Miscellanious

SKS Keyserver Network Under Attack

On June 12th 2019 we wrote a blog post about a new GnuPG server being launced (keys.openpgp.org).

Yesterday Robert J Hansen published a text about vulnerabilities in the widely used SKS keyserver network. As far as we understand the new key server at keys.openpgp.org will solve many of the vulnerabilities found in the SKS keyservers.

We guess we will publish more posts on this subject the coming days! Until then it is up to each and one to read the text by Robert and to take action acordingly! If you are not subscribing to the gnupg-users@gnupg.org e-mail list we strongly recommend you to do so now to get updates on the subject!

The Guardian

How to speak Silicon Valley: 53 essential tech-bro terms explained

The Guardian

Google (n) – The privacy-devouring tech company that does everything that Facebook does, but manages to get away with it, largely because its products are useful instead of just depressing. (v) – To make the bare minimum effort to inform oneself about something. What a tech bro did before he insisted on explaining your area of expertise to you.

privacy (n) – Archaic. The concept of maintaining control over one’s personal information.

Twitter (n) – A mid-sized business with outsized importance due to its three primary users: Donald Trump, Elon Musk and journalists. A useful tool for journalists to gauge public opinion by talking to other journalists, and for Elon Musk to provoke lawsuits and federal investigations into security fraud.

Full article

EFF

A Major Police Body Camera Maker Hits Pause on Face Surveillance

Electronic Frontier Foundation

Communities and lawmakers across the country are waking up to the fact that using face recognition for government surveillance is a troubling trend, particularly when used with cameras that police officers wear. On Thursday, Axon—a major police body-worn camera maker—added its voice to calls to press the pause button on this type of face surveillance, saying it will no longer be “commercializing face matching products on our body cameras at this time.”

Axon’s decision follows strong opposition to government use of face surveillance. San Francisco in May banned city use of face surveillance. This month, Oakland, California and Somerville, Massachusetts have both taken crucial steps toward adopting similar bans, with both measures now headed for full city council votes.

Full article

WIRED

A Likely Chinese Hacker Crew Targeted 10 Phone Carriers to Steal Metadata

WIRED

For anyone who’s worried that their phone might be hacked to track their location, who they call and when, and other metadata that describes the intimate details of their life, one cyberespionage group has provided a reminder that hackers don’t necessarily even need to reach out to your device to gain that access. It may be far easier and more efficient for sophisticated stalkers to penetrate a mobile provider, and use its data to surveil whichever customers they please.

Full article

ZDNet

NASA hacked because of unauthorized Raspberry Pi connected to its network

ZDNet

A report published this week by the NASA Office of Inspector General reveals that in April 2018 hackers breached the agency’s network and stole approximately 500 MB of data related to Mars missions.

The point of entry was a Raspberry Pi device that was connected to the IT network of the NASA Jet Propulsion Laboratory (JPL) without authorization or going through the proper security review.

Full article

Miscellanious

Tor Browser 8.5.2

Changelog:

  • All platforms
    • Pick up fix for Mozilla’s bug 1544386
    • Update NoScript to 10.6.3
      • Bug 29904: NoScript blocks MP4 on higher security levels
      • Bug 30624+29043+29647: Prevent XSS protection from freezing the browser
The New York Times

U.S. Escalates Online Attacks on Russia’s Power Grid

The New York Times

The United States is stepping up digital incursions into Russia’s electric power grid in a warning to President Vladimir V. Putin and a demonstration of how the Trump administration is using new authorities to deploy cybertools more aggressively, current and former government officials said.

Full article

WIRED

Security News This Week: Telegram Says China Is Behind DDoS

WIRED

As protests erupted in the streets of Hong Kong this week, over a proposed law that would allow criminal suspects to be extradited to mainland China, the secure messaging app Telegram was hit with a massive DDoS attack. The company tweeted on Wednesday that it was under attack. Then the app’s founder and CEO Pavel Durov followed up and suggested the culprits were Chinese state actors. He tweeted that the IP addresses for the attackers were coming from China.

Full article