• Fo chevron_right

    How To Stop Facebook From Tracking You? (Off-Facebook Activity) / FossBytes · 2 days ago - 14:40 · 3 minutes

stop facebook tracking data privacy

Tech giants keeping tabs on users’ data is no surprise in today’s world. It’s a well-known fact that Facebook collects this data from its own as well as third-party apps. This third-party app tracking depends on the number of services signed up using Facebook login.

This article will discuss how Facebook collects your data, what kind of data it collects, and what it does with the same. Furthermore, we’ll also outline the steps you can take to disable Facebook from tracking your activities, prevent it from collecting your data, and restricting the “Off-Facebook Activity” feature.

What data is Facebook collecting and how?

The data hoarded by Facebook includes users’ screen time, which features they use, the number of times an app is opened, etc. On e-commerce apps, it knows a user’s purchase history, products wish-listed, contact and address, and more, as almost all of these apps have “Facebook Pixel” code on their website and mobile app.

What is Facebook Pixel?

Facebook Pixel is an analytics tool that tracks browsing behavior by capturing your identifier on the web. This captured data is then shared with Facebook, enabling it to show you “targeted ads.”

Off-Facebook Activity feature

Introduced this year, the “Off-Facebook Activity” summarizes every move performed by a user on an external app or website. Apps and websites using Facebook tools (Facebook login, share, FB pixel, etc.) share this data with Facebook.

Not to mention that Facebook loves to know everything about everyone, and you’re highly mistaken if you think banking apps will not share your data with Facebook.

Screenshots confirm data shared by banking apps with Facebook through its Off-Facebook Activity feature, which is surely alarming.

The tech giant claims that this collected summary of users’ web activity helps them sell accurate and targeted ads . In other words, the number of apps for which you’ve signed up through Facebook login to save your precious time, you “pay” for this convenience with your data.

What’s further concerning is the shadow profiling that Facebook does, collecting data of people who are not even on Facebook.

If you wish to protect yourself, you can take the steps mentioned in this article to limit the amount of data Facebook can collect from your account by disabling the Off-Facebook Activity feature.

How to Stop Facebook Tracking: Off-Facebook Activity

There are two ways through which you can limit data sharing –

1. Stop Tracking Using Facebook mobile app

Take these steps to limit the data shared by third-party apps to Facebook:

  1. Launch the Facebook app, click on the hamburger icon in the top right corner, and click on “Settings & Privacy.”
  2. Click on “Settings.”
  3. Scroll down and choose “Off-Facebook Activity.”
  4. Click on the triple dotted line in the top right corner of your screen and tap on “Manage Future Activity.”
  5. Toggle the “Future Off-Facebook Activity button off.”
    Toggle the button to off

2. Stop Facebook Tracking On Web Browser

Follow these steps on a web browser to disable the Off-Facebook Activity feature:

  1. Open Facebook and click on “Settings & Privacy” from the top right corner of your screen.
  2. Select “Settings.”
  3. Click on “Your Facebook Information” and then choose “Off-Facebook Activity.”
  4. Click on “Manage your Off-Facebook Activity.”
  5. Select “Manage Future Activity.”
  6. Turn the “Future Facebook Activity button” off.

Clarification from Facebook

As Facebook confirms, “We receive activity from businesses and organizations who use our business tools so that can better understand how their website, app, or ads are performing. We use your activity to show you relevant ads and to suggest things you might be interested in.”

Facebook claims to be using the data for personalized ads. Meanwhile, they do not have a good track record concerning data security and how they share users’ data with third-parties .

Moreover, as Facebook owns WhatsApp and Instagram, it is easier for the tech giant to further profile an individual. However, if you wish to completely stop Facebook from tracking you, the extreme approach would be to give up these three apps.

In light of the facts discussed in the article, we recommend that you disable the Off-Facebook Activity feature to limit the data shared with Facebook.

The post How To Stop Facebook From Tracking You? (Off-Facebook Activity) appeared first on Fossbytes .

  • Fo chevron_right

    Hola VPN Review: Why You Should Ignore The Free Version & Go For Hola VPN Premium / FossBytes · 2 days ago - 06:09 · 5 minutes

Hola VPN review

The internet is rife with VPNs and therefore it becomes important to choose one wisely. If you are in the market for a VPN service provider, chances are you might get befuddled by the sheer number of options available out there. While you can choose from the best VPNs that are rated highly amongst frequent users, there are other lesser-known options as well that could help you hide your digital footprint.

One such VPN is Hola VPN, which has received notorious reviews for its free version, and rightly so. If you are considering Hola VPN, we have all covered all the points that you must consider before investing your money in it. We used the VPN thoroughly, conducted speed tests, read through privacy policies and also tried unblocking geo-restricted websites.

Here is our comprehensive review of Hola VPN.

Let’s start with the basics.

Hola VPN: How Does It Work?

Before we jump into details, you must know that Hola VPN offers two different versions – a free one and a paid one (Hola Premium). Hola VPN is an Israel-based VPN service that offers its free services based on peer-to-peer technology (which is not a VPN per se) and a paid version which is VPN in the truest sense.

Unlike other best free VPNs that limit the bandwidth or number of servers, the Hola VPN free works on peer-to-peer technology and can be considered a proxy service at max. It means you share your bandwidth with others while using the Hola VPN free version. There are chances that other free users are using your IP address to browse the internet “anonymously”.

Hola advertises its browser extensions as “Hola Free VPN Proxy Unblocker – Best VPN” that uses split tunneling technology to unblock geo-restricted websites such as Netflix, Amazon Prime, HBO, and more.

Hola VPN Premium, on the other hand, is a proper VPN service albeit their website does not mention the encryption protocols used by the VPN service. There are around 1,000 VPN servers around the world (1,500 for Hola Ultra Advanced VPN users).

Hola VPN Speed & Performance

As is the case with all the VPNs, speed throttling is an unavoidable issue. Surprisingly, Hola VPN premium impressed me in this regard. In the speed tests I conducted over a couple of US and Europe based servers, the speed throttling was almost negligible and the ping rate was between the range of 40 and 100.

Therefore, I have no complaint regarding speed from Hola VPN Premium. Also, the user interface of the Hola VPN macOS app is friendly and you can connect to the VPN with just one click.

Hola VPN: Unlock Netflix, Amazon, Prime & More

If your primary aim behind buying a VPN (Psst! here’s a nifty VPN buying guide ) is to unblock Netflix, Amazon Prime catalogs of different countries and access websites that are blocked in your region, Hola VPN’s browser extensions are what you should go for.

Notably, Hola VPN browser extensions operate on standard VPN protocols and not peer-to-peer technology.

I successfully unblocked the US catalog of Netflix and Amazon Prime Video US. For free users, it is free to stream Netflix and other video streaming sites for 1 hour. However, you should understand that Hola VPN’s free version is more of a proxy owing to its peer-to-peer architecture therefore unblocking blocked websites is naturally the task it is good at.

Torrenting: A Strict No Go

However, if you’re buying Hola VPN for Torrenting, you’re simply wasting your money as Hola’s official website clearly mentions that they do not support torrenting. It says, “ The use of Bittorrent on our network is not allowed, and we are blocking Bittorrent traffic “.

Security & Logging Policy

This is where things start getting murkier. Hola VPN free can be called a cybersecurity’s antagonist. Besides routing your internet traffic through other peers instead of safe servers, Hola VPN also logs plenty of details from you, thus defeating the entire purpose of using a VPN.

If you’re using the free version of Hola VPN, it’s keeping a log of the following information from you:

  • Log data may include the following information – browser type, web pages you visit, time spent on those pages, access times, and dates.
  • Your personal information including your name, email address, and IP address. If you opt to sign up using a third-party account for instance your Google account, Hola will also keep a log of the information stored by Google.
  • If you’re signing up with a social media account, Hola is accessing your basic information including full name, home address, email address, birth date, profile picture, friends list, personal description, as well as any other information you made publicly available on such account.

Hola says the reason why it logs the personal information of users is that it can report any malicious activity to authorities. The website says, “Th ese measures are probably what make Hola the least attractive VPN for people with malicious or illegal intent to use. They much prefer the various other VPNs that promise not to keep logs “.

Hola Premium, however, has a strict no-log policy. If you are a premium customer, Hola will not store logs of your activity, including no logging of browsing history, traffic destination, data content, or DNS queries.

Interestingly, I had to manually turn on the “No logs” option in my Premium account as it was disabled by default.

To sum up, Hola VPN is intrusive and lacks a proper security mechanism to keep the privacy of its users intact. In fact, the free version mooches the IP address and bandwidth of users without informing them properly. Therefore, if you’re buying a VPN for cybersecurity, my best advice would be to steer clear of Hola VPN free. The paid version has all the features, you’d want in a good VPN therefore, your first choice should be Hola VPN Premium.

Hola VPN Pricing

Hola VPN offers a free service that works on peer-to-peer technology; it’s a proxy service and not a VPN. if you’re opting for the more-secure premium version, here are the prices of Hola VPN:

  • $2.99/mo for 3-year plan
  • $7.69/mo for the yearly plan
  • $14.99/mo for the monthly plan

Importantly, Hola does not support Bitcoin or other cryptocurrencies as a payment method.

Hola VPN Conclusion

Everything about Hola except its privacy policies and data logging mechanism is great and I understand how silly it sounds especially when we are talking about a VPN service. If you want a website unblocker, Hola VPN is a great option to go.

For privacy enthusiasts, it could be a nightmare owing to the fact that you’re sharing your bandwidth and IP address with another free user who might be a hacker.

Hola Premium does sound reliable and could be a strong contender for one of the best VPNs out there once Hola fixes the impending issues.

The post Hola VPN Review: Why You Should Ignore The Free Version & Go For Hola VPN Premium appeared first on Fossbytes .

  • Ga chevron_right

    Linux Kernel security to be boosted by Google funding developers / GamingOnLinux · Thursday, 25 February - 13:26 · 1 minute

Linux is pretty secure right? Well, like everything else, there are and have been problems. Google is aware of this and they use Linux for a lot and now they're providing funding to help boost Linux security.

Announced by the Linux Foundation funding had been provided to prioritize two full-time maintainers, Gustavo Silva and Nathan Chancellor, who will focus solely on Linux Kernel security development to ensure "the world's most pervasive open source software project is sustainable for decades to come".

Chancellor will currently be working on "triaging and fixing all bugs found with Clang/LLVM compilers while working on establishing continuous integration systems to support this work ongoing", whereas Silva will be "dedicated to eliminating several classes of buffer overflows by transforming all instances of zero-length and one-element arrays into flexible-array members, which is the preferred and least error-prone mechanism to declare such variable-length types". Both of them will be doing other important work after that too.

Security is always going to be a concern for such a large project, and while people who work on the Linux Kernel always think of it, issues can and do slip through. It's impossible not to though, when you consider that tens of thousands of people work with the kernel (over 20,000 according to the Linux Foundation!).

In an interview with The Register , Google's open-source security team lead Dan Lorenc mentioned plenty more detail and how they had been finding bugs "way faster than we can fix them" so it sounds like this will help a lot.

This is important to all of us of course, since we want Linux as a desktop operating system to be as secure as possible to play our favourite games on.

Article from - do not reproduce this article without permission. This RSS feed is intended for readers, not scrapers.
  • Fo chevron_right

    Kali Linux 2021.1 Released With New Features: How To Download Or Upgrade / FossBytes · Thursday, 25 February - 06:25 · 1 minute

Kali Linux 2021.1 Released With Command-Not-Found Package

Kali Linux ended last year with the release of v2020.4 . Its maker Offensive Security has now announced a new version, Kali Linux 2021.1, as the first release this year.

The latest version 2021.1 comes with enhancements to existing features, new hacking tools, and an updated core packages.

New Features In Kali Linux 2021.1

Starting with core components, v2021.1 has upgraded the Linux kernel to its latest long-term support version 5.10 and desktop environments Xfce and KDE Plasma to version 4.16 and 5.20 , respectively.

Tweaked GTK3 theme on Xfce 4.16 Tweaked GTK3 theme on Xfce 4.16

One of the highlight features of Kali Linux 2021.1 is the addition of command-not-found package by default.

The Command-Not-Found not only suggests you install a package when it’s not already installed, but also points out the typo error with the correct word and gives the original message of “command not found” for an invalid command that doesn’t exist in Kali.

Command-Not-Found Command-Not-Found

As you may know, in the previous version 2020.4, Kali Linux partnered with CrackMapExec (CME) tool author byt3bl33d3r.

To further extend the partnership and support with more tool authors, Kali is now teaming up with BC Security for exclusive early access to “ Empire ” ( powershell-empire ) and “ StarKiller ” and Joohoi for its Fuzz Faster U Fool ( ffuf ) tool.

As usual, the latest Kali version has also added more new tools (to the network repositories), such as Airgeddon, Arjun, Chisel, GitLeaks, DumpsterDiver, and HTTProbe.

Among other key updates, this is what Kali Linux 2021.1 has included:

  • Workarounds for several terminals ( mate-terminal , terminator , tmux , konsole , and tilix )
  • Upgraded BusyBox and Rucky tool to version 1.32.0 and 2.1
  • New boot-animation for Kali NetHunter
  • Preliminary support of Kali ARM for Parallels on Apple Silicon and Raspberry Pi 400’s wireless card

How To Download Or Upgrade To Kali 2021.1?

If you want to get your hands on all of the above-mentioned features, you can download the new Kali 2021.1 images available for several platforms from here .

Or, if you’re already using Kali Linux, you can easily upgrade your system to the latest v2021.1 by running commands:

$ echo "deb kali-rolling main non-free contrib" | sudo tee /etc/apt/sources.list

$ sudo apt update && sudo apt -y full-upgrade

$ [ -f /var/run/reboot-required ] && sudo reboot -f

The post Kali Linux 2021.1 Released With New Features: How To Download Or Upgrade appeared first on Fossbytes .

  • Ar chevron_right

    Android users now have an easy way to check the security of their passwords / ArsTechnica · Wednesday, 24 February - 12:52

Android users now have an easy way to check the security of their passwords

Enlarge (credit: Getty Images)

Google is adding its password checkup feature to Android, making the mobile OS the latest company offering to give users an easy way to check if the passcodes they’re using have been compromised.

Password Checkup works by checking credentials entered into apps against a list of billions of credentials compromised in the innumerable website breaches that have occurred in recent years. In the event there’s a match, users receive an alert, along with a prompt that can take them to Google’s password manager page , which offers a way to review the security of all saved credentials.

Alerts look like this:

Read 10 remaining paragraphs | Comments

  • Fo chevron_right

    Tor Explained: What is Tor? How Does It Work? Is It Illegal? / FossBytes · Tuesday, 23 February - 09:38 · 6 minutes

tor browser

What Is Tor?

The Onion Router or Tor is a network that enables a user to stay anonymous on the internet and get rid of any possible surveillance, user identification, or location tracking while using the internet. You can access the Tor network with the help of a modified Mozilla Firefox ESR web browser.

Tor allows a person to browse the web anonymously by veiling the actual identity of the user. It protects the user from any traffic analysis and network spying.

Tor is perhaps the most popular and secure option available for anonymous internet connectivity. To reduce the confusion, here we are talking about the Tor network, not the Tor web browser, which is used to access the same.

Who Created Tor?

Tor uses the principle of ‘Onion Routing,’ which was developed by Paul Syverson, Michael G. Reed, and David Goldschlag at the United States Naval Research Laboratory in 1990s. Further development was carried out under the financial roof of the Electronic Frontier Foundation (EFF).

Tor Project Inc. is a non-profit organization that currently maintains Tor and is responsible for its development. It has received funds from the US government primarily, and additional aid from the Swedish Government and different NGOs & individual sponsors.

How Does Tor Work?

Tor uses the concept of the ‘Onion Routing’ method in which the user data is first encrypted and then transferred through different relays present in the Tor network. Thus, it creates multi-layered encryption (layers like an onion) and a hard-to-follow path to keep the identity of the user safe. As a result, nobody can link your identity to any single point.

One encryption layer is decrypted at each successive Tor relay, and the remaining data is forwarded to any random relay until it reaches its destination server. For the destination server, the last Tor node/exit relay appears as the origin of the data. It is thus tough to trace the identity of the user or the server by any surveillance system acting as the middleman.

Other than providing anonymity to standalone users, Tor can also provide anonymity to websites and servers in the form of Tor Hidden Services. Also, P2P applications like BitTorrent can be configured to use the Tor network and download torrent files.

Also Read: How To Share Files Anonymously Using Tor’s Darknet And OnionShare?

Is using Tor illegal?

No. Tor browser and dark web aren’t illegal on their own. However, if you end up performing some illegal activity on the dark web using Tor, that’ll surely invite trouble. So, as always, we recommend that you use this technology to perform legal actions and enhance your privacy.

Tor And NSA Connection

The NSA whistle-blower Edward Snowden used Tor to leak information about PRISM to The Guardian and The Washington Post.

However, the story is not all good-good. Tor faces criticism for the reason that it acts as a medium for different illegal activities like data breaching, drug dealing, gambling, being home to dark web sites. Tor is also used by criminal minds to communicate over the internet while keeping their identity hidden, which makes it difficult for the security agencies to trace them.

The U.S. National Security Agency (NSA) has called Tor “the King of high secure, low latency Internet anonymity.” And it has received similar comments by BusinessWeek magazine, “perhaps the most effective means of defeating the online surveillance efforts of intelligence agencies around the world.”

Another speculation made is that Tor takes its funding from the U.S. Government, which may lead to the assumption that NSA may have compromised the identities of individual Tor users. However, Tor’s former executive director Andrew Lewman disclaimed any confederations with NSA.

Is Tor Browser Safe?

Various claims have been made about compromising Tor’s anonymity and security from time to time. The most famous one was the Bad Apple Attack, in which the researchers claimed to have identified around 10k IP addresses of active BitTorrent users who were connected via Tor.

The Heartbleed bug was behind another major compromise in April 2014, which halted the Tor network for several days.

Traffic Fingerprinting is a method used to analyze web traffic by analyzing the patterns, responses, and packets in a particular direction. This technique can be used to attack the Tor network by making the attacker’s computer act as the guard.

The main vulnerability was found at its exit points, where the level of security is very low as compared to the rest of the Tor network.

Also Read: TOR Anonymity: Things Not To Do While Using TOR

What is Tor “Browser”?

Tor Project Inc. has released Tor Browser , which is a modification of an Extended Support Release (ESR) version of the Mozilla Firefox browser. The browser is portable so that it can be used from external media and also reduces the hassel of installation.

Tor Browser removes the browsing history and cookies after every use, thus reducing the risk of any cookie tracking. We can set-up SOCKS (Socket Secure) based applications to use the Tor network by configuring them with a loop-back address.

It’s also known as the dark web browser since it lets users browse the so-called dark web sites that accessible on the regular web.

The Tor browser is available for various desktop operating systems, including Windows, Linux, and macOS. You can visit this link to download Tor Browser latest version for Windows, Linux, and macOS.

Tor 10.0.6 Tor 10.0.6

How to download and use Tor browser?

How to install Tor Browser on Windows 10/7/8?

  1. Run the Tor Browser setup.
  2. Choose your desired language.
  3. On the next window, choose the destination folder. Using Tor would be easy if you choose the Desktop as the destination.
  4. Click Install.

The Tor setup will create a folder named Tor Browser on your Desktop. Open the folder, and run the shortcut file to use the Tor Browser.

For Linux, you’ll have to extract the downloaded file, either using the command line or a file extractor application.

Tor Browser for Android

Tor Browser – official Tor app for Android

Orbot – a free proxy app with Tor for Android devices.

Orfox – a mobile version of Tor Browser for Android devices. (Discontinued)

The Guardian Project, a global developer community founded by Nathan Freitas, is to be credited for the development of Orfox.

Tor Browser for iOS

A Tor browser app for iOS created by Tor Project core contributor Mike Tigas.

Tor Alternatives

I2P and Freenet are other anonymity networks which can act as Tor alternatives. Also, Tails and Subgraph OS are Linux-based distributions with built-in Tor support. In the past, Hornet was also an anonymity network that provided higher network speeds compared to Tor.

To know more about these alternatives, please visit this link .

Should I Use Tor?

Tor has proved to be an excellent medium for safe, secure, and anonymous web presence available to a user at no cost. The developers of Tor didn’t intend it to become a hotbed of illegal activities, but evil-minded people have leveraged Tor for their benefits such as selling unlawful stuff on the dark websites. The Tor project has led to an optimistic approach towards censorship and surveillance-free internet.

You can use Tor if you want to conceal your identity on the web or access some websites that blocked in your region. But refrain yourself from doing anything that’s above the law because nothing is fool-proof, and they can still catch you. Also, accessing your social media accounts over Tor can expose your identity.

The post Tor Explained: What is Tor? How Does It Work? Is It Illegal? appeared first on Fossbytes .

  • Fo chevron_right

    First Malware Infecting Apple M1 Chip Appears: Here’s What We Know / FossBytes · Thursday, 18 February - 15:12 · 2 minutes

Apple M1 first malware

Several people claim with evangelical fervor that Mac devices are safer than Windows and a recent report by Malwarebytes also corroborates the claims. However, today, the first malware targeting Apple’s latest M1 SoCs has been spotted by security researchers. This could be a turning point for Apple, and we might see a different report next year because of it.

Here’s what we know so far about the first malware that could bring down your M1-powered Macbook:

GoSearch22: The Malicious Extension Posing Threat To Apple’s New M1 Chip

When Apple shifted to its own silicon and parted ways with Intel, it also moved away from Intel x86 architecture that has been used by developers to create apps for Macs since 2005. This move also allowed developers to integrate security features right into the processor, which wasn’t possible earlier. In order to run apps natively on M1-powered Macs, they have to be recompiled using Rosetta emulator . Now, they can develop applications that can run ‘natively’ on M1 processors without translating x86_64 (Intel) instructions into native arm64 instructions.

It seems that hackers have also engineered a technique to tailor malware for M1 chips using the transition.

Popular Mac security researcher Patrick Wardle has published a report on his website detailing the incredibly easy process of adapting and recompiling malware to run natively on the M1 chipset. He spotted a malicious Safari extension named “GoSearch22”, originally made to run on Intel x86 architecture, which has been re-engineered to run on the M1 processor.

According to Patrick, GoSearch22 belongs to the infamous Pirrit Mac adware family. It is known for its evading techniques to avoid detection by security researchers.

GoSearch22 extension looks like a normal extension but in the background, it collects all user data and also floods users with ads and popups that could lead to other malicious websites.

Patrick found in his research that the extension was signed with an Apple developer ID on November 23, 2020, but Apple has already revoked the certificate of the extension.

A Red Canary intelligence analyst, Tony Lambert says, “ Watching malware make the transition from Intel to M1 rapidly is concerning because security tools aren’t ready to deal with it .”

As per Patrick, GoSearch22 isn’t the only malware that has been adapted to run on Apple M1 chips, there are many more to come, and the threat detection tools need to gear up for forthcoming Apple M1 malware.

Source: Wired

The post First Malware Infecting Apple M1 Chip Appears: Here’s What We Know appeared first on Fossbytes .

  • Ga chevron_right

    LastPass Free to force users to choose between mobile or desktop... Seriously, use open source BitWarden instead!

    Danie van der Merwe · / gadgeteerza-tech-blog · Tuesday, 16 February - 17:39

The Free service is changing dramatically on March 16th, 2021, when LastPass will restrict free accounts to either a 'Computer' or 'Mobile' device platform simultaneously. For example, LastPass Free users will be able to use the service on their Android and iOS mobile devices simultaneously but not on computers or vice-versa.

Even the premium version of BitWarden is half the price of LastPass' Premium offering, and it does all it needs to do including generating of 2FA codes all built in. I exported my 900+ passwords from LastPass into BitWarden two years ago, and have never looked back.


#technology #security #passwords #lastpass #bitwarden