Latest comic. A British consumer rights group examined unnecessary data harvesting by “smart” devices, including air fryers connected to phone apps. While these devices may not pose the greatest privacy risk in our everyday lives, they are part of a growing Internet of Things capable of collecting data when and where we least expect it.
Congress Pushes #Apple to Remove #Deepfake Apps After 404 Media Investigation
https://www.404media.co/congress-pushes-apple-to-remove-deepfake-apps-after-404-media-investigation/
Remember Friends:
You cannot both have secure end-to-end encryption to protect your communication AND also have a backdoor/key/access only for "the good guys."
This is not possible.
Do not believe anyone telling you otherwise.
End-to-end encryption protects us all,
we must fight to keep it ✊🔒
So a crazy thing happened. In a crime thriller film called Les chambres rouges (Red Rooms, 2023) there is a scene where the hacker protagonist is attempting to purchase a snuff film in online auction. The auction happens via IRC or IRC-like chatting environment and to my surprise there's actually me @rolle and my wife @mustikkasoppa who are one of the bidders.
1) The nickname of my wife is mistakenly written as "mustikasoppa" (with one k) but if I recall correctly she has used a mistakenly written nickname in the past
2) We are both operators and on the same IRC channel as we've been for the past 17 years
This is not a coincidence. One nickname can be made up by accident but not two with these features and definitely not in a French movie. My wife's nick "mustikkasoppa" is Finnish and means "blueberry soup".
Our IRC logs are more or less public because of open source and statistics so I presume the scene has been made with chatgpt which has scraped our nicks from the Internet so that they ended up in the movie. We still chat via IRC every day together.
The era of AI... Do your background check, folks. I'm glad this wasn't a dramatized documentary film but a complete fiction. However my wife and I are real. Mixed feelings.
To everyone when they see horrible privacy news about Microsoft replying with:
"I don't care, I use Linux"
Sure, you do. But does your medical clinic do? Does your therapist do? Does your family member typing a personal email to you in Word before sending it do too?
This is a systemic problem.
You cannot protect your own data only by using Linux yourself. You must also demand stronger regulations and enforcement to obligate organizations around to protect your data as well.
"Microsoft Office, like many companies in recent months, has slyly turned on an “opt-out” feature that scrapes your Word and Excel documents to train its internal AI systems. This setting is turned on by default, and you have to manually uncheck a box in order to opt out.
If you are a writer who uses MS Word to write any proprietary content (blog posts, novels, or any work you intend to protect with copyright and/or sell), you’re going to want to turn this feature off immediately.
I won’t beat around the bush. Microsoft Office doesn’t make it easy to opt out of this new AI privacy agreement, as the feature is hidden through a series of popup menus in your settings:
On a Windows computer, follow these steps to turn off “Connected Experiences”: File > Options > Trust Center > Trust Center Settings > Privacy Options > Privacy Settings > Optional Connected Experiences > Uncheck box: “Turn on optional connected experiences”"
https://medium.com/illumination/ms-word-is-using-you-to-train-ai-86d6a4d87021
Hawk Tuah recently went viral for her rant about the benefits of using XMPP over centralized chat networks.
"XMPP is an open, decentralized, and secure messaging protocol. Unlike proprietary services, XMPP lets users choose their own servers, ensuring privacy and control."
She adds, "By adopting XMPP, we can foster a more open and secure internet, free from corporate surveillance and data mining."
Is there an ongoing attack on the Tor network right now?
My relay was doing some weird stuff.
I got abuse reports even though I am not running an Exit relay.
Wild ass day in the Tor node operator world. Got an email from my VPS, forwarding a complaint from WatchDog CyberSecurity saying that my box was scanning SSH ports!
> Oh no, oh no, I knew I should have set up fail2ban, oh god why was I so lackadaisical!
So I remote in to the machine: no unusual network activity, no unusual processes, users, logins, command history, no sign that anything is doing anything I didn't tell it to do.
So what's up? Turns out there's been a widespread campaign where some actor is spoofing IPs to make it look like systems running Tor are scanning port 22: https://forum.torproject.org/t/tor-relays-tor-relays-source-ips-spoofed-to-mass-scan-port-22/15498/14
Operators from all over are saying they're getting nastygrams from their VPS providers because WatchDog is fingering their source IPs (which are being spoofed and NOT part of a global portscanning botnet).
@delroth did an amazing writeup of the whole thing here: https://delroth.net/posts/spoofed-mass-scan-abuse/
All Qtriots in control #QAnon #Conspiracy #photography #dogs #nature #camping #anime #music #BSD #cycling #DOS #fedi22 #fitness #FOSS #GNU #infosec #Lego #linux #MOC #MSDOS #OpenSource #OpSec #OSINT #pinball #privacy #RightToRepair #security #StarTrek #Unix #believeinfilm #fedi22 #photography #filmphotography #35mm #filmisnotdead #Politics #Fediblock #Trump #Caturday #Dutch #English #LGBTQIA #Minecraft #Programming
Good shortread by Goodin on the clandestine tracking platform Location X. Sold to government agencies, it supposedly exploits the unique 'advertising ID' accessible to the app layer on all Android phones, and (with optional user input) on iOS. The article has a brief mitigation walkthrough for phone owners.
Thanks to @Christina for the share
The craziness about private businesses collecting biometric data very unnecessarily for basic identification purposes needs to stop.
Say NO to biometrics collection everywhere you can 🚫✋
Privacy is a human right.
NEW: More than 4 million people have been using explicit deepfake bots on Telegram, a WIRED review has found.
We identified more than 50 Telegram bots built to create nude images and video. After sending questions to Telegram about their harm, the company removed the bots
There is no such thing as a backdoor for good guys. Once you place a backdoor, you compromise the safety and privacy of all your users. A third party or bad guys will get access to it and abuse it further. The concept of a "backdoor for good guys" is fundamentally flawed and dangerous. It sets a dangerous precedent. Security and privacy should be absolute. There's no safe way to create a backdoor that can't be exploited by malicious actors.
The rise of Mastodon has made me so much more aware of government services requiring us to use private companies’ systems to communicate with them and access services.
Sitting on a Dutch train just now I was shown on a screen “feeling unsafe in the train? Contact us via WhatsApp”.
What if I don’t use WhatsApp? (I do, but I wish I didn’t have to) I’m forced to share my data with Meta to use it.
Public systems should not require use of private services.
"How do you train the medical AI? You could ask patients’ consent for their data — or you could violate all medical confidentiality rules and just take it."
In shock news, LinkedIn uses your data to train Microsoft (who own it, remember) and its own AI models. And of course that's turned on by default without asking your permission first.
To refuse permission on the LinkedIn website:
Me > Settings & Privacy > Data Privacy > Data for Generative AI Improvement
🇬🇧Leak on latest #ChatControl attempt (in German): https://netzpolitik.org/2024/interne-dokumente-sperrminoritaet-gegen-chatkontrolle-wackelt/ +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal experts confirm violation of our fundamental rights +++ Only 5 days to next discussion +++
Help pressure our governments into defending our #privacy of correspondence and secure #encryption now:
Really looking forward to explaining to my kid that his PII has been compromised for basically his entire life because he had the audacity to be born at a time when the positive incentives for computer security were nearly nonexistent and the regulatory penalties favored doing the bare minimum you can get away with.
Seriously though, take a minute trying to grasp how rich a company like Facebook (Meta) really is. Think, truly think, about how much money it makes every year.
Now, think about HOW it makes this money:
Does it sell a lot of expensive cars? No.
Does it sell computers around the world? No.
Does it sell oil? Nope.
It. Sells. YOU.
And how much do YOU get in exchange for producing these billions of dollars for it each year?
NEW: Details of people's therapy sessions—including reports, video and audio recordings—have been exposed by a healthcare company.
These included people mentioning sexual abuse and highly sensitive subjects. The exposed database has now been closed down
Ik snap niet dat DNB, AFM en de Autoriteit Persoonsgegevens dit allemaal maar goed vinden. Google krijgt zo weer een monopolie in the handenschudden een heel veel gegevens over ons.
Verkoop je zo als ING je ziel ook niet aan de duivel? Google krijgt een voet tussen de deur en heeft binnenkort ING niet meer nodig.
Zeer zorgelijke ontwikkeling.
Setting up the new computer: I made a new Microsoft account with a masked Fastmail email. Started a note in obsidian to record all the fake info I feed it. As far as Microsoft knows, they think my name is Akira
Happy "Open Firefox's preferences to review everything shady that they might have changed and enabled by default" Day!
