Jump to content


Security/privacy news


EraserheadX

Recommended Posts

Security Researchers Publish Ryzen Flaws, Gave AMD 24 hours Prior Notice

 

Πολύ ύπουλες οι τακτικές των researchers εδώ, προτεραιότητα τους να γίνει όσο περισσότερο θόρυβος γίνεται.

Mένει να δούμε πως θα το χειριστεί η AMD.

  • Like 1
Link to comment
Share on other sites

Ανεξάρτητα από το πόσο καλά τεκμηριωμένη είναι η έρευνά τους, η μία μέρα προειδοποίηση εγείρει μεγάλα θέματα. Θυμίζει λίγο την πολιτική δυσφήμισης της Intel σε εποχές Pentium 4...

Έγινε επεξεργασία από minast
Link to comment
Share on other sites

  • 2 weeks later...
On 4/1/2018 at 7:34 PM, everg77n said:

 

Ενα μερος της παρανοιας παντως ειναι δικαιολογημενο:

https://www.washingtonexaminer.com/washington-secrets/third-mexican-town-welcomes-migrant-caravan-400-miles-closer-to-us

Quote

the migrants are headed to the U.S. to “demand an end to the political corruption in their cities, and dignity and the right to asylum from Mexico and the United States.”

 

Link to comment
Share on other sites

https://techcrunch.com/2018/04/11/facebook-shadow-profiles-hearing-lujan-zuckerberg/

Επικος διαλογος:

Quote

Lujan: Facebook has detailed profiles on people who have never signed up for Facebook, yes or no?
Zuckerberg: Congressman, in general we collect data on people who have not signed up for Facebook for security purposes to prevent the kind of scraping you were just referring to [reverse searches based on public info like phone numbers].
Lujan: So these are called shadow profiles, is that what they've been referred to by some?
Zuckerberg: Congressman, I'm not, I'm not familiar with that.
Lujan: I'll refer to them as shadow profiles for today's hearing. On average, how many data points does Facebook have on each Facebook user?
Zuckerberg: I do not know off the top of my head.
Lujan: Do you know how many points of data Facebook has on the average non-Facebook user?
Zuckerberg: Congressman, I do not know off the top of my head but I can have our team get back to you afterward.
Lujan: It's been admitted by Facebook that you do collect data points on non-[Facebook users]. My question is, can someone who does not have a Facebook account opt out of Facebook's involuntary data collection?
Zuckerberg: Anyone can turn off and opt out of any data collection for ads, whether they use our services or not but in order to prevent people from scraping public information ... we need to know when someone is repeatedly trying to access our services.

 

Link to comment
Share on other sites

https://www.theverge.com/2018/4/18/17253784/google-domain-fronting-discontinued-signal-tor-vpn

 

Quote

App developers won’t be able to use Google to get around internet censorship anymore. The Google App Engine is discontinuing a practice called domain-fronting, which let services use Google’s network to get around state-level internet blocks.

 

Link to comment
Share on other sites

  • 2 weeks later...

https://www.buzzfeed.com/paulfarrell/australias-largest-bank-lost-the-personal-financial?utm_term=.tdmgg1zoL#.mslRRm71P

 

Quote

The Commonwealth Bank lost the personal financial histories of 12 million customers, and chose not to reveal the breach to consumers, in one of the largest financial services privacy breaches ever to occur in Australia.

 

  • Like 2
Link to comment
Share on other sites

  • 2 weeks later...

Attention PGP Users: New Vulnerabilities Require You To Take Action Now

 

Παράθεση

A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.

 

Και το σημερινό update:

Not So Pretty: What You Need to Know About E-Fail and the PGP Flaw

Παράθεση

A group of researchers released a paper today that describes a new class of serious vulnerabilities in PGP (including GPG), the most popular email encryption standard. The new paper includes a proof-of-concept exploit that can allow an attacker to use the victim’s own email client to decrypt previously acquired messages and return the decrypted content to the attacker without alerting the victim. The proof of concept is only one implementation of this new type of attack, and variants may follow in the coming days.

 

  • Like 3
Link to comment
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
On 2/6/2018 at 4:00 ΠΜ, το μέλος minast έγραψε:

Για όσους σκέφτονταν να πάρουν Tapplock one, αφήστε το καλύτερα :).

https://www.youtube.com/watch?v=RxM55DNS9CE

No2: Another flaw hits Tapplock smart locks, thanks to leaky server

  • Like 3
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Δημιουργία...

Important Information

Ο ιστότοπος theLab.gr χρησιμοποιεί cookies για να διασφαλίσει την καλύτερη εμπειρία σας κατά την περιήγηση. Μπορείτε να προσαρμόσετε τις ρυθμίσεις των cookies σας , διαφορετικά θα υποθέσουμε ότι είστε εντάξει για να συνεχίσετε.