Security Vulnerability in 'Call Recorder' App Exposed User Conversations

Security Vulnerability in 'Call Recorder' App Exposed User Conversations

A recent report from mobile security firm Zimperium suggested that thousands of iOS apps that use public cloud services like Amazon Web Services, Google Cloud, and Microsoft Azure have improper setups that risk exposing user data.

Police in Minneapolis reportedly used a geofence warrant at Floyd protest last year

Police in Minneapolis reportedly used a geofence warrant at Floyd protest last year

Police in Minneapolis got a search warrant that ordered Google to provide account data on people who were near a protest that turned violent two days after the killing of George Floyd last year, TechCrunch reported.

The Network: How a Secretive Phone Company Helped the Crime World Go Dark

The Network: How a Secretive Phone Company Helped the Crime World Go Dark

Motherboard spoke to over half a dozen sources around Phantom, including family members of Ramos, distributors who sold Phantom phones in multiple countries on his behalf, and people with knowledge of the company's operations.

EU Lawmakers Seek Access to Encrypted Signal, WhatsApp Chats: Reports

EU Lawmakers Seek Access to Encrypted Signal, WhatsApp Chats: Reports

Lawmakers in the European Union may push for access to end-to-end encrypted chats in popular apps such as Signal and WhatsApp, according to a draft proposal circulated by the German government—currently president of the EU—over the weekend.

GitHub - protospherical/yeet: yeet ur old discord chats

GitHub - protospherical/yeet: yeet ur old discord chats

/!\ warning: discord may yeet your account in return if you use this, never had issues myself though.automagically yeet ur old discord msgs.running with "run" set to "once" is recommended for the first time if you have a lot of messages.npm run yeet.npm run yeet.

Choosing a VPN for the WeChat and TikTok Ban: Paid VPN vs. Free VPN

Choosing a VPN for the WeChat and TikTok Ban: Paid VPN vs. Free VPN

Those that are dealing with the banning of certain apps like WeChat and TikTok from the app store are being directed towards VPN services as a way to have access to app updates again.

How to Set Up a Pi-Hole Ad Blocking VPN Server on Google Cloud’s Always Free Usage Tier

How to Set Up a Pi-Hole Ad Blocking VPN Server on Google Cloud’s Always Free Usage Tier

To remove that step, let’s use a daily cron job to check to see if a restart is required and restart the VM as necessary.In nano, add the following lines of code which check to see if the reboot-required token file is present, restarting the VM if so:#!/bin/sh.

GitHub - Chatcola-com/chatcola: chatcola.com messaging server - self-host your messages without multi-domain hell!

GitHub - Chatcola-com/chatcola: chatcola.com messaging server - self-host your messages without multi-domain hell!

3) Obtain a domain and a certificate (look steps 2 and 3 below in "Steps - WITHOUT SUDO ACCESS") and copy them to a directory of your choice - for example into /opt/chatcola.

IOS 14 brings two privacy features that need to come to Android

IOS 14 brings two privacy features that need to come to Android

Part of iOS 14 was a change in the App Store that gives users even more information by way of what Apple calls a privacy summary.

Billions of internet activity records tracked by Oracle’s BlueKai leaked online

Billions of internet activity records tracked by Oracle’s BlueKai leaked online

When BlueKai sells the data to advertising companies, they remove personal information such as name and address from the records that are shared.Some people often dismiss the privacy concerns of web browsing activity and internet history being siphoned up and sold wholesale.

Security lapse at India's Jio exposed coronavirus symptom checker results

Security lapse at India's Jio exposed coronavirus symptom checker results

The symptom checker allows anyone to check their symptoms from their phone or Jio's website to see if they may have become infected with COVID-19.But a security lapse exposed one of the symptom checker's core databases to the internet without a password, TechCrunch has found.

Google is reportedly working on its own Apple Card-style smart debit card

Google is reportedly working on its own Apple Card-style smart debit card

The company did release a statement to TechCrunch noting, “We’re exploring how we can partner with banks and credit unions in the US to offer smart checking accounts through Google Pay, helping their customers benefit from useful insights and budgeting tools, while keeping their money in an FDIC or NCUA-insured account.

GitHub - eldridgea/dnsonward: A CoreDNS based service that forwards traditional DNS requests to a DNS-over-TLS upstream server

GitHub - eldridgea/dnsonward: A CoreDNS based service that forwards traditional DNS requests to a DNS-over-TLS upstream server

This is CoreDNS-based service intended to be run in environments where traditional DNS requests need to be encrypted before querying an upstream server.This is intended to be run as a docker container and configured with environment variables.

Windows 10 Privacy: Debotnet 0.5 update brings massive improvements

Windows 10 Privacy: Debotnet 0.5 update brings massive improvements

The third-party category lists options to block the Chrome Software Reporter Tool, CCleaner monitoring, or Adobe's Acrobat Reader online service while Ninite Apps options to download and install popular applications using Ninite.

A Twitter app bug was used to match 17 million phone numbers to user accounts

A Twitter app bug was used to match 17 million phone numbers to user accounts

A security researcher said he has matched 17 million phone numbers to user accounts by exploiting a flaw in Twitter’s Android app.He said Twitter’s contact upload feature doesn’t accept lists of phone numbers in sequential format — likely as a way to prevent this kind of matching.

Alexa is coming to more everyday household devices like light switches and thermostats

Alexa is coming to more everyday household devices like light switches and thermostats

Amazon's integration of AVS into AWS IoT Core should lead to a rapid jump in the number of Alexa-powered consumer IoT devices.

BSI - Sichere Web-Browser

BSI - Sichere Web-Browser

Mindeststandard des BSI nach § 8 Abs. 1 Satz 1 BSIG für den sicheren Einsatz von Web-Browsern in der Bundesverwaltung (PDF, 669KB, Datei ist barrierefrei⁄barrierearm).

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the "sudoers configuration" explicitly disallows the root access.

Apple isn't too happy about apps that secretly record your phone's screen

Apple isn't too happy about apps that secretly record your phone's screen

According to TechCrunch, Apple is telling developers via e-mail that apps "must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity."

Phone numbers for as many as 220 million Facebook users were reportedly found sitting online in a file where anybody could have found them

Phone numbers for as many as 220 million Facebook users were reportedly found sitting online in a file where anybody could have found them

The issue, a Facebook spokesperson told Business Insider on Wednesday, stemmed from a feature, which has since been shut down, that allowed users to search for friends by their phone numbers.

Experian just invested in a location data company, which is a little creepy

Experian just invested in a location data company, which is a little creepy

Experian has long been one of those behind-the-scenes firms that collect wide swaths of data about hundreds of millions of American consumers and then sell it to retailers, advertisers, credit agencies, and other businesses who want to know as much as possible about their target markets.

Facebook app banned by Apple got data from 187k users first- 9to5Mac

Facebook app banned by Apple got data from 187k users first- 9to5Mac

The social media giant said in a letter to Sen. Richard Blumenthal’s office — which TechCrunch obtained — that it collected data on 31,000 users in the U.S., including 4,300 teenagers.

Facebook collected device data on 187,000 users using banned snooping app

Facebook collected device data on 187,000 users using banned snooping app

Earlier this year, a TechCrunch investigation found both Facebook and Google were abusing their Apple-issued enterprise developer certificates, designed to only allow employees to run iPhone and iPad apps used only inside the company.

Private data (including rates) of 49M Instagram influencers leaked

Private data (including rates) of 49M Instagram influencers leaked

Last night, TechCrunch reported that a massive database containing info of over 49 million Instagram influencers, celebrities, and brand accounts found in the open. As per the report, the data contained influencers’ Instagram handles, bios, verification status, location, email, and phone number.

How to delete your voice recordings from Google Assistant

How to delete your voice recordings from Google Assistant

It has a recording of my voice — or my wife's — asking Google Assistant everything — such as playing music, turning off the bedroom lights, getting directions. I don't mind if it saves a few commands for the sake of creating a better product.

Massive Spam Operation Uncovered In A Database Leak

Massive Spam Operation Uncovered In A Database Leak

The structure of the records left almost no doubts on the malicious nature of the dataset: IP with database was hosted on a domain called ‘‘ which is blacklisted by Spamhaus – an international nonprofit organization that tracks spam and related cyber threats.

Privacy Guide

Privacy Guide

GRUB_CMDLINE_LINUX_DEFAULT="apparmor=1 security=apparmor slab_nomerge slub_debug=FZP mce=0 page_poison=1 vsyscall=none ipv6.disable=1 audit=1". You should use apparmor with the Tor Browser to increase security. You should also configure the proxy settings of the Tor Browser so you can use stream isolation.

Privacy: A hole in the virtual medicine cabinet

Privacy: A hole in the virtual medicine cabinet

If you happen to have entered that information into popular prescription drug-tracking Android phone apps, some of it might be shared with data giants like Google, Amazon and Facebook. During the installation process, users are required to grant app developers permission to start collecting personal information.

Researchers Create Fake Profiles on 24 Health Apps and Learn Most Are Sharing Your Data

Researchers Create Fake Profiles on 24 Health Apps and Learn Most Are Sharing Your Data

Though the company said it properly informed users about the data-sharing, the government’s health ministry has since promised an investigation into the app.

Thousands protest Russia’s plans to cut off Russians’ internet access to the outside world

Thousands protest Russia’s plans to cut off Russians’ internet access to the outside world

These protests were similar to those seen in summer 2017 after Russia revealed plans to add VPN websites to their website blacklist All in all, BBC reports that over 15,000 Russians marched on Moscow.