Google Chrome se prepara para eliminar las cookies de terceros con el despliegue de Privacy Sandbox

https://www.computekni.com/2023/06/google-chrome-se-prepara-para-eliminar.html

Google continúa avanzando en su iniciativa de bloquear las cookies de terceros, que pueden rastrear la actividad de los usuarios en Internet. La compañía ha confirmado que en tan solo unos meses comenzará el despliegue de Privacy Sandbox, un sistema diseñado para eliminar de forma definitiva las cookies de terceros en su navegador web, Google Chrome.
.
.
#Chrome #sandbox #privacy

#privacy
#humanrights
#monopoly
#platforms

Amazon Ring, Alexa accused of every nightmare IoT security fail you can imagine

Staff able to watch customers in the bathroom? Tick! Obviously shabby infosec? Tick! Training AI as an excuse for data retention? Tick!

https://www.theregister.com/2023/06/01/ftc_alexa_ring_amazon_settlement/

Clearview AI is redefining our #privacy. The New York-based tech company is working to #identify and compile the #faces of every human being on the planet. Clearview AI claims that the #database will serve as a force for good, helping to solve crimes and prevent espionage. But the risks it carries are immense

#facialrecognition

https://www.france24.com/en/tv-shows/reporters/20230602-your-face-is-ours-the-dangers-of-facial-recognition-software

Hello everyone! Those of you that use a VPN for privacy. Do you happen to know an alternative to Mullvad VPN? Their 5€/month price is great, but I can't find an equivalently priced VPN with port forwarding and good privacy. Sadly Mullvad is removing port forwarding and I need to migrate...🥴 (Just bought it)

Thanks!

#VPN #mullvad #privacy

INTERNET ENGINEERING TASK-FORCE: Reflections 10 Years Since Snowden Revelations

#News #privacy #Snowden #surveillance #spying #HumanRights #IETF #engineering #internet #security #infosec #cybersecurity #tech

https://www.ietf.org/archive/id/draft-farrell-tenyearsafter-00.html

"With #AI, they could be used for all sorts of malicious tasks, including leaking people’s private information and helping criminals phish, spam, and scam people. Experts warn we are heading toward a #security and #privacy disaster.”

https://www.technologyreview.com/2023/04/03/1070893/three-ways-ai-chatbots-are-a-security-disaster/

Three ways AI chatbots are a security disaster 

Large language models are full of security vulnerabilities, yet they’re being embedded into tech products on a vast scale.

^{Melissa Heikkilä (MIT Technology Review)}

Edward Snowden and Ben Goertzel on the #AI Explosion and Data #Privacy

https://yewtu.be/watch?v=4H_iWpWG_c0

Edward Snowden and Ben Goertzel on the AI Explosion and Data Privacy

Former defense contractor and activist Snowden and cognitive scientist Goertzel discuss the surveillance implications of recent advancements in AI at Consensus 2023.

^{CoinDesk | Invidious}

The attack on encryption in Europe is very real. We obtained a leaked document from the EU showing Spanish officials want to ban end-to-end encryption.

Beyond this, the document shows the views of 20 countries on encryption, and how it relates to a controversial proposed law that would allow companies to scan people's chats to hunt for child sexual abuse material.

The majority said they are in favour of some form of scanning of encrypted messages.

The document also reveals that a lot of countries don't appear to know how end-to-end encryption works, with many proposals being technically infeasible.

https://www.wired.com/story/europe-break-encryption-leaked-document-csa-law/

#tech #encryption #chatcontrol #news #technology #privacy

Leaked Government Document Shows Spain Wants to Ban End-to-End Encryption

In response to an EU proposal to scan private messages for illegal material, the country's officials said it is “imperative that we have access to the data.”

^{Lily Hay Newman (WIRED)}

Spain supports mass #surveillance and the assault on #privacy.

Leaked government document shows Spain wants to ban end-to-end encryption. Of the 20 EU countries represented in the document leaked to WIRED, the majority said they are in favor of some form of scanning of encrypted messages, with Spain’s position emerging as the most extreme.

https://www.wired.com/story/europe-break-encryption-leaked-document-csa-law/

Leaked Government Document Shows Spain Wants to Ban End-to-End Encryption

In response to an EU proposal to scan private messages for illegal material, the country's officials said it is “imperative that we have access to the data.”

^{Lily Hay Newman (WIRED)}

🧬 SR134 is finally here with nearly an hour of #privacy & #security news!

- Your DNA is everywhere
- A free smart TV that's too good to be true
- A KeePass vulnerability
- More!

Tune in now: https://surveillancereport.tech
YouTube: https://youtu.be/ddMP9nI-E48

It Turns Out Your DNA is EVERYWHERE - SR134

Human DNA can be found literally everywhere, a free smart TV that’s too good to be true, a serious KeePass vulnerability, and more!Welcome to the Surveillanc...

^YouTube

US tech giant Meta has been hit with a record €1.2 billion fine for not complying with the EU’s privacy rulebook.

The Irish Data Protection Commission announced on Monday that Meta violated the General Data Protection Regulation (GDPR) when it shuttled troves of personal data of European Facebook users to the United States without sufficiently protecting them from Washington's data surveillance practices.

https://www.politico.eu/article/eu-hits-meta-with-record-e1-2b-privacy-fine/

#EU #GDPR #Privacy #Meta #Facebook

EU hits Meta with record €1.2B privacy fine

Tech giant transferred Europeans’ data to the US unlawfully, Irish privacy regulator said.

^{Clothilde Goujard (POLITICO)}

SimpleX Chat v5.1-beta.1 is released!

New in v5.1-beta.1:
- message reactions - finally! - only 6 for now: 👍👎😀😢❤️🚀
- self-destruct passcode.
- voice messages up to 5 minutes, with 2x quality and playback slider.
- custom time to disappear - can be set just for one message.
- message editing history.
- a setting to disable audio/video calls per contact.
- group welcome message visible in group profile.

Install the apps via the links here: https://github.com/simplex-chat/simplex-chat#install-the-app

#privacy #security #messenger

GitHub - simplex-chat/simplex-chat: SimpleX - the first messaging platform operating without user identifiers of any kind - 100% private by design! iOS and Android apps are released 📱!

SimpleX - the first messaging platform operating without user identifiers of any kind - 100% private by design! iOS and Android apps are released 📱! - GitHub - simplex-chat/simplex-chat: SimpleX - ...

^GitHub

Use FIDO U2F security keys with Fedora Linux 🔑
https://fedoramagazine.org/use-fido-u2f-security-keys-with-fedora-linux/

Hardware security keys are a form of multi-factor authentication for logging into important accounts. If you were thinking about getting a one, it's good to know Fedora supports them.

But remember to get two so you can make a backup!
#Fedora #FIDO #security #privacy

Use FIDO U2F security keys with Fedora Linux - Fedora Magazine

A FIDO U2F security key is a small USB and/or NFC based device. It is a hardware security token with modules for many security related use-cases. There are several brands of FIDO compliant keys, including NitroKey, SoloKey v2, and YubiKey.

^{Alexander Wellbrock (Fedora Project)}

Our new Contact Scopes feature is now available in the Alpha channel. It provides a way to avoid granting the Contacts permission for apps requiring it. It's similar to our Storage Scopes feature replacing needing any of the media/storage permissions.

https://grapheneos.social/@GrapheneOS/110382121185752120

#ContactScopes #StorageScopes #permissions #sandbox #android #GrapheneOS #privacy #security

#washingtonpost investigation finds #Google still retains #locationData about users who visit clinics, hospitals and other ‘particularly personal’ locations, despite Google’s commitment to delete it

https://www.washingtonpost.com/technology/2023/05/09/google-privacy-abortion-data/

#locationprivacy #privacy #dataprotection #mobility #MobilityData #gischat #lbs #locationbased

Random Website: You need to set up #2FA with your phone number!

Me: Why?

Website: In case we get hacked!

Me: I don't really care, no one even knows about this account and it doesn't have my personal information.

Website: You misunderstand, it's so that in case we get hacked, we HAVE your information to leak to the hackers. They worked hard and deserve it! Also we sell your account to ad companies but they're not interested unless they can tie it to a real person.

#security #privacy #web

Teaser

#offline #localfirst #privacy #Linux #GNOME #app

#YouTube blocking my #adblocker? Maybe reduce the frequency of #advertising interruptions and I’ll consider turning mine off. https://apple.news/AUR1RileFSuyKNE6wLNuKyw

Anyone notice this is happening at the same time #Google is working on the final stages of removing support for #Chrome #browser extensions that dynamically examine and modify web requests, e.g., strong #adblockers like #uBlockOrigin, in favor of their more restrictive #ManifestV3 spec? https://www.eff.org/deeplinks/2021/12/chrome-users-beware-manifest-v3-deceitful-and-threatening

#privacy #security #infosec

YouTube is going to stop you from using ad blockers — here’s how — Tom's Guide

YouTube is testing out a new feature that prevents the use of ad-blocking software — and this could make a YouTube Premium subscription practically essential.

^apple.news

Auditor app version 70 released: https://github.com/GrapheneOS/Auditor/releases/tag/70.

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

Forum discussion thread:

https://discuss.grapheneos.org/d/4972-auditor-app-version-70-released

See https://attestation.app/about and https://attestation.app/tutorial for info about the app and optional monitoring service.

#GrapheneOS #privacy #security #android #attestation #VerifiedBoot #MeasuredBoot #HSM #SecureElement #auditor

Release 70 · GrapheneOS/Auditor

Notable changes in version 70: add Pixel 7a support disable attest key downgrade support which was used to work around a bug discovered/reported by GrapheneOS causing attest keys becoming unusable...

^GitHub

First experimental release of GrapheneOS for Pixel 7a is available. Can be installed via our staging site web installer or downloaded from the releases page for CLI install.

https://staging.grapheneos.org/install/web
https://staging.grapheneos.org/releases

We don't have a Pixel 7a yet so it's entirely untested.

#grapheneos #privacy #security #experimental #pixel7a #7a

GrapheneOS web installer

Web-based installer for GrapheneOS, a security and privacy focused mobile OS with Android app compatibility.

^GrapheneOS

Sometimes criminals close the door when plotting crimes.

“We should ban doors!” 🚫🚪

Sometimes criminals hide weapons under their clothes.

“We should ban clothes!” 🚫👖

🙃

Do not fall for these misguided arguments.

Most of the time people use end-to-end encrypted apps to talk about the most mundane things.

Sometimes vulnerable people use end-to-end encryption to protect themselves and stay safe.

We should keep and cherish encryption.

We should demand it everywhere.

End-to-end encryption protects our human right to privacy and safety.

We must fight for it! ✊🔒

#RootForE2EE #E2EE #Encryption #Privacy

We'll be heavily prioritizing adding support for the Pixel 7a, Pixel Tablet and Pixel Fold. It has been years since we supported a tablet (Nexus 9) and there will likely be additional work to support the form factor properly. Pixel Fold is a new form factor and may be difficult.

#grapheneos #privacy #security #pixel #pixel7a #pixeltablet #pixelfold

Encrypted messaging provider: “We make our money selling this to the police.”

Tech folks: This is cool and normal.

#matrix #element #privacy #acab #e2ee #messaging

By default, #Thunderbird automatically blocks images in your emails from being displayed -- because many of those images may contain tracking code.

(Sometimes these images are tiny "tracking pixels" you may not even see).

Take your protection one step further by installing #uBlock Origin, now an official Thunderbird Add-on: https://addons.thunderbird.net/en-US/thunderbird/addon/ublock-origin/

#Privacy #Email

uBlock Origin

Finally, an efficient blocker. Easy on CPU and memory. uBlock Origin (uBO) is a CPU and memory-efficient wide-spectrum content blocker that blocks ads, trackers, coin miners, popups, annoying anti-blockers, etc.

^{addons.thunderbird.net}

Should we (climatejustice.social, ....global, ...rocks, wien.rocks, fedi.at, mtg.garden, ...) block all instances hosted by #Google?

This includes ard.social (instance of a German TV broadcaster) and a few no-name instances you can find here by searching for "google": https://greenfediverse.codeberg.page/green-instances/

#poll #GAFAM #privacy #SurveillanceCapitalism

• yes (25%, 24 votes)
• no (46%, 44 votes)
• i don't know (26%, 25 votes)
• i don't care (2%, 2 votes)

LEAVE GOOGLE NOW: (or yesterday)

"All you will have to do is verify your identity on the device using a PIN unlock code, biometrics such as a fingerprint or face scan, or a more sophisticated physical security dongle."

#passkey
#monopoly
#security
#privacy
#humanrights

https://www.aljazeera.com/news/2023/5/4/google-to-abolish-passwords-for-passkeys-heres-what-to-know

A crucial research paper on what are "Central Bank Digital Currencies" (CBDC's) and their threats for privacy, freedom & democracy.

Dozens of States are cooking that totalitarian tech, and very few citizens do understand what it'll mean in our daily life.

To read, share, print & debate about!!

https://www.btcpolicy.org/articles/why-the-u-s-should-reject-central-bank-digital-currencies

#cbdc #money #monero #bitcoin #privacy #surveillancecapitalism #surveillancesocialism

Content warning: Problems with BlueSky Terms of Service and Privacy Policy Reveal/hide

If you are considering joining #bluesky, you should read the Terms of Service and #Privacy Policy first.

(from @ashleygjovik , who is also on Twitter)

1) BlueSky Terms of Service gives Jack a 'perpetual' & 'irrevocable' license to all your content (posts, name, likeness, pics)

BlueSky can delete your account for any reason, but may refuse to delete it if you ask

You can't screenshot BlueSky

All disputes = individual arbitration

2) BlueSky's Privacy Policy says they'll stalk everything you do on the site, but also what you were doing before you got there & what you do after

They'll use cookies, pixel tags, & web beacons on app, web, & emails to stalk you all over the web

They'll use info for targeted ads

3) BlueSky's Privacy Policy says that there's no such thing as good InfoSec & if anything happens to your data because they don't care, it's 100% not their fault

They 'may' 'attempt' to notify you of a breach

Reminder: if you want to argue this, its individual private arbitration.

4) You can ask to have your account deleted, but they may or may not approve that request. "you may request deletion of your account, which we will consider on a case by case basis"

5) "But isn't this standard ToS? " It's definitely not

Spend like five minutes putting in the effort to pull up the ToS for a few of the platforms & compare the sections

This is much worse than usual

----

Rebuttal from BlueSky CEO in screen shot

Google has just updated its 2FA Authenticator app and added a much-needed feature: the ability to sync secrets across devices.

TL;DR: Don't turn it on.

The new update allows users to sign in with their Google Account and sync 2FA secrets across their iOS and Android devices.

We analyzed the network traffic when the app syncs the secrets, and it turns out the traffic is not end-to-end encrypted. As shown in the screenshots, this means that Google can see the secrets, likely even while they’re stored on their servers. There is no option to add a passphrase to protect the secrets, to make them accessible only by the user.

Why is this bad?

Every 2FA QR code contains a secret, or a seed, that’s used to generate the one-time codes. If someone else knows the secret, they can generate the same one-time codes and defeat 2FA protections. So, if there’s ever a data breach or if someone obtains access .... 🧵

#Privacy #Cybersecurity #InfoSec #2FA #Google #Security

Waouh! We caught Der Spiegel's attention with the Murena One and /e/OS! 📰

Thank you Der Spiegel @mkremp for this comprehensive and balanced test drive.

"a pleasantly simple and convenient way to fulfill the dream of a (...) smartphone without Google, without having to give up cherished apps."

#myDataIsMYdata

#degoogled #smartphones #privacy #opensource

@murena@e_mydata

Article in 🇩🇪:
https://www.spiegel.de/netzwelt/gadgets/murena-one-im-test-ein-smartphone-ohne-google-a-ddb1f5dd-5d19-4b5e-a3c9-806367c060d6