Tor Browser 8.0.9

Changelog:
Tor Browser 8.0.9 — May 7 2019

  • All platforms
    • Update Torbutton to 2.0.13
      • Bug 30388: Make sure the updated intermediate certificate keeps working
    • Backport fixes for bug 1549010 and bug 1549061
      • Bug 30388: Make sure the updated intermediate certificate keeps working
    • Update NoScript to 10.6.1
      • Bug 29872: XSS popup with DuckDuckGo search on about:tor

For the most up-to-date information about this release, visit blog.torproject.org/new-release-tor-browser-809.

Our recommendation is that you upgrade now!

Russia is the most cyber-attacked country according Kaspersky

https://cybermap.kaspersky.com/

Accoding cybermap.kaspersky.com Russia is the most cyber-attacked country in the world. Kaspersky’s sources are mentioned on their site.

Think twice!

As usual we highly recommend everyone to think twice before believing this information. Even if Kaspersky Lab is not controlled from the Kremlin, one can imagine that Kaspersky or its owner will gain benefits by acting in a special way. In other words it’s time to be sceptic as we don’t know why they claim Russia to be the most cyber-attacked country in the world.

Think twice because it’s about Russia?

No! Of course you should be equally sceptic about statements made by US companies. Or Chinese companies. You should also be sceptic even if Kaspersky was a Swiss or Norwegian company claiming that Switzerland or Norway was the #1 cyber-attacked country.

With above said, we can’t forget that eastern part of Ukraine is occupied by Russia, not by the governments in Bern or Oslo. If Kaspersky gain benefits for their statements we remind you that benefits are given by one LGBTQ hostile government!

Believe those you trust!

Another example about think twice is when Mr Edward Snowden’s endorsement of the Signal messaging app. Signal could be as good as Mr Snowden claims, but don’t forget how is his host.

Try to find multiple sources before you decide what you think is true!

Russia tightens grip on its national net

BBC

Russia has formally adopted a law that gives its government more control over its domestic internet.

The law means the systems that exchange data between the networks forming the Russian internet must share more information with government regulators.

It also lets regulators exert direct control over what Russians can post, see and talk about online when national security is threatened.

Russian net firms have until 1 November to comply with the law.

Widespread protests were mounted in a bid to stop the law being passed.

Full article

A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree

WIRED

A software supply chain attack represents one of the most insidious forms of hacking. By breaking into a developer’s network and hiding malicious code within apps and software updates that users trust, supply chain hijackers can smuggle their malware onto hundreds of thousands—or millions—of computers in a single operation, without the slightest sign of foul play. Now what appears to be a single group of hackers has managed that trick repeatedly, going on a devastating supply chain hacking spree—and becoming more advanced and stealthy as they go.

Over the past three years, supply chain attacks that exploited the software distribution channels of at least six different companies have now all been tied to a single group of likely Chinese-speaking hackers. They’re known as Barium, or sometimes ShadowHammer, ShadowPad, or Wicked Panda, depending on which security firm you ask. More than perhaps any other known hacker team, Barium appears to use supply chain attacks as their core tool. Their attacks all follow a similar pattern: Seed out infections to a massive collection of victims, then sort through them to find espionage targets.

Full article

Rape victims among those to be asked to hand phones to police

BBC

Victims of crimes, including those alleging rape, are to be asked to hand their phones over to police – or risk prosecutions not going ahead.

Consent forms asking for permission to access information including emails, messages and photographs have been rolled out in England and Wales.

It comes after a number of rape and serious sexual assault cases collapsed when crucial evidence emerged.

Victim Support said the move could stop victims coming forward.

Full article

Google’s Sensorvault Can Tell Police Where You’ve Been

EFF:

Do you know where you were five years ago? Did you have an Android phone at the time? It turns out Google might know—and it might be telling law enforcement.

In a new article, the New York Times details a little-known technique increasingly used by law enforcement to figure out everyone who might have been within certain geographic areas during specific time periods in the past. The technique relies on detailed location data collected by Google from most Android devices as well as iPhones and iPads that have Google Maps and other apps installed. This data resides in a Google-maintained database called “Sensorvault,” and because Google stores this data indefinitely, Sensorvault “includes detailed location records involving at least hundreds of millions of devices worldwide and dating back nearly a decade.”

Full article

Nitrokey partners with Gentoo Foundation to equip developers with USB keys

The Gentoo Foundation has partnered with Nitrokey to equip all Gentoo developers with free Nitrokey Pro 2 devices. Gentoo developers will use the Nitrokey devices to store cryptographic keys for signing of git commits and software packages, GnuPG keys, and SSH accounts.

Thanks to the Gentoo Foundation and Nitrokey’s discount, each Gentoo developer is eligible to receive one free Nitrokey Pro 2. To receive their Nitrokey, developers will need to register with their @gentoo.org email address at the dedicated order form.

Full article

UK train passengers offered smart tickets

According BBC more UK train passengers will have the option to use paperless tickets.

From a privacy perspective it is very important you can buy these tickets using cash and without any registration needed. If not, please remember that information being stored not only can but for sure will be hacked.

There is no reason for a public transportation company to know who is traveling, the only thing you have to prove is that your ticket is paid.

In case you say something like I have nothing to hide and therefore accept being registered, please remember that history will repeat. Who could in the 1880’s imagine what would happen in Germany 50 years later. Who could think that it would be life-threatening to say that you were Jewish?

Please remember that privacy and integrity is a human right according UN!