Beiträge, die mit Privacy getaggt sind
TLS interception is a process when your protected connection to some website is broken up to examine the content and then forwarded again - transparently for you. This can be legitimate (e.g antivirus check or enterprise compliance) or malicious (surveillance and hacking). Basically it is like opening a letter, peeking (or messing with) the contents, closing it up again and sending on its way.
It looks like 25-30% of all protected traffic is being snooped on.
Since Cloudflare processes around 10% of entire Internet traffic the global picture should look similar. Of course absolute majority of it is made up by enterprise proxies that legitimately inspect employees traffic for malware scanning and other compliance... but still. So much for that green lock being security and privacy panacea 😀
#cloudflare #internet #privacy #tls
Owners of Nokia 7 Plus may have sent sensitive information to a server in China for several months. The Data Inspectorate in Finland has now started investigations after NRK's disclosure.
- Bei Intimarzt.de erhalten Sie anonym, schnell und kostengünstig (24,95 €) eine Einschätzung Ihres intimen Problems durch einen deutschen Facharzt für Geschlechtskrankheiten. Dank der Handlungsempfehlung wissen Sie zudem, was Sie dagegen tun sollten.
#kuketzblog #intimarzt #privacy #security #android #tracking
"I didn't have control": A 14-year-old on why she quit social media
Then, several months ago, when I turned 13, my mom gave me the green light and I joined Twitter and Facebook. The first place I went, of course, was my mom’s profiles. That’s when I realized that while this might have been the first time I was allowed on social media, it was far from the first time my photos and stories had appeared online. When I saw the pictures that she had been posting on Facebook for years, I felt utterly embarrassed, and deeply betrayed.https://www.fastcompany.com/90315706/kids-parents-social-media-sharing
This release fixes many security vulnerabilities. You should upgrade as soon as possible. Electrum in Tails cannot connect anymore to Electrum servers. The version of Electrum in Tails is vulnerable to a phishing attack that tricks people in updating to a malicious version of Electrum which is not distributed from the official Electrum website. You...#privacy #tor
NetworkManager-1.16: Add support for WireGuard VPN tunnels and Wi-Fi Direct connections (Wi-Fi P2P).
============================================= NetworkManager-1.16 Overview of changes since NetworkManager-1.14 ============================================= This is a new stable release of NetworkManager. Notable changes include: * Check connectivity per address family. * Support "main.systemd-resolved" to let NetworkManager configure DNS settings in systemd-resolved without making it the main DNS plugin of NetworkManager. * Write "/var/run/NetworkManager/no-stub-resolv.conf" with original nameservers. That is useful with caching DNS plugins like "systemd-resolved" or "dnsmasq" where "/var/run/NetworkManager/resolv.conf" refers to localhost. * Change default "ipv4.dhcp-client-id" setting for the internal DHCP plugin from "duid" to "mac". This is a change in behavior on upgrade when using the internal DHCP plugin (unless the default is overwritten in "NetworkManager.conf" or specified per connection profile). * Improve handling of DHCP router options with internal DHCP plugin. For one, accept multiple routers and add a default-route to each. On D-Bus expose the original DNS and NTP servers without cleaning up local nameservers. * Allow binding a connections lifetime to the DBus client that activated it. * Add support for establishing Wi-Fi Direct connections (Wi-Fi P2P). * Add support for WireGuard VPN tunnels to NetworkManager. D-Bus API and libnm support all options. nmcli supports creating and managing WireGuard profiles, with the exception of configuring and showing peers. * Add initrd generator to be used by dracut and use it as new way of handling iBFT. * Deprecated "plugins.monitor-connection-files" setting in NetworkManager.conf. This option will have no effect in future versions. * Add AP and Ad-hoc support for iwd Wi-Fi backend. * Warn about invalid settings in "NetworkManager.conf". * Support announcing "ANDROID_METERED" DHCP option for shared mode. * Support SAE authentication as used for 802.11s Meshing and WPA3-Personal. * NetworkManager is no longer installed as D-Bus activatable service. * Mark docker bridges as unmanaged via udev rule. * Add new PolicyKit permission "org.freedesktop.NetworkManager.wifi.scan" for controlling Wi-Fi scanning.
Fedora [module & tools]
# dnf copr enable jdoss/wireguard # dnf install wireguard-dkms wireguard-tools
Red Hat Enterprise Linux / CentOS [module & tools]
# curl -Lo /etc/yum.repos.d/wireguard.repo [url=https://copr.fedorainfracloud.org/coprs/jdoss/wireguard/repo/epel-7/jdoss-wireguard-epel-7.repo]https://copr.fedorainfracloud.org/coprs/jdoss/wireguard/repo/epel-7/jdoss-wireguard-epel-7.repo[/url] # yum install epel-release # yum install wireguard-dkms wireguard-tools
WireGuard in NetworkManager
NetworkManager 1.16 got native support for WireGuard VPN tunnels (NEWS). WireGuard is a novel VPN tunnel protocol and implementation that spawned a lot of interest. Here I will not explain how WireGuard itself works. You can find very good documentation and introduction at wireguard.com.MORE at Gnome.org (config examples, settings, etc.):
- Side by Side Video
- Command-line Interface
- Key Generation
- NAT and Firewall Traversal Persistence
- Demo Server
Fernando Santagata wrote the following post Tue, 19 Mar 2019 20:09:19 +0100
#privacy #tracking #government #web
EU government websites infested with third-party adtech scripts | ZDNet
A total of 112 commercial companies are systematically harvesting this information and tracking us through EU government portals and public services. Ten of these companies have masked their identities, too, which could suggest the problem is deeper than we think.https://www.zdnet.com/article/eu-government-websites-are-infested-with-third-party-trackers/
Once this data is collected, it may end up in the possession of data brokers both in and outside of the ad network industry.
An examination of public sector websites across the EU performed by Cookiebot found that 89 percent of official government websites of EU member states contain third-party ad tracking -- despite these websites not requiring ad support to run.
#Better is a privacy tool for the Safari browser on iPhone, iPad and Mac which protects you from being tracked.
You can find out more at the official site:
You can follow them on the ActivityPub Fediverse at:
#Safari #Privacy #MacOS #iOS #Mac #iPhone #iPad #Alternatives
Richard Stallman, RMS, on Privacy, Data, and Free Software http://nymag.com/intelligencer/2018/04/richard-stallman-rms-on-privacy-data-and-free-software.html
‘No Company Is So Important Its Existence Justifies Setting Up a Police State’
A conversation with legendary programmer Richard Stallman on the real meaning of “privacy rights” and why he only ever uses cash.
Tags: #dandelíon #gnu #privacy #freesoftware #stalllman
via dandelion* client (Source)
To #encrypt or not to encrypt - that's what #Danish businesses must decide.
Businesses in #Denmark must now protect #sensitive personal #data in emails with adequate #encryption due to a strict interpretation of the #GDPR.
#email #e2e #encryption #Tutanota #privacy #security #technology #GDPR #EU
Centinel has developed a groundbreaking solution that guarantees user privacy. Feel completely safe from unwanted GPS tracking, speech recognition, disguised audio recordings, spying by camera, or anything else that you wouldn’t want to share without your consent.
Physical switch to turn all you want off.
Equipped with googleless vanilla Android. Minimized radiation levels – healthier phone usage.
#Centinel #CentinelMobiles #privacy #linuxmobile
Everything we post online or over the phone can be used to track our whereabouts, sell us things or otherwise be used against us. Edward Snowden risked his life to tell us how intelligence agencies are spying on us without constraint. Their FISA warrants are merely a rubber-stamped formality. They use the ’national security’ excuse as a shield and it forbids us from knowing what they’re doing. Whistleblowers are harassed and jailed. Most politicians are compromised and blackmailed. The Fourth Amendment is dead
#facebook #nsa #google #privacy
Last month, Google announced that its Nest Secure would be updated to work with Google Assistant software. The problem? Google never told users its product had a microphone to begin with. Simple…
Article word count: 1018
HN Discussion: https://news.ycombinator.com/item?id=19407147
Posted by johnisgood (karma: 194)
Post stats: Points: 94 - Comments: 39 - 2019-03-16T10:17:05Z
#HackerNews #and #fiasco #googles #harms #invades #nest #privacy #their #trust #user
Technology companies, lawmakers, privacy advocates, and everyday consumers likely disagree about exactly how a company should go about collecting user data. But, following a trust-shattering move by Google last month regarding its Nest Secure product, consensus on one issue has emerged: Companies shouldn’t ship products that can surreptitiously spy on users.
Failing to disclose that a product can collect information from users in ways they couldn’t have reasonably expected is bad form. It invades privacy, breaks trust, and robs consumers of the ability to make informed choices.
While collecting data on users is nearly inevitable in today’s corporate world, secret, undisclosed, or unpredictable data collection—or data collection abilities—is another problem.
A smart-home speaker shouldn’t be secretly hiding a video camera. A secure messaging platform shouldn’t have a government-operated backdoor. And a home security hub that controls an alarm, keypad, and motion detector shouldn’t include a clandestine microphone feature—especially one that was never announced to customers.
And yet, that is precisely what Google’s home security product includes.
Google fumbles once again
Last month, Google announced that its Nest Secure would be updated to work with Google Assistant software. Following the update, users could simply utter “Hey Google” to access voice controls on the product line-up’s “Nest Guard” device.
The main problem, though, is that Google never told users that its product had an internal microphone to begin with. Nowhere inside the Nest Guard’s hardware specs, or in its marketing materials, could users find evidence of an installed microphone.
When Business Insider broke the news, Google fumbled ownership of the problem: “The on-device microphone was never intended to be a secret and should have been listed in the tech specs,” a Google spokesperson said. “That was an error on our part.”
Customers, academics, and privacy advocates balked at this explanation.
“This is deliberately misleading and lying to your customers about your product,” wrote Eva Galperin, director of cybersecurity at Electronic Frontier Foundation.
“Oops! We neglected to mention we’re recording everything you do while fronting as a security device,” wrote Scott Galloway, professor of marketing at the New York University Stern School of Business.
The Electronic Privacy Information Center (EPIC) spoke in harsher terms: Google’s disclosure failure wasn’t just bad corporate behavior, it was downright criminal.
“It is a federal crime to intercept private communications or to plant a listening device in a private residence,” EPIC said in a statement. In a letter, the organization urged the Federal Trade Commission to take “enforcement action” against Google, with the hope of eventually separating Nest from its parent. (Google purchased Nest in 2014 for $3.2 billion.)
Days later, the US government stepped in. The Senate Select Committee on Commerce sent a letter to Google CEO Sundar Pichai, demanding answers about the company’s disclosure failure. Whether Google was actually recording voice data didn’t matter, the senators said, because hackers could still have taken advantage of the microphone’s capability.
“As consumer technology becomes ever more advanced, it is essential that consumers know the capabilities of the devices they are bringing into their homes so they can make informed choices,” the letter said.
This isn’t just about user data
Collecting user data is essential to today’s technology companies. It powers Yelp recommendations based on a user’s location, product recommendations based on an Amazon user’s prior purchases, and search results based on a Google user’s history. Collecting user data also helps companies find bugs, patch software, and retool their products to their users’ needs.
But some of that data collection is visible to the user. And when it isn’t, it can at least be learned by savvy consumers who research privacy policies, read tech specs, and compare similar products. Other home security devices, for example, advertise the ability to trigger alarms at the sound of broken windows—a functionality that demands a working microphone.
Google’s failure to disclose its microphone prevented even the most privacy-conscious consumers from knowing what they were getting in the box. It is nearly the exact opposite approach that rival home speaker maker Sonos took when it installed a microphone in its own device.
Sonos does it better
In 2017, Sonos revealed that its newest line of products would eventually integrate with voice-controlled smart assistants. The company opted for transparency.
While this function has upset some Sonos users who want to turn off the microphone light, the company hasn’t budged.
A Sonos spokesperson said the company values its customers’ privacy because it understands that people are bringing Sonos products into their homes. Adding a voice assistant to those products, the spokesperson said, resulted in Sonos taking a transparent and plain-spoken approach.
Now compare this approach to Google’s.
Consumers purchased a product that they trusted—quite ironically—with the security of their homes, only to realize that, by purchasing the product itself, their personal lives could have become less secure. This isn’t just a company failing to disclose the truth about its products. It’s a company failing to respect the privacy of its users.
A microphone in a home security product may well be a useful feature that many consumers will not only endure but embrace. In fact, internal microphones are available in many competitor products today, proving their popularity. But a secret microphone installed without user knowledge instantly erodes trust.
As we showed in our recent data privacy report, users care a great deal about protecting their personal information online and take many steps to secure it. To win over their trust, businesses need to responsibly disclose features included in their services and products—especially those that impact the security and privacy of their customers’ lives. Transparency is key to establishing and maintaining trust online.
HackerNewsBot debug: Calculated post rank: 75 - Loop: 114 - Rank min: 60 - Author rank: 9
WhatsApp co-founder Brian Acton told students to reject Facebook by deleting their apps from their phones in an address at Stanford University in California on Wednesday.
Article word count: 623
HN Discussion: https://news.ycombinator.com/item?id=19406656
Posted by uladzislau (karma: 9376)
Post stats: Points: 87 - Comments: 51 - 2019-03-16T06:35:13Z
#HackerNews #accuses #co-founder #facebook #for #privacy #revenue #trading #whatsapp
December 2018: Facebook comes under fire after a bombshell report discovered the firm allowed over 150 companies, including Netflix, Spotify and Bing, to access unprecedented amounts of user data, such as private messages.
Some of these ʼpartnersʼ had the ability to read, write, and delete Facebook usersʼ private messages and to see all participants on a thread.
It also allowed Microsoftʼs search engine, known as Bing, to see the name of all Facebook usersʼ friends without their consent.
Amazon was allowed to obtain usersʼ names and contact information through their friends, and Yahoo could view streams of friendsʼ posts.
As of last year, Sony, Microsoft, and Amazon could all obtain usersʼ email addresses through their friends.
September 2018: Facebook disclosed that it had been hit by its worst ever data breach, affecting 50 million users - including those of Facebook boss Mark Zuckerberg and COO Sheryl Sandberg.
Attackers exploited the siteʼs ʼView Asʼ feature, which lets people see what their profiles look like to other users.
Facebook says it has found no evidence ʼso farʼ that hackers broke into third-party apps after a data breach exposed 50 million users (stock image)
The unknown attackers took advantage of a feature in the code called ʼAccess Tokens,ʼ to take over peopleʼs accounts, potentially giving hackers access to private messages, photos and posts - although Facebook said there was no evidence that had been done.
The hackers also tried to harvest peopleʼs private information, including name, sex and hometown, from Facebookʼs systems.
Facebook said it doesnʼt yet know if information from the affected accounts has been misused or accessed, and is working with the FBI to conduct further investigations.
However, Mark Zuckerberg assured users that passwords and credit card information was not accessed.
As a result of the breach, the firm logged roughly 90 million people out of their accounts earlier today as a security measure.
March 2018: Facebook made headlines earlier this year after the data of 87 million users was improperly accessed by Cambridge Analytica, a political consultancy.
The disclosure has prompted government inquiries into the companyʼs privacy practices across the world, and fueled a ʼ#deleteFacebookʼ movement among consumers.
Communications firm Cambridge Analytica had offices in London, New York, Washington, as well as Brazil and Malaysia.
The company boasts it can ʼfind your voters and move them to actionʼ through data-driven campaigns and a team that includes data scientists and behavioural psychologists.
ʼWithin the United States alone, we have played a pivotal role in winning presidential races as well as congressional and state elections,ʼ with data on more than 230 million American voters, Cambridge Analytica claims on its website.
The company profited from a feature that meant apps could ask for permission to access your own data as well as the data of all your Facebook friends.
The data firm suspended its chief executive, Alexander Nix (pictured), after recordings emerged of him making a series of controversial claims, including boasts that Cambridge Analytica had a pivotal role in the election of Donald Trump
This meant the company was able to mine the information of 87 million Facebook users even though just 270,000 people gave them permission to do so.
This was designed to help them create software that can predict and influence votersʼ choices at the ballot box.
The data firm suspended its chief executive, Alexander Nix, after recordings emerged of him making a series of controversial claims, including boasts that Cambridge Analytica had a pivotal role in the election of Donald Trump.
This information is said to have been used to help the Brexit campaign in the UK.
It has also suffered several previous issues.
In 2013, Facebook disclosed a software flaw that exposed 6 million usersʼ phone numbers and email addresses to unauthorized viewers for a year, while a technical glitch in 2008 revealed confidential birth-dates on 80 million Facebook usersʼ profiles.
HackerNewsBot debug: Calculated post rank: 75 - Loop: 132 - Rank min: 60 - Author rank: 65
Who makes the Darknet possible, could soon be offenders
In the fight against drugs and child pornography, the Federal Council advises whether the operation of anonymous servers is punishable. This endangers secure communication and whistleblower.
Jami for everyone!
Designed for the general public as well as the industry, #Jami aims to provide all of its users a universal #communication tool, free, secure and built on a #distributed architecture requiring no authority nor central server to operate. [via distributed hash tables, DHT]
#privacy #encryption #peer2peer #decentralized #FSF #DHT #voip #sip #anonymous #opensource #video #conferencing #security #technology #p2p
Why does a vegan get ads for ice cream?
My friend, let’s call him Jake, has been a #vegan for years, long before it was trendy.
He said the other day, “Okay, Bill, you’re the one who keeps telling me about the terrible things the #internet can do (he usually ignores most of my advice) so how come I get #ads for Ben & Jerry’s in my emails on my Mac? They keep screaming at me “Hey, Jake! Buy Ben ‘n’ Jerry’s now!”
I try to ignore the irritation I feel that he hasn’t even installed an #adblocker yet and ponder the problem. “Hmm, which email provider do you use, Jake?”
“Hotmail,” he said, sheepishly.
I gave a weary sigh. As some in the Federation know, Hotmail and Gmail collect keywords in our private subject lines and contact list and sell them on to advertisers without our knowledge or permission – especially if we don’t fix our privacy settings.
I asked him if he had any people in his contact list called Ben or Jerry. He had a think. A flicker of recognition shone in his eyes and we both knew.
“Stop using it, Jake,” I said. “Use Tutanota or Mailfence at least…”
He is addicted to convenience.
He is still using Hotmail.
#apple #consumertech #privacy #tech #Google #locationtracking #surveillance #monitoring #adblockers #ads #digitaladvertising #internetmarketing #gmail #hotmail #outlook #microsoft #mail #data #corporations #telemetry #mass-surveillance #surveillance #tracking #trackers #spyware #surveillancecapitalism #icecream #icecreamcone #mac #ios #ipad
Would anyone here offer to quickly review the ToS and give me their opinion? Does this company have any bad reputation issues? Thank you in advance.
#monitoring #software #permissions #security #privacy #OPSWAT #question
Google has quietly added DuckDuckGo as a search engine option for Chrome users in ~60 markets | TechCrunch
In an update to the chromium engine, which underpins Google’s popular Chrome browser, the search giant has quietly updated the lists of default search engines it offers per market — expanding the choice of search product users can pick from in markets around the world.#google #chrome #chromium #search #DuckDuckGo #privacy
Most notably it has expanded search engine lists to include pro-privacy rivals in more than 60 markets globally.
Windscribe CLI - easy and quick install
Binaries, repositories, addons for browsers, .apk, etc.
- IKEv2 - Default connection mode, usually the fastest, but can be easily blocked.
- UDP - This mode uses OpenVPN protocol. UDP is usually the fastest protocol to run OpenVPN on, but can also be blocked quite easily.
- TCP - Use this if UDP fails to connect. Much more resilient to bad network conditions, but could be slower.
- Stealth - Encapsulates OpenVPN in a TLS tunnel via Stunnel. Only use this if all other methods fail. May be handy in China.
- Wstunnel - Encapsulates OpenVPN in a WebSocket. Only use this if all other methods fail. May also be handy in China.
In our desktop applications we use AES-256 cipher with SHA512 auth and a 4096-bit RSA key. We also support perfect forward secrecy.INSTALL
In our browser extensions we use TLS 1.2, ECDHE_RSA with P-256 key exchange and AES_128_GCM cipher.
Fedora 22 +n...
Create a free account if you don't have one already.
Download and install the repo as root
wget [url=https://repo.windscribe.com/fedora/windscribe.repo]https://repo.windscribe.com/fedora/windscribe.repo[/url] -O /etc/yum.repos.d/windscribe.repo
Update yum / dnf
yum update dnf update
yum install windscribe-cli dnf install windscribe-cli
Switch to NON-root user
Ubuntu (14.04 - 18.04)
Create a free account if you don't have one already.
Add the Windscribe signing key to apt
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-key FDC247B7
Add the repository to your sources.list, for example:
echo 'deb [url=https://repo.windscribe.com/ubuntu]https://repo.windscribe.com/ubuntu[/url] zesty main' | sudo tee /etc/apt/sources.list.d/windscribe-repo.list
echo 'deb [url=https://repo.windscribe.com/ubuntu]https://repo.windscribe.com/ubuntu[/url] xenial main' | sudo tee /etc/apt/sources.list.d/windscribe-repo.list
Run apt-get update
sudo apt-get update
sudo apt-get install windscribe-cli
The simple and the best way (binaries):
# cd /home/user/distro/windscribe # ls /home/user/distro/windscribe -rw-r--r--. 1 13K 2019-03-13 20:09 windscribe.txt -rw-rw-r--. 1 16M 2019-03-13 20:05 Windscribe2-130.apk -rw-rw-r--. 1 9,1M 2019-03-13 20:04 windscribe-cli_1.3-19_amd64.deb -rw-rw-r--. 1 6,9M 2019-03-13 20:02 windscribe-cli-1.3-19.amd64.rpm -rw-rw-r--. 1 6,1M 2019-03-13 20:03 windscribe-cli_1.3-19_i386.deb -rw-rw-r--. 1 7,0M 2019-03-13 18:30 windscribe-cli-1.3-19.i386.rpm -rw-rw-r--. 1 17M 2019-03-13 18:45 Windscribe.exe
For example, my beloved 😀 RPM-based distro:
# rpm -Uvh windscribe-cli-1.3-19.i386.rpm 1:windscribe-cli-1.3-19 ################################# [100%] Created symlink from /etc/systemd/system/windscribe to /usr/lib/systemd/system/windscribe.service. Created symlink from /etc/systemd/system/default.target.wants/windscribe.service to /usr/lib/systemd/system/windscribe.service.
$ windscribe [<options>] <command> [<args>]...
$ windscribe --help Show this message and exit.
status Check status of Windscribe and connection account Output current account details connect Connect to Windscribe disconnect Disconnect examples Show usage examples firewall View/Modify Firewall mode lanbypass View/Modify Firewall LAN bypass locations Output list of all available server locations login Login to Windscribe account logout Logout and disconnect port View/Modify default Port protocol View/Modify default Protocol proxy View/Modify Proxy Settings sendlog Send the debug log to Support speedtest Test the connection speed viewlog View the debug log
Connect to best locations:
windscribe connect best
Connect to specific location:
windscribe connect IL
Connect to previous location:
Disabled the firewall:
windscribe firewall off
Change connection protocol:
windscribe protocol TCP
$ windscribe connect Connecting to Israel Jerusalem Zion (UDP:443) Firewall Enabled Connected to Israel Jerusalem Zion Your IP changed from 100.00.00.000 to 220.127.116.11
$ windscribe status windscribe -- pid: 23511, status: running, uptime: 6m, %cpu: 0.0, %mem: 1.8 IP: 18.104.22.168 CONNECTED -- IL UDP (443)
$ windscribe account Username: YOUR_NAME Data Usage: 33.78 MB / 10 GB Plan: 10 GB Free
$ windscribe locations
#windscribe #security #privacy #www #internet #web #tcp #udp #gnu #linux #fedora #centos #redhat #ubuntu #windows #android #macos #encryption #crypto #AES-256 #vpn #openvpn #SHA-512 #RSA-4096 #firewall #proxy #hotspot
Hier, le #WWW a célébré son 30è anniversaire!
J'aurais dû le dire hier, mais j'étais un peu trop occupée, alors, c'est pour aujourd'hui! Bref, mieux vaut tard que jamais! La toute première page web de l'histoire se trouve ici! Vous pourrez notamment y lire la déclaration de Tim Berners-Lee au sujet de son invention, résumant la philosophie qui la sous-tend et la motive. Ça ne nous rajeunit pas, mais ça reste pleinement d'actualité! D'autant plus que ce qui a commencé comme un idéal de partage universel de l'information, de manière #libre, a été littéralement piraté par les intérêts privés et des modèles économiques qui transforment les données privées des usagers du Web en "pétrole" du 21è siècle! #privacy #GAFAM
PS: L'image est de Robert Cailliau, le collègue et complice de Tim Berners-Lee au CERN lors de l'invention du world wide web.