Update: Kazakhstan intercepting HTTPS Traffic

Update: Kazakhstan intercepting HTTPS Traffic Resident of Nur-Sultan here. We got the SMS yesterday (19:00 20/7) requesting us to install the MTM Cert from Beeline (KZ Telco). So far, nothing is blocked and VPNs work without any issue. ​ I’ll continue to update. I am also in touch with the ministry responsible for this policy and will try to get more information next week. ​ Stay safe everyone! submitted by /u/jiyosub to r/privacy [link] [comments] top scoring links : multi

Read More

New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission – Dubbed Spearphone, the newly demonstrated attack takes advantage of a hardware-based motion sensor, called an accelerometer, and can be unrestrictedly accessed by any app installed on a device even with zero permissions

New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission – Dubbed Spearphone, the newly demonstrated attack takes advantage of a hardware-based motion sensor, called an accelerometer, and can be unrestrictedly accessed by any app installed on a device even with zero permissions submitted by /u/quantumcipher to r/privacy [link] [comments] top scoring links : multi

Read More

PSA: If anyone’s email is broken because their GnuPG keyring automatically fetched a poisoned key (ie: Tor Browser key) following the certificate flooding attacks last month (CVE-2019-13050), here’s a guide on how you can fix your gpg client and prevent this issue in the future

PSA: If anyone’s email is broken because their GnuPG keyring automatically fetched a poisoned key (ie: Tor Browser key) following the certificate flooding attacks last month (CVE-2019-13050), here’s a guide on how you can fix your gpg client and prevent this issue in the future submitted by /u/maltfield to r/netsec [link] [comments] top scoring links : multi

Read More

In a move that is bound to piss off more than a couple of publishers, google is readying to fix the β€œloophole” that allowed sites to see when you’re browsing in incognito mode.

In a move that is bound to piss off more than a couple of publishers, google is readying to fix the β€œloophole” that allowed sites to see when you’re browsing in incognito mode. submitted by /u/RonaldvanderMeer to r/security [link] [comments] top scoring links : multi

Read More

Kazakhstan government has started man-in-the-middle attacks on all HTTPS internet traffic in the country by asking end-users to install government-issued certificate authority on all devices in every browser.

Kazakhstan government has started man-in-the-middle attacks on all HTTPS internet traffic in the country by asking end-users to install government-issued certificate authority on all devices in every browser. submitted by /u/ape_pants to r/privacy [link] [comments] top scoring links : multi

Read More

Facebook admits to processing your personal data even if you don’t have an account – GDPR

Facebook admits to processing your personal data even if you don’t have an account – GDPR The following quote comes directly from the Facebook privacy policy: β€œAdvertisers, app developers, and publishers can send us information through Facebook Business Tools they use, including our social plug-ins (such as the Like button), Facebook Login, our APIs and SDKs, or the Facebook pixel. These partners provide information about your activities off Facebookβ€”including information about your device, websites you visit, purchases you make, the ads you see, and how you use their servicesβ€”whether or…

Read More

Opinion: Don’t Regulate Facial Recognition. Ban It. | We are on the verge of a nightmare era of mass surveillance by the state and private companies. It’s not too late to stop it.

Opinion: Don’t Regulate Facial Recognition. Ban It. | We are on the verge of a nightmare era of mass surveillance by the state and private companies. It’s not too late to stop it. submitted by /u/MyNameIsGriffon to r/privacy [link] [comments] top scoring links : multi

Read More