Skip to main content

Search

Items tagged with: Security


 

Android and iOS devices impacted by new sensor calibration attack | ZDNet

A new device fingerprinting technique can track Android and iOS devices across the Internet by using factory-set sensor calibration details that any app or website can obtain without special permissions.
#technology #mobile #Android #security

https://www.zdnet.com/article/android-and-ios-devices-impacted-by-new-sensor-calibration-attack/
Tags: #dandelíon

via dandelion* client (Source)


 
#Bluetooth 's Complexity Has Become a #Security Risk


 
Smartphones anhand ihrer Sensoren verfolgen
Über die Kalibrierungsdaten von Smartphone-Sensoren lässt sich eine eindeutige Tracking-ID erzeugen, die von Webseiten und Apps ausgelesen werden kann. Besonders gut klappte das Tracking mit Apple-Geräten.

https://www.golem.de/news/sensorid-smartphones-anhand-ihrer-sensoren-verfolgen-1905-141464.html
#News #Handy #Smartphones #Apple #Internet #Android #Google #Tracking #Security


 
Smartphones anhand ihrer Sensoren verfolgen
Über die Kalibrierungsdaten von Smartphone-Sensoren lässt sich eine eindeutige Tracking-ID erzeugen, die von Webseiten und Apps ausgelesen werden kann. Besonders gut klappte das Tracking mit Apple-Geräten.

https://www.golem.de/news/sensorid-smartphones-anhand-ihrer-sensoren-verfolgen-1905-141464.html
#News #Handy #Smartphones #Apple #Internet #Android #Google #Tracking #Security


 
Entwicklung: Github will Behebung von Sicherheitslücken vereinfachen #Github #Datensicherheit #Sicherheitslücke #Applikationen #OpenSource #Security #Softwareentwicklung


 
Europawahlen: Bundeszentrale will Wahl-O-Mat nachbessern #Tracking #CloudComputing #Cookies #Datenschutz #Datensicherheit #GoogleAnalytics #Google #Internet #Security


 

Securing #telnet connections with #stunnel - #Fedora Magazine


https://fedoramagazine.org/securing-telnet-connections-with-stunnel/

#GNU #Linux #Security
Securing telnet connections with stunnel


 
Google speicherte Passwörter teilweise im Klartext
Gleich zwei Fehler in Googles Angebot für Unternehmenskunden G Suite speicherten Passwörter im Klartext. Ein Fehler ist bereits 14 Jahre alt.

https://www.golem.de/news/g-suite-google-speicherte-passwoerter-teilweise-im-klartext-1905-141444.html
#Google #Datensicherheit #Passwort #Sicherheitslücke #Internet #Security


 
Google speicherte Passwörter teilweise im Klartext
Gleich zwei Fehler in Googles Angebot für Unternehmenskunden G Suite speicherten Passwörter im Klartext. Ein Fehler ist bereits 14 Jahre alt.

https://www.golem.de/news/g-suite-google-speicherte-passwoerter-teilweise-im-klartext-1905-141444.html
#Google #Datensicherheit #Passwort #Sicherheitslücke #Internet #Security


 
Fake #swpats on #security are nothing but #patenttrols fodder https://www.unifiedpatents.com/news/2019/4/23/unified-launches-cybersecurity-zone-to-combat-npe-activity #microsoft role: http://techrights.org/wiki/index.php/Finjan


 
Debian Security Advisory DSA-4449-1                   security@debian.org
[url=https://www.debian.org/security/]https://www.debian.org/security/[/url]                       Moritz Muehlenhoff
May 22, 2019                          [url=https://www.debian.org/security/faq]https://www.debian.org/security/faq[/url]
- -------------------------------------------------------------------------

Package     
... show more


 
Debian Security Advisory DSA-4449-1                   security@debian.org
[url=https://www.debian.org/security/]https://www.debian.org/security/[/url]                       Moritz Muehlenhoff
May 22, 2019                          [url=https://www.debian.org/security/faq]https://www.debian.org/security/faq[/url]
- -------------------------------------------------------------------------

Package        : ffmpeg
CVE ID         : CVE-2018-15822 CVE-2018-1999011 CVE-2019-9718
                 CVE-2019-11338

Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.

For the stable distribution (stretch), these problems have been fixed in
version 7:3.2.14-1~deb9u1.

We recommend that you upgrade your ffmpeg packages.

For the detailed security status of ffmpeg please refer to
its security tracker page at:


https://security-tracker.debian.org/tracker/ffmpeg

#ffmpeg #libav #Linux #Debian #Security


 

Android and iOS devices impacted by new sensor calibration attack | ZDNet

A new device fingerprinting technique can track Android and iOS devices across the Internet by using factory-set sensor calibration details that any app or website can obtain without special permissions.
#technology #mobile #Android #security

https://www.zdnet.com/article/android-and-ios-devices-impacted-by-new-sensor-calibration-attack/
Tags: #dandelíon

via dandelion* client (Source)


 
Moscow denounces reported US sanctions threat towards Ankara over its intention to buy Russia's missile defence system. #Security #Russia #Turkey #UnitedStates #MiddleEast


 
G Suite: Google speicherte Passwörter teilweise im Klartext #Google #Datensicherheit #Passwort #Sicherheitslücke #Internet #Security


 
Whelp. I guess this means it's time to announce shutting down #GSuite, then.

#Google #GooglePlus #Security


 

#Google: Notifying administrators about #unhashed #password storage


source: https://cloud.google.com/blog/products/g-suite/notifying-administrators-about-unhashed-password-storage
The #admin #console stored a copy of the unhashed password. This practice did not live up to our standards. To be clear, these passwords remained in our secure encrypted infrastructure. This issue has been fixed and we have seen no evidence of improper access to or misuse of the affected passwords.
#cloude #security #internet #news #Software #warning


 

Ultra-private Tor browser officially arrives on Android | Engadget

VPNs and incognito modes can help, but if you want to jump to a whole 'nother privacy level, there's the infamous Tor Browser. It has finally come out of beta and arrived on Android in a stable release, the Tor Project announced.
#technology #mobile #Android #privacy #security


 
Ну что, у нас подъехало очередное новое охуительное признание из мира крупного интернет бизнеса.
Сегодня утром один из хороших заказчиков прислал выдержку из только что полученног... show more


 
Care about #security? Pick #nextcloud as self-hosted solution. Because we care about security, too!

---
RT @ShieldedWeb@twitter.com
Good example of reliable Content Security Policy (CSP) implementation by @nextclouders https://www.immuniweb.com/websec/?id=N1gz6Agh&ts=1558035022 #infosec
https://twitter.com/ShieldedWeb/status/1129106904737820672
Image/Photo


 
Of course, Google will now shut down GSuite due to this leak. That's what it did to Google+ due to a leak, right? ;-)
It happened again: Google announced today that it's the latest tech giant to have accidentally stored user pas
... show more


 
Of course, Google will now shut down GSuite due to this leak. That's what it did to Google+ due to a leak, right? ;-)
It happened again: Google announced today that it's the latest tech giant to have accidentally stored user passwords unprotected in plaintext. G Suite users, pay attention.

Google says that the bug affected "a small percentage of G Suite users," meaning it does not impact individual consumer accounts, but does affect some business and corporate accounts, which have their own risks and sensitivities. The company typically stores passwords on its servers in a cryptographically scrambled state known as a hash. But a bug in G Suite's password recovery feature for administrators caused unprotected passwords to be stored in the infrastructure of a control panel, called the admin console. Google has disabled the features that contained the bug.
#... show more


 
The downside of having accurate sensors: they can be accurate enough to fingerprint you.
When you visit a website, your web browser provides a range of information to the website, including the name and version of your browser, screen size, fonts installed, and so on. Website authors can use this information to provide an improved user experience. Unfortunately this same information can also be used to track you. In particular, this information can be used to generate a distinctive signature, or device fingerprint, to identify you.
[...]
We have developed a new type of fingerprinting attack, the calibration fingerprinting attack. Our attack uses data gathered from the accelerometer, gyroscope and magnetometer sensors found in smartphones to construct a globally unique fingerprint. Our attack can be launched by any website you visit or any app you use on a vulnerable device without requiring any explicit confirmation or consent from you. The
... show more


 

#Intel Tried to #Bribe Dutch #University to Suppress Knowledge of #MDS #Vulnerability


source: https://www.techpowerup.com/255563/intel-tried-to-bribe-dutch-university-to-suppress-knowledge-of-mds-vulnerability
Dutch publication Nieuwe Rotterdamsche Courant reports that Intel offered to pay the researchers a USD $40,000 "reward" to allegedly get them to downplay the severity of the vulnerability, and backed their offer with an additional $80,000. The team politely refused both offers.
#crime #news #Technologie #cpu #security


 
Almost half the organizations are about to take their data back from the #cloud. Get the benefits of the cloud without the #security risks and self host your #nextcloud!
https://betanews.com/2019/05/14/cloud-personal-data-security/


 

#Intel Tried to #Bribe Dutch #University to Suppress Knowledge of #MDS #Vulnerability


source: https://www.techpowerup.com/255563/intel-tried-to-bribe-dutch-university-to-suppress-knowledge-of-mds-vulnerability
Dutch publication Nieuwe Rotterdamsche Courant reports that Intel offered to pay the researchers a USD $40,000 "reward" to allegedly get them to downplay the severity of the vulnerability, and backed their offer with an additional $80,000. The team politely refused both offers.
#crime #news #Technologie #cpu #security


 
Europawahlen: So einfach lassen sich alle Wahl-O-Mat-Ergebnisse anzeigen #Tracking #CloudComputing #Cookies #Datenschutz #Datensicherheit #GoogleAnalytics #Netzpolitik #Google #Internet #Security


 
Forget #Huawei , The #Internet Of Things Is The Real #Security Threat


 
Image/Photo
The US Military-Industrial Complex Is a Virus Eating Away at Actual American Military Power....It's concerned only with self-preservation and expansion, and perfectly happy to do so at the expense of actual US military effectivness
For a country that spends such vast sums on its national security apparatus—many times more than the enemies that supposedly threaten it do—the United States has a strangely invisible military establishment.
Military bases tend to be located far from major population centers. The Air Force’s vast missile fields, for instance, are hidden away in the plains of the northern Midwest. It is rare to see service uniforms on the streets of major cities, even Washington.

#USA #Military Industrial Complex #national #security #conspiracy #fraud #theft #disinformation #military
https://www.checkpointasia.net/the-us-military-industrial-complex-is-a-giant-malignant-virus-eating-away-at-americas-actual-military-power/


 

How the United States threatens our security


https://www.kowabit.de/how-the-united-states-threatens-our-security/

US is intensifying its economic war and dragging the rest of the world and us into it

#usa #China #Huawei #trade #TradeWar #technology #google #android #LineageOS #PureOS #Sailfish #UbuntuTouch #politics #security #aosp
How the United States threatens our security


 

Seven questions we still have about Huawei’s US blacklisting | The Verge

President Trump sent shockwaves throughout the tech industry last week with an executive order that declared a national emergency and barred American companies from doing business with companies deemed a national security risk. Days later, the effects have started to become apparent as companies from Google to Intel have taken action to comply, shutting Huawei out of supply chains and stopping it from using US software.

This development could have major, long-lasting repercussions for the entire tech industry, but there are still several questions without definite answers.
A few things have occurred to me:
1) If Huawei can't produce Android devices which can get all kinds of updates, then Google have effectively killed off one competitor to its Pixel line.

2) At the same time, Google have probably made a lot more enemies, given Huawei's position in the global market.

3) If this can happen to Huawei, it can possibly happen to... show more


 
Are there any VERIFIABLE sources that show Huawei has malware installed on their devices? I'm not being facetious, I really just don't see any articles or anything stating any facts here, just that Trump decided to say they (and other Chinese companies) are bad guys... I must be missing something, though.

I've heard the argument that these are Chinese companies and that technically Chinese government controls all Chinese companies... but I mean is there really any proof the Huawei has done anything? This all seems like yet another USA false flag tactic to me. The risk posed merely from a government POSSIBLY intervening in a company is the same risk posed by any US company. If the NSA subpoenas a US company to do something they do it and shut their mouths about it. This HAS been documented in the past.

#huawei #malware #FalseFlag... show more


 

Bluetooth's Complexity Has Become a Security Risk


HN Discussion: https://news.ycombinator.com/item?id=19956512
Posted by Elof (karma: 1945)
Post stats: Points: 119 - Comments: 72 - 2019-05-20T00:21:48Z

#HackerNews #become #bluetooths #complexity #has #risk #security
HackerNewsBot debug: Calculated post rank: 103 - Loop: 181 - Rank min: 100 - Author rank: 47


 

How the United States threatens our security


HN Discussion: https://news.ycombinator.com/item?id=19958899
Posted by kowabit (karma: 51)
Post stats: Points: 104 - Comments: 97 - 2019-05-20T10:13:55Z

#HackerNews #how #our #security #states #the #threatens #united
HackerNewsBot debug: Calculated post rank: 101 - Loop: 75 - Rank min: 100 - Author rank: 127
How the United States threatens our security


 
Europäische Union: Anti-Terror-Koordinator fordert Sicherheitslücken in 5G #5G #Datensicherheit #Mobilfunk #Sicherheitslücke #Telekommunikation #Security


 

Bluetooth's Complexity Has Become a Security Risk


HN Discussion: https://news.ycombinator.com/item?id=19956512
Posted by Elof (karma: 1945)
Post stats: Points: 119 - Comments: 72 - 2019-05-20T00:21:48Z

#HackerNews #become #bluetooths #complexity #has #risk #security
HackerNewsBot debug: Calculated post rank: 103 - Loop: 181 - Rank min: 100 - Author rank: 47