COMPUTERS/INTERNET/SECURITY | WHAT REALLY HAPPENED X-Frame-Options: SAMEORIGIN

COMPUTERS/INTERNET/SECURITY

Aug 25 10:42

Chicago Inspector General: Police Use ShotSpotter to Justify Illegal Stop-and-Frisks

By Matthew Guariglia and Adam Schwartz

The Chicago Office of the Inspector General (OIG) has released a highly critical report on the Chicago Police Department’s use of ShotSpotter, a surveillance technology that relies on a combination of artificial intelligence and human “acoustic experts” to purportedly identify and locate gunshots based on a network of high-powered microphones located on some of the city’s streets. The OIG report finds that “police responses to ShotSpotter alerts rarely produce evidence of a gun-related crime, rarely give rise to investigatory stops, and even less frequently lead to the recovery of gun crime-related evidence during an investigatory stop.” This indicates that the technology is ineffective at fighting gun crime and inaccurate. This finding is based on the OIG’s quantitative analysis of more than 50,000 records over a 17-month period from the Chicago Police Department (CPD) and the city’s 911 dispatch center.

Aug 25 10:05

Linux turns 30: Celebrating the open source operating system

It’s time to party. Linux is 30 years old. What started as a student project by a young Linus Torvalds studying computer science at the University of Helsinki, has become an open source operating system that enterprise businesses around the globe depend on.

It’s massive. It’s crucial. And without Linux, most businesses wouldn’t be nearly as agile, flexible, and reliable.

To wish Linux a 30th birthday, Jack Wallen describes how the operating system changed his life and the business landscape in this free TechRepublic PDF download.

Aug 25 08:52

Hacker gets 500K reward for returning stolen cryptocurrency

The saga of what has been dubbed the biggest hack in the world of decentralized finance appears to be over as Poly Network recovered more than $610 million in cryptocurrency assets it lost two weeks ago and the hacker received a $500,000 bounty for returning the money.

Today, the hacker, referred to as Mr. White Hat, gave Poly Network access to the last tranche of stolen digital assets in their wallet, worth about $141 million.

Aug 25 08:49

CISA warns admins to urgently patch Exchange ProxyShell bugs

The US Cybersecurity and Infrastructure Security Agency (CISA) issued its first alert tagged as "urgent," warning admins to patch on-premises Microsoft Exchange servers against actively exploited ProxyShell vulnerabilities.

"Malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207," CISA warned over the weekend.

"CISA strongly urges organizations to identify vulnerable systems on their networks and immediately apply Microsoft's Security Update from May 2021—which remediates all three ProxyShell vulnerabilities—to protect against these attacks."

Aug 25 08:48

Botnet targets hundreds of thousands of devices using Realtek SDK

A Mirai-based botnet now targets a critical vulnerability in the software SDK used by hundreds of thousands of Realtek-based devices, encompassing 200 models from at least 65 vendors, including Asus, Belkin, D-Link, Netgear, Tenda, ZTE, and Zyxel.

The security flaw that IoT Inspector security researchers found is now tracked as CVE-2021-35395 and was assigned a 9.8/10 severity rating.

It impacts many Internet-exposed wireless devices ranging from residential gateways and travel routers to Wi-Fi repeaters, IP cameras, and smart lightning gateways or connected toys.

Aug 25 08:45

Windows 10 KB5005932 fixes devices that can't install new updates

Microsoft has released the Windows 10 KB5005932 setup update to fix '"PSFX_E_MATCHING_BINARY_MISSING" errors when attempting to install the latest cumulative updates.

After installing the May 25, 2021 (KB5003214) and June 21, 2021 (KB5003690) cumulative updates, some Windows 10 21H1, 20H2, and 2004 users have been unable to install the latest cumulative updates (LCU) released as a preview or on Patch Tuesday.

...

Microsoft recommends users perform an in-place upgrade to automatically install the latest cumulative update as part of the installation process to resolve this issue.

Aug 24 13:20

A new NSO zero-click attack evades Apple’s iPhone security protections, says Citizen Lab

ABahraini human rights activist’s iPhone was silently hacked earlier this year by a powerful spyware sold to nation-states, defeating new security protections that Apple designed to withstand covert compromises, say researchers at Citizen Lab.

The activist, who remains in Bahrain and asked not to be named, is a member of the Bahrain Center for Human Rights, an award-winning nonprofit organization that promotes human rights in the Gulf state. The group continues to operate despite a ban imposed by the kingdom in 2004 following the arrest of its director for criticizing the country’s then-prime minister.

Aug 24 12:13

Same Story, Different Decade: WSJ Reports “Digital Addictions Are Drowning Us in Dopamine”

By B.N. Frank

Over the years, tech insiders (also referred to as “Silicon Valley Parents”) have gone to great lengths to protect their kids’ use and exposure to screens. This includes sending them to private low-tech or no-tech schools, requiring nannies to sign “No Screens” contracts, and spying on nannies to make sure they don’t break these contracts. Additionally over the years, experts have warned about symptoms and long-term adverse effects from screen use.

Regardless, even before COVID, screens were heavily endorsed for other people’s kids as well as for everyone else for business, education, medical, and recreational purposes. This includes Virtual Reality (VR) headsets which are being increasingly being promoted despite serious side effects...

Aug 23 17:54

The Dangers of Going Back to School After a Year of COVID-19 Lockdowns

By John W. Whitehead and Nisha Whitehead

“Every day in communities across the United States, children and adolescents spend the majority of their waking hours in schools that have increasingly come to resemble places of detention more than places of learning.”—Investigative journalist Annette Fuentes

Once upon a time in America, parents breathed a sigh of relief when their kids went back to school after a summer’s hiatus, content in the knowledge that for a good portion of the day their kids would be gainfully occupied, out of harm’s way and out of trouble.

Aug 23 10:57

Apple, Google, and Samsung move to normalize vaccine passports with wallet function

Apple, Samsung, and Google want to make it possible for users to store their vaccination status in the phones’ digital wallet, a scenario that would make vaccination verification simpler. However, the developments raise concerns for privacy and civil liberties advocates and the Big Tech support will further normalize the invasive practice.

Google, Samsung, and Apple have announced such plans.

Samsung, on Wednesday, announced that it was partnering with the Commons Project, the developer of CommonHealth, a vaccine verification app. The partnership would enable users to verify their vaccination status using the digital wallet Samsung Pay.

“Rather than having to pull up CommonHealth — which is a personal health records app, which isn’t really designed for walking into a grocery store and showing a QR code — now you can store this in a much more convenient place,” said JP Pollak, CommonHealth’s chief architect.

Aug 23 08:47

Beijing Considers Making US Listed Companies Hand Over Data Control To Chinese State Firms

On Friday, Chinese tech stocks swooned for the nth time, sending the Hang Seng index into bear market territory, after Beijing approved a new privacy law to prevent data collection by domestic technology companies. As we reported then, China's most powerful legislative body, the Standing Committee of the National People's Congress, passed the Personal Information Protection Law that will go into effect on Nov.1. The move sent tech stocks plunging and leaving investors bewildered over the intensity of Beijing's regulatory crackdown that has slammed countless sectors.

It turns out that when it comes to control over data, Beijing is nowhere near done and late on Friday Reuters reported that as part of Beijing's unprecedented scrutiny of private sector firms, Chinese regulators are considering pressing data-rich companies "to hand over management and supervision of their data to third-party firms" if they want to list in the U.S.

Aug 22 11:35

American Local, State, and National Parks Provide Wi-Fi to Visitors at Expense of Wildlife

By B.N. Frank

Decades of peer-reviewed published research has determined that wireless “Wi-Fi” radiation is biologically and environmentally harmful. Despite this, parks across the U.S have installed it, continue to install it, and also use it as a “selling point” to attract visitors. A Wisconsin resident has asked for this to stop...

Aug 21 05:45

90 Policy Groups Call On Apple To "Abandon" '1984'-Style Surveillance Tool

More than 90 civil society organizations wrote an open letter to Apple, demanding the company abandon its surveillance tool that plans to be integrated into iPhones, iPads, and other Apple products that will scan images before they are uploaded to iCloud for child pornography.

"Though these capabilities are intended to protect children and to reduce the spread of child sexual abuse material (CSAM), we are concerned that they will be used to censor protected speech, threaten the privacy and security of people around the world, and have disastrous consequences for many children," the open letter wrote, which was organized by the US-based nonprofit Center for Democracy & Technology (CDT).

Aug 21 05:44

GOOGLE HAS BEEN PAYING WIRELESS CARRIERS BILLIONS TO NOT DEVELOP COMPETING APP STORES

To be clear, wireless carrier app stores have always kind of sucked. Verizon's efforts to create its own app store were shut down in 2012, after underwhelming consumers for years. At the time, the narrative was that Verizon just didn't find it worth the trouble in the face of Google domination and innovation. And while that's still largely true (wireless carriers are utterly unfamiliar with competition and therefore historically suck at innovation and adaptation), it turns out there was another reason.

Namely, that Google was paying Verizon and other major wireless companies a big chunk of money to not compete with the Android marketplace. And they were paying smartphone manufacturers to ship devices without competing app stores installed. Both nuggets were buried in a freshly unredacted copy of Epic's antitrust complaint (pdf) against Google, first spotted by Jeremy Owens:

Aug 20 17:55

Vietnam Issuing 50 Million Chip-based Digital ID Cards with Embedded Biometrics in 2021

By Chris Burt

Vietnam began to issue 50 million chip-based digital ID cards with embedded biometrics to eligible citizens beginning in February of this year, and Entrust has been revealed as a provider of issuance systems and software for the project, along with strategic partner MK Group.

The new national digital ID cards replace versions issued in 1999, 2012, and 2016 with 9-digit numbers, 12-digit numbers and barcodes respectively. The biometric chip version is expected to provide more secure and standardized authentication. The card can be used to log into government and private services, for authentication to government entities and banks, and for digital signing...

Aug 20 10:25

“Disinformation Dozen”: A “Faulty Narrative” With No Evidence, Says Facebook, Despite 16,000 News Headlines

By Sayer Ji, Founder, GreenMedInfo

In an unexpected turn of events, Facebook has called out The Center for Countering Digital Hate (CCDH) for manufacturing a “faulty narrative” without “any evidence” against the 12 individuals it has repeatedly defamed and labeled as the “disinformation dozen.”

Facebook has had enough of CCDH and is now pushing back. After months of accusations that it is allowing 12 “super spreaders of misinformation” on its platform to cause serious harm to the public health, it now alleges that CCDH’s report titled, The Disinformation Dozen: Why platforms must act on twelve leading online anti-vaxxers has no real factual basis...

Aug 20 08:45

Notorious ‘joker virus’ that subscribes you to paid services back on Android devices, Belgian police warn

Belgium’s Police Fédérale released a statement on Friday morning warning people that the joker virus is back for Android. The announcement reported the malware has been spotted on eight different apps on Google Play Store.

The police say Google has since deleted the infectious apps from the Play Store but warned Belgium citizens that if they had downloaded one of them already, to delete it as soon as possible.

The following applications were noted as corrupted with the Joker virus:

Auxiliary Message
Element Scanner
Fast Magic SMS
Free CamScanner
Go Messages
Super Message
Super SMS
Travel Wallpapers

According to cybersecurity company Quick Heal Security Lab, the malware can infiltrate your text messages, contacts, and other sensitive information on your smartphone, and subscribe you to websites offering paid services.

“You risk a big surprise at the end of the month on your bank account or your credit card,” wrote the Belgian police.

Aug 20 08:31

Critical Flaw Found in Older Cisco Small Business Routers Won't Be Fixed

A critical vulnerability in Cisco Small Business Routers will not be patched by the networking equipment giant, since the devices reached end-of-life in 2019.

Tracked as CVE-2021-34730 (CVSS score: 9.8), the issue resides in the routers' Universal Plug-and-Play (UPnP) service, enabling an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition.

...

The issue impacts the following products —

RV110W Wireless-N VPN Firewalls
RV130 VPN Routers
RV130W Wireless-N Multifunction VPN Routers
RV215W Wireless-N VPN Routers

In the absence of a patch, Cisco recommends customers to disable UPnP on the LAN interface.

Aug 20 08:24

New unofficial Windows patch fixes more PetitPotam attack vectors

Due to the critical nature of this attack, Microsoft released a security update as part of the August 2021 Patch Tuesday that attempted to fix the PetitPotam vulnerability, tracked as CVE-2021-36942.

"An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM," explains Microsoft in the CVE-2021-36942 advisory.

Unfortunately, Microsoft's update is incomplete, and it is still possible to abuse PetitPotam.

See also:

Windows PetitPotam attacks can be blocked using new method
https://www.bleepingcomputer.com/news/microsoft/windows-petitpotam-att...

Aug 20 08:21

AT&T denies data breach after hacker auctions 70 million user database

AT&T says that they did not suffer a data breach after a well-known threat actor claimed to be selling a database containing the personal information of 70 million customers.

The threat actor, known as ShinyHunters, began selling this database yesterday on a hacking forum with a starting price of $200,000 and incremental offers of $30,000. The hacker states that they are willing to sell it immediately for $1 million.

From the samples shared by the threat actor, the database contains customers' names, addresses, phone numbers, Social Security numbers, and date of birth.

A security researcher who wishes to remain anonymous told BleepingComputer that two of the four people in the samples were confirmed to have accounts on att.com.

Other than these few details, not much is known about the database, how it was acquired, and whether it is authentic.

Aug 20 07:58

Elon Musk Unveils Humanoid Robot to Take Over ‘Boring’ Work

As Elon Musk stood in the wings at Tesla Inc.’s AI day, a person dressed in a skintight white suit and black helmet did a jerky robot dance across the stage.

And with that, Musk flagged a move into a new realm of science fiction: life-like humanoid robots designed to take the drudgery out of everyday life.

The Tesla Bot, a prototype of which should be available next year, is designed to eliminate “dangerous, repetitive and boring tasks,” like bending over to pick something up, or go to the store for groceries, Musk said. “Essentially, in the future, physical work will be a choice.”

“Tesla is arguably the world’s biggest robotics company,” Musk said. “Our cars are basically semi-sentient robots on wheels.”

Aug 19 13:23

Mob Rule? Twitter Rolls Out New Tools For Speedy Reporting Of COVID "Misinformation"

Big Tech and big social media have already tried censorship by committee with Facebook's oversight board and the decision to permanently bar former President Trump from the platform. Now, they're circling back to good old fashioned mob rule.

Twitter on Tuesday announced that it's preparing to test a new feature that will allow users to report any COVID misinformation they spot on the platform. Users can already flag content they deem inappropriate (including misinformation). This new feature will allow them to specify the type of misinformation (is it political, perhaps COVID related?). All of this information will help twitter's algorithms justify its removal from the platform more expeditiously, saving more readers from being exposed to harmful information that might lead them to question the official narrative.

Aug 19 10:46

iOS 14.7.1 users complain about ‘No service’ bug after updating their iPhones

A few weeks ago, Apple introduced iOS 14.7.1 with a fix for Apple Watch unlock bug and addressed a security vulnerability that may have been actively exploited. Now, some iPhone users in this version are experiencing a “No Service” coverage message from their carriers.

Users are saying that restarting the phone, removing the SIM, and even resetting network settings didn’t help. As you can see in Apple’s Developer Forum and Discussion forum, this problem is occurring for at least a couple of weeks.

One of the users on iOS 14.7.1 writes:

After I update my iPhone 11 to iOS 14.7.1 I lost signal. Carrier is not found. No service is flashing on upper screen.

Users with an iPhone 6s, iPhone 7, iPhone 8, and iPhone 11 reported similar complaints. One of the users wrote:

Same problem. iPhone 6S, despite doing all the ons and offs, resetting the network settings, my phone is no longer a phone. This is great.

Aug 19 10:40

US Senate bill would legally require Apple to build a backdoor into iPhones

Update: This bill did not get as far as a vote.

This bill was introduced on June 23, 2020, in a previous session of Congress, but it did not receive a vote.

Although this bill was not enacted, its provisions could have become law by being included in another bill. It is common for legislative text to be introduced concurrently in multiple bills (called companion bills), re-introduced in subsequent sessions of Congress in new bills, or added to larger bills (sometimes called omnibus bills).

A bill proposed in the US Senate would effectively make it a legal requirement for Apple to build a backdoor into iPhones. It would make it illegal for Apple and other tech giants to use strong encryption for either devices or cloud services …

It would force Apple to have a means of accessing customer data on both the devices it sells and the cloud services it operates.

Dave Mark drew my attention to The Lawful Access to Encrypted Data Act.

Aug 19 10:37

Deepfakes Are Now Making Business Pitches

NEW WORKPLACE TECHNOLOGIES often start life as both status symbols and productivity aids. The first car phones and PowerPoint presentations closed deals and also signaled their users’ clout.

Some partners at EY, the accounting giant formerly known as Ernst & Young, are now testing a new workplace gimmick for the era of artificial intelligence. They spice up client presentations or routine emails with synthetic talking-head-style video clips starring virtual body doubles of themselves made with AI software—a corporate spin on a technology commonly known as deepfakes.

The firm’s exploration of the technology, provided by UK startup Synthesia, comes as the pandemic has quashed more traditional ways to cement business relationships. Golf and long lunches are tricky or impossible, Zoom calls and PDFs all too routine.

Aug 19 10:30

SOTN Hacked Right After Posting This Blockbuster, Further Posting Being Prevented

With the advent of the COVID-19 Super Vaccination Agenda, it has become apparent to every rational and righteous U.S. citizen that the nation has been completely taken over by an incorrigible cabal of criminally insane psychopaths.

Given this indisputable reality, there is only one way to right the ship of state: We the People must act decisively — POST-HASTE — to take back the American Republic.

It ought to be evident by now that only the U.S. Citizenry can forever terminate the genocidal OPERATION COVID-19.

There are no leaders anywhere in sight who are capable of, or courageous enough, to shut down the Covid juggernaut rolling across the 50 states. This stark reality must be faced head-on if the Republic is to be saved.

In view of this swiftly unfolding predicament, PROJECT TAKE BACK THE REPUBLIC (PTBTR) has been inaugurated.

PROJECT TAKE BACK THE REPUBLIC

Aug 19 06:24

DHS Secret Terror Watchlist With Nearly 2 MILLION People On It Exposed Online With NO PASSWORD

The Department of Homeland Security under Alejandro Mayorkas earlier this year revealed plans to declare their political opposition "suspected domestic extremists" and strip them of their rights by placing them on the No Fly List.

Every indicator suggests Mayorkas has followed through on those plans and has been rapidly expanding the regime's No Fly List and terror watchlist by adding dissidents such as America First talk show host Nick Fuentes to them.

According to a newly released report from security researcher Volodymyr Diachenko, DHS last month had their highly-secretive terror/no fly watchlist with nearly 2 million so-called "suspected terrorists" on it exposed on the open internet "without a password or any other authentication required to access it."

Webmaster's Commentary: 

Anyone know where that list can be found?

Aug 19 05:55

Audit Exposes Cybersecurity Lapse in US Pacific Submarine Fleet

A recent internal audit of the US Navy revealed that Pacific Fleet submarines and their tenders have not received internal and external cybersecurity inspections in recent years.

The audit — conducted by the Institute for Defense Analyses and obtained by Navy Times through a Freedom of Information Act request — detailed “the specter of cyber vulnerability among some of the sea service’s most potent platforms,” exposing lapses in the cybersecurity standards of the Naval fleets.

For example, the Navy’s Fleet Cyber Command did not inspect and assess the cybersecurity of 41 SUBPAC submarines and its two sub tenders. This was a requirement from 2016 to 2018. Furthermore, the fleet command failed to submit a proper explanation as to why the units were not inspected.

Aug 19 05:51

Background Check Agency Wants a Social Media Search Tool

The Defense Counterintelligence and Security Agency wants a tool to automatically cull social media and other public websites to create a searchable database of posts, actions and interactions that can be used in insider threat investigations.

Along with conducting background investigations for all of government, DCSA also manages the insider threat program for the Defense Department. The DOD Threat Management and Analysis Center, or DITMAC, “provides an enterprisewide capability to identify, assess, and mitigate risk from insiders; to oversee and manage unauthorized disclosures; and to integrate, manage, mature, and professionalize insider-threat capabilities.”

When a DOD employee or contractor is flagged as a potential threat—to information or physical security—DITMAC analysts are charged with investigating, including using digital evidence contained within DOD networks.

Aug 19 04:54

Crash! France’s repeated health pass system fails are leaving citizens without the QR codes needed for daily life

France has gone authoritarian in inept fashion, as its bid to control the movement of its citizens failed TWICE in a week when the platform that generates government QR codes was overwhelmed. The result, predictably, was chaos.

France and other budding authoritarian countries with ambitions to lord over their citizens’ movements by introducing health passes have eyes that are bigger than their stomachs. They have proven repeatedly that they’re far too incompetent to practice proper authoritarianism. Events last week are a case in point.

Aug 18 18:40

Non-Profits Score Huge Victory In Battle Against 5G Technology

By Derrick Broze

In a landmark decision, the U.S. Court of Appeals for the DC Circuit has ruled that the Federal Communications Commission failed to consider evidence of adverse health impacts from wireless technology, including 5G.

On August 13, circuit judges with the United States Court of Appeals for the District of Columbia ruled in favor of environmental health groups and petitioners, finding that the Federal Communications Commission (FCC) ignored thousands of public comments and evidence of adverse harm from wireless technology...

Aug 18 11:35

Cyber Hacks Stealing People’s Home Loans

Aug 18 09:44

Do you trust Apple?

Apple is a business.

This is the first thing you should know about it. It's a company that exists to make money.

It's not your friend. It's not a superhero. It's not a religion.

As a company, it invites you to buy its products and services. If you don't like what it has to offer, you're free to move on.

And I think that this confusion is at the heart of a lot of the criticism that Apple has received over the new child safety features that it is introducing. It's quite a complicated and charged subject, and both Apple's messaging, along with how the media have reported those messages, have created more confusion.

Add to that the fact that some people get very upset when Apple does something that doesn't fit in with how they see the company, and it's a recipe for disaster.

Aug 18 09:37

Boston Dynamics releases video of Atlas robot doing parkour — and behind-the-scenes footage of crashes

Much has been said about the possibility robots from Boston Dynamics will chase down humans in some hypothetical android apocalypse, and new video suggests they'd have no issue navigating obstacles while doing so.

But what the latest demonstration of the prototypical humanoid Atlas's abilities doesn't show is they also crash.

A lot.

In fact, the US-based company estimates they still crash about half the time while performing the parkour routine filmed to showcase Atlas's nimbleness.

Aug 18 09:35

T-Mobile Admits Data On Over 48 Million People Stolen By Hackers

The stolen data includes customer names, dates of birth, social security numbers, and driver’s license information...

Aug 18 07:29

DHS Secret Terror Watchlist With Nearly 2 Million People On It Exposed Online With NO PASSWORD

The Department of Homeland Security under Alejandro Mayorkas earlier this year revealed plans to declare their political opposition "suspected domestic extremists" and strip them of their rights by placing them on the No Fly List.

Every indicator suggests Mayorkas has followed through on those plans and has been rapidly expanding the regime's No Fly List and terror watchlist by adding dissidents such as America First talk show host Nick Fuentes to them.

According to a newly released report from security researcher Volodymyr Diachenko, DHS last month had their highly-secretive terror/no fly watchlist with nearly 2 million so-called "suspected terrorists" on it exposed on the open internet "without a password or any other authentication required to access it."

Aug 17 19:19

The War In Afghanistan Comes Home

By Matt

The story of the “end” of the U.S. occupation of Afghanistan isn’t just about the end of the conflict there, it’s also about where it’s headed next. The Pentagon didn’t spend $2 trillion over 20 years to just walk away from one of the most valuable squares on the geopolitical chessboard empty handed. The possibility for full-scale re-entry into the country is always there, but in the meantime, there are plenty of lessons the Pentagon learned there that they’ll be employing stateside...

Aug 17 19:16

Jewel v. NSA: Americans (Still) Deserve Their Day in Court

By David Greene

With little explanation, the Ninth Circuit today affirmed the district court’s decision dismissing our landmark challenge to the US government’s mass communications surveillance, Jewel v. NSA. Needless to say, we are extremely disappointed. Today’s decision renders government mass surveillance programs essentially unreviewable by U.S. courts, since no individual will be able to prove with the certainty the Ninth Circuit required that they were particularly spied upon. This hurdle is insurmountable, especially when such programs are shrouded in secrecy, and the procedures for confronting that secrecy are disregarded by the courts.

Aug 17 08:00

Hacker claims to steal data of 100 million T-mobile customers

The threat actor claims to have hacked into T-Mobile's production, staging, and development servers two weeks ago, including an Oracle database server containing customer data.

This stolen data allegedly contains the data for approximately 100 million T-Mobile customers and can include customers' IMSI, IMEI, phone numbers, customer names, security PINs, Social Security numbers, driver's license numbers, and date of birth.

"Their entire IMEI history database going back to 2004 was stolen," the hacker told BleepingComputer.

An IMEI (International Mobile Equipment Identity) is a unique number used to identify mobile phones, while an IMSI (International mobile subscriber identity) is a unique number associated with a user on a cellular network.

Aug 17 07:53

Wikipedia defaced to display Nazi SWASTIKA on pages about Justin Trudeau, Joe Biden, and Kamala Harris

Multiple Wikipedia pages, including those of prominent politicians, have temporarily had the usual informational text replaced with a nasty surprise: a full-screen Nazi swastika over a lurid red background.

The apparent hack job was spotted by social media users on Monday, with conservative author Ann Coulter posting a screenshot of the Nazi symbol to Twitter and speculating that Wikipedia had been “hacked.”

Aug 17 07:48

Critical bug impacting millions of IoT devices lets hackers spy on you

Security researchers are sounding the alarm on a critical vulnerability affecting tens of millions of devices worldwide connected via ThroughTek’s Kalay IoT cloud platform.

The security issue impacts products from various manufacturers providing video and surveillance solutions as well as home automation IoT systems that use the Kalay network for easy connectin and communication with a corresponding app.

A remote attacker could leverage the bug to gain access to the live audio and video streams, or to take control of the vulnerable device.

Aug 16 06:57

Excel is still a security headache after 30 years because of this one feature

Microsoft released Excel 4.0 for Windows 3.0 and 3.1 in 1992 and many companies still use this functionality in legacy operations. The problem is that bad actors have started using Excel sheets and macros as a new way to deliver malware.

Tal Leibovich, head of threat research at Deep Instinct, explained at a presentation during DEFCON 29 why this legacy scripting language has been the vehicle for a recent rise in malware delivery. Leibovich presented "Identifying Excel 4.0 Macro strains using Anomaly Detection" with Elad Ciuraru last week. Deep Instinct is a cybersecurity company specializing in endpoint protection and using deep learning to stop cyberattacks.

Security organizations first noticed a spike in March 2020 of this kind of attack. Microsoft released a new runtime defense against Excel 4.0 macro malware in March. Leibovich said that he has seen a substantial increase over the last two years of hackers using Excel 4.0 Macros in attacks.

Aug 15 22:43

Facebook post claiming 3-year-old died from Covid-19 at KKH ‘a total fabrication’, says Singapore health official

A Facebook post claiming that a three-year-old had died from Covid-19 at KK Women’s and Childrens Hospital (KKH) is “a total fabrication”, the Ministry of Health (MOH) said today (Aug 14).

“The Ministry of Health would like to call out a Facebook post circulating online that a three-year-old preschooler has died from Covid-19 at KKH, and that this death was deliberately not reported,” the ministry said in a post on Facebook.

“This is completely untrue and a total fabrication. As of August 14, there has been no child who has died from Covid-19 at KKH.”

Aug 15 12:10

Will $500M for Smart Cities in Historic US Senate Spending Bill Fund Biometric Surveillance?

By Jim Nash

Half a billion dollars was written into the $1.2 trillion infrastructure bill passed Wednesday by the U.S. Senate to pay cities to experiment with technologies for ‘Strengthening Mobility and Revolutionizing Transportation,’ which could include remote biometric systems, sensors and drones...

Aug 15 06:18

Another Mega Group Spy Scandal? Samanage, Sabotage, and the SolarWinds Hack

The devastating hack on SolarWinds was quickly pinned on Russia by US intelligence. A more likely culprit, Samanage, a company whose software was integrated into SolarWinds’ software just as the “back door” was inserted, is deeply tied to Israeli intelligence and intelligence-linked families such as the Maxwells.

In mid-December of 2020, a massive hack compromised the networks of numerous US federal agencies, major corporations, the top five accounting firms in the country, and the military, among others. Despite most US media attention now focusing on election-related chaos, the fallout from the hack continues to make headlines day after day.

The hack, which affected Texas-based software provider SolarWinds, was blamed on Russia on January 5 by the US government’s Cyber Unified Coordination Group. Their statement asserted that the attackers were “likely Russian in origin,” but they failed to provide evidence to back up that claim.

Aug 13 17:30

“Smart Farms” Cyberattackers Able to Impact Harvests, Damage Crops, Property, People and “destroy farmland for years”

By B.N. Frank

Cybersecurity experts continue to warn about significant risks and vulnerabilities associated with “Smart Farms” and Internet of Things (IoT) connected agriculture. Some in agriculture industry continue to invest in this technology anyway including John Deere.

More terrifying warnings courtesy of Threat Post...

Aug 13 09:39

Ransomware: Now attackers are exploiting Windows PrintNightmare vulnerabilities

Cyber criminals are exploiting Windows PrintNightmare vulnerabilities in their attempts to infect victims with ransomware – and the number of ransomware groups attempting to take advantage of unpatched networks is likely to grow.

The remote code execution vulnerabilities (CVE-2021-34527 and CVE-2021-1675) in Windows Print Spooler – a service enabled by default in all Windows clients and used to copy data between devices to manage printing jobs – allow attackers to run arbitrary code, enabling them to install programs, modify, change and delete data, create new accounts with full user rights and move laterally around networks.

Now ransomware gangs are taking advantage of PrintNightmare to compromise networks, encrypt files and servers, and demand payment from victims for a decryption key.

Webmaster's Commentary: 

Aug 13 07:11

"Winter Is Coming": Chipmakers In Longest Slide Since 2018 As Morgan Stanley Downgrades Semis

The semiconductor space has long been viewed as one of the best leading indicators of the modern technological economy (and capital markets), and with good reason: it was the first sector to bottom in March 2020 when it became apparent that China and various western central banks would inject trillions into the global economy, and had enjoyed a nearly relentless upward climb since then peaking just over a week ago on August 4, but then something snapped...

... and as shown in the next chart, the Semi Index is broadly lower again, having dropped for six consecutive sessions - the longest such streak since the October 2018 Fed "policy error" when stocks cracked after Powell threatened to tighten far more than markets expected, only to end his hiking cycle prematurely just two months later, resulting in the first bear market in a decade.

Aug 13 06:44

BREAKING EXCLUSIVE: Whistleblower Steps Forward — Provides Proof From Detroit TCF Center that Election Computers Were Connected Online — WITH PHOTO

A brave whistleblower stepped forward and shared an image of a computer that was used at the TCF Center to process absentee ballots from a recent Detroit election.

Aug 13 05:27

US Army using VR helmet to link biometrics with automated systems

The United States Army is using a new suite of biometric software tools as it works towards using the data to provide situational awareness to automated systems like drones, Federal News Network reports.

The Army Research Lab and Navy are using software that tracks a range of data including pupil size, eye movement, heart rate and breathing patterns, according to the report. Pupil size could be used to sense focus on a particular area, and mark it out for automated investigation. Heart rate biometrics could be used to sense when a soldier is in danger.

Aug 12 22:36

DR VLADIMIR ZELENKO ON "THE POISON DEATH SHOT" ~ TESTIFIES BEFORE RABBINIC COURT IN ISRAEL


Dr. Zelenko presents fact-based evidence re. the mrna shots to an astonished group of Rabbis.
"This is an artificially made bio-weapon." -- Dr. Zelenko
Worldometer websites Dr. Zelenko referred to:
https://www.worldometers.info/ AND https://www.worldometers.info/coronavirus/

Mirrored from FritjofPersson channel
https://www.bitchute.com/video/fkbvaMkO3MOI/

Also see:
COVID-19 Kill Shots & Lifespan - Dr. Vladimir Zelenko Interview
https://www.bitchute.com/video/W9FS2fza8zTQ/

Aug 12 18:24

NYPD Secret Surveillance Tools Include Facial-Recognition and Predictive Policing Software, X-ray Machines, “Stingray” Cell Site Simulators

By B.N. Frank

For many years, communities worldwide have been installing privacy invasive technology. Some communities have officially become privacy invasive “Smart Cities” though not all of them have or will. Nevertheless, privacy invasive technology continues to be installed in communities and many citizens have no idea how it’s being used and/or by whom.

Recently, civil rights groups revealed that the New York Police Department had a fund for purchasing surveillance technology that didn’t require approval by city council or other municipal officials. Makes you wonder if this is happening where you live too...

Aug 12 11:50

Urgent warning over new DPD delivery text scam – DON’T click the link

Text scams claiming to be from parcel delivery services have boomed over the past year as we relied more on online shopping during the pandemic. As many as three-fifths of British people have received fake messages from Royal Mail, UPS, Hermes and other delivery companies claiming there have been issues with a package.

Today, consumers have been warned of yet another sophisticated trick doing the rounds over text. Which? reported scammers are sending fake DPD SMS messages to mobile numbers. These very convincing texts alert recipients of a supposed unsuccessful delivery attempt. They provide a link to arrange redelivery – but experts are urging people not to click.

Opening the fake link will take you to an almost-perfect copy of the DPD website. There, you’ll be asked to enter personal details and make a payment to ensure redelivery. Entering your bank details could give the criminals access to your bank account – which they can wipe clean with ease.

Aug 12 11:45

Google bans another 9 Android apps, now you must delete them from your phone

MALICIOUS apps containing the Android Trojan "Flytrap" are causing havoc for thousands of victims lured in by free coupon codes and football voting. Google has now banned 9 of them and you must delete them from your phone.

...

The harmful apps offer fun services like coupon codes for Netflix and Google Ads as well as voting for football teams and players. Zimperium named the ones to avoid:

GG Voucher (com.luxcarad.cardid)
Vote European Football (com.gardenguides.plantingfree)
GG Coupon Ads (com.free_coupon.gg_free_coupon)
GG Voucher Ads (com.m_application.app_moi_6)
GG Voucher (com.free.voucher)
Chatfuel (com.ynsuper.chatfuel)
Net Coupon (com.free_coupon.net_coupon)
Net Coupon (com.movie.net_coupon)
EURO 2021 Official (com.euro2021)

Aug 12 11:43

Microsoft issues critical Windows 10 warning - update your PC immediately

WINDOWS 10 users are being urged to make sure their PCs are fully updated as 44 vulnerabilities are fixed in the latest upgrade.

Aug 12 10:39

Windows 10: Microsoft just revealed another Print Spooler bug

Microsoft's Windows 10 Print Spooler security is turning into a headache for the company and its 10 customers.

Branded bugs like Heatbleed from 2014 are a bit passé but the Windows 10 PrintNightmare bugs appear to be an apt choice: Microsoft released fixes in July and August and, just after its August 10 Patch Tuesday change to the Print Spooler service, it's disclosed yet another print spooler bug.

This one concerns a Windows Print Spooler remote code execution vulnerability, tagged as CVE-2021-36958.

Aug 12 06:49

In Arizona in December “8 Hard Drives, 3 Computers, and Several USB Flash Drives” Were Taken from “Elliott Kerwin” – Now He Has Mysteriously Disappeared

In December 2020 it was reported that some key election material was obtained at a raid at a house in Maricopa County only 2 days after the 2020 Election. Today the owner of the house and the material seized is all forgotten. Where did it go and where did he go?

Aug 12 06:47

They’re Destroying the Evidence: Lindell Symposium Reveals Voting Machine Companies Are Wiping Voting Machines Clean in Wisconsin, New Hampshire and Michigan as We Previously Reported (VIDEO)

As The Gateway Pundit previously reported — Back in July the election firm ‘Election Source’ notified officials throughout the state of Michigan that they will discreetly break the law by eliminating election data from voting machines on the 15th.

Attorneys immediately issued them a cease and desist order to prevent this destruction of evidence from happening.

Michigan’s Secretary of State Jocelyn asked the Michigan election officials to do things to cover up the 2020 Election fraud before, so this latest action by Election Source was not so shocking.

Aug 12 05:46

The DeFi hacker who stole $600 million in crypto is... giving it back?

Well that was unexpected.

The hacker responsible for one of the largest cryptocurrency thefts in history made waves Wednesday by returning (at least some of) the stolen funds. That's according to Poly Network, the decentralized finance (DeFi) platform that announced the $600 million heist the day before.

Late Wednesday morning, Poly Network confirmed that $260 million of the stolen funds had been transferred back to wallets it controls.

Aug 12 05:08

'The Russians have videos of me doing crazy f***ing sex!' Hunter Biden is seen in unearthed footage telling prostitute that Russian drug dealers stole ANOTHER of his laptops

Hunter Biden claimed Russians stole another one of his laptops for blackmail while he was close to overdosing in a Las Vegas hotel room, DailyMail.com can reveal.

The alleged incident would mean Hunter lost a total of three computers - the first abandoned at a Delaware computer store and the second seized by federal agents - each likely to hold sensitive information on President Joe Biden and the embarrassing pictures, videos and communications of his son.

The third laptop still appears to be missing – and was taken by Russian drug dealers after they partied with Hunter in Vegas, he told a prostitute in a conversation caught on camera.

After filming himself having sex with the woman using his laptop in January 2019, Hunter left the camera rolling as he recounted a Vegas bender in which he spent '18 days going round from penthouse suite to penthouse suite,' sometimes costing $10,000 a night.

Webmaster's Commentary: 

This might be more Russia-bashing, but if true, it means that Russia has a lever with which to bend Joe Biden, along with China.

Aug 11 19:06

[Video] REPLACED: The Energetic RISE Of Youtube Alternatives: Rumble, Bitchute, Odysee

People are abandoning YouTube for censorship free alternatives.

Aug 11 12:55

A Hacker Shows Us How Easy it is To Manipulate Voting Machines

Aug 11 09:16

Biology Is Blasphemy: Racist Reality Meets Anti-Racist Inanity

“Shocked, confused, and frankly horrified!” As Steve Sailer has reported, that’s how an anti-racist radiologist called Luke Oakden-Rayner sums up the reaction of himself and other medical researchers to a dark, dangerous, and deeply disturbing discovery in artificial intelligence (AI). What have they found? That AI has what Oakden-Rayner calls the “worst superpower.” It’s guilty of “medical racism,” because it can identify racial identity in X-rays and other medical images that, to human eyes, contain absolutely no clue as to race.

Aug 11 07:28

NSA AWARDS SECRET $10 BILLION CONTRACT TO AMAZON

The National Security Agency has awarded a secret cloud computing contract worth up to $10 billion to Amazon Web Services, Nextgov has learned.

The contract is already being challenged. Tech giant Microsoft filed a bid protest on July 21 with the Government Accountability Office two weeks after being notified by the NSA that it had selected AWS for the contract.

The contract’s code name is “WildandStormy,” according to protest filings, and it represents the second multibillion-dollar cloud contract the U.S. intelligence community—made up of 17 agencies, including the NSA—has awarded in the past year.

In November, the CIA awarded its C2E contract, potentially worth tens of billions of dollars, to five companies—AWS, Microsoft, Google, Oracle and IBM—that will compete for specific task orders for certain intelligence needs.

Aug 11 07:24

What Is Pegasus? A Cybersecurity Expert Explains How the Spyware Invades Phones and What It Does When It Gets In

End-to-end encryption is technology that scrambles messages on your phone and unscrambles them only on the recipients’ phones, which means anyone who intercepts the messages in between can’t read them. Dropbox, Facebook, Google, Microsoft, Twitter and Yahoo are among the companies whose apps and services use end-to-end encryption.

This kind of encryption is good for protecting your privacy, but governments don’t like it because it makes it difficult for them to spy on people, whether tracking criminals and terrorists or, as some governments have been known to do, snooping on dissidents, protesters and journalists. Enter an Israeli technology firm, NSO Group.

Aug 10 18:21

O (no!) Canada: Fast-moving Proposal Creates Filtering, Blocking and Reporting Rules—And Speech Police to Enforce Them

By Corynne McSherry and Katitza Rodriguez

Policymakers around the world are contemplating a wide variety of proposals to address “harmful” online expression. Many of these proposals are dangerously misguided and will inevitably result in the censorship of all kinds of lawful and valuable expression. And one of the most dangerous proposals may be adopted in Canada. How bad is it? As Stanford’s Daphne Keller observes, “It’s like a list of the worst ideas around the world.” She’s right.

These ideas include:

- broad “harmful content” categories that explicitly include speech that is legal but potentially upsetting or hurtful
- a hair-trigger 24-hour takedown requirement (far too short for reasonable consideration of context and nuance)
- an effective filtering requirement (the proposal says service providers must take reasonable measures which “may include” filters, but, in practice, compliance will require them)

Aug 10 13:40

New “Glowworm attack” recovers audio from devices’ power LEDs

Researchers at Ben-Gurion University of the Negev have demonstrated a novel way to spy on electronic conversations. A new paper released today outlines a novel passive form of the TEMPEST attack called Glowworm, which converts minute fluctuations in the intensity of power LEDs on speakers and USB hubs back into the audio signals that caused those fluctuations.

The Cyber@BGU team—consisting of Ben Nassi, Yaron Pirutin, Tomer Gator, Boris Zadov, and Professor Yuval Elovici—analyzed a broad array of widely used consumer devices including smart speakers, simple PC speakers, and USB hubs. The team found that the devices' power indicator LEDs were generally influenced perceptibly by audio signals fed through the attached speakers.

Aug 10 10:25

Attackers Started Exploiting a Router Vulnerability Just 2 Days After Its Disclosure

Juniper Threat Labs found evidence that a vulnerability that "potentially affects millions of home routers" was being actively exploited by hackers just two days after it was revealed to the public.

On Aug. 3, Tenable researcher Evan Grant publicly disclosed the vulnerability in question, which has been assigned the identifier CVE-2021-20090, alongside several other security flaws. Juniper said it "identified some attack patterns that attempt to exploit this vulnerability in the wild coming from an IP address located in Wuhan, Hubei province, China" starting on Aug. 5.

The attacker was reportedly attempting to deploy a variant of the Mirai botnet that's powered numerous high-profile distributed-denial of service (DDoS) attacks since July 2016. This doesn't appear to be the first time the attacker exploited a publicly disclosed vulnerability in their efforts to deploy this botnet—Juniper said it started tracking similar activity on Feb. 18.

Aug 10 10:15

BREAKING: Lindell’s Symposium Hit with Cyber Attack — Shut Down — But Backup Plan Kicks in, Program Slightly Delayed– HUGE ANNOUNCEMENT AT 7 PM (VIDEO)

Mike Lindell announced this morning that the symposium was already under cyber attack.

The event had a backup plan, the program was delayed but will continue.

Mike also said there is a HUGE ANNOUNCEMENT today at 7 PM.

CodeMonkeyZ, Ron Watkins, is at the conference and made a similar announcement earlier this morning.

Aug 10 07:43

Check These Settings Before You Lose Your iPhone so You Can Find It Later

It sucks when you end up losing your iPhone. Maybe you forgot it at the cafe, or it was stolen from the train station. Fortunately, it can be easy to track your iPhone (as long as it’s juiced up, and active). And if you already have a passcode enabled, the Find My iPhone feature is enabled automatically. Here’s how to find your lost or stolen iPhone.

Aug 10 07:41

Blake Masters: Big Tech Is an ‘Extension of the Surveillance State’

Blake Masters, the tech leader running in the Republican senate primary in Arizona, blasted Apple for abandoning its previously robust commitment to user privacy with its announcement that it will scan users’ photo libraries for illegal imagery.

The candidate, who previously worked for conservative tech entrepreneur and early Trump supporter Peter Thiel, said users need a “new set of legal protections” to protect them from being “constantly spied on and exploited.”

Masters previously condemned PayPal for its plan to share Americans’ financial transaction data with the far-left Anti Defamation League, calling it an “obvious pretext to suppress any dissent.”

Aug 10 07:21

Apple Tries to Calm Blowback Against Intruding on iPhone Users’ Privacy

Recently, Apple announced a new addition to its upcoming iOS 15 and iPadOS 15 firmware for iPhones and iPads. The new feature will allow Apple to scan user photos stored in Apple’s iCloud service and determine if they contain sexually explicit images involving children. Following a blowback against the Masters of the Universe scanning the devices of its customers, the company is now promising it will not abuse the feature or allow governments to dictate what types of data iPhones are scanned for.

Apple claims that the way it detects CSAM (Child Sexual Abuse Material) is “designed with user privacy in mind,” and it is not directly accessing iCloud users’ photos but rather utilizing a device-local, hash-based lookup and matching system to cross-reference the hashes of user photos with the hashes of known CSAM.

Webmaster's Commentary: 

So, all the perverts need to do is slightly resize their images, and the hashing won't work.

Aug 10 06:54

FEMA and FCC Plan Nationwide Emergency Alert Test for Aug. 11 Test Messages Will be Sent to TVs and Radios Along with Select Cell Phones That Have Opted-in to Receive Test Messages

FEMA, in coordination with the Federal Communications Commission, will conduct a nationwide test of the Emergency Alert System (EAS) and Wireless Emergency Alerts (WEA) this summer.

The national test will consist of two portions, testing WEA and EAS capabilities. Both tests will begin at 2:20 p.m. ET on Wednesday, Aug. 11.

The Wireless Emergency Alert portion of the test will be directed only to consumer cell phones where the subscriber has opted-in to receive test messages. This will be the second nationwide WEA test, but the first nationwide WEA test on a consumer opt-in basis. The test message will display in either English or in Spanish, depending on the language settings of the wireless handset.

The Emergency Alert System portion of the test will be sent to radios and televisions. This will be the sixth nationwide EAS test.

Aug 10 06:46

The most secure browser for transmitting sensitive data is definitely not Chrome

Tor.

Yep, that's the answer. The most secure browser for encrypted data is Tor. But there's a catch, and it's a big one. You might work within a company LAN that doesn't allow for the Tor browser to function. And unless you can get your IT department to open up the network to allow Tor to function, you're out of luck.

But for everyone else, Tor is definitely the browser to beat when it comes to encrypted transmitted data.

Aug 10 05:56

Pegasus: Spyware scandal lays bare cracks in Israel's cyber security 'success' story

Revelations about the extent of the penetration of the NSO Group's Pegasus spyware software have sparked off a fierce debate in Israel and abroad about the workings of the country's much-vaunted cyber security sector.

Israeli cyber companies have long been able to maintain a strong brand because of the notoriety of the Israeli intelligence services, especially Mossad and the military SIGINT unit 8200, and the perceived ability of such companies to recruit graduates of these services to their ranks.

A less discussed aspect of this sector is whether it is financially successful. Former Israeli prime minister Benjamin Netanyahu spoke frequently about cyber as a cornerstone of the Israeli high-tech sector and the economy in general, but the Haaretz newspaper found extensive evidence that Israeli offensive cyber technology, and specifically NSO, played a major role in Netanyahu's foreign policy.

Aug 09 05:39

You met Pegasus, on phones, now meet Toka, on any net connected device

The abuse of the Pegasus software by autocratic regimes has been known for several years, though, through recent revelations, it appeared to gain much traction in the mainstream media, owing to the high number of civilians who have reportedly been under surveillance through its use.

The continuation of the long standing scandal surrounding the abuse of Pegasus has also brought considerable controversy and notoriety to the Israeli company that developed it, the NSO group.

While the NSO group has become infamous, other Israeli companies, with even deeper ties to Israel's intelligence apparatus have been selling software that not only provides the exact same services to governments, to intelligence agencies, but purports to go even farther than that.

Aug 09 05:06

They're Normalizing Robot Police By Calling Them "Dogs"

Hawaii police are defending their use of pandemic relief funds for a robotic “police dog” made by Boston Dynamics which scans homeless people’s eyes to see if they have a fever.

“If you’re homeless and looking for temporary shelter in Hawaii’s capital, expect a visit from a robotic police dog that will scan your eye to make sure you don’t have a fever,” says a new report from Associated Press.

“That’s just one of the ways public safety agencies are starting to use Spot, the best-known of a new commercial category of robots that trot around with animal-like agility.”

Aug 08 07:33

Serious Warning Issued For Millions Of Apple iPhone Users

While Apple is currently facing criticism for upcoming privacy changes, a more immediate financial danger to millions of iPhone and iPad users has been exposed. And it is an area where Apple is a repeat repeat, repeat, repeat, repeat offender.

Following revelations that Apple has facilitated iOS scams with profits “measured in billions”, the company has now been spotted promoting new scams in its App Store which can cost users hundreds of dollars per year. And some of the examples are jaw dropping.

As iOS developer Beau Novelle notes, “One of them doesn’t even do anything” despite the fact it charges users almost $700 per year. With fellow iOS coder Simeon doing a deep dive on one example which lets users access the app for free once they have submitted their payment details, then automatically starts charging $12.99 per week after three days.

Aug 07 05:50

Pegasus: Tunisia's Ghannouchi targeted by Saudi Arabia

Rached Ghannouchi, the speaker of Tunisia's parliament and head of the Ennahda party, was targeted by Saudi Arabia for surveillance using the NSO Group's Pegasus spyware, Middle East Eye can reveal.

Ghannouchi is one of 50,000 numbers found on a list acquired by investigative NGO Forbidden Stories and Amnesty International that is believed to be made up of phones that the Israeli tech company’s clients have targeted since 2016.

Forbidden Stories told Ghannouchi his phone was on the list two weeks ago. It is his primary number, one of two he uses, and one he has used for 10 years. The number is not in the public domain.

Aug 06 13:53

Apple to permanently scan users’ photos and messages for abusive content

Apple announced on Thursday plans to scan users’ iPhones for child sexual abuse content in an effort to “protect children from predators who use communication tools to recruit and exploit them,” in addition to limiting the spread of Child Sexual Abuse Material (CSAM).

According to Apple’s announcement, new operating system technology will allow the company to identify known CSAM images, allowing Apple to report the incidents to the National Center for Missing and Exploited Children, an agency that collaborates with law enforcement to combat child sexual abuse nationwide.

Webmaster's Commentary: 

I just put this on my iPhone.

Aug 06 11:44

Open Source Mobile OS Alternatives To Android

It’s no exaggeration to say that open source operating systems rule the world of mobile devices. Android is still an open-source project, after all. But, due to the bundle of proprietary software that comes along with Android on consumer devices, many people don’t consider it an open source operating system.

So, what are the alternatives to Android? iOS? Maybe, but I am primarily interested in open-source alternatives to Android.

I am going to list not one, not two, but several alternatives, Linux-based mobile OSes.

Aug 06 05:50

'Privacy Company' Apple Plans To Monitor All US iPhones For Evidence Of Child Porn

As the old saying goes: If you aren't doing anything illegal, then you have nothing to fear from surveillance.

Smartphones already act like tracking devices broadcasting the whereabouts of their owners, but Apple is about to open the door to far more advanced forms of smartphone-based voluntary surveillance by launching a new program designed to detect and report iPhone users who are found to have child pornography - known by the academic-speak acronym CSAM - which stands for Child Sexual Abuse Materials. According to a handful of academics who were offered a sneak preview of the company's plans - then promptly spilled the beans on Twitter, and in interviews with the press.

Aug 05 17:09

Apple’s Plan to “Think Different” About Encryption Opens a Backdoor to Your Private Life

By India McKinney and Erica Portnoy

Apple has announced impending changes to its operating systems that include new “protections for children” features in iCloud and iMessage. If you’ve spent any time following the Crypto Wars, you know what this means: Apple is planning to build a backdoor into its data storage system and its messaging system.

Child exploitation is a serious problem, and Apple isn’t the first tech company to bend its privacy-protective stance in an attempt to combat it. But that choice will come at a high price for overall user privacy. Apple can explain at length how its technical implementation will preserve privacy and security in its proposed backdoor, but at the end of the day, even a thoroughly documented, carefully thought-out, and narrowly-scoped backdoor is still a backdoor.

Aug 05 13:49

Apple plans to scan US iPhones for child abuse imagery

Apple intends to install software on American iPhones to scan for child abuse imagery, according to people briefed on its plans, raising alarm among security researchers who warn that it could open the door to surveillance of millions of people’s personal devices.

Apple detailed its proposed system—known as “neuralMatch”—to some US academics earlier this week, according to two security researchers briefed on the virtual meeting. The plans could be publicized more widely as soon as this week, they said.

Aug 05 12:52

16 Civil Society Organizations Call on Congress to Fix the Cryptocurrency Provision of the Infrastructure Bill

By Rainey Reitman and Hayley Tsukayama

The Electronic Frontier Foundation, Fight for the Future, Defending Rights and Dissent and 13 other organizations sent a letter to Senators Charles Schumer (D-NY), Mitch McConnell (R-KY), and other members of Congress asking them to act swiftly to amend the vague and dangerous digital currency provision of Biden’s infrastructure bill.

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA