Elsevier embeds a hash in the PDF metadata that is unique for each time a PDF is downloaded. Combined with access timestamps, they can uniquely identify the source of any shared PDFs.
https://social.coop/@jonny/107685726645817029
https://social.coop/@jonny/107685726645817029
social.coop
jonny (@jonny@social.coop)
Attached: 1 image
More fun publisher surveillance:
Elsevier embeds a hash in the PDF metadata that is *unique for each time a PDF is downloaded*, this is a diff between metadata from two of the same paper. Combined with access timestamps, they can uniquely…
More fun publisher surveillance:
Elsevier embeds a hash in the PDF metadata that is *unique for each time a PDF is downloaded*, this is a diff between metadata from two of the same paper. Combined with access timestamps, they can uniquely…
🤯72🤬35😘4❤2🔥2🥰1😍1🍌1🖕1
Pajeets have yet to prove they are a net benefit:
https://www.channelnewsasia.com/singapore/former-employee-hack-ncs-delete-virtual-servers-quality-testing-4402141
https://www.channelnewsasia.com/singapore/former-employee-hack-ncs-delete-virtual-servers-quality-testing-4402141
CNA
Fired employee accessed company’s computer 'test system' and deleted servers, causing it to lose S$918,000
The 39-year-old man, who was "confused and upset" after being fired, deleted 180 virtual servers from NCS' computer system.
😁111🌚26👍10🍌5👏2❤🔥1🥰1🍾1🖕1😭1👨💻1
Forwarded from #TBOT: Take Back Our Tech
⚡️Apple & Google WiFi Surveillance Can Track Death & Destruction
@takebackourtech
Chances are, if you’ve used Google Maps or Apple Maps, you’ve contributed to one of the biggest surveillance databases in the world.
Known for their accuracy, big tech maps can locate your phone within a few meters and even indoors.
No, these big tech maps aren’t using GPS - they’re using WPS or Wi-Fi positioning system.
These WPS systems collect millions of WiFi networks and tag them with locations.
Researchers in Maryland discovered through a flaw in Apple’s WPS that they could gather at least 2B (2 Billion) WiFi location points by requesting WiFi networks at random.
That’s enough points to cover the world’s populated areas, notably China was nearly empty except for a few thousand points. Looks like even the CCP can’t opt out of this surveillance.
We did the work for them.
When you use Google or Apple maps, your phone will send the nearby WiFi networks along with their signal strength to the WPS. The WPS will look up these networks in a database that has hundreds of millions of networks along with their location. The calculation is then performed on the server for Google location’s service, and on the phone for Apple location’s service - which sent a list of 400 additional WiFi points back.
And this is how you get a precise location for your phone. Any new WiFi networks you scanned are potentially added to the WPS databases.
Apple & Google have made their users the instrument of their surveillance.
And the things you can do with this surveillance are harrowing. The researchers were able to see how many WiFi access points went offline in Gaza due to the constant bombardment that caused the deaths of 40,000 civilians.
Similarly the researchers were able to see the damage from the August 2023 Maui fires, and the emigration of people from Ukraine to escape forced connoscription.
Apple, Google and any organization they choose to share this WiFi data will have incredible capabilities. Don’t worry though - because these companies care so much about privacy - they give you a way to opt out.
Solutions
Add _nomap to the end of your WiFi SSID (name), Google and Apple promise not to index Wifi networks ending with those names.
Turn off your WiFi network and use ethernet cable.
Read primary source material here.
Get the latest updates on our mailing list: Above Phone
Above Book: Learn about our privacy laptop: https://abovephone.com/book
Above Suite: Use our privacy services: https://abovephone.com/suite
#TBOT #AbovePhone #WiFi #Surveillance #Big_Tech
—
https://takebackourtech.org
✌️ MORE POSTS | 🗯 CHAT GROUP | 📩 NEWSLETTER
Follow 🫶 @takebackourtech
@takebackourtech
Chances are, if you’ve used Google Maps or Apple Maps, you’ve contributed to one of the biggest surveillance databases in the world.
Known for their accuracy, big tech maps can locate your phone within a few meters and even indoors.
No, these big tech maps aren’t using GPS - they’re using WPS or Wi-Fi positioning system.
These WPS systems collect millions of WiFi networks and tag them with locations.
Researchers in Maryland discovered through a flaw in Apple’s WPS that they could gather at least 2B (2 Billion) WiFi location points by requesting WiFi networks at random.
That’s enough points to cover the world’s populated areas, notably China was nearly empty except for a few thousand points. Looks like even the CCP can’t opt out of this surveillance.
We did the work for them.
When you use Google or Apple maps, your phone will send the nearby WiFi networks along with their signal strength to the WPS. The WPS will look up these networks in a database that has hundreds of millions of networks along with their location. The calculation is then performed on the server for Google location’s service, and on the phone for Apple location’s service - which sent a list of 400 additional WiFi points back.
And this is how you get a precise location for your phone. Any new WiFi networks you scanned are potentially added to the WPS databases.
Apple & Google have made their users the instrument of their surveillance.
And the things you can do with this surveillance are harrowing. The researchers were able to see how many WiFi access points went offline in Gaza due to the constant bombardment that caused the deaths of 40,000 civilians.
Similarly the researchers were able to see the damage from the August 2023 Maui fires, and the emigration of people from Ukraine to escape forced connoscription.
Apple, Google and any organization they choose to share this WiFi data will have incredible capabilities. Don’t worry though - because these companies care so much about privacy - they give you a way to opt out.
Solutions
Add _nomap to the end of your WiFi SSID (name), Google and Apple promise not to index Wifi networks ending with those names.
Turn off your WiFi network and use ethernet cable.
Read primary source material here.
Get the latest updates on our mailing list: Above Phone
Above Book: Learn about our privacy laptop: https://abovephone.com/book
Above Suite: Use our privacy services: https://abovephone.com/suite
#TBOT #AbovePhone #WiFi #Surveillance #Big_Tech
—
https://takebackourtech.org
✌️ MORE POSTS | 🗯 CHAT GROUP | 📩 NEWSLETTER
Follow 🫶 @takebackourtech
Substack
Google & Apple Steal 2B+ Wifi Access Points
Chances are, if you’ve used Google Maps or Apple Maps, you’ve contributed to one of the biggest surveillance databases in the world.
👍47🤯21⚡6🤡5✍1❤1😁1
Another Windows L
https://www.forbes.com/sites/daveywinder/2024/06/14/new-wi-fi-takeover-attack-all-windows-users-warned-to-update-now/
https://www.forbes.com/sites/daveywinder/2024/06/14/new-wi-fi-takeover-attack-all-windows-users-warned-to-update-now/
Forbes
New Wi-Fi Takeover Attack—All Windows Users Warned To Update Now
Microsoft has released a critical security update for users of all supported Windows versions as a new Wi-Fi compromise requiring no authentication has been confirmed.
🤣58🔥8🥱7🍌4🤯2
tl;dw: XAVER (Range-R is the older one) doesn't see through metal buildings or walls lined with foil. It does see through brick and wood.
Let's be real: if you don't have at least a Faraday room by now, you're ngmi.
https://www.youtube.com/watch?v=ZfvmdX631Gc
Let's be real: if you don't have at least a Faraday room by now, you're ngmi.
https://www.youtube.com/watch?v=ZfvmdX631Gc
YouTube
How to Stop Cops From "Seeing Through Walls" to Spy on Your Home!
Can Cops See Through The Walls Of Your Home to Spy On YOU? Is This Legal? In this video, we break down new technology that allows police to see through the walls of your home and other buildings to conduct criminal investigations and how they have been able…
😱43💊18🔥8🥴8😁3🥰1👏1🥱1🍌1
Privacy & Security Goys
Once again, it seems like counter-semites are the only ones who care about privacy and protecting civil liberties. I didn't see anyone else criticizing the Mossad-backed biometrics collection agency.
AU10TIX responsible for leaked driver's licenses
The Israeli company alleges employee credentials were compromised 18 months ago but have since been rescinded. A security researcher confirmed the credentials still worked as of this month.
Sloppy job, Mossad.
https://archive.is/oI11L
The Israeli company alleges employee credentials were compromised 18 months ago but have since been rescinded. A security researcher confirmed the credentials still worked as of this month.
Sloppy job, Mossad.
https://archive.is/oI11L
👍52🥴16🤔7🍌4🤬2
Forwarded from New Right News
💬 Prosecutors will say in secret whether they used controversial spying tool against neo-Nazi accused in Baltimore power grid plot
Federal prosecutors said they are willing to disclose whether they used a controversial surveillance program to foil a Florida neo-Nazi leader’s alleged plot to attack Baltimore’s power grid last year, but will only do so in secret, during a classified meeting with the judge handling the case.
📌 The Baltimore Sun
✅ New Right News
Federal prosecutors said they are willing to disclose whether they used a controversial surveillance program to foil a Florida neo-Nazi leader’s alleged plot to attack Baltimore’s power grid last year, but will only do so in secret, during a classified meeting with the judge handling the case.
📌 The Baltimore Sun
✅ New Right News
🤡91🤔3👍2🍌2😡2❤1👎1😁1
Forwarded from Privacy & Security Goys
For a myriad of reasons, we have created a new channel: @PrivSecGoys
For those unwilling to make the trip, our original channel will continue to exist, and we will forward new posts to it for the foreseeable future.
For those unwilling to make the trip, our original channel will continue to exist, and we will forward new posts to it for the foreseeable future.
👍36🤔17🤨6🍌3🤡2👎1
Forwarded from Privacy & Security Goys
📢 💎 GEM ALERT ⚠️
Check out AgencyInt for a treasure trove of information curated by a couple of misanthropes we know.
Check out AgencyInt for a treasure trove of information curated by a couple of misanthropes we know.
🤨40🔥7🤡5✍3👏3🤔2
Forwarded from cRyPtHoN™ INFOSEC (EN)
regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server
The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387.
The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk. This race condition affects sshd in its default configuration.
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387.
The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk. This race condition affects sshd in its default configuration.
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
🥴11🖕6✍4👀4🍌3👍2🤡2
Forwarded from Privacy & Security Goys
I don’t want to neg open source since it is the best, but blindly assuming something is safe and not jewware because it is open source is a cope.
“But you can audit the code.”
Sure. Will you? If you even had the time to read 1.2 million lines, do you know what they all say? And will you get it done before the next update?
“But you can audit the code.”
Sure. Will you? If you even had the time to read 1.2 million lines, do you know what they all say? And will you get it done before the next update?
💯105👍15👏6💋4🍌1
Forwarded from Privacy & Security Goys
As we've said before, systemd is a highly complex backdoor.
Pardon the minor edit in the second image; anon's original analogy was needlessly sexual.
Pardon the minor edit in the second image; anon's original analogy was needlessly sexual.
🤣46🔥9👍7❤3🤔2🌭2🤡1🍌1
Forwarded from cKure Red
This media is not supported in your browser
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
👍48🔥16🤯9💯2🍌2❤1
Forwarded from Privacy & Security Goys
Signal stores data locally; most of it is unencrypted and accessible by any app
https://fxtwitter.com/mysk_co/status/1809287118235070662
https://fxtwitter.com/mysk_co/status/1809287118235070662
FxTwitter / FixupX
Mysk 🇨🇦🇩🇪 (@mysk_co)
TL;DR: Don't install @signalapp for macOS, it is not secure.
I carried out this small experiment:
- I wrote a simple Python noscript that copies the directory of Signal's local storage to another location (to mimic a malicious noscript or app)
- I ran the noscript…
I carried out this small experiment:
- I wrote a simple Python noscript that copies the directory of Signal's local storage to another location (to mimic a malicious noscript or app)
- I ran the noscript…
😱42😁13🤡9🤣5👀5🍌4👍2