Security Vulnerability in 'Call Recorder' App Exposed User Conversations

Security Vulnerability in 'Call Recorder' App Exposed User Conversations

A recent report from mobile security firm Zimperium suggested that thousands of iOS apps that use public cloud services like Amazon Web Services, Google Cloud, and Microsoft Azure have improper setups that risk exposing user data.

Research finds 14% of mobile apps leave user data in unsecured servers

Research finds 14% of mobile apps leave user data in unsecured servers

App developers rely on third-party servers to simplify data storage, but new research indicates that these servers are often left with little to no security over sensitive data.The issue lies in developers who do not secure their server, so any and all app categories are affected.

Businesses Can’t Afford to Lose Trust in the Encrypted Economy, and Neither Can You

Businesses Can’t Afford to Lose Trust in the Encrypted Economy, and Neither Can You

As the co-founder of an end-to-end encrypted cloud service, I am deeply concerned at how demands for access to encrypted data will affect the security of thousands of businesses and the millions of clients who rely on them in the EU and worldwide.

Here’s why Telegram does not offer end-to-end encryption by default

Here’s why Telegram does not offer end-to-end encryption by default

The founder has now released a new post on his personal Telegram channel that clears the air about why the app does not feature end-to-end encrypted chats by default.

Google Photos will end its free unlimited storage on June 1st, 2021

Google Photos will end its free unlimited storage on June 1st, 2021

After five years of offering unlimited free photo backups at “high quality,” Google Photos will start charging for storage once more than 15 gigs on the account have been used.

Chrome exempts Google sites from user site data settings

Chrome exempts Google sites from user site data settings

Support this blog: Link Unshortener, StopTheMadness, Underpass, PayPal. In Google Chrome's "Cookies and site data" settings, accessible via the Preferences menu item or directly with.Chrome respects the "Clear cookies and site data when you quit Chrome" setting for but not entirely for .

Android 11 — 5 New Security and Privacy Features You Need to Know

Android 11 — 5 New Security and Privacy Features You Need to Know

After a long wait and months of beta testing, Google last week finally released Android 11, the latest version of the Android mobile operating system—with features offering billions of its users more control over their data security and privacy.

Why I Chose Dropbox Despite All the Privacy Scandals

Why I Chose Dropbox Despite All the Privacy Scandals

Wanting to move away from Google both because of privacy issues, and horrible apps, I was looking for suitable cloud storage provider alternatives.If you search the web for privacy-friendly cloud storage services, Dropbox won’t make the list.

845GB of racy dating app records exposed to entire internet via leaky AWS buckets

845GB of racy dating app records exposed to entire internet via leaky AWS buckets

Word of the uncontrolled emission burst forth from vpnMentor this week, which claims it found a misconfigured AWS S3 buckets containing 845GB of private dating app records.

Axel Voss, in an Interview: anyone Who has the App, is the first to be allowed to return to the Restaurant

Axel Voss, in an Interview: anyone Who has the App, is the first to be allowed to return to the Restaurant

Would not be a pan-European App better?A pan-European App would have a great advantage: The citizens would identify more closely with the EU.Of course, privacy must be ensured, in the opinion of the European data protection supervisor, but this is also the case of Central systems.

Data protection advocates prevail: Germany builds a Covid-19 tracing app with decentralized storage.

Data protection advocates prevail: Germany builds a Covid-19 tracing app with decentralized storage.

On Wednesday last week, the German government published their plan to build a Covid-19 tracing app with a central storage of data at the Robert Koch-Institut - the German institution to manage public health and monitor the spread of the coronavirus.

GitHub - ddz/whatsapp-media-decrypt: Decrypt WhatsApp encrypted media files

GitHub - ddz/whatsapp-media-decrypt: Decrypt WhatsApp encrypted media files

A recent high-profile forensic investigation reported that “due to end-to-end encryption employed by WhatsApp, it is virtually impossible to decrypt the contents of the downloader [.enc file] to determine if it contained any malicious code in addition to the delivered video.”.

Contacts Generator

Contacts Generator

·This app has three main functions: Contacts generation, deletion and pulling DB.·You can generate random contacts on the specific account you select easily.·You can delete all contacts on the specific account you select by one click.

ReadyNAS Duo v2 Upgrade to Debian Buster

ReadyNAS Duo v2 Upgrade to Debian Buster

Put them both on an usb stick, plug it into the NAS' front port and restart it with the whole procedure.If you still get an output on the serial port you might be able to unbrick the NAS with re-flashing the uboot image.

Technical analysis of client identification mechanisms

Technical analysis of client identification mechanisms

The other versioning scheme, Last-Modified, suffers from the same issue: servers can store at least 32 bits of data within a well-formed date string, which will then be echoed back by the client through a request header known as If-Modified-Since.

NitroPad: Secure Laptop With Unique Tamper Detection

NitroPad: Secure Laptop With Unique Tamper Detection

Thanks to the combination of the open source solutions Coreboot, Heads and Nitrokey USB hardware, you can verify that your laptop hardware has not been tampered with in transit or in your absence (so-called evil maid attack).

Google will make file manager devs submit a form to get broad file storage access in Android 11

Google will make file manager devs submit a form to get broad file storage access in Android 11

This means that file managers will have to ask Google for permission to access the external storage, much like how apps requesting SMS/Call Log permissions have to ask Google.

Amazon's new eero mesh Wi-Fi system collects your data and you shouldn't buy it

Amazon's new eero mesh Wi-Fi system collects your data and you shouldn't buy it

Enable the eero Alexa skill to pause WiFi for specific profiles when screen time is over, you want the family to gather for dinner, or to find connected devices like phones—all with just your voice," says Amazon.

Apple sued for not disclosing that 'iCloud storage' relies on third-party cloud services

Apple sued for not disclosing that 'iCloud storage' relies on third-party cloud services

The contract doesn't mention that, in fact, Apple sometimes stores iCloud data on third-party storage services provided by the likes of Amazon Web Services or Google Cloud Platform -- as stated in the iOS security guide.

Google Chrome Incognito Mode Can Still Be Detected by These Methods

Google Chrome Incognito Mode Can Still Be Detected by These Methods

When Google made it so that Incognito mode uses a temporary filesystem using the computer's RAM, it opened up a new method of detecting it based on the amount of storage set aside for the internal filesystem used by the browser.

Hundreds of exposed Amazon cloud backups found leaking sensitive data

Hundreds of exposed Amazon cloud backups found leaking sensitive data

He said that all too often cloud admins don’t choose the correct configuration settings, leaving EBS snapshots inadvertently public and unencrypted.Morris found dozens of snapshots exposed publicly in one region alone, he said, including application keys, critical user or administrative credentials, source code and more.

Bypassing anti-incognito detection in Google Chrome

Bypassing anti-incognito detection in Google Chrome

Using this information, I came up with a simple rule for detecting incognito mode i.e if the temporary storage quota <= 120MB then its safe to say that it’s an incognito window.

Pale Moon forum

Pale Moon forum

A malicious party gained access to the at the time Windows-based archive server () which we've been renting from Frantech/BuyVM, and ran a script to selectively infect all archived Pale Moon .exe files stored on it (installers and portable self-extracting archives) with a variant of Win32/ClipBanker.

Tails - Tails 3.14.1 is out

Tails - Tails 3.14.1 is out

Fixed arbitrary code execution in Tor Browser Upgrades and changes Known issues Tails fails to start a second time on some computers (#16389) Get Tails 3.14.1 To upgrade your Tails USB stick and keep your persistent storage To install Tails on a new USB stick To download only What's coming up?

The Dawn of Robot Surveillance

The Dawn of Robot Surveillance

Still, for all those advances, the social implications of being recorded have not changed: when we walk into a store, we generally expect that the presence of cameras won’t affect us.

P410n3 - blog: Trust is good, cryptography is better

P410n3 - blog: Trust is good, cryptography is better

This is what many people refer to as a "Threat Model".What I am saying is: When choosing a cloud storage provider, we should think about our personal privacy and security, as these two things go hand in hand these days.

“We want your money, not your data” or how we wrote this [kick-ass] slogan

“We want your money, not your data” or how we wrote this [kick-ass] slogan

A slogan should quickly get your message across, so we first had to understand what’s the one thing we want people to know about Unio. That’s why we wouldn’t be able to sell to advertisers (as some tech companies do) or reveal it to authorities, even if we wanted to.

Intelligent Tracking Prevention 2.2

Intelligent Tracking Prevention 2.2

Here’s an example of when ITP 2.2 will cap cookie persistence to one day: The website social.example has been classified by ITP as having cross-site tracking capabilities.

Third-party Facebook apps expose 540 million users’ details

Third-party Facebook apps expose 540 million users’ details

The cyber risk team at security firm UpGuard found one data store originating from the Mexico-based media company Cultura Colectiva of 146GB, containing more than 540 million records, detailing comments, likes, reactions, account names, Facebook IDs and more.

Losing Face: Two More Cases of Third-Party Facebook App Data Exposure

Losing Face: Two More Cases of Third-Party Facebook App Data Exposure

A separate backup from a Facebook-integrated app titled “At the Pool” was also found exposed to the public internet via an Amazon S3 bucket. The At the Pool discovery is not as large as the Cultura Colectiva dataset, but it contains plaintext (i.e. unprotected) Facebook passwords for 22,000 users.