SolarWinds hackers accessed Microsoft source code, the company says

SolarWinds hackers accessed Microsoft source code, the company says

It is not clear how much or what parts of Microsoft’s source code repositories the hackers were able to access, but the disclosure suggests that the hackers who used software company SolarWinds as a springboard to break into sensitive U.S. government networks also had an interest in discovering the inner workings of Microsoft products as well.

In Celebration of Becoming Open Source, Threema Is 50% Off

In Celebration of Becoming Open Source, Threema Is 50% Off

Threema’s cryptographic procedures have been thoroughly documented from the outset, the proper application of the encryption library could always be verified independently, and external audits have repeatedly confirmed the apps’ security.

Cellebrite’s New Solution for Decrypting the Signal App

Cellebrite’s New Solution for Decrypting the Signal App

We looked again into the shared preferences file and found a value under “pref_attachment_encrypted_secret” that has “data” and “iv” fields under it.The “data” field contains an encrypted json file, that once decrypted, contains the decryption keys of the sent attachments.

Tech giants may face billions of pounds in fines from new UK watchdog

Tech giants may face billions of pounds in fines from new UK watchdog

The Competition and Markets Authority (CMA), which will host the new dedicated Digital Markets Unit (DMU), has advised the government that the new regulator must have the power to impose huge fines as a final “backstop” or it will be unable to ensure tech companies abide by the new rules, which are designed to create a fairer market for smaller rivals, newspaper and magazine publishers, and consumers.

Dahua, Amazon Partner in China, Is Making Facial-Recognition Tech to Track Uighurs

Dahua, Amazon Partner in China, Is Making Facial-Recognition Tech to Track Uighurs

In what can only be described as a massive fuck-up, someone—likely a software engineer employed by Dahua Technology, the surveillance-gear supplier—posted the company’s software development kit for video tracking tools, which are built specifically to identify Uighurs.

Proctorio used DMCA to take down a student’s critical tweets – ProWellTech

Proctorio used DMCA to take down a student’s critical tweets – ProWellTech

But six weeks later, Johnson received an email from Twitter saying that three of those tweets had been removed from his account in response to a Proctorio request filed under the Digital Millennium Copyright Act. Proctoring software isn’t new, but its use has skyrocketed due to the pandemic.

After CovidSafe, QR codes spark privacy concerns

After CovidSafe, QR codes spark privacy concerns

Graham Greenleaf, professor of law and information systems at the University of New South Wales summed up the dilemma: “We've got a genuinely voluntary CovidSafe app with Australia's strongest privacy policy protections, but it's now largely ignored because it's been shown to be ineffective.

My friend’s Whatsapp was hacked – and how you can avoid it

My friend’s Whatsapp was hacked – and how you can avoid it

An attacker who has phished your friend’s Whatsapp account may trigger an OTP for your number to your phone, and may message you asking for it.

Urbit is for Communities

Urbit is for Communities

When I think of the places in the physical world where people seem to feel the most at home, they’re places that have evolved over long periods of time and are owned by the communities that inhabit them.

Thousands of infected IoT devices used in for-profit anonymity service

Thousands of infected IoT devices used in for-profit anonymity service

The code further uses a lib2p-based network stack to interact with the Interplanetary File System, which is often abbreviated at IPFS.

Tails - Tails report for September, 2020

Tails - Tails report for September, 2020

Disable the feature to Turn on Wi-Fi Hotspot in the Wi-Fi settings because it doesn't work in Tails.Settled on a new policy for kernel updates, that balances rapid hardware enablement with lower risk of regressions (#17911).

States are finally starting to use the Covid-tracking tech Apple and Google built -- here's why

States are finally starting to use the Covid-tracking tech Apple and Google built -- here's why

New York and New Jersey both released Covid-19 alert apps this week, bringing the total to 10 states plus Guam which have published apps using technology from the Apple-Google partnership.

ByteDance won't sell TikTok U.S. operations to Oracle or Microsoft: CGTN

ByteDance won't sell TikTok U.S. operations to Oracle or Microsoft: CGTN

(Reuters) - ByteDance will not sell TikTok’s U.S. operations to Oracle Corp or Microsoft Corp and will not give the source code for the video platform to any U.S. buyers, China’s state-run English television channel CGTN reported on Monday, citing sources.

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

In what's a new tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers.

Fully-Fledged Guide On Ways To Protect Your Data Online

Fully-Fledged Guide On Ways To Protect Your Data Online

We’ve collected essential methods and options for protecting yourself from third parties and hacker attacks on the internet.We’ve already touched on the topic ‘Why do we need to protect data?’ In our article 5 Reasons Why Online Privacy Matters, you can drive into this topic more.

US government built secret iPod with Apple’s help, former engineer says

US government built secret iPod with Apple’s help, former engineer says

An Apple engineer who helped launch the iPod said he helped the US government build a secret version of the device that could covertly collect data.Among other things, Shayer helped the men find their way around the Windows-based developer tools Apple used at the time to build software for ARM chips.

China’s Health Code app showcases the extreme smart surveillance regime

China’s Health Code app showcases the extreme smart surveillance regime

CNN BUSINESS reported that the government in Hangzhou has proposed to utilise Health Code permanently and create a health score system collecting data such as daily alcohol consumption, tobacco use, steps, and sleep time from individuals.

How Google is 'Trying' to Collect the Mobile Numbers and Web Activity of a Billion Indians

How Google is 'Trying' to Collect the Mobile Numbers and Web Activity of a Billion Indians

Only adaptable on mobile phones and tablets for now, this feature allows users to create their own virtual visiting cards which would make it easier for others to find them on Google Search.

New Jersey Supreme Court rules that passcodes aren’t protected by Fifth Amendment

New Jersey Supreme Court rules that passcodes aren’t protected by Fifth Amendment

ShareTweet The New Jersey Supreme Court has ruled that passcodes aren’t protected by the Fifth Amendment.The rationale in these states is that while law enforcement may know about certain incriminating documents that could be accessed if the passcode were provided, providing the passcode allows access to absolutely everything on the phone – which could turn up additional evidence that prosecutors didn’t know about.

NJ Supreme Court: Defendants must divulge cellphone passcodes

NJ Supreme Court: Defendants must divulge cellphone passcodes

The New Jersey Supreme Court ruled Monday that a criminal defendant can be compelled to reveal his cellphone passcode to investigators, rejecting the argument that such a move violates the right against self-incrimination guaranteed by the Fifth Amendment of the U.S. Constitution.

Achilles: Small chip, big peril.

Achilles: Small chip, big peril.

In this research dubbed “ Achilles ” we performed an extensive security review of a DSP chip from one of the leading manufacturers: Qualcomm Technologies.Check Point Research decided not to publish the full technical details of these vulnerabilities until mobile vendors have a comprehensive solution to mitigate the possible risks described.

Privacy-loving EU building massive travel surveillance system for visitors that will affect billions of people

Privacy-loving EU building massive travel surveillance system for visitors that will affect billions of people

All of this data, and the answers to even more rigorous questions for visa applicants, are fed into central EU databases, where they can be accessed by over 100 national authorities, and thousands of official accounts.

Brazil plans to bring in a “fake news” law, with serious implications for everyone’s privacy, no matter where they live

Brazil plans to bring in a “fake news” law, with serious implications for everyone’s privacy, no matter where they live

Initially, the law would have required “large” social networks and private messaging services – that is, those that offer services in Brazil, and have more than two million users – to identify every account’s user by gathering information derived from national identity cards.

Reddit says it’s fixing code in its iOS app that copied clipboard contents

Reddit says it’s fixing code in its iOS app that copied clipboard contents

The privacy feature in iOS 14, which is still in a limited beta for developers, has revealed several apps engaging in clipboard copying in recent weeks.

Hundreds arrested as crime chat network cracked

Hundreds arrested as crime chat network cracked

Media captionThe BBC's Tom Symonds is shown how a customised Android phone with EncroChat installed works A top-secret communications system used by criminals to trade drugs and guns has been "successfully penetrated", says the National Crime Agency.

Big win for online freedom in EU: key parts of France’s new “hate speech” law ruled unconstitutional

Big win for online freedom in EU: key parts of France’s new “hate speech” law ruled unconstitutional

The latest ruling by the French court undermines the argument that general filters of this kind should be adopted under the Digital Services Act – something that is already controversial, in any case.

Top suppliers halt sales of facial recognition technology to the police – how much of a win is that really?

Top suppliers halt sales of facial recognition technology to the police – how much of a win is that really?

IBM firmly opposes and will not condone uses of any technology, including facial recognition technology offered by other vendors, for mass surveillance, racial profiling, violations of basic human rights and freedoms, or any purpose which is not consistent with our values and Principles of Trust and Transparency.

When the home is no data protection haven: addressing privacy threats from intimate relationships

When the home is no data protection haven: addressing privacy threats from intimate relationships

That’s precisely what a new paper from Karen Levy and Bruce Schneier does: This article provides an overview of intimate threats: a class of privacy threats that can arise within our families, romantic partnerships, close friendships, and caregiving relationships.For example: some intimate privacy threats occur by virtue of copresence between victim, attacker, and device.

Time to embrace federated analytics – it’s no privacy panacea, but probably the closest we will get to one for many situations

Time to embrace federated analytics – it’s no privacy panacea, but probably the closest we will get to one for many situations

It gets across well the idea of how sending data in a particular form allows it to be useful in aggregate, but immune to further interrogation about each separate source: Let’s say that Rakshita wants to know how often her friends Emily and Zheng have listened to a particular song.

Aarogya Setu, India’s contact-tracing app, goes open-source

Aarogya Setu, India’s contact-tracing app, goes open-source

According to Kant, 98% of Aarogya Setu installs are on Android devices, which explains the initial release of the Android client source code for the app.