Search
Items tagged with: Security
#Windows10 #updates will #cost you $30 - #Linux updates are for free 👍
#Microsoft #cybersecurity #security #Software #os #update #Problem #fail #news #freedom #change #Windows #Windows11 #money #finance #economy
Microsoft: Pay $30 to keep using Windows 10 securely if you hate Windows 11
With support for Windows 10 ending on October 14, 2025, Microsoft wants people to switch to Windows 11 or pay $30 to keep using Windows 10.Mayank Parmar (Windows Latest)
Something that’s been bothering me for years in the security world: why do researchers demand bug bounties for vulnerabilities in open source projects, when the very contributors maintaining and fixing those issues get nothing, just goodwill?
It feels deeply unfair. The burden falls on unpaid maintainers, yet bounty hunters get rewarded. If you want a paid bounty, maybe help fund the people who actually fix the mess too.
GrapheneOS version 2025061000 released:
https://grapheneos.org/releases#2025061000
See the linked release notes for a summary of the improvements over the previous release.
Forum discussion thread:
https://discuss.grapheneos.org/d/23046-grapheneos-version-2025061000-released
#GrapheneOS #privacy #security
GrapheneOS releases
Official releases of GrapheneOS, a security and privacy focused mobile OS with Android app compatibility.GrapheneOS
**Backdoor Campaign Affecting Thousands of ASUS Routers**
https://www.greynoise.io/blog/stealthy-backdoor-campaign-affecting-asus-routers
**#asus #security #backdoor #malware**
GreyNoise Discovers Stealthy Backdoor Campaign Affecting Thousands of ASUS Routers
GreyNoise uncovers a stealth campaign exploiting ASUS routers, enabling persistent backdoor access via CVE-2023-39780 and unpatched techniques.www.greynoise.io
GrapheneOS: Where Licenses Matter More Than People
I chose to write this.
Link removed
#GrapheneOS #Accessibility #FOSS #Blind #DisabilityTech #Inclusion #GPLv3 #espeak #a11y #Security #FreeSoftware #DisabilityRights #Android #Rant #TechShame
**update**: If you are using this post as some kind of call-to-action to harass and attack the GOS developers, please don't.
That damages everyone. You, them, and myself. It's not helpful.
**Update two**. I have made the decision to pull this post. It is not a good starting-point for a discussion, and just encourages defensiveness on both sides – when there really aren't sides here at all.
As a FOSS contributor, I am deeply ashamed at the way I approached this out of frustration.
Are Your #Passwords in the Green?
source: https://www.hivesystems.com/blog/are-your-passwords-in-the-green
#password #login #internet #gpu #bruteforce #crack #hack #security #cybersecurity #technology #speed
Are Your Passwords in the Green?
Passwords that felt secure a year ago might not hold up in 2025. Hive Systems’ updated Password Table reveals just how much faster hackers can break into accounts today.Corey Neskey (Hive Systems)
PSA: The Tor Browser Security Level slider cannot be relied upon without a full browser restart (per an anonymous community report and confirmed by Privacy Guides staff) - Make sure you are aware of this if you rely on this feature for your safety.
https://www.privacyguides.org/articles/2025/05/02/tor-security-slider-flaw/
#TorBrowser #Security #MullvadBrowser #Privacy #PrivacyGuides #Article
A Flaw With the Security Level Slider in Tor Browser
PSA: The security level slider in Tor Browser (and Mullvad Browser) does not fully apply until restarting the browser.www.privacyguides.org
Dutch lawmakers push for ‘red button’ to erase #digital footprints
source: https://nltimes.nl/2025/04/01/dutch-lawmakers-push-red-button-erase-digital-footprints
Although websites require users to accept or decline #cookies before browsing, the lawmakers argue that #children often accept them without fully understanding the #consequences. “Children don’t realize what they’re agreeing to,” Six Dijkstra said.
#internet #bigdata #bigbrother #kids #cybersecurity #online #surveillance #economy #footprint #politics #security #news #Netherlands
Dutch lawmakers push for ‘red button’ to erase digital footprints
Dutch lawmakers Don Ceder (ChristenUnie) and Jesse Six Dijkstra (NSC) have introduced a proposal to make it easier for individuals to delete their personal data from the internet.NL Times
New Privacy Guides video 📺✨
by @jw
If you've wondered about
the difference between:
Privacy,
Security,
and Anonymity
And why some privacy-focused
services are worth using even when they don't provide perfect anonymity, watch this!
It's truly an amazing short video!
Everyone should watch it 👇
https://www.privacyguides.org/videos/2025/03/14/stop-confusing-privacy-anonymity-and-security/
#PrivacyGuides #Privacy #Security #Anonymity
Stop Confusing Privacy, Anonymity, and Security
Are you mixing up privacy, security, and anonymity? Don't worry, it's more common than you might think! In this week's video we break down each term, so you can make educated decisions on what tools are best for you.www.privacyguides.org
FreeTube ─ Watch YouTube without ads, without login, and with private playlists.
#google #YouTube #privacy #ad #safety #security #InfoSec #data #advertisement #tech #technology #BigTech #app #apps #tip #tips
FreeTube - The Private YouTube Client
FreeTube is a feature-rich and user-friendly YouTube client with a focus on privacy.freetubeapp.io
https://frederikbraun.de/home-assistant-can-not-be-secured-for-internet-access.html
https://thecopenhagenbook.com/
🔴 Agenda na #JesienLinuksowa już dostępna! 🔴
W programie: #DevOps, #security, #gaming, #prywatność i więcej!
Goście specjalni: Kuba Mrugalski (@uwteam), Tomasz Zieliński (@infzakladowy)
Dodatkowo: 💬 Unconference ⚡ Lightning Talks 🎉 Fedora release party!
Do zobaczenia! 🥳
Do you want to help make software safer? Find the bugs in our ntpd-rs!
The ntpd-rs Bug Bounty Program offers a reward to anyone who finds a qualifying vulnerability.
Read the details here: https://yeswehack.com/programs/pendulum-bug-bounty-program
This Bug Bounty Program is organized and funded by @sovtechfund . Read more about this initiative here: https://www.sovereigntechfund.de/programs/bug-resilience/
ntpd-rs Bug Bounty Program bug bounty program - YesWeHack
ntpd-rs Bug Bounty Program bug bounty program detailsYesWeHack #1 Bug Bounty Platform in Europe
So now that we all understand that thanklessly relying on free work of overworked maintainers is a problem, how about we put our money where our mouth is?
I think @AndresFreundTec needs a fat bonus check for saving our asses.
And Lasse Collin needs a lot of support, and probably a nice vacation.
I pledge $100, for starters.
Now how can we make sure to send the funds to the correct people?
Or is there already any fundraiser that I missed?
„GitHub Disables The XZ Repository Following Today's Malicious Disclosure“
https://www.phoronix.com/news/GitHub-Disables-XZ-Repo
GitHub Disables The XZ Repository Following Today's Malicious Disclosure
Today's disclosure of XZ upstream release packages containing malicious code to compromise remote SSH access has certainly been an Easter weekend surprise..www.phoronix.com
Millions Of #google #whatsapp #Facebook #2FA #Security Codes #Leak Online
Security experts advise against using SMS messages for two-factor authentication codes due to their vulnerability to interception or compromise. Recently, a security researcher discovered an unsecured database on the internet containing millions of such codes, which could be easily accessed by anyone.
#news #tech #technews #technology #privacy
Millions Of Google, WhatsApp, Facebook 2FA Security Codes Leak Online
A security researcher has discovered an unsecured database on the internet containing millions of two-factor authentication security codes. Here's what you need to know.Davey Winder (Forbes)
Y'all know not to use #Temu right? Right???
Temu app contains ‘most dangerous’ #spyware in circulation: class action lawsuit | Fashion Dive
https://www.fashiondive.com/news/temu-class-action-lawsuit-data-collection/699328/
Temu app contains ‘most dangerous’ spyware in circulation: class action lawsuit
The complaint alleges that the fast fashion giant gains access to “literally everything on your phone” once its app is downloaded.Fashion Dive
But to be fair ...
Is it the implementation language being the main issue? Or is it the flexibility of extending it with plugins and that it is effectively a setuid tool, granting root access immediately when an unprivileged user starts the program (the privileges are reduced first when it has parsed the sudo config).
Sudo is a nice tool from the user's side. But security wise it's a disastrous approach. Privileges should first be elevated *after* the config has been parsed and the expected privilege level has been established. Then the tool should ideally jump to that privilege level directly.
This post introduces some new ideas ... https://tim.siosm.fr/blog/2023/12/19/ssh-over-unix-socket/
It's not a perfect approach in all cases. But it gets rid of the setuid issue.
sudo without a setuid binary or SSH over a UNIX socket
In this post, I will detail how to replace sudo (a setuid binary) by using SSH over a local UNIX socket. I am of the opinion that setuid/setgid binaries are a UNIX legacy that should be deprecated.Siosm's blog
Seriously, WTF @protonmail ?
#YouHadOneJob as #eMail #Provider and that is to get shit reliably sent and recieved.
If that's too hard then how should anyone trust them re: #security and #privacy?
Spoiler: Noine should!
https://www.youtube.com/watch?v=QCx_G_R0UmQ
ProtonMail Sends User IP and Device Info to Swiss Authorities.
Original articleshttps://mobile.twitter.com/tenacioustek/status/1434604102676271106https://techcrunch.com/2021/09/06/protonmail-logged-ip-address-of-french-a...YouTube
#BraveBrowser is installing VPNs without users' consent, even if you didn't willingly enable their #VPN service. Just stop using #Brave, it's garbage.
Edit: the services are disabled by default, but they were still installed with very little to no transparency about them towards the user, alongside all the other stuff that's often unwanted from Brave users (Pocket on Firefox is to blame too, lol.)
https://www.ghacks.net/2023/10/18/brave-is-installing-vpn-services-without-user-consent/
#Browser #Security #Privacy #OpenSource #FreeSoftware #LibreSoftware
Are your Google Docs safe from AI training?
With AI continuing its slow rise to prominence, consumers are concerned their personal content is being used to train Google's generative service.Jack Wallen (ZDNET)
https://lapcatsoftware.com/articles/2023/7/1.html
#security #privacy #firefox #wtf
Smartphones using the Snapdragon 630 chip were found to call home to Qualcomm without the consent of the user, bypassing the whole operating system. […]
< SEE ATTACHMENT >
EDIT / UPDATE:
Martijn Braam took a look and provides a valuable counterstatement. Thx @bart
https://blog.brixit.nl/nitrokey-dissapoints-me/
Still without the actual data that gets transmitted though. Unless someone does it first I'll replicate the test setup myself tomorrow and post my findings here.
#privacy #security
#OpenSource #FreeSoftware #privacy #security #infosec
🤡 #1Password becomes #spyware:
https://blog.1password.com/privacy-preserving-app-telemetry/
We're changing how we discover and prioritize improvements | 1Password
Learn about a new, privacy-preserving in-app telemetry system that 1Password is trialing with its employees.1Password
https://www.bleepingcomputer.com/news/security/us-sues-google-for-abusing-dominance-over-online-ad-market/
#Security
U.S. sues Google for abusing dominance over online ad market
The U.S. Justice Department has filed a federal lawsuit today against Google for abusing its dominant position in the online advertising market.Sergiu Gatlan (BleepingComputer)
The hacker also stole an encryption key for a portion of the encrypted backups by accessing a cloud storage database shared by both LastPass and GoTo.
#news #tech #technology #security #privacy #Lastpass #breach #hacking
https://www.pcmag.com/news/lastpass-sibling-company-goto-loses-encrypted-backups-to-hackers
#TikTok recommends self-harm and eating disorder content to some users within minutes of joining the platform, according to a new report published Wednesday by the Center for Countering Digital Hate ( #CCDH ).
#news #technology #tech #security #china
https://www.cbsnews.com/news/tiktok-pushes-potentially-harmful-content-to-users-as-often-as-every-39-seconds-study/
TikTok pushes potentially harmful content to users as often as every 39 seconds, study says
TikTok recommends self-harm and eating disorder content to some users within minutes of joining the platform, according to a new report published by the Center for Countering Digital Hate.CBS News
(Why yes, yes it is…) :awesome:
* Or, if you want to take all the fun out of it, a base256 encoding of your ed25519 private key that is purposefully impractical to write down somewhere or type in so you’ll be forced to practice good security hygiene and store it in your password manager.
#design #security #privacy #cryptography #kitten #SmallWeb #SmallTech
Also, we managed to avoid discussing CISA, Twitter, and all the other things on fire.
Episode 351 – Is security or usability a law of the universe?
Josh and Kurt talk about end to end encrypted messages. This has been a popular topic lately due to the Mastodon popularity. Mastodon has a uniquely insecure messaging system, but they aren’t…Open Source Security