Monthly Shaarli
February, 2017
L’agence de régulation des réseaux a interdit le jouet à la vente, et enjoint aux parents de détruire ceux que leurs enfants possèdent.
Epinglé à plusieurs reprises pour l’étendue des données collectées et analysées par son système d’exploitation, Microsoft a annoncé des modifications en janvier. Qui n’ont pas suffi à convaincre entièrement les gendarmes de la vie privée.
Un spot de 20 secondes toutes les deux minutes
Off-the-shelf spyware is often marketed towards jealous lovers to spy on their spouse.
sites-using-cloudflare - :broken_heart: List of domains using Cloudflare (potentially affected by the CloudBleed HTTPS traffic leak)
Reddit is being regularly manipulated by large financial services companies with fake accounts and fake upvotes via seemingly ordinary internet marketing agencies.
It’s safe to assume that Google, Yahoo, and other major Internet companies were not thrilled when the NSA began demanding that they hand over users’ da ...
A review/rant about the progress that free software wireless drivers (especially on Linux) have made over the recent years, as well as th...
I decided to start writing about the day-to-day obstacles we face at NEPA Fiber. Before I begin to make regular write ups on our progress, I feel it's necessary to explain the backstory of how it all began and where we are now. Why? The first time I put some
rsync.net offers secure cloud storage on an open standards platform for offsite backup and disaster recovery
Over the next 12–24 months — in other words, between 2018 and 2019 — how software developers are hired is going to change radically.
Breaking up with Microsoft may be tricky, but it can save you millions, according to those who have taken the plunge.
The city with the highest-profile Linux desktop projects is turning back to Windows, but the fate of Linux isn't tied to the PC anymore.
Signal-Android - A private messenger for Android.
Pretty much 100 percent of my generation is obsessed with Instagram. Unfortunately, I left the platform (sorry all) back in 2015. Simple reason, I am way too..
Lip service to the crucial function of the Fourth Estate is not enough to sustain it.
streisand - Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
Dutch House of Representatives passes dragnet surveillance bill
Man streams son's birth on Facebook Live - sees footage on Good Morning America.
En décembre dernier, Yahoo! faisait le point sur les mesures prises suite aux piratages massifs révélés ces derniers mois. La firme évoquait, à cette occasion, la fuite de code propriétaire et le blocage d'éventuels cookies contrefaits. Deux mois plus tard, l'exploitation de cette faille est confirmée : les utilisateurs touchés sont progressivement avertis.
Subgraph OS | Adversary Resistant Computing
Using Signal pseudonymously
A top life tip, there, from the Linux kernel chieftain
WireGuard: fast, modern, secure VPN tunnel
strongSwan is an Open Source IPsec-based VPN solution for Linux and other UNIX based operating systems implementing both the IKEv1 and IKEv2 key exchange protocols.
VIZIO, Inc., one of the world’s largest manufacturers and sellers of internet-connected “smart” televisions, has agreed to pay $2.2 million to settle charges by the Federal Trade Commission and the Office of the New Jersey Attorney General that it installed software on its TVs to collect viewing data on 11 million consumer TVs without consumers’ knowledge or consent.
I am now the owner of a new “smart” TV, which promises to deliver streaming multimedia content, games, apps, social media and Internet browsing. Oh, and TV too.
The only problem is that I’m now afraid to use it. You would be too — if you read through the 46-page privacy policy.
The amount of data this thing collects is staggering. It logs where, when, how and for how long you use the TV. It sets tracking cookies and beacons designed to detect “when you have viewed particular content or a particular email message.” It records “the apps you use, the websites you visit, and how you interact with content.” It ignores “do-not-track” requests as a considered matter of policy.
It also has a built-in camera — with facial recognition. The purpose is to provide “gesture control” for the TV and enable you to log in to a personalized account using your face. On the upside, the images are saved on the TV instead of uploaded to a corporate server. On the downside, the Internet connection makes the whole TV vulnerable to hackers who have demonstrated the ability to take complete control of the machine.
More troubling is the microphone. The TV boasts a “voice recognition” feature that allows viewers to control the screen with voice commands. But the service comes with a rather ominous warning: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.” Got that? Don’t say personal or sensitive stuff in front of the TV.
In this short essay, written for a symposium in the San Diego Law Review, Professor Daniel Solove examines the nothing to hide argument. When asked about gover
La capitale de la Bavière devrait décider la semaine prochaine d’abandonner les solutions logicielles en open-source déployées depuis 2004 auprès de ses 15 000 collaborateurs et de repasser sous Windows 10, au plus tard en 2021.
Un chercheur en sécurité russe a découvert une faille dans la synchronisation entre iCloud et Safari qui permettait de récupérer les historiques de navigation supprimés par l’utilisateur. Un comportement apparemment possible suite à une erreur de la part d’Apple, que le constructeur s’empresse actuellement de corriger.
La revue de presse de Jonas@framasoft, qui paraît quand il a le temps
L’entreprise souhaitait collecter les identifiants des téléphones portables des personnes passant à côté de ses panneaux publicitaires à La Défense. Le Conseil d’Etat le lui a interdit, en confirmant une décision de la CNIL.
Celles-ci disposaient déjà d’un certain nombre de données personnelles sur ces personnes, qui ont ainsi pu être couplées avec leurs habitudes télévisuelles afin de proposer des publicités ciblées, explique la FTC. « Vizio permettait aux régies publicitaires de tracer et de cibler ses clients à travers plusieurs appareils », souligne Lesley Fair. Ce qui signifie que les publicités ciblées pouvaient apparaître non seulement sur la télévision, mais aussi sur l’ordinateur, le téléphone ou la tablette du client.
The decentralized social world is on. It's been four years since the project was transferred to its community. Discover with us what we accomplished and where we'd like to go.
TL;DR: Facebook collects data about you in hundreds of ways, across numerous channels. It’s very hard to opt out, but by reading about what they collect, you can understand the risks of the platform and choose to be more restrictive with your Facebook usage.
"As any other social media website Twitter know a lot of things about you, thanks [to] metadata," a French security researcher known as X0rz wrote in a recent blog post. "Indeed, for a 140 characters message you will get A LOT of metadata—more than 20 times the size of the initial content you typed in! And guess what? Almost all of this metadata is accessible through the open Twitter API." To demonstrate that, X0rz wrote a Python script called tweets_analyzer, a command-line tool to tap into some of Twitter's vast metadata that may not be accessible from the standard client.
We are proud to announce that our TERES I laptop is complete. We have assembled units and now working on the software. The building instructions are uploaded here and you can see that it’s pr…
Over time more and more users published instructions on how to break Microsoft's habit of spying on their users, including for private users whose computers are not part of a company or enterprise domain. I was annoyed that this leads to manually clicking checkmarks on a graphical user interface or running confusing PowerShell scripts and merge several single rule-sets. With the webpage https://fix10.isleaked.com/ I had the idea to build a tool, which is easily extendable and configurable and can automate the process of reaching an adequate level of privacy on the press of a button.
Il y a toute une série de compléments ou d’alternatives : certains ajoutent le M de Microsoft pour faire GAFAM (mais ça ne règle presque rien). A aussi été créé un autre acronyme « NATU » (Netflix, Airbnb, Tesla, Uber). Mais pour être juste, il faudrait ajouter un autre acronyme, “BATX”, qui désigne les grandes entreprises chinoises, Baidu, Alibaba, Tencent et Xiaomi. Et comme on a oublié, il faudrait ajouter le S de Samsung. Ce qui donnerait par exemple GAFAMSNATUBATX.
L'effervescence à Barcelone est telle que Avast, la société bien connue pour ses logiciels antivirus et de sécurité, confirme que 22 000 caméras ont été reconnues comme "piratables" lors du Mobile World Congress. De quoi relancer la polémique sur les failles de sécurité présentes dans pléthores d'objets connectés et notamment les caméras de surveillance.
Il n’est pas rare de lire que Debian Stable est rapidement obsolète et de nous sortir les quelques versions de retard du noyau, de LibreOffice et du navigateur. Pourtant, rien ne nous empêche d’adopter des versions plus récentes et de tordre le cou à cette critique.
The e-retailer files a third lawsuit going after allegedly fraudulent reviewers, this time naming five new sites that promise glowing reviews.
Posted by Marc Stevens (CWI Amsterdam), Elie Bursztein (Google), Pierre Karpman (CWI Amsterdam), Ange Albertini (Google), Yarik Markov (Goog...
For some years, OpenWrt has arguably
been the most active router-oriented distribution.
Things changed in May of last year, though, when a group of OpenWrt
developers split off to form the competing
LEDE project. While the LEDE
developers have been busy, the project has yet to make its first release.
That situation is about to change, though, as evidenced by the LEDE v17.01.0-rc1 release candidate, which
came out on February 1.
You seem to imply the router you chose (Archer C7) only makes use of the ath9k driver, which is not the case for the 5GHz bands. Atheros 802.11ac chipsets use a driver (misleadingly) named ath10k. Ath10k is not a driver that has evolved from ath9k as the name suggests, it's a very different driver that needs a binary blob to work properly.
As a result, some of ath9k's makewififast patches cannot be implemented in ath10k. Some TP-Link routers use Atheros 802.11n chipsets and therefore ath9k exclusively. For those wanting to have a completely FOSS router with LEDE, I would recommend the model TL-WDR3600.
backintime - Back In Time - A simple backup tool for Linux
win-10-virtual-desktop-enhancer - An application that enhances the Windows 10 multiple desktops feature by adding additional keyboard shortcuts and support for multiple wallpapers.
Linux has serenely Linuxed on for over a quarter of a century now, against a steady tide of resistance from proprietary software.
The next version of Chrome, Chrome 57, will permanently enable the browser's DRM plugin and will not allow users to disable it. Users won't be able to disable the PDF viewer and the Native Client plugin either.
Le client officiel pour la surveillance OpenStreetMap
Initially used to improve the experience for visually impaired members of the Facebook community, the company’s Lumos computer vision platform is now powering image content search for all users. This means you can now search for images on Facebook with key words that describe the contents of …
The Los Angeles and Chicago police departments have acquired “dirt boxes” – military surveillance technology that can intercept data, calls and text messages from hundreds of cellphones simultaneou…
The firm also claims to have surveillance capabilities to extract data from 'many web accounts and apps'.
Researchers say hackers can use an insecure bluetooth device to listen and talk to a child.
Inside Apple's absurd lobbying strategy.
After exhausting our legal options, Riseup recently chose to comply with two sealed warrants from the FBI, rather than facing contempt of court (which would have resulted in jail time for Riseup birds and/or termination of the Riseup organization). The first concerned the public contact address for an international DDoS extortion ring. The second concerned an account using ransomware to extort money from people.
Extortion activities clearly violate both the letter and the spirit of the social contract we have with our users: We have your back so long as you are not pursuing exploitative, misogynist, racist, or bigoted agendas.
There was a “gag order” that prevented us from disclosing even the existence of these warrants until now. This was also the reason why we could not update our “Canary”.
A recent report says Samsung’s Internet-connected Smart TV might be listening in on your conversations and transmitting them to a third party via a voice control feature meant to change channels, adjust volume, browse apps and more.
Shane Harris of The Daily Beast noticed last week that the Smart TV’s privacy policy includes the following clause: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.”
The company confirmed to The Huffington Post that the feature does send voice control requests to a third party, which then searches for results and returns them to the user’s device. Samsung doesn’t store or sell the voice data, she said.
The Federal Trade Commission said Monday that Vizio used 11 million televisions to spy on its customers. The television maker agreed to pay $2.2 million to settle a case with the FTC and the New Jersey attorney general's office after the agencies accused it of secretly collecting — and selling — data about its customers' locations, demographics and viewing habits.
You may be loving your new Internet-connected television and its convenient voice-command feature—but did you know it’s recording everything you say and sending it to a third party?
Left: Samsung SmartTV privacy policy, warning users not to discuss personal info in front of their TV Right: 1984
Cette application, recommandée par le lanceur d’alerte Edward Snowden, permettait jusqu’ici des conversations écrites ou vocales chiffrées. Elle offre maintenant la possibilité de passer des appels vidéo sécurisés.
« Il n’existe aucun moyen de cesser d’être suivi en ligne. Aucun. »
Automatic backup of MBRs and partition tables during Ubuntu installation. Makes the Ubuntu installer safer.
Jusqu’à présent, les collectivités et les administrations françaises utilisaient en grande majorité des outils Microsoft, notamment Office et Sharepoint. Aujourd’hui, dans un souci d’économie et d’efficacité, elles sont sont invitées à passer à l’open source.
Avec mon ami et camarade designer Jérémie, « on en a gros ». Les politiques de surveillance citoyenne grandissent dans bon nombre de pays comme la France ou les États-Unis, les entreprises du numérique qui font reposer leur économie sur le profilage de notre identité, les nombreuses dérives liées à la sécurité sans parler de l’impuissance que nous avons à essayer de combattre tout cela… il fallait qu’on en parle ! Ajoutons à cela que Jérémie et moi avons depuis bien longtemps une passion pour les cultures numériques comme l’univers cyber-punk dans la littérature, la figure du hacker au cinéma ou encore les débuts rocambolesques du phreaking, sans oublier l’actualité du chiffrement. Ça nous plait, ça nous anime, et parfois le mythe rejoint la réalité.
Consumers have bought more than 11 million internet-connected Vizio televisions since 2010. But according to a complaint filed by the FTC and the New Jersey Attorney General, consumers didn’t know that while they were watching their TVs, Vizio was watching them. The lawsuit challenges the company’s tracking practices and offers insights into how established consumer protection principles apply to smart technology.
Prior research has established the phenomenon of the ‘Chilling Effect’ where people constrain the self they present online due to peer-to-peer surveillance on Social Network Sites (SNS). However currently uninvestigated is the possibility that the threat of such surveillance on these sites might constrain the self presented offline in ‘reality’, known here as ‘the extended chilling effect’. The purpose of this study is to examine the existence of this ‘extended chilling effect’. Drawing on theories of self-awareness and self-presentation, the impact of surveillance in SNS is theorized to lead to an awareness of online audiences in offline domains, stimulating a self-comparison process that results in impression management. A mixed methods study of semi-structured interviews (n = 28) and a 2 × 2 between-subjects experiment (n = 80), provides support for offline impression management in order to avoid an undesired image being projected to online audiences. The novel finding that the chilling effect has extended highlights the potential dangers of online peer-to-peer surveillance for autonomy and freedom of expression in our offline lives.
LibreOffice 5.3 was released a few days ago, and it has several new nice features. The LibreOffice project provides a tarball for Ubuntu with the new version, that can be downloaded, extracted and …
By default, Windows sends a lot of your information to their servers sometimes without asking you to opt-in. Follow this guide to fix Windows 10 and restore your privacy.
Qwant est le petit moteur de recherche qui monte. Made in Europe, il se démarque en protégeant la vie privée de ses utilisateurs. La Caisse des dépôts entre à son capital ce jeudi.
La récente attaque informatique dont a été victime le fabricant hongkongais VTech a semé le doute sur la sécurité des jouets connectés à Internet, en pleine période de fêtes.
E-mails, mots de passe et messages personnels auraient été hackés par plusieurs personnes.
Si Twitter, Facebook et Google ont assuré qu’ils ne participeraient pas à l’élaboration d’un tel fichier si l’administration Trump le leur demandait, ce n’est pas le cas d’autres entreprises qui collectent, analysent et vendent des données personnelles.
personal ramblings, noone cares about
Military's 'sock puppet' software creates fake online identities to spread pro-American propaganda
For a relatively small fee, you can snoop on someone’s messages, call logs, photos, and location from across the planet.
B4RN is a professionally designed fibre optic broadband network, registered as a non-profit community benefit society, and run by a dedicated local team with the support of landowners and volunteers. We offer 1,000Mbps FTTH broadband to every property in our coverage area within North West England, costing households only £30 per month.
A review/rant about the progress that free software wireless drivers (especially on Linux) have made over the recent years, as well as the current challenges that driver developers (and users) are facing. Felix Fietkau
borg - Deduplicating backup program with compression and authenticated encryption.
Whonix is a desktop operating system designed for advanced security and privacy. It realistically addresses attacks while maintaining usability. It makes online anonymity possible via fail-safe, automatic, and desktop-wide use of the Tor network. A heavily reconfigured Debian base is run inside multiple virtual machines, providing a substantial layer of protection from malware and IP leaks.
urh - Universal Radio Hacker: investigate wireless protocols like a boss
Une technologie mûre pour les futurs iPhone ?
Мобильный GPS-мониторинг OsMo - для смартфона. Android и iOS. Free mobile GPS-tracking OsMo
Ross Compton has been indicted on felony charges of aggravated arson and insurance fraud for allegedly starting the fire at his Middletown home.
Le Monde.fr version mobile - The NSA graph shows an average of 3 million data intercepts per day in France with peaks at almost 7 million on 24 December 2012 and 7 January 2013.
Man filmed his partner's labor, then sued TV companies that picked up the video.
Search giant modifies terms of service to specifically state ‘automated systems analyse your content’. By Samuel Gibbs
Mark Zuckerburg's manifesto offers a vision of social dystopia.
Le mouvement n'est pas nouveau, mais les résultats sont brutaux. Selon le dernier rapport de l'institut Gartner, 99,6 % des smartphones vendus au quatrième trimestre 2016 tournaient soit sous Android, soit sous iOS. Autant dire que la concurrence à Google ou Apple sur le segment du mobile est aujourd'hui virtuellement inexistante.
A court ruling could make it difficult to trust U.S. tech companies with private information.
algo - 1-click IPSEC VPN in the Cloud
IKEv2-setup - Set up Ubuntu Server 16.10 as an IKEv2 VPN
Law enforcement agencies in cities nationwide have spent millions on sophisticated electronic surveillance devices. But there are few uniform rules on how they can be used.
The data generated when you watch television can reveal a lot about you and your household. So, before a company pulls up a chair next to you and starts taking careful notes on everything you watch (and then shares it with its partners), it should ask if that’s O.K. with you. VIZIO wasn’t doing that, and the FTC stepped in.
Consumers enjoy recommendations based on their television viewing habits (“viewers who watched Mr. Robot… may enjoy Fight Club”), but who else knows what you’re watching? The golden age of television has arrived with the golden age of television tracking. In 2016, virtually all television delivery systems – smart TVs, streaming devices, game consoles, apps, and even old-fashioned set top boxes – track consumers’ viewing habits, and sometimes in new and unexpected ways. Television and streaming device manufacturers, software developers, and the advertising industry are collaborating to learn more about what consumers are watching. These collaborations are allowing advertisers to precisely target consumers and better understand what ads are working. Consumers may even find advertisements based on their television viewing habits appearing on their phones and desktop browsers.
Samsung has confirmed that its "smart TV" sets are listening to customers' every word, and the company is warning customers not to speak about personal information while near the TV sets.
On n’en peut plus des applis ! Depuis longtemps déjà leur omniprésence est envahissante et nous en avons parlé ici et là. Comme le profit potentiel qu’elles représentent n’a pas diminué, leur harcèlement n’a fait qu’augmenter
Aujourd’hui un bref article attire notre attention sur les applications comme vecteurs d’attaques, dangereuses tant pour la vie privée que pour la vie professionnelle.
C'est une première en France, la ville de Nice expérimente la vidéosurveillance avec reconnaissance faciale. Christian Estrosi a présenté le projet dans la matinée de ce vendredi 15 avril.
Online tracking gets more accurate and harder to evade.
La revue de presse de Jonas@framasoft, qui paraît quand il a le temps. Épisode No 2
En 2014, l'association Framasoft a lancé une initiative planifiée sur trois ans pour Dégoogliser Internet : proposer une trentaine d’alternatives « Libres, Éthiques, Décentralisées et Solidaires » aux services des multinationales GAFAM (Google, Apple, Facebook, Amazon et Microsoft). Certains candidats à la présidentielle ont intégré cette thématique dans leur projet et parlent de logiciels libres.
L'équipe de campagne de Donald Trump a travaillé avec Cambridge Analytica, une entreprise qui peut identifier le profil des utilisateurs de Facebook avec une grande précision.
Researchers have found a way to connect the dots between people’s private online activity and their Twitter accounts—even for people who have never tweeted.
D'après l'étude menée par Imperva sur plus de 16,7 milliards de visites et 100 000 sites Internet, l'être humain ne génère que 48,2 % du trafic web. Le reste se partage donc entre les logiciels robots, bons mauvais.
Un hackeur affirme avoir détourné environ 150 000 imprimantes mal sécurisées et les avoir utilisées pour imprimer des messages humoristiques. Les différents messages imprimés mettent en garde les possesseurs des imprimantes, critiquent Donald Trump, disent qu’il faut économiser l’encre et sont pour certains illustrés par un petit robot dessiné à l’aide de caractères.
Je t’écris parce qu’après avoir trouvé le PC portable qui me convient, je me suis fait rembourser la licence de Windows 10 fournie avec lui. À l’époque je n’avais trouvé sur l’interweb que des retours d’expériences concernant des versions plus anciennes de Windows ; or, certaines choses ont changé, notamment la façon de préinstaller le système et sa clé de licence, et les procédures de l’époque ne s’appliquent donc plus telles quelles. Voici comment ça s’est passé.
Tweets metadata scraper & activity analyzer
Tristan Nitot déclare le lancement de la salle Décentralisation d’Internet nous parle des enjeux de la protection de la vie privée, en nous expliquant l’impact de la surveillance sur les citoyens, qui peuvent s’autocensurer de façon volontaire ou non.
Do It Yourself Open Source Haredware and Software Hacker's friendly Modular Laptop
This page is for good quality software on Windows, based on the contributions of /g/ users. This page is not for solidifying preferences or ideology; it is considered to be "value-free" and thus permitting of both reference to open source software and closed source software, for-profit and not-for-profit. This is not your soapbox, your ballot box, or pulpit. Stay constructive and avoid politics and arguments.