![privacy](https://lemmy.world/pictrs/image/9e6bcbaf-e5b9-445c-a3f5-255336634901.jpeg?format=webp&thumbnail=48)
Privacy
- Windows 11 is now automatically enabling OneDrive folder backup without asking permissionwww.neowin.net Windows 11 is now automatically enabling OneDrive folder backup without asking permission
Microsoft quietly changed how folder backup works in the OneDrive app on Windows 11. Now, the OS enables it by default during the initial setup without asking the user for permission.
- PSA: always update your smartphone | Ratel RAT targets outdated Android phones in ransomware attackswww.bleepingcomputer.com Ratel RAT targets outdated Android phones in ransomware attacks
An open-source Android malware named 'Ratel RAT' is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them down with a ransomware module that demands payment on Telegram.
- Warning: New Adware Campaign Targets Meta Quest App Seekersthehackernews.com Warning: New Adware Campaign Targets Meta Quest App Seekers
Discover how AdsExhaust adware targets Meta Quest app users, manipulates browsers, and generates unauthorized revenue through sophisticated techniques
- ‘AI is reliant on mass surveillance’ and we should be cautious, warns head of messaging app | 7.30m.youtube.com ‘AI is reliant on mass surveillance’ and we should be cautious, warns head of messaging app | 7.30
Our data is valuable. The information we share online is being used for all sorts of things - to spy on us, influence the advertising we see, train algorithm...
- [USA] Appeals court rules that cops can physically make you unlock your phonereason.com Appeals court rules that cops can physically make you unlock your phone
The 9th Circuit determined that forcibly mashing a suspect's thumb into his phone to unlock it was akin to fingerprinting him at the police station.
- Hacker Accesses Internal ‘Tile’ Tool That Provides Location Data to Copswww.404media.co Hacker Accesses Internal ‘Tile’ Tool That Provides Location Data to Cops
A hacker broke into systems used by Tile, the tracking company, then stole a wealth of customer data and had access to internal company tools.
- Chat control vote postponed: Huge success in defense of digital privacy of correspondence!www.patrick-breyer.de Chat control vote postponed: Huge success in defense of digital privacy of correspondence!
Today EU governments will not adopt their position on the EU regulation on “combating child sexual abuse”, the so-called chat control regulation, as planned, which would have heralded the end of private messages and secure encryption. The Belgian Council presidency postponed the vote at short notice
Today EU governments will not adopt their position on the EU regulation on “combating child sexual abuse”, the so-called chat control regulation, as planned, which would have heralded the end of private messages and secure encryption. The Belgian Council presidency postponed the vote at short notice. Once again the chat control proposal fails in Council.
- Microsoft is testing new features in Windows Recall: Screenray and Topics - gHacks Tech Newswww.ghacks.net Microsoft is testing new features in Windows Recall: Screenray and Topics - gHacks Tech News
Microsoft's controversial A.I. tool, Recall, is getting these new features in Windows 11. Here is what you need to know about it.
- Signal, MEPs urge EU Council to drop encryption-eroding lawwww.theregister.com Signal, MEPs urge EU Council to drop encryption-eroding law
If you call 'client-side scanning' something like 'upload moderation,' it still undermines privacy, security
- Proton is transitioning towards a non-profit structure | Protonproton.me Proton is transitioning towards a non-profit structure | Proton
To ensure our mission always comes first, Proton is transitioning to a non-profit structure and formalizing our promise of people before profits.
- How it looks like at the Spyware conference in Prague.
"They don't let reporters in here!" At an event paid for by a U.S. government blacklisted spy firm. I wonder how many years in a row I'll be able to infiltrate ISS World Prague, since I always post a hilarious photo. (Czech language, can be translated via Deepl)
If you can give @jakubzelenka@mastodon.social subscribe. I just stole it from there.
- Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability - Mobile Hackerwww.mobile-hacker.com Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability - Mobile Hacker
With physical access to Android device with enabled ADB debugging running Android 12 or 13 before receiving March 2024 security patch, it is possible to access internal data of any user installed app by misusing CVE-2024-0044 vulnerability. Internal data of apps contain sensitive information that ap...
- Meta Pauses AI Training on EU User Data Amid Privacy Concernsthehackernews.com Meta Pauses AI Training on EU User Data Amid Privacy Concerns
Meta delays AI training on EU user data following regulatory intervention. Noyb files complaint in 11 European countries alleging GDPR violations.
- Microsoft removes Copilot app ‘incorrectly’ added on Windows PCswww.bleepingcomputer.com Microsoft removes Copilot app ‘incorrectly’ added on Windows PCs
Microsoft says it removed a Copilot app that was "incorrectly" added to Windows 10 and Windows 11 systems in April due to buggy Microsoft Edge updates.
- Lemmy over Tor Hidden Service (.onion)?
Hello all,
Just wondering if there are any projects involving lemmy and .onion
I searched and didn't see anything but I figured I'd ask
If not is there a reason this isn't possible? Or has nobody cared to do it yet?
When I have to visit r****t I use a libreddit hidden service, and there are quite a few to choose from. Am I correct to think a similar mirror should be about as easy to implement for Lemmy?
an onion only instance where it never touches the clearnet would be really cool too but it would probably be a ghost town (sadly).
Love to hear your thoughts
Thanks
- Adobe to update vague AI terms after users threaten to cancel subscriptionsarstechnica.com Adobe to update vague AI terms after users threaten to cancel subscriptions
Adobe scrambles to earn back user trust by updating terms next week.
- Google is Working on a Recall Feature for ChromeOSwww.thurrott.com Google is Working on a Recall Feature for ChromeOS
In an interview this week, a Google vice president said that the firm was considering adding a feature like Microsoft Recall to ChromeOS.
- Privacy Focused DNA test
With 23 and Me getting into selling information for added revenue, the privacy of DNA testing providers makes me not want to use the service. Can anyone recommend a privacy focused DNA testing company that has a good track record?
- Sonos draws more customer anger — this time for its privacy policywww.theverge.com Sonos draws more customer anger — this time for its privacy policy
One very important sentence has disappeared.
- Securing a Personal Android Phonewww.devilreef.net Securing a Personal Android Phone
It's been far too long since I've made time to sit down and write. I recently went through the ritual of swapping phones, so I will use the opportunity to jot some notes down. I keep separate devices for work and personal usage. For the last several years, my personal
- Former head of the NSA joins the OpenAI board of directorsengineering.vanderbilt.edu Retired U.S. Army General Paul Nakasone appointed to OpenAI Board of Directors
The founding director of Vanderbilt University’s Institute for National Defense and Global Security, retired General Paul Nakasone, has been appointed to OpenAI’s Board of Directors as a member of its Safety and Security Committee. Nakasone previously served as commander of U.S. Cyber Command, direc...
- The Next Generation of Cell-Site Simulators is Here. Here’s What We Know.www.eff.org The Next Generation of Cell-Site Simulators is Here. Here’s What We Know.
Dozens of policing agencies are currently using cell-site simulators (CSS) by Jacobs Technology and its Engineering Integration Group (EIG), according to newly-available documents on how that company provides CSS capabilities to local law enforcement. A proposal document from Jacobs Technology,...
- YouTube tests harder-to-block server-side ad injection in videoswww.bleepingcomputer.com YouTube tests harder-to-block server-side ad injection in videos
YouTube reportedly now injects ads directly into video streams to make it more difficult for ad blockers to block advertisements.
- Microsoft delays Windows Recall amid privacy and security concernswww.bleepingcomputer.com Microsoft delays Windows Recall amid privacy and security concerns
Microsoft is delaying the release of its AI-powered Windows Recall feature to test and secure it further before releasing it in a public preview on Copilot+ PCs.
- AI trained on photos from kids’ entire childhood without their consentarstechnica.com AI trained on photos from kids’ entire childhood without their consent
Kids "easily traceable" from photos used to train AI models, advocates warn.
- Instagram Confirms Testing Unskippable Ads for Some Users: Reportwww.gadgets360.com Instagram Confirms Testing Unskippable Ads for Some Users: Report
As per the report, the unskippable ads are labelled ‘Ad break’ and last for five seconds.
- Google Leak Reveals Thousands of Privacy Incidentswww.404media.co Google Leak Reveals Thousands of Privacy Incidents
An internal Google database obtained by 404 Media shows Google recording childrens' voices, saving license plates from Street View, and many other self-reported incidents, large and small.
- A PR disaster: Microsoft has lost trust with its users, and Windows Recall is the straw that broke the camel's backwww.windowscentral.com A PR disaster: Microsoft has lost trust with its users, and Windows Recall is the straw that broke the camel's back
The world is up-in-arms over Windows Recall, but why? It stems from Microsoft's seeming lack of care for Windows and its users.
- Why does this TechRadar link come with a reference to some weird russian website?
Disclaimer; I'm not looking for a VPN service, I already have one. I know TechRadar is not a great source too. I am simply doing research around VPNs in general.
I am just wondering why DDG is suggesting this link over a link without a reference? Is this "the blame" of DDG or Techradar? Trying to understand why this is the link being served over others. Appriciate any suggestions.
- What's the best messaging platform?
Hi, I wanna know what is the most secure and best messaging app/platform... Need an app that is crossplatform and has a very good numbers of features and security. (And it has to be FLOSS) I thought about XMPP clients, Signal, Session, IRC clients.. Propose and explain me your choice
- my Searches in duckduckgo seem affected by my IP address
i vary my IP randomly to try to be tracked less on the internet by ad companies.
when using duckduckgo, i notice my results of certain searches seem slightly correlated to the IP I use if there's anything that could be impacted by location.
this is also not just country specific, where duckduckgo is narrowing this down based on country
i am not sure if duckduckgo is passing on the IP or if somehow bing has partnered with data centers or ISPs to try to guess the IPs going into duckduckgo.
I also may be sensing this correlation and it's just random and not there. i could be wrong.
Does anyone else ever notice this or wonder about this?
- Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMsthehackernews.com Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs
A bug in TikTok allowed hackers to take control of high-profile accounts through a zero-click account takeover exploit.
- GrapheneOS Now Supports a Duress Reset PINgrapheneos.social GrapheneOS (@GrapheneOS@grapheneos.social)
Our upcoming 2-factor fingerprint unlock will make using a strong passphrase as primary unlock method practical via fingerprint+PIN secondary unlock instead of fingerprint-only. Great for people who want to avoid relying on secure element throttling but don't want fp-only unlock.
> GrapheneOS provides users with the ability to set a duress PIN/Password that will irreversibly wipe the device (along with any installed eSIMs) once entered anywhere where the device credentials are requested (on the lockscreen, along with any such prompt in the OS).
The wipe does not require a reboot and cannot be interrupted. It can be set up at Settings > Security > Duress Password in the owner profile. Both a duress PIN and password will need to be set to account for different profiles that may have different unlock methods.
Note that if the duress PIN/Password is the same as the actual unlock method, the actual unlock method always takes precedence, and therefore no wipe will occur.
Source: https://grapheneos.org/features#duress
- I built the first 100% private, on-device "For You" feed on the fediverse
cross-posted from: https://lemmy.world/post/16102424
> Hi all, > > Quiblr now has personalized post feeds for Lemmy! > > I haven't seen a "recommended feed" feature anywhere else in the fediverse but I thought I would take a crack at building it! > > My goal was to make a privacy-focused recommendation engine that tailors your experience based on the content you interact with. None of the data leaves your device. You don't even need to log in for it to work > > - You can turn it off or tune your feed in the settings > - Each post now also includes a show me more/less button > > I would LOVE feedback from folks if you get a chance to try it out! > > This was really fun to build so let me know if there are any questions! > > PS: Let me know if someone else has built this feature for the fediverse - then I will change the title to not claim "the first" lol
- Music Discovery?
Hi everyone!
I was wondering, what do you guys use for online music discovery that is at a Spotify-level quality?
I've been having tough luck finding new music for the genre I like and thought I'd ask around here!
I checked out InnerTune, but it seems like it doesn't proxy my requests and sends them right back to Google. Also, a Linux supported client would be preferable .
Thanks in advance!
- Meta is a complete dumpster fire
Nothing profound here, just need to vent: I haven't used Facebook for several years now, but I just got my 10 year old son a Meta Quest 2 and had to activate it by linking to my Facebook account. Just two days later I got a warning that the account will be locked because they detected that a child was using the Quest with an adult account (maybe because of the types of games he was playing?). My options are to either make him his own, restricted account (requires a credit card for verification) or prove that I am in-fact an adult (requires photo ID). No fucking way is Facebook getting either my credit card or photo ID. This is some sorry attempt to extort even more personal info from people. I can't understand how so many people tolerate this. How is this company still in business, let alone worth half a trillion dollars? If I had known how bad things have gotten, I would never have bought their VR.
- I want to Min-Max my NextDNS allowlist
Is their a platform or a way to know what a link does ?
I want to allow only the required links in my NextDNS allowlist so that the website somehow works and I block the trackers (both on the website & externals)
For example, I have come to know the CDNs are one of the required ones for a website
Any tips?
- Privacy@Lemmy.world: How can I make email sub-addresses with only letters or numbers and no special characters like plus?
I want a bulletproof way to give email sub-addresses, since some websites strip out special characters like
+
and.
. I have an idea for how it could work, let's say my email is TheTwelveYearOld@Reddit.com and I have the following:- All emails sent to TheTwelveYearOld@ get blocked
- I specify a suffix that would be used instead of
+
, perhaps "From" - I whitelist phrases that go after "From": TheTwelveYearOldFromDoorDash, TheTwelveYearOldFromGoogle, TheTwelveYearOldFromReddit
Are there any services that can do this? I'm thinking I should make my own domain for emails that way my email addresses aren't tied to any companies and I can easily switch.