Privacy

Paywall-free: https://archive.is/8wl6n

Original question by: @monovergent@lemmy.ml

In the absence of privacy-focused ROMs for my tablet, I settled on flashing an AOSP GSI without Google apps. TrebleDroid to be specific, which is essentially vanilla AOSP, but with some additional drivers to maximize compatibility. Compared to privacy-focused ROMs like GrapheneOS, what exactly does AOSP send back to Google?

cross-posted from: https://lemmy.sdf.org/post/35554000

Archived

[...]

Chinese hackers targeted the Czech Foreign Ministry in a sophisticated cyberattack that lasted more than a year, the government said Tuesday, formally blaming Beijing for infiltrating one of the country’s most sensitive communication systems.

[...]

Foreign Minister Jan Lipavský summoned the Chinese ambassador to Prague, Feng Biao, on Tuesday morning to formally protest the cyberattack. He said the ministry’s system had long suffered from outdated technology and security flaws, which made the breach possible.

[...]

This cyberattack didn’t expose personal data but shows ongoing risks to [...] security. Outdated systems leave sensitive government info vulnerable, which could affect national security and public services. Cooperation with NATO, the EU, and allies aims to prevent future attacks and protect services like passports and healthcare. While your data wasn’t at risk this time, the breach highlights the growing need for strong cybersecurity to keep information safe.

Thousands of home and small office routers manufactured by Asus are being infected with a stealthy backdoor that can survive reboots and firmware updates in an attack by a nation-state or another well-resourced threat actor, researchers said.

The unknown attackers gain access to the devices by exploiting now-patched vulnerabilities, some of which have never been tracked through the internationally recognized CVE system. After gaining unauthorized administrative control of the devices, the threat actor installs a public encryption key for access to the device through SSH. From then on, anyone with the private key can automatically log in to the device with administrative system rights.

Durable control

“‍The attacker’s access survives both reboots and firmware updates, giving them durable control over affected devices,” researchers from security firm GreyNoise reported Wednesday. “The attacker maintains long-term access without dropping malware or leaving obvious traces by chaining authentication bypasses, exploiting a known vulnerability, and abusing legitimate configuration features.”

Paywall Bypass Link: https://archive.is/PMBkE

Support for Windows 10 ends on October 14, 2025. Microsoft wants you to buy a new computer. But what if you could make your current one fast and secure again?

If you bought your computer after 2010, there's most likely no reason to throw it out. By just installing an up-to-date Linux operating system you can keep using it for years to come.

Installing an operating system may sound difficult, but you don't have to do it alone. With any luck, there are people in your area ready to help!

5 Reasons to upgrade your old computer to Linux:

1. No New Hardware, No Licensing Costs
2. Enhanced Privacy
3. Good For The Planet
4. Community & Professional Support
5. Better User Control

OC by: @tobi_tensei@lemmy.ml

Hi ,

Lately, I’ve been working on a small project called deaddrop.space. I’m posting it here because I thought it might be handy to those who care about privacy and control over their data.

It’s a secure, anonymous file-sharing platform built to prioritize privacy, control, and simplicity. Unlike typical services that ask you to sign up, verify emails, or accept endless terms, DeadDrop lets you upload and share files — no accounts, no tracking, no nonsense.

Here’s how it works:

• You upload a file, set a name, password, expiry date, and max number of downloads.
• To share it, just provide the recipient with the name and password (or a direct link).
• Files are encrypted in the browser using AES-256 before they ever leave your device.
• No raw files or passwords are sent to the server — it's zero-knowledge encryption.

That means even I, the creator, can’t decrypt or access the files.

BTW, it is open source : >https://github.com/Rayid-Ashraf/deaddrop

Would love to hear what you all think — feedback and suggestions are welcome!

The European Comission is looking for feedback on forcing retention of metadata from all communication services for "a reasonable period of time", for purposes of criminal investigation!

Which means encrypted messaging without a backdoor would be illegal if this passes! That's a slippery slope!

That basically means an attacker with some skill could read any data from anyone (correct me if I'm wrong but I think you can infer the content from the metadata in 90% of cases)

For more detail on why it's bad, click the link below and read literally any feedback comment.

Go ahead and give some feedback! You can do so even if you are not an EU citizen!

https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/14680-Impact-assessment-on-retention-of-data-by-service-providers-for-criminal-proceedings-/_en
@soatok @echo_pbreyer @privacy @technology
#Europe #privacy #encryption

Most of you said you’d switch to Proton Mail for the privacy, even if it meant giving up some of the convenience of Gmail.

Archived URL (Wayback Machine) - Original URL (in case of Wayback Machine downtime)

A small portion of the article:

At the end of May, Meta will start using Europeans’ data to train its AI. Here is how you can exercise your rights and prevent it.

Instagram and Facebook users in Europe will soon have their data and posts used by parent company Meta to train its artificial intelligence (AI) models.

Europeans have until May 27 to restrict Meta from using their data, the date when the company will start using Europe’s data.