX


“It's infinitely safer to convince 500 people to withdraw their money from Wells Fargo and Chase so they can't fund a defense contractor or the next pipeline than it is to redecorate a few of their branches. (It leaves a bigger dent too.)”

https://kolektiva.social/@tothedaring/113460078355087435

#civilDisobedience #massNoncooperation #directAction #organizing #protest #resistance #activism #MovementSecurity #MoSec #privacy #infosec #movementorganizing #harmreduction #safety #protestSafety #harris #trump #election #election2024 #democrats


Chief Minister Sukhu to personally monitor key sectors for making Kangra the tourism capital.

https://aliyesha.com/sub/articles/news/display/hp_cm_sukhu_kangra_tourism_capital

#himachal #dharamshala #india #press #news #kangra #airport #zoo #MilkPlant #tourism #WaterSports #PongDam

Enjoy tracker free reading with us. #privacy #privacymatters


Prime Minister Narendra Modi lays foundation for AIIMS Darbhanga, launches development projects across Bihar.

https://aliyesha.com/sub/articles/news/display/bh_pm_modi_lays_foundation_aiims_projects_bihar

#bihar #patna #india #news #press #politics #aiims #medical #education #doctor #bjp #pmmodi #nitishkumar #governance

Enjoy tracker free reading with us. #privacy #privacymatters


https://www.wired.com/story/the-wired-guide-to-protecting-yourself-from-government-surveillance/

Wired has published a guide to protecting yourself from surveillance by the US government

The guide discusses the potential increase in government surveillance under a second Trump administration and offers advice on upgrading personal privacy protections, including using end-to-end encrypted messengers and securing devices.

#privacy #security #civilrights


"On Monday Amazon confirmed a breach of employee data which was published on a crime-focused forum, according to a statement from Amazon to 404 Media.

The data includes the employees’ name, work contact information, and what location they work at, and has more than 2.8 million lines of data, according to the post on Breach Forums. The post says the source of the data was MOVEit, which is suite of cloud data management tools.

“Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about [a] security event at one of our property management vendors that impacted several of its customers including Amazon. The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations,” an Amazon spokesperson told 404 Media in an email."

https://www.404media.co/amazon-confirms-breach-of-employee-data/

#Amazon #DataBreach #DataProtection #Privacy #Hacking #CyberSecurity


Darbhanga AIIMS is a Major Step in Healthcare: Dr. Dilip Jaiswal.

https://aliyesha.com/sub/articles/news/display/bh_darbhanga_aiims_major_step_jaiswal

#bihar #patna #india #news #press #politics #aiims #medical #education #doctor #bjp #pmmodi

Enjoy tracker free reading with us. #privacy #privacymatters