Wild ass day in the Tor node operator world. Got an email from my VPS, forwarding a complaint from WatchDog CyberSecurity saying that my box was scanning SSH ports!

> Oh no, oh no, I knew I should have set up fail2ban, oh god why was I so lackadaisical!

So I remote in to the machine: no unusual network activity, no unusual processes, users, logins, command history, no sign that anything is doing anything I didn't tell it to do.

So what's up? Turns out there's been a widespread campaign where some actor is spoofing IPs to make it look like systems running Tor are scanning port 22: forum.torproject.org/t/tor-rel…

Operators from all over are saying they're getting nastygrams from their VPS providers because WatchDog is fingering their source IPs (which are being spoofed and NOT part of a global portscanning botnet).

@delroth did an amazing writeup of the whole thing here: delroth.net/posts/spoofed-mass…

#tor #infosec #cybersecurity #threatintel #privacy

[tor-relays] Tor relays source IPs spoofed to mass-scan port 22?

It would be hard to explain to Verizon I run Tor relays since they technically don't allow servers. I hope I'm not forced onto AT&T Internet Air as my particular co-op rental unit won't let met get Spectrum even when other units can, not that I wante…

^{Tor Project Forum}

#Mudita Kompakt: A minimalist E Ink® #phone for more life, less screen time, and fewer distractions. Essential features with clear UI and #privacy focus.

Source: kickstarter.com/projects/mudit…

No #Google apps onboard 👍

#news #smartphone #android #mobile #technology #cybersecurity

Encryption backdoors must never be allowed. To prove that Tuta Mail and Tuta Calendar are free from any backdoor, the entire client code is published as open source. Let's fight against mass surveillance! ✊

tuta.com/blog/why-a-backdoor-i…

#privacy #encryption #surveillance #backdoors

MAKE IT / GUIDE:

I2PD Browser Set Up Scripts Using SSH Key Authentication (utilizing 24/7 remotely hosted i2pd router)

#HumanRights #Linux #privacy #librewolf #bash #i2prouter #tech #i2pd #proxy #anonymous #anonymity #peertube #video #liberty #libre #freedom

tube.tchncs.de/w/1FuMqFWdBmYhz…

MAKE IT: I2PD Browser Tutorial

HOWTO: I2PD Browser Fully Automated Set Up. Starting With Installing I2PD On Any GNU / Linux Device. Use This For Anonymous / Internet Web Browsing (Clearnet), AND Anonymous / Invisible Internet Pr...

^tchncs

Sverige går verkligen baklänges när det gäller mänskliga rättigheter på så många sätt, inte minst i den digitala världen 🤬😑

"Grönt ljus för FRA att hacka mobiler och datorer"

dn.se/sverige/gront-ljus-for-f…

#fra #svpol #sverige #cybersec #itsec #infosec #chatcontrol #privacy #dataskydd

FRA kan få hacka mobiler och datorer

Försvarets radioanstalt, FRA, ska få ett tydligare lagstöd för att hacka sig in i datorer och mobiltelefoner, enligt en ny utredning.

^{Bo Torbjörn Ek (Dagens Nyheter)}

Just watching this about #PersonalData and #Privacy and #tech and #CorporateSocialMedia and, you know what? It turns out @aral is quite brilliant.

I won't, however, share any #youtube links, so here's an invidious link that seems to be still working.

inv.nadeko.net/watch?v=1rhzge9…

NextM Warsaw - Aral Balkan "Small Technology: the antidote to Big Tech"

^{NextM Warsaw | Invidious}

Are you using Microsoft Clarity? Are you collecting the appropriate consent from your visitors?

The TLDR: You need to place Clarity under the advertising category for consent due to the T&Cs of using Clarity.

beantin.net/microsoft-clarity-…

#analytics #research #ux #privacy

Microsoft Clarity and privacy

Are you using Clarity? Are you collecting the correct consent from your website visitors?

^{James Royal-Lawson (Beantin)}

#Matrix 2.0 Is Here!

matrix.org/blog/2024/10/29/mat…

#FOSS #privacy #cybersecurity #decentralization

Matrix 2.0 Is Here!

Matrix, the open protocol for secure decentralised communications

^{Matthew Hodgson (matrix.org)}

Never ending story about the #security of fitness app...

Source: thehindu.com/sci-tech/technolo…

#news #stava #cybersecurity #sports #Problem #Software #privacy #politics #fail #online #cloude #surveillance #bigdata #economy

Fitness app Strava gives away location of Biden, Trump and other leaders, French newspaper says

Le Monde reported that movements of some of the world’s most powerful leaders could be tracked online through a fitness app used by their bodyguards.

^{The Hindu}

The H and K project is a project to build a server that can be easily hosted in the basement or in another place in the house. For the basic services set up so far, #yunohost is used with #zola, #sogo and #gotosocial. Next, a #matrix server will be installed. It is currently still unclear whether it will be a full Synapse server, or one of the smaller alternatives. It is important that all data are stored in your own house without using servers of strangers on the Internet (AKA Cloud).

Based on this judgment https://www.datenschutzticker.de/2024/03/edsb-eu-kommission-därcht-datenschutz-microsoft-365/ there will probably be some need for such solutions in the foreseeable future. Smart users have already left the "cloud" or even better never used it.

A #RSS feed for these posts in the #fedverse is set up.

#Activitypub #mastodon #Selfhosted #privacy #SmartIT #HundK

^^^ Is a brilliant talk, tying together the issues of #climatechange #privacy, and #democracy.

@aral if you are going to be in Poland for a while, I would love to talk, or listen to another one of your talks. I live in Katowice.

I have lots of questions.

The gun industry launched a secret project in the late 1990s.

To elect gun-friendly politicians, manufacturers gave #political operatives sensitive, intimate information on their customers without their consent.

The story behind the #data sharing and its impact has never been revealed.

Until now.

#News #Guns #Privacy #Politics #Business

propublica.org/article/gunmake…

Iconic Gun-Makers Gave Sensitive Customer Information to Political Operatives

At least 10 gun industry businesses, including Glock, Smith & Wesson, Remington and Mossberg, secretly handed over names, addresses and other data to lobbyists, who used the details to rally firearm owners to elect pro-gun politicians.

^ProPublica

🔐 Sending a password-protected email to anyone is easy with Tuta Mail! 🔐

Check out our latest guide on how to send encrypted, password-protected emails here 👇👇👇
tuta.com/blog/how-to-password-…

#encryption #security #privacy #email

I've missed a couple of updates on here, but I'm back to announce the release of v0.22.0 of #FreeTube !

This is a fairly large release as this marks the release of our new video player. The migration from Video.js over to Shaka will allow us to support new features such as higher resolutions and better scrubbing in live videos.

Check out the full patch notes below. You can download the new release over on our website.

github.com/FreeTubeApp/FreeTub…

freetubeapp.io/#download

#opensource #privacy

Release v0.22.0 Beta · FreeTubeApp FreeTube · Discussion #5948

Summary Our Video Player has undergone a massive overhaul. We have switched from video.js to shaka-player. This allows us to add allot of new features and fix many issues. Notably, it's now possibl...

^GitHub

Freeradical.zone is a Mastodon server for people interested in infosec, privacy, technology, leftward politics, cats, dogs etc.

freeradical.zone

You can find out more at freeradical.zone or contact the admin @tek

#FeaturedServer #Infosec #Privacy #Tech #Technology #Mastodon #Fediverse #FreeFediverse

Free Radical

Infosec and privacy and technology and leftward politics and cats and dogs and...

^{Mastodon hosted on freeradical.zone}

@Tutanota I just realised that all the comments I have added to my contacts over the years, including family-related and medical important information, are gone...

github.com/tutao/tutanota/issu…

Bugs are becoming more common recently, and this one made me lose data. I'm quite disappointed.

#Email #OpenSource #FOSS #Security #Privacy

Lost all my contact comments on Android · Issue #7818 · tutao/tutanota

This is not a feature request (existing functionality does not work, not missing functionality). I will request features on forum or via support. I've searched and did not find a similar issue. Bug...

^GitHub

This is too scary, just in time for Halloween. Too bad it is for real...

Records everything you do and click on websites that have this enabled.

clarity.microsoft.com

#microsoft #clarity #privacy

Microsoft Clarity - Free Heatmaps & Session Recordings

Clarity is a free user behavior analytics tool that helps you understand how users are interacting with your website through session replays and heatmaps.

^{Microsoft Clarity}

#UnitedHealth says #ChangeHealthcare hack affects over 100 million, the largest-ever US #healthcare #DataBreach

techcrunch.com/2024/10/24/unit…

#privacy #cybersecurity

UnitedHealth says Change Healthcare hack affects over 100 million, the largest-ever US healthcare data breach | TechCrunch

UnitedHealth, the largest U.S. health insurance provider, blamed a Russia-based ransomware gang for the huge data breach of U.S. medical data.

^{Zack Whittaker (TechCrunch)}

NEW: Gun-Makers Gave Sensitive Customer Information to #Political Operatives
==
At least 10 #gun industry businesses, including Glock, Smith & Wesson, Remington and Mossberg, secretly handed over names, addresses and other data to lobbyists, who used the details to rally firearm owners to elect pro-gun politicians.

#News #Guns #Politics #Privacy #Government #Business

propublica.org/article/gunmake…

Iconic Gun-Makers Gave Sensitive Customer Information to Political Operatives

At least 10 gun industry businesses, including Glock, Smith & Wesson, Remington and Mossberg, secretly handed over names, addresses and other data to lobbyists, who used the details to rally firearm owners to elect pro-gun politicians.

^ProPublica

📷 #Germany has unleashed self-learning¹ AI camera systems on it's citizens.

AI + Mass Surveillance = Human Rights violations Made in Germany:
🇬🇧 madeindex.org/blog/ai-mass-sur…
🇩🇪 madeindex.org/de/ki-massenuebe…

Sources:
¹youtube.com/watch?v=IXQ_E6AZTX…

#Tech #Privacy #Government #Artificialintelligence #Software #IT #News #Mannheim #Deutschland #KI #MadeinGermany #HumanRights #Surveillance #kunstlicheintelligenz #uberwachung #AI #camera #regierung #nachrichten #georgeorwell #german #deutsch #BadenWurttemberg #parody