Si vous n’avez rien à cacher et que vous ne faites rien de répréhensible, vous devriez chiffrer vos communications.
En ne le faisant pas, vous soutenez la thèse que seuls ceux qui ont qqch à se reprocher utilisent ce genre d’outils. Vous concourrez à la criminalisation de leur utilisation. Vous légitimez le soupçon généralisé sur les utilisateurs.
Utilisateur que vous deviendrez peut-être un jour.
Even if this standard is not used for years, some ideas are interesting. How and which data is collected and used are pretty well standardized.
It can somehow interact with the GDPR.
L'association "Pour un RGPD respecté" est en cours de formation et va entrer en action. C'est une bonne nouvelle !
To meet the demands of the European Commission's Digital Markets Act—slated to be enforced in March 2024—Microsoft must make its apps easier to uninstall, its default settings easier to change, and its attempts at steering people toward its services easier to avoid.
It includes Bing, default apps, Edge, etc...
A framework to build applications with privacy, safety, and user experience in mind.
It is developed and released by the Cult of the Dead Cow. The core is written in Rust.
A related article on the topic: https://www.engadget.com/americas-original-hacking-supergroup-creates-a-free-framework-to-improve-app-security-190043865.html
the company announced today it’s not going ahead with the proposed API.
See the first question heading of https://android-developers.googleblog.com/2023/11/increasing-trust-for-embedded-media.html?m=1
À propos des chaînes sur Whatsapp
One of the most important unpublished revelations from the Snowden archive regards American semiconductor supplier Cavium. According to Appelbaum, the Snowden files list Cavium “as a successful SIGINT enabled CPUs vendor”.
😬
Advantages of apps over websites:
- Gobbling data: an app does not get its request blocked as a website does.
- Making money: This one applies more to indie developers than to big companies but I'm sure people are more willing to pay for an app than access to a website.
- people want app: Think about that for a second: people want to download an app to track deliveries of their white goods, something which most people order at most once a year.
Un sous-traitant de Pole Emploi a subit un acte de malveillance d'après le communiqué https://www.pole-emploi.fr/candidat/soyez-vigilants/acte-de-cyber-malveillance-soyez.html.
Is deleting an account from a service easy, hard or impossible? Here a quick collection.
If you are talking to someone who is not currently using:
- A password manager
- MFA on most or all accounts that allow it
- An up-to-date operating system on all of their devices
Please stop yourself from recommending:- A VPN
- Tor
- Tails (or any variations/equivalents)
Just… rewind a bit and help with the first items first.
L'idée est de permettre à des applications de pouvoir communiquer, sur différents terminaux, sans leur permettre de connaître les adresses IP ni la localisation des autres terminaux. Les connexions n'en sont pas moins « authentifiées, horodatées, fortement chiffrées de bout en bout et signées numériquement pour empêcher l'écoute clandestine, la falsification et l'usurpation d'identité ».
Contrairement à Tor, Veilid n'utilise pas de nœuds de sortie,
Plus Veilid prendra de l'ampleur, plus il sera sécurisé, précise Christien Rioux à Engadget : la force ne vient pas du nombre d'applications créées sur le framework, mais du nombre de personnes qui utilisent les applications pour faire avancer le routage des nœuds qui composent le réseau.
A service to share secrets. As always, you have to trust the third-party.
Against Google Web Environment Integrity with an argumentation.
Also in favor of such systems:
- These tools might have a place within distributed systems - for example, voting machine vendors might use remote attestation to verify the configuration of their devices in the field
Also, it points out some principles:
- Code is speech and everyone should be free to study, understand, and produce remote attestation tools.
- but these tools should not be added to the web. Remote attestations have no place on open platforms.
- addressing these problems can’t come before the right of technology users to choose how their computers work, or what those computers tell others about because the right to control one’s own devices is a building block of all civil rights in the digital world.
The technology solves those companies' problems, but not their users.
Meta is banned and has 3 months to comply with the regulation or it will get a coercive fine of up to one million NOK per day.