Language Selection

English French German Italian Portuguese Spanish

Proprietary Software and Security

Filed under
Security

                           

  • Facebook Data Leak Scrutinized by Big Tech's Top EU Data Watchdog

                         

                           

    The Irish Data Protection Commission is trying to “establish the full facts” since the weekend and so far “received no proactive communication from Facebook,” the regulator said in a statement on its website on Tuesday. It said the tech company assured it that “it is giving highest priority to providing firm answers” to the authority.

                           

    Personal information on 533 million Facebook users reemerged on a hacker website for free on Saturday. The information included phone numbers and email address of users, the regulator said Tuesday. Facebook has said the data is old and was already reported on in 2019.

  •                    

  • How Facebook will benefit from its massive breach

                         

                           

    Facebook's surveillance data isn't that valuable, so it has to gather a lot of it. Most of its ad-tech advantage is just fraud: lying to advertisers about who saw its ads, lying to publishers about which kinds of content generate the most revenue.

                           

    https://pluralistic.net/2020/12/11/number-eight/#curse-of-bigness

                           

    The data advantage itself is very short-lived; for example, location data is highly prized by advertisers who want to show you an ad for shoes while you're outside a shoe-store. This value is annihilated as soon as you move somewhere else.

    Data isn't the new oil, it's the new oily rag: a low-grade waste-product that is only valuable when it is piled up in such vast quantities that it poses an existential, civilization-ending danger.

  • Are You One of the 533M People Who Got Facebooked?
  • Your Slack DMs aren’t as private as you think

    Is Slack good for actually getting your work done? That’s debatable. But the popular messaging platform — which boasted more than 12 million daily active users as of last year — is definitely a promising medium for employers, regulatory agencies, the government, and even hackers seeking a trove of data about a company and its workers. Even your coworkers could find out more about you than you might expect.

    The number of Slack messages your workplace might be able to access has actually grown as Slack has built out its workplace app. Last year, the company launched a new tool called Slack Connect, which allows different workplaces to share channels on the app. The company announced that the feature was expanded again last month, so anyone could send invitations to direct message to other Slack users — even if they work at another workplace (whether users can actually send and accept these invites depends on whether their workplace has put in restrictions). But just because you’re messaging someone at a different workplace doesn’t mean your boss couldn’t necessarily see the messages you send.

  • Apple Mail Zero-Click Security Vulnerability Allows Email Snooping

    According to Mikko Kenttälä, founder and CEO of SensorFu, exploitation of the bug could lead to unauthorized disclosure of sensitive information to a third party; the ability to modify a victim’s Mail configuration, including mail redirects which enables takeover of victim’s other accounts via password resets; and the ability to change the victim’s configuration so that the attack can propagate to correspondents in a worm-like fashion.

  • The UK Is Trying to Stop Facebook's End-to-End Encryption

    Patel will headline an April 19 roundtable organized by the National Society for the Prevention of Cruelty to Children (NSPCC), according to a draft invitation seen by WIRED. The event is set to be deeply critical of the encryption standard, which makes it harder for investigators and technology companies to monitor communications between people and detect child grooming or illicit content, including terror or child abuse imagery.

    End-to-end encryption works by securing communications between those involved in them—only the sender and receiver of messages can see what they say and platforms providing the technology cannot access the content of messages. The tech has been increasingly made standard in recent years with WhatsApp and Signal using end-to-end encryption by default to protect people’s privacy.

  • UK Politicians Getting Serious About Ending End-To-End Encryption

    Last week we noted that there was some fairly mixed up pressure mounting on UK politicians to block encryption from some confused charities which (falsely) thought that ending encryption would somehow protect children. We also noted that many of the politicians pushing to end encryption... were using encrypted messaging themselves in an effort to dodge public records requests.

  • Australian Government Proposes Stripping Internet Users Of Their Anonymity

    I thought we had put this sort of idiocy behind us, but I see it's back again. In 2011, some German politicians suggested the country's youths be required to obtain some sort of internet driver's license following a party that got out of hand after a private Facebook invite was accidentally made public. Somehow, obtaining an ID to use social media services would prevent this from happening in the future, but officials were extremely light on details.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.