shh…it’s a spyware and adware!

Seems to have some severe bugs: https://github.com/wasi-master/13ft/issues

Just installed it, and my initial impression -

• Thanks for dark mode :)
• UI responsiveness is good.
• Need an option to increase/decrease width of reading pane.
• Need multiple themes like Wikipedia website.
• Require smooth scrolling (I’m on 240 Hz monitor but scroll doesn’t feel smooth on this app, though apparently uses GPU acceleration)

Source: https://mastodon.social/@bagder/112192351400749028

• Careful choice of program to infect the whole Linux ecosystem
• Time it took to gain trust
• Level of sophistication in introducing backdoor in open source product

All of these are signs of persistent threat actors aka State sponsor hacker. Though the real motive we would never know as it’s now a failed project.

Source: https://turnoff.us/

Definitely state sponsored attack. It could be any nation - US to North Korea, and any other nation in between.

Source: https://infosec.exchange/@fr0gger/112189232773640259

Ah! I was not aware of the fact that Alias service can encrypt email before forwarding to actual mailbox.

Email alias indeed helps to avoid spam and helps you to assume separate identity per site, but won’t help in any way to stop mail provider/server from processing your email data for user profiling / targeted ad purpose.

Buying email domain and self-hosting is only the full proof way from privacy POV, but it is really difficult target to accomplish. A privacy respecting email hosting + alias should be next ideal choice, IMO.

True, but till the transition completes (if it ever), these privacy frontends are quite handy tool to view content of those services.

I heavily use LibReddit to follow certain Subreddits, although I now mostly frequent Lemmy.

Same as that happened to Bibliogram earlier – a cat-n-mouse game between Dev and API owner.

The post is about Nextcloud self-hosted file storage as an open source replacement for One Drive which is deeply integrated with MS Teams. For those, who can’t replace MS Teams with FOSS equivalent for whatever reason, can at least stop relying on One Drive for file storage solution.

And, for your information, Nextcloud does offer 1:1 and group chat solution[1], which is an open source replacement for MS Teams.

[1] https://nextcloud.com/talk/

You are essentially sharing a file link via MS Teams.

Instead of keeping the actual file on OneDrive, it is hosted on your own (Nextcloud) server. Sorry but how it leads to privacy issue?

Nextcloud[1] is an open source and self-hostable SaaS product.

Instead of using OneDrive and Google Drive (and similar proprietary solutions), Nextcloud is a better solution from Privacy POV, IMO.

[1] https://en.wikipedia.org/wiki/Nextcloud

And, here come typical response -

telecom operators have informally shared with the department that the leaked information claimed in the ClouSEK report seems to be a compilation of old data sets of telecom subscribers and it is not due to any vulnerability in their system."

Source: https://telecom.economictimes.indiatimes.com/news/industry/cybersecurity-firm-claims-data-leak-of-750-million-telecom-users-dot-asks-telcos-for-security-audit/107244949

Here is my understanding of it -

Currently, TB uses POP3/IMAP protocol to access your Mailbox on Exchange Server.

Ideally, it should be done via MS EWS Web API [1][2] which TB currently doesn’t support, but MS Office Outlook does.

Given that MS Exchange is heavily used in corporate/company setup, it[3] will put TB on par with Outlook in that regard.

[1] https://www.techtarget.com/searchwindowsserver/definition/Exchange-Web-Services-EWS

[2] https://www.envisionup.com/blog/pop3-imap-microsoft-exchange-email-platform-use/

[3] https://bugzilla.mozilla.org/show_bug.cgi?id=1847846

Request: Your IP > Apple (1st) relay node > 3rd party (2nd) relay node > Website

Response: Your IP < Apple (1st) relay node < 3rd party (2nd) relay node < Website

Whoever has access to both relay nodes, can easily track you end-to-end.

As for Apple, they claim the 1st relay node is owned by them, and 2nd relay node is owned by 3rd party. (Source: https://www.apple.com/icloud/docs/iCloud_Private_Relay_Overview_Dec2021.pdf)

In theory, it should not be a privacy concern because -

• Website will see the request coming from 2nd relay node’s IP.
• 2nd relay node will see the request is coming from Apple (1st) relay node’s IP.
• So, only Apple knows your IP.

The really powerful thing about Facebook ads is in your ability to layer targeting options on top of one another, gradually making your audience more and more specific. An extreme (and hilarious) example of the power of hypertargeting was featured in AdWeek last year, when a marketing pro targeted his roommate with ads so specific the poor guy thought he was being cyberstalked.

🤮

Update: https://www.bbc.com/news/world-europe-68099669