Far-reaching powers over Internet access are being rushed through.

Last minute amendments have been shoved into the UK Children’s Wellbeing and Schools Bill.

Ministers will be able to force anyone over 13 to use unsafe and unregulated age-ID services to access whatever content the government wants.

Find out more ⬇️

openrightsgroup.org/press-rele…

#ageverification #privacy #freedomofexpression #internet #ukpolitics #ukpol

13 year olds could be compelled to use unregulated age verification

Last minute amendments to the Children’s Wellbeing and Schools Bill will have huge implications for freedom of expression and privacy in the UK, Open Rights Group has warned.

^{Open Rights Group}

Do you have experience with any of these?

github.com/DavidHavoc/ToS-Read…

github.com/skamal23/ToS-Summar…

I'm interested in tools that highlight privacy invasive terms and conditions that are often hidden behind legal jargon or wrapped up in so much text that the end user is discouraged to actually read through the terms of service and/or the privacy policy.

GitHub - DavidHavoc/ToS-Reader-Summarizer: Summarize ToS and Highlight everything skecky

Summarize ToS and Highlight everything skecky. Contribute to DavidHavoc/ToS-Reader-Summarizer development by creating an account on GitHub.

^GitHub

They can't seem to help themselves with those internal memos 🤯:
"...reported that the company was considering adding facial recognition to its glasses. In an internal memo on the topic, a #Meta employee wrote that the timing to launch might be perfect: "We will launch during a dynamic political environment where many civil society groups that we would expect to attack us would have their resources focused on other concerns.""

businessinsider.com/meta-ray-b…

#Facebook #News #USA #US #privacy #tech

Meta Ray-Bans are fueling all kinds of bad behavior

Meta's Ray-Ban glasses are sparking a popular genre of video on social media: harassing store employees and random people.

^{Katie Notopoulos (Business Insider)}

(Although remember that nothing is private on Mastodon. Your private mentions/direct messages are not end-to-end encrypted so your instance admins – and anyone hosting a hammer to their knees – could be reading them all. If you want to talk privately, use Signal or Delta Chat. Never share sensitive information on “private” messages on Mastodon. That goes double for our friends in Gaza.)

#mastodon #fediverse #activityPub #privacy #encryption

Pentesters of the world, quit accidentally training ChatGPT on your boss API keys
A must needed Burp Suite extension to improve your privacy in the AI world

Just released #BurpAnonymizer, a Burp Suite extension that redacts PII, credentials, tokens and other sensitive data from HTTP requests/responses.

With one click, safely share requests and responses in reports, presentations, team reviews, or AI workflows, without exposing secrets and minimizing manual redactions.

🔗 Explore it here: github.com/sv1sjp/BurpAnonymiz…

#CyberSecurity #BurpSuite #AppSec #Privacy #SecurityTools #web PortSwigger

GitHub - sv1sjp/BurpAnonymizer: A Burp Suite extension that redacts PII, credentials, and other sensitive data from HTTP traffic with one click, enabling secure sharing of requests and responses in reports, team reviews, or AI workflows.

A Burp Suite extension that redacts PII, credentials, and other sensitive data from HTTP traffic with one click, enabling secure sharing of requests and responses in reports, team reviews, or AI wo...

^GitHub

https://www.bloomberg.com/news/articles/2026-03-23/apple-is-set-to-add-search-advertising-to-maps-in-services-push

Reddit CEO says facial verification may be introduced. Ostensibly to prevent bots.

But we all know how dangerous this can be. But most likely Reddit users will just accept it.

Although they have a great free analogue right under their noses - Lemmy. Which is many times better than its competitor.

I wish more people would discover Lemmy, but that's unlikely.

The platform I can trust ? When none of the current platforms I do trust have any cookies at all ? Or analytics?

I’ll stick with the Fediverse k? Thanks !

#Palantir extends reach into British state as it gets access to sensitive #FCA data | Palantir | The Guardian

What one Earth is the government thinking giving #PeterThiel and his cronies access to such sensitive data? Nothing good can come out of this.

theguardian.com/technology/202…

#UK #Politics #Privacy #DataProtection

Palantir extends reach into British state as it gets access to sensitive FCA data

Exclusive: Allowing US tech firm to analyse intelligence in name of tackling fraud raises fresh concerns over privacy

^{Robert Booth (The Guardian)}

cross-posted from: lemmy.today/post/49749386

If the video isn't working, try these links:
* cdn.videy.co/8f2f25e11.mp4
* streamable.com/0xj1ni (slightly better quality but only up for 2 days)

Clipped from full hour long video (around 49 minutes in): bitchute.com/video/jmhFAjqbxnQ

Europol report: europol.europa.eu/cms/sites/de…

haha “privacy and relevance.” You can’t put google in that list if the focus is on #privacy. Hell, given the recent revelations that google is rewriting headlines using AI, the definition of “relevance” is strained. Use google for search and you are just feeding AI slop to this AI spreadsheet. Compounded errors.

It will be a marvel if, after all the climate destroying AI emissions, it actually gets the right result.

i've just seen a comment in a post, in this very community, saying people trust signal because of missinformation (from what i could undertand).

if this is true, then i have a few questions:

-what menssaging app should i use for secure communications? i need an app that balances simplicity and security.

-how to explain it to my friends who use signal because i recomended?

-what this means for other apps in general?

cross-posted from: lemmy.ml/post/44781501

GrapheneOS will remain usable by anyone around the world without requiring personal information, identification or an account. GrapheneOS and our services will remain available internationally. If GrapheneOS devices can't be sold in a region due to their regulations, so be it.

A rogue #AI led to a serious security incident at #Meta

theverge.com/ai-artificial-int…

#cybersecurity #privacy

A rogue AI led to a serious security incident at Meta

Last week, an AI agent similar to OpenClaw triggered a high-severity security incident at Meta by independently giving inaccurate technical advice on an employee forum.

^{Stevie Bonifield (The Verge)}

The old headline of the article said it all:
"As #Meta removes #privacy controls, #TikTok explains why it never had any"

No idea why they changed it 🤔
-Guess even big #News have to suck up to the algorithms ✅

fortune.com/2026/03/17/tiktok-…

Your Instagram DMs are no longer encrypted: Meta is reversing course on privacy and removing end-to-end encryption from Instagra

Two of the world's most powerful platforms are making a deliberate bet that safety beats privacy—and experts say they're right.

^{Catherina Gioino (Fortune)}

Even State Department-funded Human Rights Watch admits that authorities combine legal and illegal methods to obtain convictions: text.hrw.org/report/2018/01/09…

Combining dragnet surveillance with device hacking is intended in the design of both tools. Hence, State Department-funded Signal dupes you into handing over your identity as part of the population-centric mapping. In custody, your phone will be hacked when it is taken away if it's important.

xcancel.com/hannahcrileyy/stat…

Mass surveillance is on the rise. License plate reader cameras & tools meant for safety can also put people at risk, including those seeking reproductive health care or those targeted by ICE.

On the Future Knowledge #podcast, Cindy Cohn talks with Rainey Reitman about digital safety, surveillance, and why protecting yourself online matters.

🎧 Listen & subscribe ⬇️
futureknowledge.transistor.fm/…

@eff @internetarchive #Privacy #DigitalRights

Not really a review more just a recommendation for those who might be interested.

Developed by the wonderful folks at Kagi Search! On IOS and Mac the app is designed off WebKit. And offers built in ad block and pretty strong telemetry block.

It also works with certain Chrome extensions.

I’ve been using it primarily on IOS. My only two gripes is the cookie clear on close doesn’t work and the logo really is just another butthole.

Certain sites freak out but I don’t want to lower the settings so it’s a compromise im ok with it.

If your on IOS might be worth checking out !

Haven’t tried the Linux version but I’m going to soon.

cross-posted from: lemmus.org/post/20954019

Reddit.

Source: Intelligence Committee’s annual Worldwide Threats hearing, question by Senator Ron Wyden.

Clip by Headquarters News.

North Korean's 100k fake IT workers net $500M a year for Kim

theregister.com/2026/03/18/res…

#tech #technology #news #technews #security #privacy #politics #northkorea

North Korea's 100,000-strong fake IT worker army rake in $500M a year for Kim Jong Un

: Researchers map full org chart of the scam from dodgy recruiters to helpful Western collaborators

^{Dan Robinson (The Register)}

#introduction

Hi Mastodon 👋

We're Node Star — a publishing and community project building neighborhood mesh networks in Southern California and beyond.

We just published a free community playbook: "Own the Internet: Neighborhood Networks That Can't Be Shut Down."

Written for the person who wants to start, not the person who already knows how.

Download it free at
nodestar.net

Share it freely!

#MeshNetworking #DecentralizedWeb #EmergencyPreparedness #Web4 #FOSS #Privacy

Once again, I have to remind everyone the difference between a replacement and an alternative.

1. Yes, google is shit
2. That dosent mean /e/, iode, and the rest is automatically better than google.

That being said, the volla attestation API is once again a google replacement. Not an alternative, but a „google” with another name. They are still just as vulnerable to corruption, court orders, etc as google is. Its like throwing out your Alexa for spying, but instead buying another Alexa, but instead of Amazon it's nozama. Look people, instead of unsecured s3 bucket 3, I use unsecured S3 bucket 4 that I'm sending my data through via http. Me so smarty pants

Once again, volla and their attestation will become just as big and corrupt as google. It is the job of the software to be designed in a way that it can't be abused like google is abusing their G services. This is not given with volla attestation. There is already an implemented software. Its called android attestation.

Static + dynamic analysis of Signal's APK. The good news first: Signal is genuinely exceptional.

Rust core (libsignal_jni.so), post-quantum hybrid Double Ratchet (Kyber-1024 + X25519), Direct ByteBuffers with immediate zeroing after PIN/username hashing, Intel SGX attestation for SVR — MREnclave verification means even a compromised Signal server can't extract your PIN hash.

But two things stood out:

1. Firebase is always there. Google receives IP + notification timestamps regardless of message content. If you need metadata privacy, Signal still leaks presence data to Google's infrastructure.

2. Certificate revocation endpoints hit g.symcd.com in plaintext. An ISP or state-level observer can fingerprint Signal usage from DNS queries and HTTP traffic to those CAs — without touching message content.

Conclusion: strongest crypto engineering in consumer messaging. The attack surface isn't the cryptography. It's the operational dependencies.

Soon the full analysis

#infosec #AndroidSecurity #Signal #privacy #ReverseEngineering #postquantum #mobileforensics

This is such an important issue! All universities, institutions, citizens & responsible communicators should be using a "communications platform that is accessible to all citizens, without the need for an account; an independent network not subject to [monetisation &] censorship due to opaque algorithms or political bias."
Thanks for this clear explanation!

#Fediverse #privacy #PublicGood

https://www.techradar.com/vpn/vpn-privacy-security/russias-crackdown-on-vpns-reaches-new-heights-as-internet-restrictions-intensify

The news first came in 2024, but it's been very quiet since.

I've been waiting this whole time to jettison WhatsApp from my phone.

Is it available only in some parts of the world? If so can I spoof it?

We know that adversarial interoperability works, so why have we not been able to make this work?

All else failing, are there any unofficial WhatsApp clients I can use to preserve my privacy?

Adversarial Interoperability

“Interoperability” is the act of making a new product or service work with an existing product or service: modern civilization depends on the standards and practices that allow you to put any dish into a dishwasher or any USB charger into any car’s c…

^{Electronic Frontier Foundation}

Sensitive content Reveal/hide

"The projects at the Office of Industry Partnership include automated surveillance in airports; adapters allowing agents to use phones for biometric scanning; and an AI platform that ingests all 911 call data nationally and builds 'geospatial heat maps' to 'predict incident trends', which appears to be a form of predictive policing." theguardian.com/us-news/2026/m…
#politics #USPol #privacy #surveillance

Hacked data shines light on homeland security’s AI surveillance ambitions

Records show DHS tech incubator spending large sums on partnerships that would expand surveillance capabilities

^{Jason Wilson (The Guardian)}