Prison for cybersecurity expert selling private videos from inside 400,000 homes.
Months before, the guy had given an interview demonstrating how simple it was to hack into wallpads - describing them as something that "middle schoolers with basic knowledge of computers can easily hack."
He later argued in court (unsuccessfully) that the data leak was to publicise the security vulnerabilities... 🙄
Ich möchte mich ganz herzlich für die anhaltende Unterstützung und das Vertrauen in meine Arbeit bedanken. Eure Spenden ermöglichen es mir, mich weiterhin auf die Qualität und Entwicklung des Blogs zu konzentrieren und unabhängig und frei von kommerziellen Interessen zu bleiben. Ohne eure Großzügigkeit und Unterstützung wäre dies nicht möglich. Vielen Dank! ❤️
Updated with a statement from Sen. Merkley, who proposed the amendment and was a part of the negotiation: "As I worked with other Senate negotiators to develop a compromise proposal governing TSA’s use of facial recognition, it became abundantly clear that the end goal for TSA is to make facial recognition mandatory for all American air travelers and that the current opt-out system will end."
Does anyone know of a way to buy an EV that doesn't relentlessly spy on the driver/passengers and send the data to whoever the carmaker feels like selling it to?
Related: Does anyone know of a service in the Bay Area that will disable all the surveillance that was, without my knowledge or permission, built into a 2008 Prius?
@dangillmor I recently received a notice from Subaru that the 3G cellphone embedded in my 2016 Outback could be draining my battery because it can no longer phone home. They would like to replace it for me. Fat chance.
It would seem that ripping out the embedded phone would fix the problem at the source. The loss functionality seems to me to be of dubious utility.
"US Rep. Zoe Lofgren (D-Calif.) had a different interpretation of the email, telling Wired that it 'seems to show that the FBI is actively pushing for more surveillance of Americans, not out of necessity but as a default.'"
“We take the privacy and confidentiality of your information seriously.”
TRANSLATION:
“Every time we have a data breach we’ll let you know about it! Mainly ‘cuz we are required to in order to minimize our legal liability… and of course after we’ve consulted with our legal firm and our new 3rd party incident response vendor.”
📚 Just completed the 'Basics of Personal Threat Modeling' course by @privacyguides 🛡️
Threat modeling is crucial because it helps identify and prioritize the most probable security and privacy risks. It enables focused resource allocation, tailored defenses, and heightened awareness.
#e2ee is a goal, not a promise. As far back as I can remember, forums like those supporting #Enigmail and #gpg were staffed with volunteers from the privacy community who repeatedly insisted on answering questions, like, "Is <this> (whatever this might be) totally secure?" with stock questions like, "What is it that you consider 'totally secure?" or answers such as, "Secure is a relative term, nothing is completely secure, how secure do you need your mission's communications to be?"
Phrases such as, reasonably secure should be indicators of how ridiculous it is to assume that any secure platform isEVERcompletely, and totally secure.
That begs the question, "Exactly how secure do you require your communications to be?" The answer is always, ... relative.
Which means that you should always believe Ellen Ripley when she says, "Be afraid. Be very afraid!"
Coincidentally, this seems to expose a gap in #Fediverse security—since right now there's no way for me to continue posting to a hashtag I use frequently and avoid this user, who openly admits that they use .social to browse hashtags and then quote posts.
The only way I can use a hashtag on this federated network is to make my post publicly visible. Doesn't that make all hashtag-based communities here vulnerable to surveillance and potential abuse?
@adnan Maybe the #Fediverse would benefit from some kind of "listed and fediverse-public but not external-public" level of post visibility that would allow people to have their posts on hashtags propagated across the fediverse and visible internally within the federated timeline but not visible via pages like the non-authenticated external search on most instances to people who are not logged in 🤔
Been talking about telemetry in #opensource software recently, and how people seem to be opposed to it in principle, while there are use cases that truly benefit from such data collection, like figuring out how to optimize the UI of such software.
Disappointed to see The Markup share advice for people to use WhatsApp in its post about preparing your phone for a protest, and that it's coming from "digital security trainers."
Metadata literally kills, and WhatsApp is swimming in it. The metadata they collect includes:
Groups you're a member of, location, personal info (email, phone number, user IDs), contacts and their phone numbers, in-app search history, when you use the app & how often you use it. E2EE alone doesn't guarantee #privacy
If you heard about Password Managers but aren't using one yet and would like to start soon:
I wrote this article-tip to help you get started with using a password manager for the first time.
Setting up a password manager can be a little intimidating at first, but it is one of the best thing you can do to improve your security and privacy online. It will allow you to easily use a unique, long, and complex password for each of your many accounts without having to remember any of them!
I hope this article can encourage you to make the jump towards better security! 🔑✨
If you are the tech-savvy person within your family or friends group :blobcatcool: :
Never ever shame someone for coming to you for advice after being the victim of a scam, malware, or for using an unsecure product.
If you do this,
they might never come back to you later. They might just feel so ashamed they will just stay alone with their tech problems.
Instead, always tell them:
It was a good idea to come to you with this. Be empathetic with them 💚
Give them advice on how to minimize the damage now. Actionable advice 🚑
Help them harden their security for now and for the future. Recommend better products to them. But be careful not to overwhelm them with advice. One step at the time 🔒
Talk to them with respect and empathy. Tell them how the people who abused their trust are horrible and anyone can fall for the right scam. Remind them there are things to do to reduce the risks of being victimized again in the future, and help them slowly implementing these 💪
Be thankful they trusted you with this. It means they think highly of you 🥰