Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps

Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps

Cybersecurity researchers over the weekend disclosed new security risks associated with link previews in popular messaging apps that cause the services to leak IP addresses, expose links sent via end-to-end encrypted chats, and even unnecessarily download gigabytes of data stealthily in the background.

Study shows which messengers leak your data, drain your battery, and more

Study shows which messengers leak your data, drain your battery, and more

As the chart below shows, both apps download and copy a linked file in its entirety—even if it’s gigabytes in size.Meanwhile, when the Line app opens an encrypted message and finds a link, it appears to send the link to the Line server to generate a preview.

Why You Should Stop Using Your Facebook Messenger App

Why You Should Stop Using Your Facebook Messenger App

While Mysk and Haj Bakry found that a number of messaging platforms don’t risk link previews at all—including, somewhat ironically, TikTok and WeChat, the main end-to-end encrypted messengers, including WhatsApp and iMessage, generate link previews on the sender-side.

Stop the EARN IT Bill Before It Breaks Encryption

Stop the EARN IT Bill Before It Breaks Encryption

The bill uses crimes against children as an excuse to subject Internet platforms to new laws that can be created by all 50 states.Those state laws may well follow the set of "best practices" that will be drafted by a federal commission dominated by Attorney General Barr and law enforcement agencies.

TheNewOil : blog piece on 'The War on Telegram" as states ban service

TheNewOil : blog piece on 'The War on Telegram" as states ban service

War has come for the popular encrypted messaging app Telegram, not for the first time and likely not the last.There’s a lot more that goes into making an app hard to centralize, but I think that’s one of the most critical.

Police in all 50 states are using secret tools to break into locked phones — and they're using them for cases as low-level as shoplifting, records show

Police in all 50 states are using secret tools to break into locked phones — and they're using them for cases as low-level as shoplifting, records show

Law enforcement agencies are able to crack into locked, encrypted smartphones far more frequently than was previously known, according to new documents surfaced by through over 100 public records requests by the digital liberties nonprofit Upturn.

Thailand orders ISPs to block Telegram amid ongoing protests

Thailand orders ISPs to block Telegram amid ongoing protests

The government of Thailand has ordered Thai internet service providers (ISPs) to block the Telegram encrypted messaging service.According to this leaked document that is marked “Top Secret”, the Thai government has ordered all internet providers to block the @telegram messaging app.

United States, Six Other Nations Ask Tech Companies To Build Backdoors To Encrypted Communications

United States, Six Other Nations Ask Tech Companies To Build Backdoors To Encrypted Communications

Member nations of the Five Eyes intelligence-sharing alliance—which includes the United States— along with Japan and India published a statement on Sunday calling on tech companies to allow law enforcement to gain backdoor access to communication that uses unbreakable end-to-end encryption.

Five Eyes, India, And Japan Want ‘Backdoor’ To End-To-End Encryption

Five Eyes, India, And Japan Want ‘Backdoor’ To End-To-End Encryption

Their press release talks about the dangers of end-to-end encryption and how it’ll create a zone where no governments or even the companies implementing it, will be able to locate illegal activities.

US joins six countries in new call for backdoor encryption access

US joins six countries in new call for backdoor encryption access

On Monday, the US Department of Justice signed on to a new international statement warning of the dangers of encryption and calling for an industry-wide effort to enable law enforcement agencies to access encrypted data once a warrant has been obtained.

DOJ formalizes request for encryption back-doors

DOJ formalizes request for encryption back-doors

The US Department of Justice, in conjunction with the "Five Eyes" nations, has issued a statement asking Apple and other tech companies to effectively create backdoors that will weaken encryption strength overall to provide law enforcement access to data.

Five Eyes nations plus Japan and India call for Big Tech to bake backdoors into everything

Five Eyes nations plus Japan and India call for Big Tech to bake backdoors into everything

The nations of the Five Eyes security alliance – Australia, Canada, New Zealand, the USA and the UK – plus Japan and India, have called on technology companies to design their products so they offer access to encrypted messages and content.

Representatives Garcia and Wagner introduce EARN IT Act to the House

Representatives Garcia and Wagner introduce EARN IT Act to the House

Protect encryption: Call your House Representative today and tell them to vote “NO” on the EARN IT Act. Around the world, countries use the easily palatable-to-the-public war cries of “anti terrorism” or “protect the children” to launch thinly veiled attacks at encryption technologies and the Internet as a whole.

Facebook merges Messenger chat service with Instagram

Facebook merges Messenger chat service with Instagram

Facebook said the new features would be rolled out in “a few countries” immediately, and “globally soon”.There is also no timescale for the most controversial plans announced in Zuckerberg’s March 2019 blogpost: the integration of WhatsApp with Facebook Messenger and Instagram, and the decision to turn on end-to-end encryption for all conversations on the three platforms.

Losing the Right to Encryption Means Losing Business

Losing the Right to Encryption Means Losing Business

Every time a government passes a law that affects the Internet, tech companies must ask themselves a critical question: can they still properly provide their services while protecting user privacy under the new rules?

NCB 'cloned' mobile phones of Rhea Chakraborty for access to WhatsApp chats of film stars

NCB 'cloned' mobile phones of Rhea Chakraborty for access to WhatsApp chats of film stars

End-to-end encryption means that the messages are visible only to the sender and the recipient, and not even to WhatsApp. To access encrypted WhatsApp data, security and investigating agencies can take a user's phone and create a 'clone' of it on another device.

Amazon Unveils Drone That Films Inside Your Home. What Could Go Wrong?

Amazon Unveils Drone That Films Inside Your Home. What Could Go Wrong?

Dave Limp, the executive responsible for Amazon’s devices, said it had made major investments in camera security, such as two-factor authentication and end-to-end encryption, that will roll out this year.The product came to be because of technological advances and consumer interest in indoor security cameras, Mr. Limp said.

The EU is set to declare war on encryption

The EU is set to declare war on encryption

The EU is set to declare war on encryption with plans to allow law enforcement officials “targeted lawful access” to protected communications, according to a European Commission internal note seen by the Financial Times.

Russia wants to outlaw TLS 1.3, ESNI, DNS over HTTPS, and DNS over TLS

Russia wants to outlaw TLS 1.3, ESNI, DNS over HTTPS, and DNS over TLS

The draft law (text in Russian) “bans the use of encryption protocols allowing for hiding the name (identifier) of a web page or Internet site on the territory of the Russian Federation.” This is supposed to help the Roskomnadzor in their job as Russia’s censor.

Ente

Ente

Memories are precious.To start with, ente is a privacy friendly alternative to Google Photos that supports end-to-end encryption.That if there were good alternatives with strict privacy policies, some of us would switch.

Iranian Hackers Can Now Beat Encrypted Apps, Researchers Say

Iranian Hackers Can Now Beat Encrypted Apps, Researchers Say

The reports, which were reviewed by The New York Times in advance of their release, say that the hackers have successfully infiltrated what were thought to be secure mobile phones and computers belonging to the targets, overcoming obstacles created by encrypted applications such as Telegram and, according to Miaan, even gaining access to information on WhatsApp. Both are popular messaging tools in Iran.

Because Too Many People Still Don't Know Why The EARN IT Bill Is Terrible, Here's A Video

Because Too Many People Still Don't Know Why The EARN IT Bill Is Terrible, Here's A Video

The second part is an articulation of all the reasons the EARN IT bill in particular is terrible and the specific damage it would do to encryption and civil liberties, along with ruining Section 230 and everything important that it advances.

If the Government Had Its Way, Everything Could be Wiretapped

If the Government Had Its Way, Everything Could be Wiretapped

The battle over encryption and secure communications suggests that governments think the answer is “everything,” at least so long as investigators aren’t violating weak privacy laws.People want to have private conversations that are not recorded for all time, and these platforms are making that possible again.

Visa warns of new sophisticated credit card skimmer dubbed Baka

Visa warns of new sophisticated credit card skimmer dubbed Baka

Baka is a sophisticated e-skimmer developed by a skilled malware developer that implements a unique obfuscation method and loader.The skimmer loads dynamically to avoid static malware scanners and uses unique encryption parameters for each victim to obfuscate the malicious code.” reads the published by VISA.

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

In what's a new tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers.

The Why and How of Privacy and Security

The Why and How of Privacy and Security

Server-side means that only information stored on said server is encrypted.This means that the company has the encryption key, and therefore can access your communication (yes, including your nudes).

Lawsuit: Zoom Lied About Security Measures, End-to-End Encryption

Lawsuit: Zoom Lied About Security Measures, End-to-End Encryption

Zoom is facing another lawsuit alleging that the video communications company has deceived consumers by making false claims about its privacy measures.Zoom encryption claims false, watchdog alleges in lawsuit.

China expands Great Firewall to block HTTPS traffic that uses TLS 1.3 and ESNI

China expands Great Firewall to block HTTPS traffic that uses TLS 1.3 and ESNI

Chinese censors upgraded the GFW to be able to block HTTPS traffic that uses TLS 1.3 and ESNI.TLS 1.3 (Transport Layer Security) and ESNI (Encrypted Server Name Indication) are new technologies that augment HTTPS – the secure way in which website users “talk” with the websites they visit over the internet.

TikTok: Logs, Logs, Logs

TikTok: Logs, Logs, Logs

Every 5 minutes, TikTok sent a network request with an encrypted content.Now, I can use Frida to intercept the call of this method and see the content of the request before encryption.

New ‘unpatchable’ exploit allegedly found on Apple’s Secure Enclave chip, here’s what it could mean

New ‘unpatchable’ exploit allegedly found on Apple’s Secure Enclave chip, here’s what it could mean

All data stored on iPhone, iPad, Mac, Apple Watch, and other Apple devices is encrypted with random private keys, which are only accessible by the Secure Enclave.

More