close
    • chevron_right

      Federal government could pay millions in compensation over asylum seeker data breach

      news.movim.eu / TheGuardian · 6 days ago - 20:00

    Breach, discovered by Guardian Australia, resulted in information being used to allegedly threaten some in detention

    The Australian government may be liable for tens of millions of dollars in compensation to asylum seekers after it posted their personal details online while they were in immigration detention.

    The mass data breach, discovered by Guardian Australia in 2014 , resulted in information being used, in some cases, to allegedly threaten asylum seekers , or persecute and even jail their family members.

    Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

    Continue reading...
    • chevron_right

      TikTok fined €345m for breaking EU data law on children’s accounts

      news.movim.eu / TheGuardian · 7 days ago - 12:00


    Irish data regulator says platform put 13- to 17-year-old users’ accounts on default public setting, among other breaches

    TikTok has been fined €345m (£296m) for breaking EU data law in its handling of children’s accounts, including failing to shield underage users’ content from public view.

    The Irish data watchdog, which regulates TikTok across the EU, said the Chinese-owned video app had committed multiple breaches of GDPR rules.

    Continue reading...
    • chevron_right

      Twitter chaos after Elon Musk takeover may have violated privacy order, DoJ alleges

      news.movim.eu / TheGuardian · Wednesday, 13 September - 11:50

    US Department of Justice questions compliance with FTC order on data security and privacy practices

    Elon Musk’s takeover of Twitter created a “chaotic environment” at the social media platform that may have violated a government order requiring an overhaul of its data security and privacy practices, according to a court filing.

    The US Department of Justice (DoJ) alleged in a legal filing on Tuesday that depositions from former employees at Twitter, now rebranded X , raised “serious questions” about whether the company was complying with an order imposed by the consumer and competition watchdog, the Federal Trade Commission (FTC).

    Continue reading...
    • Sc chevron_right

      Cars Have Terrible Data Privacy

      news.movim.eu / Schneier · Monday, 11 September - 21:24

    A new Mozilla Foundation report concludes that cars, all of them, have terrible data privacy.

    All 25 car brands we researched earned our *Privacy Not Included warning label—making cars the official worst category of products for privacy that we have ever reviewed.

    There’s a lot of details in the report. They’re all bad.

    BoingBoing post .

    • chevron_right

      How I use WireGuard selectively

      nicoco · Sunday, 10 September - 14:50 edit · 3 minutes

    There arequitea number of online guides about how to hide your real IP and/or access online services your network provider normally does not allow (but it needs to allow WireGuard, which is not always the case). Most of them focus on 2 use cases: either routing all your traffic through WireGuard or accessing a private network from outside of it.

    How about using WireGuard for certain softwares or websites only? If you know your way through iptables, network-manager and the likes, there are probably many options, but I'll share here what my setup is.

    No table!

    This is probably trivial to some of you, but my first issue was that I wanted to set up the WireGuard network interface, but not use it by default. I am not alone, and found out that the key was to add "Table = off" to the [interface] section of the config, eg:

    [Interface]
    PrivateKey = ***
    Address = x.x.x.x/32,x:x:x:x::x:x/128
    Table = off  # <- this is the important part
    
    [Peer]
    PublicKey = ***
    AllowedIPs = 0.0.0.0/0,::0/0
    Endpoint = wireguard-server.example.lol:51820
    

    NB: unlike in most example setups you can find online, I also removed the DNS line because I'm fine not making DNS requests through wireguard but depending on what you are trying to achieve, this might not be OK for you.

    If you use a software that allows you to choose which network inteface it uses, like curl or qbittorrent, this is all you need! But wait, most software do not let you choose it, so what to do for others? I do not have a general answer to that, but apparently it is possible with black magic/network namespaces incantations. But I didn´t really need that, instead what I needed was to make a container use the WireGuard interface exclusively.

    Awesome internet strangers to the rescue

    It turns out this is not easily doable with podman, but the internet is a wonderful place (sometimes). When I asked on unix.stackexchange, an awesome stranger came up with a little C program to use in conjunction with LD_PRELOAD to achieve what I wanted.

    After downloading and building it following the instructions given by this awesome stranger, place bindtodevicewrapper.so in /usr/local/lib, save the following script as /usr/local/bin/podman-wg and make it executable.

    #!/bin/sh
    INTERFACE=$1
    shift
    
    WRAPPER_BINDTODEVICE=$INTERFACE \
    WRAPPER_INET=$(ip -4 -json addr show dev $INTERFACE | jq -r '.[].addr_info[0].local') \
    LD_PRELOAD=/usr/local/lib/bindtodevicewrapper.so \
    podman run --network=slirp4netns:outbound_addr=$INTERFACE "$@"
    

    You can now launch a container that will use the WireGuard interface wg0 to communicate with the outside world using podman-wg wg0 [podman-options…].

    Now, what if we want to access certain websites exclusively through this network interface?

    FoxyProxy is your friend

    With the FoxyProxy Firefox extension, you can define rules to use a proxy for certain websites. But how do you turn your network interface into a proxy for Firefox?

    There is wireproxy, which seems nice but as far as I understood, this does not re-use your existing interface. I looked for something simpler and found soks. It does not look maintained anymore, but it may be because it's simple and just works? Anyway, it seemed to work fine for my use-case, so after building it with make, I placed the soks binary in /usr/local/bin and built a minimal systemd unit like this:

    [Unit]
    Description=Soks
    
    [Service]
    # replace wg0 with the wireguard interface you want,
    # and the ip with your local network IP (eg 192.168.0.1)
    # if you want other devices in your local network to be
    # able to use this proxy
    ExecStart=/opt/soks/soks -i wg0 -l 127.0.0.1 -p 9784
    
    [Install]
    WantedBy=multi-user.target
    

    A little systemctl start --enable soks, add a new proxy SOCKS5 in FoxyProxy with the address 127.0.0.1:9784, define rules for some websites, and you're good to go!

    It took me a little time to gather wrap my head around all of these, and I hope some of you will find it useful. I am not a security expert at all, so if something's bad in these advice, please contact me so I can correct this page and try to limit the damage I've done.

    #wireguard #privacy #piracy

    • chevron_right

      UK owners of smart home devices being asked for swathes of personal data

      news.movim.eu / TheGuardian · Wednesday, 6 September - 23:01

    Which? said firms are gathering far more data than needed for products to function

    Owners of smart home devices are being asked for swathes of personal data that is then potentially shared with social media firms such as TikTok, research has found.

    The consumer champion Which? found companies appear to be gathering far more data than is needed for products to function. This includes smart TVs that ask for users’ viewing habits and a smart washing machine that requires people’s date of birth.

    Continue reading...
    • chevron_right

      UK ministers seek to allay WhatsApp and Signal concerns in encryption row

      news.movim.eu / TheGuardian · Wednesday, 6 September - 18:36

    Government says text scanning under online safety bill would only occur if ‘technically feasible’ after apps threaten to leave country

    Ministers have attempted to head off a threatened exodus of messaging apps from the UK by assuring tech firms they cannot be forced to scan encrypted texts indiscriminately for illegal content.

    WhatsApp and Signal have threatened to quit the UK over a provision in the online safety bill that allows Ofcom to order a messaging service to use “accredited technology” to look for and take down child sexual abuse material.

    Continue reading...
    • chevron_right

      Cars collect extensive personal data on drivers, study warns

      news.movim.eu / TheGuardian · Wednesday, 6 September - 14:28


    Mozilla Foundation studied 25 car brands and found all failed consumer privacy tests

    Drivers have been warned that cars present a “privacy nightmare” with vehicle manufacturers collecting extensive personal data on drivers, even including their sexual activities.

    A study of 25 car brands found they all failed consumer privacy testscarried out by internet-focused non-profit Mozilla Foundation. Its research found that 84% of car companies review, share or sell data collected from car owners.

    Continue reading...
    • chevron_right

      Google’s $30-per-month “Duet” AI will craft awkward emails, images for you

      news.movim.eu / ArsTechnica · Tuesday, 29 August - 20:27 · 1 minute

    A robot with many hands using digital devices at workplace

    Enlarge (credit: Getty Images / Benj Edwards )

    On Tuesday, Google announced the launch of its Duet AI assistant across its Workspace apps, including Docs, Gmail, Drive, Slides, and more. First announced in May at Google I/O, Duet has been in testing for some time, but it is now available to paid Google Workspace business users (what Google calls its suite of cloud productivity apps) for $30 a month in addition to regular Workspace fees.

    Duet is not just one thing—instead, it's a blanket brand name for a multitude of different AI capabilities and probably should have been called "Google Kitchen Sink." It likely represents several distinct AI systems behind the scenes. For example, in Gmail, Duet can summarize a conversation thread across emails, use the content of an email to write a brief or draft an email based on a topic. In Docs, it can write content such as a customer proposal or a story. In Slides, it can generate custom visuals using an image synthesis model. In Sheets, it can help format existing spreadsheets or create a custom spreadsheet structure suited to a particular task, such as a project tracker.

    An example of Google Duet in action (one of many), provided by Google.

    An example of Google Duet in action (one of many), provided by Google. (credit: Google)

    Some of Duet's applications feel like confusion in branding. In Google Meet, Google says that Duet AI can "ensure you look and sound your best with studio look, studio lighting, and studio sound," including "dynamic tiles" and "face detection"—functions that feel far removed from typical generative AI capabilities—as well as automatically translated captions. It can also reportedly capture notes and video, sending a summary to attendees in the meeting. In fact, using Duet's "attend for me" feature, Google says that "Duet AI will be able to join the meeting on your behalf" and send you a recap later.

    Read 11 remaining paragraphs | Comments