70 links
tagged with all of: security + privacy
Click any tag below to further narrow down your results
Links
The article discusses the challenges and implications of privacy in the context of public blockchains, highlighting the tension between transparency and confidentiality in decentralized systems. It emphasizes the need for effective privacy solutions to protect user data while maintaining the integrity of blockchain technologies.
Microsoft is testing its AI-powered Windows Recall feature, which allows users to take snapshots of their active windows for easier searching of content, with a rollout to Windows 11 Insiders. Concerns over privacy led to enhancements including opt-in functionality and security measures like Windows Hello authentication. The feature is designed to help users manage snapshots while ensuring sensitive information is filtered out.
WhatsApp has introduced advanced privacy features that allow users to control who can see their last seen status, profile photo, and about information. These updates aim to enhance user privacy and provide more options for managing visibility within the app. Additionally, WhatsApp emphasizes its commitment to user security with end-to-end encryption for messages.
The roadmap outlines practical steps to enhance privacy for Ethereum users with minimal consensus changes, focusing on on-chain payment privacy, anonymization of application activity, and secure RPC interactions. Key proposals include integrating privacy tools into wallets, adopting one address per application, and improving RPC privacy through advanced technologies like TEE and PIR. Ultimately, the goal is to create a landscape where private transactions are the default and user activities across applications remain unlinked.
The article discusses the advancements in privacy infrastructure at Facebook, particularly focusing on how they are scaling their security measures to support generative AI product innovation. It highlights the importance of integrating robust privacy protocols to enhance user trust and comply with regulatory standards.
Rainwalk, a pet insurance provider, has reportedly exposed sensitive customer data related to 158,000 pets, including personal and medical information. This data breach raises significant concerns about privacy and data security within the pet insurance industry as affected customers face potential identity theft and fraud risks.
The article explores the state of Iran's internet infrastructure and censorship practices from the perspective of Censys, highlighting the challenges faced by users in accessing information and the implications for privacy and security. It discusses the technical and political factors that shape the online environment in Iran, emphasizing the need for improved transparency and access to information.
Meta has addressed a significant bug that risked exposing users' AI prompts and the content generated by those prompts. This vulnerability raised concerns about user privacy and data security within Meta's AI tools. The fix aims to enhance trust in the platform as it continues to develop AI capabilities.
YouTuber Jeff Geerling challenged viewers to de-pixelate a heavily obscured section of his video, which was intended to protect private information. Within hours, a developer successfully restored the hidden content using frame extraction techniques, highlighting the weaknesses of pixelation as a privacy measure.
A company known for selling spyware to monitor sex offenders has reportedly suffered a data breach, exposing sensitive information. The hack raises concerns about the security measures in place for companies dealing with sensitive data related to criminal monitoring.
A hard-coded API key was discovered in an AI note-taking app, leading to the exposure of users' private meeting transcripts. This vulnerability raises significant concerns about data security and user privacy within the application. Immediate actions are needed to address and rectify such security flaws to protect user information.
A security flaw in the covert surveillance app Catwatchful exposed sensitive data, including email addresses and passwords, of 62,000 users due to a SQL injection vulnerability. While the app is marketed for parental monitoring, its stealth features raise concerns about misuse for malicious purposes.
Proton has released Proton Authenticator, a free and open-source two-factor authentication app available across multiple platforms, including Windows, macOS, Linux, Android, and iOS. Designed with a focus on privacy and security, it generates time-based one-time passwords and offers features like encrypted backups, biometric app locking, and easy import/export options. This new tool aims to provide a secure alternative to existing authentication apps that often rely on closed-source models and user lock-in.
Notorious image board 4chan has been hacked, resulting in the leak of sensitive internal data. The breach raises concerns about user privacy and security on the platform, which has a history of controversial content and activities. Investigations are underway to assess the extent of the damage and the implications for its users.
The UK government has decided to drop its demands for tech companies, including Apple, to provide encryption backdoors that would allow law enforcement access to encrypted communications. This move reflects a shift in the government's approach to balancing privacy and security in the digital age. The decision comes amid ongoing debates about the implications of encryption for public safety and privacy rights.
A security breach has exposed user data from VirtualMacOSX.com, potentially affecting numerous users who utilized the service. The compromised data includes sensitive information, raising concerns about user privacy and security measures in place. Users are advised to monitor their accounts and take necessary precautions.
The article discusses a complex topic related to technology and its implications on society, touching upon various aspects such as privacy, security, and ethical considerations. It highlights the ongoing debates and challenges that arise from advancements in tech, emphasizing the need for awareness and proactive measures to address potential issues.
The article discusses recent leaks related to Google's phone models, highlighting security vulnerabilities and concerns regarding data privacy. It emphasizes the implications these issues may have for users and the potential impact on Google's reputation in the tech industry.
Google has resolved a critical bug that posed a risk of inadvertently exposing users' private phone numbers through its services. The company acted quickly to patch the vulnerability after it was discovered, ensuring that user privacy is maintained.
Pistachio offers automated, personalized tools for IT admins and end users, integrating seamlessly with Microsoft SSO for quick setup. It prioritizes user privacy while providing essential security training and insider threat detection, ensuring safety without intrusive monitoring.
A browser hijacking campaign has infected 2.3 million users of Chrome and Edge through malicious extensions that started as legitimate tools. These extensions, which include features like color pickers and emoji keyboards, were later updated to include malware that tracks user activity and redirects browser sessions. Microsoft has removed the extensions from its store, but Google has not yet responded to the incident.
Nearly 1 million browsers have been turned into website scraping bots through 245 browser extensions that override security protections, according to researcher John Tuckner. These extensions, which serve various functions, incorporate the MellowTel-js library to monetize their use by scraping websites for paying clients, including AI startups, while raising concerns about user privacy and security.
Apple has alerted a developer that their iPhone was targeted with government spyware, highlighting concerns over privacy and security. This incident raises questions about the extent of surveillance and the measures tech companies are taking to protect users from such threats.
Fully Homomorphic Encryption (FHE) enables computations on encrypted data without decryption, potentially transforming internet privacy by keeping user data encrypted at all times. Despite current limitations in speed and efficiency, rapid advancements suggest FHE could soon support secure cloud computing and confidential transactions, shifting the paradigm from data harvesting to user privacy.
The conversation with Cloudflare's Matthew Prince explores the future of the internet's business model, discussing the implications of privacy, security, and the evolution of online services. Prince emphasizes the importance of adapting to changing user expectations and the need for innovative approaches to sustain growth in the tech industry.
The article appears to discuss updates and features in Firefox version 144, including enhancements to performance, security, and user experience. It highlights Mozilla's commitment to maintaining user privacy and improving browsing efficiency. Specific details about new tools and functionalities may also be included.
OpenAI is enhancing its security measures to protect its systems from unauthorized access and ensure user privacy. The new protocols aim to deter potential threats and safeguard sensitive information in an increasingly scrutinized tech landscape.
Granting AI access to personal data raises significant privacy and security concerns that individuals should carefully consider. The potential risks associated with data exposure can outweigh the benefits of enhanced AI functionalities. Users are encouraged to think critically about the implications of sharing their information with AI systems.
The article discusses how Meta leverages advanced data analysis techniques to understand and manage vast amounts of data at scale. It highlights the methodologies and technologies employed to ensure data security and privacy while enabling efficient data utilization for various applications.
Florida's proposed law mandates encryption backdoors for social media accounts, raising concerns among experts who label it as both dangerous and misguided. Critics argue that such measures undermine user security and privacy, potentially exposing sensitive information to malicious actors. The law has sparked a broader debate about the implications of government interventions in digital privacy.
Google Chrome has introduced a new feature that prevents browsing history leaks by partitioning link history, allowing links to turn purple only for previously visited sites while keeping them blue on malicious sites. This update aims to enhance user privacy and prevent exploitation by malicious websites.
The U.S. House of Representatives has banned the use of WhatsApp on government devices due to security concerns. This decision reflects ongoing worries about data privacy and the potential for foreign interference through widely-used messaging applications. Agencies are now required to use alternative communication methods that meet security standards.
The article discusses Twitter's new encrypted messaging feature, highlighting its potential impact on user privacy and communication security. It examines the challenges and implications of implementing encryption on a platform with a vast user base, as well as the broader context of encryption in social media.
A significant data breach at Mango has exposed sensitive customer information, raising concerns about privacy and security. Investigations are ongoing to determine the full extent of the breach and its implications for affected users. Customers are advised to take precautions to safeguard their personal data in the wake of this incident.
The article provides an in-depth analysis of VPNs, explaining their purpose, how they work, and the various types available. It discusses the benefits and limitations of using VPNs for privacy and security online, addressing common misconceptions and offering tips for choosing the right service.
A new tea app aimed at men is reportedly leaking personal data, including users' driver's licenses. Concerns have been raised about the app's security measures and the potential risks to user privacy. Experts are calling for immediate investigations and stronger data protection regulations.
Over 40,000 security cameras worldwide are accessible via the internet, allowing potential hackers to exploit them for spying and other malicious activities. The cybersecurity firm Bitsight warns that these cameras, often used in homes and small offices, are at risk due to inadequate security measures, making them targets for cyberattacks. Users are advised to implement stronger security practices to protect their devices.
FreeVPN.One, initially a trusted VPN, has been caught secretly capturing users' screens and sensitive information without consent through a series of updates that expanded its permissions and functionality. Despite claiming to protect user privacy, the extension employs deceptive practices to surveil users, raising serious concerns about security in browser marketplaces. The article highlights the risks associated with malicious extensions and the need for better oversight in software security.
Pakistanis are being urged to change all their passwords immediately following a significant global data breach that has compromised numerous accounts. Authorities recommend enhancing security measures to protect personal information from potential exploitation.
1Password emphasizes the importance of security in AI integration, outlining key principles to ensure that AI tools are trustworthy and do not compromise user privacy. The principles include maintaining encryption, deterministic authorization, and auditability while ensuring that security is user-friendly and effective. The company is committed to creating secure AI experiences that prioritize privacy and transparency.
Fake TikTok and WhatsApp apps have surfaced on Android, posing as legitimate applications but actually containing Clayrat spyware. Users who download these apps risk their personal data being compromised, as the spyware can capture sensitive information and track activities. It is crucial for users to be vigilant and verify app authenticity before installation.
My Privacy DNS is dedicated to compiling and organizing information on blacklisted domains to enhance online privacy through its Matrix project, which acts as a DNS firewall. Key features include an anti-porn list for parental control, a structured submission process for problematic websites, and a commitment to providing accurate and secure domain management. Contributions to the project are welcomed to support its ongoing development and maintenance.
Cline explains its decision not to index users' codebases, emphasizing the importance of privacy and security for developers. By not indexing code, Cline seeks to foster a more secure environment where users can work without the fear of exposing sensitive information. This approach ultimately benefits developers by allowing them to focus on their coding without concerns over data breaches.
Apple has issued notifications to new victims of spyware attacks worldwide, highlighting the ongoing threat posed by advanced surveillance technologies. The company is taking steps to inform affected users and enhance security measures to protect their devices from such intrusions.
Brosix and Chatox, two messaging platforms, failed to uphold their promises of secure communication, exposing users' chats to potential breaches. This raises concerns about the reliability of privacy assurances from messaging services.
The article discusses methods of spying using Chromium-based browsers, specifically focusing on the vulnerabilities that allow screensharing without user consent. It highlights the technical aspects of how these exploits work and the potential privacy implications for users. The piece serves as a cautionary reminder of the importance of browser security and user awareness.
Researchers from King's College London warn that large language model (LLM) chatbots can be easily manipulated into malicious tools for data theft, even by individuals with minimal technical knowledge. By using "system prompt" engineering, these chatbots can be instructed to act as investigators, significantly increasing their ability to elicit personal information from users while bypassing existing privacy safeguards. The study highlights a concerning gap in user awareness regarding privacy risks associated with these AI interactions.
AT&T has reached a settlement regarding data breaches that occurred between 2019 and 2024, which affected customer data and privacy. The agreement addresses compensation for affected individuals and outlines measures to enhance data security moving forward.
The article appears to be corrupted and does not contain readable content. As such, it is not possible to summarize the main points or themes of the intended discussion regarding security measures or practices. Further analysis or access to a different version of the content may be required to provide a summary.
The article discusses methods to obscure command and control (C2) traffic using platforms like Discord and Slack. It explores the potential of these applications to serve as covert channels for communication, thereby enhancing security and privacy for users involved in sensitive activities. Techniques for effectively utilizing these platforms are also examined.
A security vulnerability in the Verizon Call Filter iOS app allowed unauthorized access to the call history of any Verizon customer by manipulating network requests, raising significant privacy and safety concerns for vulnerable individuals. The flaw was reported and promptly fixed by Verizon, highlighting the importance of securing sensitive user data in telecommunications.
The article discusses the recent discovery of popular Chrome extensions that are leaking user data through unencrypted connections. This raises concerns about user privacy and the security of sensitive information while using these extensions. Users are advised to be cautious and consider the risks associated with such tools.
The article discusses zkPDF, a tool designed to unlock verifiable data in PDF documents using zero-knowledge proofs. It highlights how zkPDF enhances privacy and security by enabling users to confirm the authenticity of data without revealing sensitive information. The focus is on the potential applications of this technology in various sectors, emphasizing its importance in maintaining data integrity and confidentiality.
The article discusses concerns regarding pre-installed apps on the Ulefone Kruger smartphone, highlighting potential security risks and privacy issues associated with these apps. Users are advised to be cautious about the data these applications may access and the implications for personal security.
Choosing the right VPN involves understanding its limitations and realistic benefits, such as bypassing internet censorship and securely accessing corporate networks. While VPNs can enhance privacy by masking your IP address, they do not guarantee complete anonymity or protection from all security threats. Key factors to consider when selecting a VPN include the provider's claims, trustworthiness, and business model.
Vodafone GmbH has been fined €45 million ($51.4 million) by Germany's data protection authority for privacy and security violations, including fraud committed by employees of partner agencies and vulnerabilities in its authentication systems. The company has since revamped its processes, severed ties with fraudulent partners, and cooperated fully with the investigation. Vodafone has also donated to organizations focused on data protection and media literacy.
A new attack known as "pixnapping" has emerged, targeting Android devices by using pixel-stealing techniques to access sensitive information. This method allows attackers to manipulate the display output, potentially compromising user data without their knowledge. Users are advised to remain vigilant and update their security measures to protect against this threat.
Google announced that the Pixel 10 series will incorporate C2PA Content Credentials, enhancing digital media transparency by securely attaching provenance information to images captured with the Pixel Camera. This initiative aims to differentiate between AI-generated and non-AI content, ensuring user privacy and trust through robust security measures and unique certificates for each image. The Pixel 10 is the first to achieve Assurance Level 2 under the C2PA Conformance Program, making it a leader in secure media provenance on mobile devices.
Brave Software's browser will block Microsoft's Windows Recall feature from capturing screenshots of its windows by default to enhance user privacy. This decision follows criticism of Windows Recall for potentially exposing sensitive user data, and Brave aims to prevent browsing history from being inadvertently stored. Users can still enable Recall through Brave's settings if desired.
A significant data breach at the Australian Human Rights Commission has resulted in the exposure of personal information, raising concerns about data security and privacy. The incident highlights vulnerabilities in handling sensitive information and the potential risks to individuals affected by the breach.
Bugfish Nuke is a Windows tool designed for emergency data deletion, allowing users to securely erase sensitive files and system traces with customizable overwrite options. It features an advanced function to lock out system access by corrupting Windows login files, and includes user-friendly elements like customizable audio notifications during the deletion process. Users are warned against misuse and encouraged to comply with legal guidelines while using the tool.
The article reviews the cryptographic techniques employed by the Signal messaging app, highlighting its commitment to user privacy and security. It delves into the specific algorithms and protocols that underpin Signal's encryption, emphasizing the importance of robust cryptography in protecting user communications. Additionally, it discusses potential vulnerabilities and the app's response to security challenges.
Researchers have discovered a vulnerability in computer mice that allows attackers to eavesdrop on conversations by exploiting the way these devices communicate with computers. The technique, dubbed the "mic-e-mouse attack," highlights potential security risks associated with everyday peripherals, raising concerns about privacy and data protection.
Satellites have been found to expose unencrypted data, revealing sensitive information including phone calls and some military communications. This security vulnerability raises significant concerns about privacy and data protection in satellite communications.
An Italian businessman has reportedly had his phone targeted by Paragon spyware, raising concerns about privacy and security in digital communications. The incident highlights ongoing issues related to surveillance technology and its implications for individuals in business and politics.
The article discusses the recent controversy surrounding Proton Mail, specifically regarding the treatment of journalist accounts during a police investigation. It highlights concerns about user privacy and the implications for press freedoms, as well as the measures Proton Mail is taking to address these issues and improve its service for journalists.
Google is introducing a new security feature for Android devices that automatically reboots locked devices after three days of inactivity, enhancing protection against data extraction by forensic tools. This update aims to keep user data encrypted in the Before First Unlock (BFU) state for longer periods, complicating unauthorized access during forensic investigations. Users can obtain the update through the Google Play store, though it will be rolled out gradually.
A new malware, identified as CL-STA-0969, has been discovered that covertly installs itself on targeted systems, posing a significant threat to users' security and privacy. Researchers warn that this malware is capable of evading detection by traditional antivirus software, making it particularly dangerous. Users are advised to enhance their security measures to protect against this emerging threat.
Device fingerprinting creates a unique identifier for each device by collecting diverse signals from its hardware and software, which persists even after clearing browsing data. This technology is crucial for security applications such as bot detection, fraud prevention, and enhanced authentication, but it raises privacy concerns that necessitate responsible implementation and transparency.
The article discusses the security risks associated with AI browser agents like OpenAI's ChatGPT Atlas and Perplexity's Comet, which offer advanced web browsing capabilities but pose significant privacy threats. Cybersecurity experts warn of vulnerabilities, particularly prompt injection attacks, which can compromise user data and actions. While companies are developing safeguards, the risks remain substantial as these technologies gain popularity.
+ ai
security ✓
privacy ✓