Show newer
Sheogorath :si_blobfox: boosted

Kann man die #Standortdaten von Personen, die mit einem Smartphone in der Tasche herumlaufen, einfach so kaufen und ihnen zuordnen? Eine Recherche aus Dänemark zeigt am Beispiel von #HuqIndustries: Man kann.
mobilsicher.de/aktuelles/das-m

Sheogorath :si_blobfox: boosted

After 2 years and almost 6 months ( less 2 days ), we have finally released version 1.2 that has been waiting to be released to the world for 1 year and 2 months.

The new release features over 50 new icons ( forkaweso.me/Fork-Awesome/what )

---

This is only the beginning of our work. There is a lot more to go from here and much more to achieve. We are excited for this new journey.

{ tooted by shine )

Sheogorath :si_blobfox: boosted

> We regularly hear about people getting lost in the wilderness because they believe their smartphone will show them the way back to civilization.
spectrum.ieee.org/the-joy-of-d

Apple opened pandoras box by implementing its CSAM scanner. The basic concept is not new, it's how law enforcement and other attackers have "broken" end-to-end encryption for years.

But as mentioned, previously it was attackers, not the software itself using such methods.

But there is no way of going back. Law makers now know it can be deployed. It was deployed. So it'll be deployed again. And since we didn't see a majority of apple users destroy their devices, it's even accepted.

Sheogorath :si_blobfox: boosted

I've just created a matrix room for discussing the translation process on weblate.bubu1.eu:

matrix.to/#/#weblate:bubu1.eu

This is aimed at project maintainers needing help to setup their project, translators needing help with the weblate workflow, downtime/upgrade announcements, etc.

By the way, are there any recommended helm charts for Mastodon?

The ones I found were quite outdated, so unless someone can hit me with one, I guess I'll have to write one myself.

Using tang to centralised unlock the disk encryption of your servers? Need a backup of your tang server? Tar your tang-db, base64 encode it and store it in your passwordsafe. Easy, quick and accessible. (Of course make sure sure you can access your passwordsafe without depending on the infrastructure you need to unlock)

Sheogorath :si_blobfox: boosted

afghanistan, taliban, biometrics 

"Thousands of Afghans struggling to ensure the physical safety of their families after the Taliban took control of the country have an additional worry: that biometric databases and their own digital history can be used to track and target them."
reuters.com/article/afghanista

Nobody in #InfoSec or #DigitalHumanRights spaces is surprised by this. This was completely predictable.

Another "this would *NEVER* happen" just happened.

Well, that didn't take long… we have a first hash collision: social.wildeboer.net/@jwildebo

Have that picture of a dog on your phone and the secret threshold for apple's CSAM scanner is down by one.

Good that there is only a 1 in a trillion chance of a false positive.

But no worries, it's just your own phone that make wrong accusations of being a pedophile against you and maybe reports you to Apple which might takes it to the police.

Show thread
Sheogorath :si_blobfox: boosted

OK. This is quite technical. But TL;DR - the neural hash system #Apple uses for their CSAM detection has been confronted with its first possible collision by some good hackers. This dog might be marked by the system as suspicious. Ouch. Issue 1 at github.com/AsuharietYgvar/Appl

Sheogorath :si_blobfox: boosted

Wait what??? Das hessische Innenminesterium bittet das BSI um einen Security Audit der Luca App - das Bundesinnenministerium verbietet dem BSI dies zu tun... Jetzt weiss ich auch nicht mehr m(

spiegel.de/netzwelt/netzpoliti

Sheogorath :si_blobfox: boosted

Die App #Siegelklarheit vom Bundesentwicklungsministerium sorgt dafür, dass ihr im Dickicht der #FairTrade- und #Nachhaltigkeit|s-Siegel nicht den Überblick verliert - und erhebt dabei nur notwendige Daten.
Dafür gibt es von uns die Bestnote: Privacy Score 1! mobilsicher.de/apptest/frisch-

Sheogorath :si_blobfox: boosted

The apartment I'm renting is eating 50+kW/h of power per DAY 😧 This is with a heat pump.
People who live in cold climates, is this normal? I've just moved countries and don't have a frame of reference for this.

Sheogorath :si_blobfox: boosted

Apparently #Wire wants to #free its product from #Google to bring it to #FDroid and they're "looking for a contractor who can handle an older scala codebase, and has experience around app notification processes".
forum.f-droid.org/t/wire-on-f-

#Job

Sheogorath :si_blobfox: boosted

“…this new single-minded focus on CSAM in the revived anti-encryption push feels like an exceedingly cynical move on the part of the U.S. government … One proposal … is to build a system where the provider … would check content … before it’s encrypted and transmitted … i.e. while the content is on the sender’s device … to try to figure out whether that content is or might be abusive content such as CSAM.” – Riana Pfefferkorn, Oct 7,
2019

Note the date.

cyberlaw.stanford.edu/blog/201

#apple #privacy

Sheogorath :si_blobfox: boosted

"I respect your right to put other people at risk by your stupidity". Yeah, right.

Sheogorath :si_blobfox: boosted

We need some help with #PHP #packagist and #composer.

Could someone help review a pull request that updates `composer.json` for packagist.org?

github.com/ForkAwesome/Fork-Aw

( tooted by shine )

Sheogorath :si_blobfox: boosted

Für eine vom #BSI betreute Bachelorarbeit wurde untersucht, ob sich die Technische Richtlinie BSI TR-03148 („Router-TR“) eignet, um einen gängigen Router mit installierter #OpenSource Firmware OpenWrt zu prüfen.
Darüber hinaus wurde für diese Abschlussarbeit analysiert, welche Testfälle der „Router-TR“ OpenWrt bislang nicht erfüllt und welche Vorteile OpenWrt gegenüber proprietären Router-Firmwares aufweist.
👉 bsi.bund.de/SharedDocs/Downloa

#DeutschlandDigitalSicherBSI

Sheogorath :si_blobfox: boosted

Die #Chatkontrolle wird bisher nur freiwillig von einigen Kommunikationsdiensten eingesetzt. Für Herbst kündigt die EU-Kommission allerdings einen Vorschlag zur #Chatkontrolle2.0 an, die dann alle Messenger-Anbieter zur Nachrichtendurchleuchtung zwingen soll. (8/8)

Show thread
Sheogorath :si_blobfox: boosted

What Apple is doing with its plans to scan content on your own devices (and, to a lesser degree, what it was doing earlier with its News app profiling you on your own device) is an attempt to redefine what it means to violate your privacy.

It doesn’t matter where your privacy gets violated (on your own device or in the cloud). It matters that your privacy is being violated. The violation of privacy isn’t the scanning of the content, it is the notification of a third-party based on the scan.

Show older
Sheogorath's Microblog

This is my personal microblog. It's filled with my fun, joy and silliness.