reblog this if you are gay, constantly tired, or a cryptic entity that merely inhabits a human form
it’s time we start oppressing ppl that use the word “hubby”
sorry but “Hubble Space Telescope” takes too long to say
data dump (aka things I’m currently paranoid about)
In no particular order~~~
Analysis of image manipulation techniques to bypass chinese censorship.
Tech jargon: Plenty.
Worth reading? I think so.
My thoughts: It’s really interesting reading into this study of reverse engineering how to bypass censorship technologies. It’s unfortunate that it probably requires advanced image manipulation tools to achieve, and individuals who attempt this by trial and error could get flagged for sharing censored material. And this is an open study, so I think it’s only a matter of time before the chinese government uses this study to patch its own flaws, and become even harder to bypass.
TL;DR: It’s hard to talk in china, but low-res meme adaptations pass the content filter.
Remote access tool installed on voting machines.
243% voter turnout in Georgia precinct at electronic polls.
11 year old hacks voting machine in less than 10 minutes.
Tech Jargon: Low to none.
Worth reading? Skim. The titles are pretty explanatory, but there are some good gems in there if you want to dive deeper.
My thoughts: This is just plain sad. Not only should voting be backed up by verfiable paper trails, electronic voting should not be connected to the internet, live, with no protection. I’m not even going to get started on the latest presidential election and the political controversy but honestly, you can’t deny our democracy is being eroded.
TL;DR: Our votes? WACK! Our security? WACK! The way that our election system can be compromised by people too young to legally participate? WACK!
Breakdown of the NotPeyta cyberattack.
Tech Jargon: Low to none.
Sensationalism: There was a good amount of dramatization in the recap.
Worth reading? HELL YEAH
My thoughts: Though I wasn’t following it at the time except that I knew that it happened, this was a good recap that adequately covered the angles and shed light on the big picture. It’s a sad reminder of the cruelty that exists in this world (the attack was a targeted attack from Russia on Ukraine, but without limits on it’s spread vector. As the article aptly states, it was a message from Russia to the world: This is what happens to you if you do business with our enemies. Someone once told me that the Ukranians to Russians now are what the Jews were to the Nazis, and I’m starting to see that). It also shows just how tangled everything is online, and it’s only getting more interconnected.
TL;DR: There are no bystanders in the cyber war because there are no borders on the internet.
EFF to the FCC: Verizon and AT&T.
Verizon throttles california fire department during emergency situation.
NSA Surveillance at AT&T Headquarters.
FCC admits it was never actually hacked.
Net Neutrality: 404 Not found
Worth reading? Knowing enough about the topic to share with others is worth the time spent on it.
My thoughts: I mean this is what happens when you have no regulation on massive conglomerates that sit in positions of power and control, and a government that benefits from these corrupt practicises because it makes mass surveillance easier.
TL;DR: We need a more free and open marketplace for secure, fair and trustworthy telecom providers, and a better regulation system.
Google’s Data Collection on Android and Chrome.
Tech Jargon: Plenty
Fun to read: Not really
Informative: Get woke, fam.
My thoughts: Get your friends and some beers for this one because it’s a bore to read (and also kind of concerning, in a “Oh shit this is happening all the time and I couldn’t stop it if I wanted because there’s no way to opt out” kind of way). Is it any new information I think any informed user of google products doesn’t already know? Idk. I’m pretty tech savvy and saw nothing I didn’t already suspect, but it would probably be alarming for those who aren’t aware of the actual magnitude of what’s going on.
TL;DR: Google is the new Big Brother
China’s Dystopian Dreams: Facial Recognition and AI.
Chinese surveillance state is America’s future.
Amazon Facial Recognition matches Congress members with mugshots.
NSA Data Interception for Facial Recognition.
Facial Recognition software being deployed in consumer shopping malls.
Alex Jones isn’t the only person being censored on social media..
Google willing to go against it’s own core tenants for profit and produce a censored product to expand in China.
Banks and other institutions track biometric data without user knowledge or consent for identification purposes.
Tech Jargon: Varies
Worth reading: All of them yes, maybe not all at once.
My thoughts: Remember that PDF earlier detailing Google’s mass data collection on users? When you combine that with all the other things being captured from all sides (Government, private organizations, financial sector), it starts to get a little overwhelming. I didn’t have the energy to write up a summary for each of these individually so I put them all together since together they show a broader picture. Censorship is prevalent in America even if it’s not done by the US Government. Software is being widely deployed as a blanket solution when the software is bad (and the deployers should feel bad) and the underlying tech isn’t well tested or well understood.
TL;DR:Scary Shit Is Going On In China And It Will Be Here Soon If It’s Not Already
Freedom Report on Turkey 2018.
Turkey Censorship.
Bird jokes: None, unfortunately.
My thoughts: You know, I think it was one of the talks at DEFCON 2018 where the presenter mentioned that Turkey in the past couple years has gone from no takedown requests on Twitter, to the top of the list (with more takedown requests than all other governments combined) that I became interested in following this country. Though the world is a big place, and there of plenty of other corrupt nation states to keep an eye on so you all have to help me watch Ecuador, Venezuela, Iran, Israel, Mexico. That list is in no way comprehensive I’m just running out of steam digesting all of this. Why I picked those countries in particular? tbh it’s either because I have friends there or the govt did something particularly nasty with / purchased cyber weapons. (Though soon that filtering criteria won’t be worth jack because nearly every country has invested in cyber weapons. I would share my source but it’s not publicly available online yet, sorry. I’ll update when it becomes accessible)
TL;DR: Watch Turkey, there’s some shit going down there.
Pegasus Spyware for mobile devices.
Concert ticketing app steals all user data.
Imposter Fortnite apps spread malware to mobile devices.
Terabytes of data exposed online in mobile spyware leak.
Tech jargon: moderate
Insecurities: mobile
My thoughts: People seem to think that their phones are secure because they’re modern, cutting edge technology. NEWS FLASH: Unless you explicitly install antivirus on your phone, it is not safe from malware. Nation states develop and sell spyware tools that can be installed in the background from you clicking an untrusted link from any source on your phone. This includes email, SMS, whatsapp, facebook messenger, snapchat, hangouts, etc. Also, pay attention to the permissions you give “legitimate” apps and what they ask when you install! The ticket app above steals more personal info than Facebook with less insight into who it sells to. (The official LinkedIn app scrapes all your contacts on your phone and uploads them as part of the install process, a dark pattern most users don’t know about until after it’s too late.) Also, just because they’re hackers doesn’t mean they’re good at what they do.
TL;DR: Hang up the phone.
“God Mode”: Ring 0 Backdoor through RISC Architecture.
Tech jargon: hella
My thoughts: I actually saw this talk live at DC26 - 2018. It was really fascinating learning how he took apart the processor execution through a timing side channel to find this subversive behavior in the machine. It’s just really scary to think about - that older processers have apprently had this all along (and there’s no reason a manufacturer would stop, they’re probably just more sophisticated and harder to find).
TL;DR: The CPU of any device has a backdoor below the lowest layer of instruction (subverting “root” kernel execution) that is left by the manufacturer, in secret, with an undocumented, password protected instruction set that probably varies from device to device. This means that it’s only a matter of time before an attacker brute forces this layer to have hardware control over your device and you cannot patch this security flaw.
USENIX Keynote: Why Do Keynote Speakers Keep Suggesting That Improving Security Is Possible?. (YouTube: ~30min)
Tech Jargon: Intermittent
Humor: Packed
Real talk: Packed
My thoughts: Definitely a lighter note than the rest of the articles to close this post. This was one of the best keynotes I’ve seen in a while. Not only was it entertaining and easy to follow, he effectively breaks down complex problems into easy to understand parallels, and accurately describes and summarizes some of the content in the earlier articles.
TL;DR: We keep having security problems because everyone wants the future and nobody actually thinks about what they’re doing.
Anonymous
