KeePassXC 2.6.0 Free Password Manager Released With New Light And Dark Themes, Password Checks

Linux Uprising

KeePassXC 2.6.0 was released recently with improvements like an overhauled user interface with new light and dark themes, new offline password health check, check passwords against the Have I Been Pwned online service, and more.

KeePassXC is a free and open-source password manager started as a community fork of KeePassX (which itself is a fork of KeePass), which is not actively maintained. The application is built using Qt and runs on Linux, Windows and macOS.

The application uses the KeePass 2.x (.kdbx) password database format as its native file format in versions 3.1 and 4 using AES encryption with a 256 bit key; version 2 of the database can be opened, but it’s upgraded to a newer format when opened, while KeePass 1.x (.kdb) databases can be imported into a .kbdx file as a one-way process.

For easily entering passwords in a web browser, KeePassXC comes with browser extensions for Mozilla Firefox and Chrome-based web browsers (Google Chrome, Chromium, Vivaldi).

One feature that’s missing is build-in password cloud synchronization. This can still be easily achieved though, using a third-party cloud storage and synchronization service like Nextcloud, Dropbox, Google Drive, OneDrive, and so on, by simply storing the KeePassXC database in the shared cloud folder.

Full article

Our comment

Never store your password manager file, encrypted or not, in the cloud!

Google will ban ads for stalkerware starting August 11

Bleeping Computer

Google will update its Google Ads Enabling Dishonest Behavior policy to globally ban advertising for spyware and surveillance technology known as stalkerware starting with August 11, 2020.

Stalkerware tech allows third-parties to monitor one’s mobile device without the user’s knowledge, as well as to collect sensitive user information related to the user’s location and online activity later to be used for blackmail or various other malicious purposes.

Full article

China TikTok violated Children’s privacy policy in United States

Cybersecurity Insiders

It is already a known fact that the US Government is planning to impose a ban on the Video Sharing and Social Networking app TikTok because of National Security concerns. But fresh reports have emerged in media that a probe carried out by the Federal Trade Commission and the US Justice Department have found that the business subsidiary of Chinese Company ByteDance has failed to adhere to the 2019 planned rules by United States aimed to protect Children’s privacy and so is likely to face harsh punishment from the data watchdog.

Henceforth, the company popular among teens for its short videos, has witnessed a latest bump in its American business as a tough scrutiny has been ordered by the National Security focused Committee on TikTok’s Investment in the United States.

Going deep into the allegations, in the next few days FTC will probe into the facts on whether TikTok has failed to delete videos and sensitive information related to children below 13 and younger living in United States- as it was required as per the agreement made in 2019 with FTC.

TikTok has denied all these allegations and stated that it has and will adhere to the rules meant to safeguard the privacy of its users and will take extra safety and privacy precautions for audiences of younger age.

Full article

Hong Kong’s Security Law Puts Big Tech at a Crossroads

WIRED

Photograph: Isaac Lawrence/AFP/Getty Images

A new national security law has turned Hong Kong into a battleground for the United States and China’s escalating war over control of the global internet. Whether Hong Kong eventually falls behind China’s Great Firewall will depend on how strictly Beijing enforces the regulation, and how willing technology platforms are to stand up in the face of Communist Party pressure—particularly when their business interests are at stake. Some tech giants like Google and Facebook have already paused accepting requests for data from Hong Kong authorities. Others, like Chinese-owned TikTok, have decided to pull out of the region altogether.

The new law was imposed by the Chinese Communist Party with little input from local Hong Kong officials, and went into effect on the evening of June 30. It establishes a wide-reaching security apparatus with the power to crack down on a range of political actions, including separatism and subversion of state power. Civil rights groups around the world quickly decried the measure, and over the past week, activists, researchers, and other vulnerable groups began scrambling to protect themselves from its potential legal consequences.

Full article

Video: The production of Nitrokeys – A look behind the scenes

Nitrokey

In 2015, when we transferred our hobby project Crypto Stick to the professional company Nitrokey, it was clear to us from the beginning that we would carry out the serial production of Nitrokeys in Germany. Of course we also buy components on the world market. But the final production of all Nitrokeys takes place in Germany. So we can ensure that the production meets our safety requirements. In addition, production remains flexible, so that we can produce customer-specific firmware and logos on request, even for relatively small quantities.

For us as a small company, it is a special challenge to produce manageable quantities in a high-priced country while keeping production costs competitive. We have successfully mastered this challenge through a high degree of automation. Instead of using high-priced or unsuitable industrial robots, we have developed tailor-made automation systems ourselves.

A self-developed three-axis automatic machine programs and tests up to 250 nitrokeys sequentially and fully automatically. Compared to manual work, only four minutes of working time are required instead of four hours. Thus we can produce up to 8000 Nitrokeys in one day.

Initializing the encrypted mass storage of the Nitrokey storage with random numbers is a lengthy process that takes up to 1.5 hours per Nitrokey. A sequential processing would take several weeks. Therefore we have developed a system that initializes 49 Nitrokeys in parallel and can be easily enlarged if necessary.

Full article

Police Arrested Hundreds of Criminals After Hacking Into Encrypted Chat Network

The Hacker News

In a joint operation, European and British law enforcement agencies recently arrested hundreds of alleged drug dealers and other criminals after infiltrating into a global network of an encrypted chatting app that was used to plot drug deals, money laundering, extortions, and even murders.

Dubbed EncroChat, the top-secret encrypted communication app comes pre-installed on a customized Android-based handset with GPS, camera, and microphone functionality removed for anonymity and security.

EncroChat phones aim to securely exchange data and messages with pre-loaded apps for secure instant messaging, VOIP calling, self destruct messages, and includes a ‘kill code’ functionality to let users remotely wipe complete data in times of trouble.

The handset and its services, which cost around £1,500 for a six-month subscription, had 60,000 users worldwide and approximately 10,000 users in the United Kingdom.

EncroChat phones were presented to customers as guaranteeing perfect anonymity (no device or SIM card association on the customer’s account, acquisition under conditions guaranteeing the absence of traceability) and perfect discretion both of the encrypted interface (dual operating system, the encrypted interface being hidden so as not to be detectable) and the terminal itself (removal of the camera, microphone, GPS and USB port).

Europol

Full article

In addition the above you can read a blog post at europol.europa.eu.

How to configure the Ubuntu Firewall (UFW)

FOSS Linux

We recommend ufw together with the graphic tool gufw for all users regardless if you are a Linux novices or an experienced Linux geek.

privacynow.eu team

A properly configured firewall is a crucial part of establishing preliminary system security. Keeping this in mind, here we will go over how to configure the firewall on your Ubuntu PC.

Now, by default, Ubuntu comes with a dedicated firewall configuration tool known as UFW or Uncomplicated Firewall. It is an intuitive front-end system designed to help you manage iptables firewall rules. With UFW, you will be able to use almost all the necessary firewall tasks without having to learn iptables.

As such, for this read, we will be using UFW to help set up a firewall for our Ubuntu PC. We have also put together a detailed step-by-step tutorial on how to use UFW to perform.

Full article

Unblock Websites Restricted By ISPs In Some Countries With GreenTunnel

Linux Uprising

Logix Updated on apps, dns, how-to GreenTunnel is a free and open source anti-censorship tool that bypasses deep packet inspection (DPI) used by many Internet Service Providers to block certain websites. The application can be used with a graphical user interface or from the command line, and is available for Microsoft Windows, macOS and Linux.

Full article

Tails 4.8 is out

Tails

This release fixes many security vulnerabilities. You should upgrade as soon as possible.

New features

  • We disabled the Unsafe Browser by default and clarified that the Unsafe Browser can be used to deanonymize you.

    An attacker could exploit a security vulnerability in another application in Tails to start an invisible Unsafe Browser and reveal your IP address, even if you are not using the Unsafe Browser.

    For example, an attacker could exploit a security vulnerability in Thunderbird by sending you a phishing email that could start an invisible Unsafe Browser and reveal them your IP address.

    Such an attack is very unlikely but could be performed by a strong attacker, such as a government or a hacking firm.

    This is why we recommend that you:
    • Only enable the Unsafe Browser if you need to log in to a captive portal.
    • Always upgrade to the latest version of Tails to fix known vulnerabilities as soon as possible.
  • We added a new feature of the Persistent Storage to save the settings from the Welcome Screen.

    This feature is beta and only the additional setting to enable the Unsafe Browser is made persistent. The other settings (language, keyboard, and other additional settings) will be made persistent in Tails 4.9 (July 28).

Full article