Sergey Shkundaleu @archit3ct@social.ssbx.dev
- WebSite
- https://sergey.iontec.co/
- GitHub
- https://github.com/sergshk
Admin
Experienced technology entrepreneur on the quest for ethics and privacy. Follow #punkprivacy tag to get regular privacy tips. You can also follow @ethiork account to get information about progress of Ethiork project that enables people to own their data and protect their privacy.
Joined Nov 2020
So it's inauguration day, how about article with some analysis on what to expect from incoming administration with regards to cyber warfare. What do you think?
Link:https://techletters.substack.com/p/techletters-insights-trumps-plans
Face recognition can be misused. This article has few stories providing examples and highlighting how dangerous it could be.
Link:https://www.eff.org/deeplinks/2025/01/police-use-face-recognition-continues-wrack-real-world-harms
Sergey Shkundaleu
boosted
I am very excited about this upcoming episode of The Phillip Wylie Show! It features @veracode cofounder and OG hacker Chris Wysopal. This episode drops on 01/20/2025.
This is quite concerning that AI chatbots are increasingly integrating advertisements. Companies like Microsoft are embedding sponsored content into chatbot conversations, utilizing personal data shared during interactions to target ads. This practice underscores the urgent need for robust data protection measures to safeguard user privacy.
Link:https://privacyinternational.org/long-read/5472/chatbots-adbots-sharing-your-thoughts-advertisers
#privacy #DataProtection
OS installation on a brand new hardware 2000 vs 2024:
2000:
- Windows - you spend 30 min going through setup wizard
- Linux - you spend a day looking for drivers and compiling kernel and eventually quit and install Windows
2024:
- Windows - you spend a day looking for proper NVME drivers and eventually quit and install Linux
- Linux - you spend 15 min going through setup wizard
Attack on privacy is often hidden behind some noble purpose, some purpose where public, in theory, would "buy-in" on being tracked. So here is an example where data broker touting themselves as helping law enforcement to collate information they collect off of mobile phones, but all in all what that is if not a surveillance. #privacy https://arstechnica.com/information-technology/2024/10/phone-tracking-tool-lets-government-agencies-follow-your-every-move/
Sergey Shkundaleu
boosted
Forrester's latest Wave report on Secure Communications Solutions evaluates the 12 top providers, including Element 🙌
We received the highest scores in six criteria: performance and resilience; innovation; post-quantum cryptography; customisation; assurance; and scalability.
Available now, download the report! https://try.element.io/forrester-wave-secure-communications-solutions-2024
In Forrester’s own words…
Are you still pixelating your images? Please don't! This is a reminder why! Post has been written in 2022 and "old news", however think about how far technology has gone in last 2 years. #cybersecurity https://thehackernews.com/2022/02/this-new-tool-can-retrieve-pixelated.html
That's a really awesome development, It looks like Swiss folks understand that open source would better fit governmental needs, at the end of the day when code is out there you at least can inspect it and take countermeasures if necessary. #OpenSource https://www.zdnet.com/article/switzerland-now-requires-all-government-software-to-be-open-source/
Sergey Shkundaleu
boosted
Ah yes, the privacy browser™ is now sending your location to AccuWeather every 30 minutes by default.
Edit: According to their support page it's proxied through Mozilla services. https://digipres.club/@ryanfb/113125332270103817
Has been quite a while since I heard a good thing coming from Mozilla.
I had been saying that listening to the microphone on your phone is not practical or scalable from a marketing point of view(while 100 % possible). My recommendation though has always been removal of social media apps from your phone. #punkprivacy However looks like at least one player brags about it, so maybe they were able to implement a process that yields good ROI and proves me wrong. Please remove unnecessary apps from your phone. https://futurism.com/the-byte/facebook-partner-phones-listening-microphone #privacy
Just remember when product is free and distributed by for profit commercial entity, they have to have a way to recoup their losses. In many cases you are the product, in some cases your data is the product that they sell, and in some cases they are straight out fraudsters.
https://www.bleepingcomputer.com/news/security/free-vpn-apps-on-google-play-turned-android-phones-into-proxies/
This is a good reminder of how important is real time continuous monitoring in a whole cybersecurity puzzle. It took 22 min after vulnerability was published for the bad guys to start exploiting it. #cybersecurity https://www.bleepingcomputer.com/news/security/hackers-use-poc-exploits-in-attacks-22-minutes-after-release/
Here is another example of vendor abandoning patching. From time to time businesses around the world would have to make those decisions based on simple economy, however I think it would have been honest from their perspective is to open source their code, so that community could fix it. Unfortunately that's not the case for any of the vendors, luckily people have choices there is OpenWRT which is an open source ecosystem for routers, and that model is supported.
https://www.howtogeek.com/d-link-dir-856-router-exposed-to-hackers/
While progress and shift to software defined everything is generally great, people need to be ready for that shift and be able to understand how to protect themselves from threat vectors associated with such shift. #cybersecurity
https://www.bleepingcomputer.com/news/security/sim-swappers-hijacking-phone-numbers-in-esim-attacks/
As I previously said any company, no mater how noble their intentions could have been, would have to follow procedures of the country where they have been incorporated, that's why I think the future of privacy is for people to be able to manage their own data . #ethiork #privacy
https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/
That is good to see that SEC charging bunch of players on the market for failures to follow their own incident report procedures. That's just another highlight of the value of cybersecurity in today's work, because that is what could move the market. #cybersecurity #SEC
https://www.sec.gov/newsroom/press-releases/2024-63
Another breach from a couple of months ago, and it's coming from effective monopolist in ticket sales, if you tried to buy tickets recently then mos likely you had to deal with enormous "fees" imposed by that player, so what do you think how much of those went into cybersecurity spending, probably not much if anything . #databreach #cybersecurity
https://www.abc.net.au/news/2024-05-30/ticketmaster-data-breach-how-to-check-if-you-have-been-hacked/103912494
With AI getting back to prime time with LLMs, everyone trying to get a hold of tech necessary to succeed and chip wars will continue for sure between different countries. #AI https://www.reuters.com/technology/former-asml-ceo-says-us-china-chip-fight-will-continue-2024-07-06/
I have no intention to continue reporting on data breaches, but that is just continue to pop up here and there, unfortunately companies does not want to walk their talk and it's not a technical problem it's cultural. #cybersecuity
https://www.bleepingcomputer.com/news/security/neiman-marcus-data-breach-31-million-email-addresses-found-exposed/
- WebSite
- https://sergey.iontec.co/
- GitHub
- https://github.com/sergshk
Admin
Experienced technology entrepreneur on the quest for ethics and privacy. Follow #punkprivacy tag to get regular privacy tips. You can also follow @ethiork account to get information about progress of Ethiork project that enables people to own their data and protect their privacy.
Joined Nov 2020
