Flock has built a nationwide surveillance network of AI-powered cameras and given many more federal agencies access. Senator Ron Wyden told Flock “abuses of your product are not only likely but inevitable” and Flock “is unable and uninterested in preventing them.”

Chalk another one up for Big Brother. I wonder if this will apply to/be enforced on FDroid and Obtainium?

cross-posted from: https://lemmy.world/post/37402366

This is the main reason I completely ditched Reddit, if you use the new Reddit interface instead of the old one (old.reddit.com), you'll see a constant request being made to "https://www.reddit.com/svc/shreddit/events" (open your DevTools > Network tab, can't see on Firefox idk why).

The problem is, if you add this to your Ublock Origin filters the website won't load properly, that's why uBO team didn't block it already.

You'll notice this request isn't only being made from a interval but also when you do basically any action in the site, like pausing or resuming a video (send timestamps of when did you pause or resumed).

It sends other kind of data like what subjects you're seeing when closed a tab or the related subjects of a post you click, this all can be used to trace a perfect profile of you and things you like.

You can avoid that using the old.reddit but it still has the same kind of tracker, even tho you can block it here without major issues.

By my analysis, old Reddit interface does the same but to a random URL path that always starts with "reddit.com/api/something". Ex.: reddit.com/api/friends So you can block anything that starts with "www.reddit.com/api" in your custom filters (after all you're using old.reddit.com), then you're mostly free from Reddit trackers (more or less). Side effect is, you won't be able to use the chat in the old interface.

What's the closest thing we have to a perfect private messanger?

In my mind the perfect private messanger is both completely secure, and also completely anonymous.

All the mainstream messengers can pretty much ensure the contents of the message will not be revealed....but that is not good enough. I want to be able to deploy and establish a completely anonymous AND private channel of communication on a dime without having to jump through extreme operational security hoops.

Does it really exist?

Trove of surveillance data challenges what we thought we knew about location tracking tools, who they target and how far they have spread

...

Most countries have a legal mandate to carry out domestic phone network surveillance. The First Wap archive demonstrates, however, how phone network connections can be leveraged to allow tracking all over the world, without authorisation from the targeted networks.

In recent years, a number of investigations have explored the ways in which surveillance companies gain access to phone networks to enable this type of tracking. Lighthouse and its partners have previously written about how SS7 abuses were linked to the murder of a reporter in Mexico and a crackdown on an activist in Congo, and how they were enabled via leasing of Global Titles.

cross-posted from: https://lemmy.ml/post/37569557

The Free Software Foundation (FSF) today announced its project to bring mobile phone freedom to users. "Librephone" is an initiative to reverse-engineer obstacles preventing mobile phone freedom until its goal is achieved.

Librephone is a new initiative by the FSF with the goal of bringing full freedom to the mobile computing environment. The vast majority of software users around the world use a mobile phone as their primary computing device. After forty years of advocacy for computing freedom, the FSF will now work to bring the right to study, change, share, and modify the programs users depend on in their daily lives to mobile phones.

Just got a yubikey, and it seems like I'm having to make the privacy vs security choice.

Following the ownership change, Hollywood producer Robert Simonds joined NSO’s board and attempted to acquire the company. He resigned five months later, after the deal fell through.

Interestingly, when asked about the deal by TechCrunch, an NSO spokesperson said the following:

“This investment does not mean that the company is moving out of Israeli regulatory or operational control. (…) The company’s headquarters and core operations remain in Israel. It continues to be fully supervised and regulated by the relevant Israeli authorities, including the Ministry of Defense and the Israeli regulatory framework.”

He later requested that the comments be withdrawn, arguing they were made off the record, though TechCrunch stated that no such understanding had been established.

Major Security Flaws Found in Satellite Communications

Researchers from UC San Diego and the University of Maryland revealed that nearly half of geostationary satellite signals transmit unencrypted data, exposing sensitive communications from telecom networks, military operations, and critical infrastructure[^1].

Using just $800 in off-the-shelf equipment - a satellite dish, roof mount, motor and tuner card - the team intercepted vast amounts of unprotected data over three years from their San Diego location[^7]. Their findings included:

• T-Mobile cellular network traffic, including over 2,700 phone numbers and one-sided call/text content captured in just 9 hours[^7]
• U.S. military vessel communications and Mexican military/law enforcement data, including helicopter locations and narcotics intelligence[^7]
• Critical infrastructure communications from power grids and offshore oil platforms[^4]
• In-flight WiFi data from 10 different airlines[^7]

"It just completely shocked us. There are some really critical pieces of our infrastructure relying on this satellite ecosystem, and our suspicion was that it would all be encrypted," said Aaron Schulman, UCSD professor who co-led the research[^7].

After being notified, some companies like T-Mobile quickly added encryption, while others, including certain U.S. critical infrastructure operators, have yet to secure their systems[^4].

The researchers estimate they accessed only 15% of global satellite transponders from their single location, suggesting the vulnerability's true scope is far larger[^7]. Johns Hopkins professor Matt Green noted: "The fact that this much data is going over satellites that anyone can pick up with an antenna is just incredible"[^7].

[^1]: SATCOM Security [^4]: Security Affairs - Unencrypted satellites expose global communications [^7]: Wired - Satellites Are Leaking the World's Secrets: Calls, Texts, Military and Corporate Data

Hello everyone, what is your go-to password manager? What would you suggest for friends and family that aren't very tech savvy?

I'm not that knowledgeable on networking, but I do remember that if a device is connected to a wired network, it can end up receiving packets not meant for it because switches will flood all the ports for packets they don't know how to route. But I also heard that Wi-Fi is supposedly smarter than that and a device connected to it should never receive a packet not meant for it.

Is this true? And in practice, does this mean it's preferable should keep computers with invasive operating systems (which might decide to record foreign packets sent to it in its telemetry) on Wi-Fi instead of on the wired network?

Also, how exactly does Wi-Fi prevent devices from receiving the wrong packets when it's a radio based system and any suitable antenna can receive any Wi-Fi signal? Does each device get assigned a unique encryption key and so is only capable of decrypting packets meant for it? How secure is it actually?

cross-posted from: https://lemmy.zip/post/50937777

According to Microsoft's documentation, a user can only change the setting to enable or disable the new People section three times a year.

Banning online anonymity tools like Tor won’t stop crime. It will only drive people underground and normalize government control over the internet

cross-posted from: https://lemmy.zip/post/50937678

https://archive.md/QMvAI

With just $800 in basic equipment, researchers found a stunning variety of data—including thousands of T-Mobile users’ calls and texts and even US military communications—sent by satellites unencrypted.

In the forum, I saw a couple of people suggesting,

1. Syncthing (But Syncthing for Android is dead, AFAIK)
2. USB stick
3. Cloud storage

Please suggest if there are any alternatives. Or what is the option that you're using.

“You are not the customer, you are the abandoned carcass. The real customer is the market that trades in your future behaviour.” - Shoshana Zuboff

Zuboff’s The Age of Surveillance Capitalism has been on my list for a long time - finally diving in. It’s unsettling, brilliant, and painfully relevant. I wrote a short piece distilling her core message and what it means for digital freedom today.

Found this AI art block list recently and thought I would share it with you guys. It definitely comes in handy!

This makes a world of difference. I know many people may know of it but may not actually do it. It Protects your files in case your computer is ever stolen and prevents alphabet agencies from just brute forcing into your Laptop or whatever.

I found that Limine (bootloader) has the fastest decryption when paired with LUKS at least for my laptop.

If your computer isn't encrypted I could make a live USB of a distro, plug it into your computer, boot, and view your files on your hard drive. Completely bypassing your Login manager. If your computer is encrypted I could not. Use a strong password and different from your login

Benefits of Using LUKS with GRUB Enhanced Security

• Data Protection: LUKS (Linux Unified Key Setup) encrypts disk partitions, ensuring that data remains secure even if the physical device is stolen.
• Full Disk Encryption: It can encrypt the entire disk, including sensitive files and swap space, preventing unauthorized access to confidential information.

Compatibility with GRUB

• Unlocking from Bootloader: GRUB can unlock LUKS-encrypted partitions using the cryptomount command, allowing the system to boot securely without exposing sensitive data.
• Support for LVM: When combined with Logical Volume Management (LVM), LUKS allows for flexible partition management while maintaining encryption.

Please share with friends and family who are being a bit slow to up their privacy game 😁

Over the past few years I have gone through a bunch of different apps and protocols to find the best one for "securely" communicating with my family and friends.

I ended up with the amazing XMPP protocol and my family/friends frequently use its clients to contact me.

Monal for IOS and Cheogram/Conversations/Quicksy for Android. The android app I install depends on if I can get F-Droid on their phone or not.

It's been great with OMEMO encryption and the clients/apps available for XMPP. But sometimes I have issues introducing people to it.

Jabber (friendly name for xmpp) sounds silly to say. The clients all have weird names. And after trying the Signal mobile app it feels more focused than what anyone in the XMPP community has whipped up.

But the capabilities of XMPP makes it better.

Signal Cons (immediete)

• Centralized
• Single app
• Phone numbers

XMPP/Jabber Cons

• Picking server
• Apps are sort of less friendly

What really scares me about Signal is the centralization. Any nerd can easily host an XMPP server these days. But Signal from what I've heard really wants us to use their server.

If XMPP gets more attention I'm sure we can get people supporting projects and creating better apps.

I keep seeing people recommended Signal instead.

This is a bit of a tired ramble. What I wanna know is why anyone is preferring Signal over XMPP apps. I assume it might be not knowing about it. Tell me what you use to message people.

"The problem in a nutshell. Surveillance agency NSA and its [UK counterpart] GCHQ are trying to have standards-development organizations endorse weakening [pre-quantum] ECC+PQ down to just PQ."

Part of this is that NSA and GCHQ have been endlessly repeating arguments that this weakening is a good thing... I'm instead looking at how easy it is for NSA to simply spend money to corrupt the standardization process.... The massive U.S. military budget now publicly requires cryptographic "components" to have NSA approval... In June 2024, NSA's William Layton wrote that "we do not anticipate supporting hybrid in national security systems"...

[Later a Cisco employee wrote of selling non-hybrid cryptography to a significant customer, "that's what they're willing to buy. Hence, Cisco will implement it".]

What do you do with your control over the U.S. military budget? That's another opportunity to "shape the worldwide commercial cryptography marketplace". You can tell people that you won't authorize purchasing double encryption. You can even follow through on having the military publicly purchase single encryption. Meanwhile you quietly spend a negligible amount of money on an independent encryption layer to protect the data that you care about, so you're actually using double encryption.

So I just started messing around with the settings in my windows and account tied to it. And good Lord, this thing's just as bad as Android. 😒 ? The thing is literally saving all my inquiries and everything to my Microsoft account. I can't even turn off some of these features as far as trying to stop them. Many privacy settings are also buried all over the place. When did this happen?

You're welcome I'll share even better books later.

After making a post about comparing VPN providers, I received a lot of requested feedback. I've implemented most of the ideas I received.

Providers

• AirVPN
• IVPN
• Mozilla VPN
• Mullvad VPN
• NordVPN
• NymVPN
• Private Internet Access (abbreviated PIA)
• Proton VPN
• Surfshark VPN
• Tor (technically not a VPN)
• Windscribe

Notes

• I'm human. I make mistakes. I made multiple mistakes in my last post, and there may be some here. I've tried my best.
• Pricing is sometimes weird. For example, a 1 year plan for Private Internet Access is 37.19€ first year and then auto-renews annually at 46.73€. By the way, they misspelled "annually". AirVPN has a 3 day pricing plan. For the instances when pricing is weird, I did what I felt was best on a case-by-case basis.
• Tor is not a VPN, but there are multiple apps that allow you to use it like a VPN. They've released an official Tor VPN app for Android, and there is a verified Flatpak called Carburetor which you can use to use Tor like a VPN on secureblue (Linux). It's not unreasonable to add this to the list.
• Some projects use different licenses for different platforms. For example, NordVPN has an open source Linux client. However, to call NordVPN open source would be like calling a meat sandwich vegan because the bread is vegan.
• The age of a VPN isn't a good indicator of how secure it is. There could be a trustworthy VPN that's been around for 10 years but uses insecure, outdated code, and a new VPN that's been around for 10 days but uses up-to-date, modern code.
• Some VPNs, like Surfshark VPN, operate in multiple countries. Legality may vary.
• All of the VPNs claim a "no log" policy, but there's some I trust more than others to actually uphold that.
• Tor is special in the port forwarding category, because it depends on what you're using port forwarding for. In some cases, Tor doesn't need port forwarding.
• Tor technically doesn't have a WireGuard profile, but you could (probably?) create one.

Takeaways

• If you don't mind the speed cost, Tor is a really good option to protect your IP address.
• If you're on a budget, NymVPN, Private Internet Access, and Surfshark VPN are generally the cheapest. If you're paying month-by-month, Mullvad VPN still can't be beat.
• If you want VPNs that go out of their way to collect as little information as possible, IVPN, Mullvad VPN, and NymVPN don't require any personal information to use. And Tor, of course.

ODS file: https://files.catbox.moe/cly0o6.ods