Siri Shortcut Discreetly Records Your Police Encounters

Saying ”Hey Siri, I’m getting pulled over,” will have your iPhone pause music, turn down brightness, and start recording using the front facing camera. Its creator calls it the civilian equivalent of body cams.

-/-

The shortcut was developed by Robert Petersen, who told Business Insider that ”it seemed to me that if you’re getting pulled over it couldn’t hurt to have a recording of the incident … The police these days in many places have body cams, so this could be the civilian equivalent.”

https://uk.pcmag.com/apple-homepod/117778/news/siri-shortcut-discreetly-records-your-police-encounters

Network security monitoring vs supply chain backdoors

On October 4, 2018, Bloomberg published a story titled “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” with a subtitle “The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.”

Network security monitoring vs supply chain backdoors

 

How To Protect Your Privacy On iPhone

Follow these easy steps to protect the personal data on your iPhone or iPad. (details and how to if you follow the link in the bottom)

You might also be interested in our privacy tips for Android.

1. Lock your device with a passcode longer than 4 digits.
2. Enable “Erase Data” to delete data after 10 failed passcode attempts.
3. Don’t show notifications in the lock screen for sensitive apps.
4. Turn off “Share My Location.”
5. Turn off location services for things that don’t need them.
6. Turn off access to sensitive data for apps that don’t need it.
7. Review your installed apps.
8. Turn off read receipts so people are not notified when you see their messages.
9. Turn on “Limit ad tracking”.
10.From time-to-time, reset your advertising identifier.
11. Set DuckDuckGo as your default search engine.
12. Install the DuckDuckGo Privacy Browser.

https://spreadprivacy.com/iphone-privacy-tips/

NUMRET I DISPLAYEN INGEN SÄKERHET

Tar du för givet att det nummer som visas i telefondisplayen också talar om vem som egentligen ringer?
Bedragare som ringer använder ofta en tjänst som kallas för spoofing. Det innebär att de kan ringa från vilket telefonnummer som helst men i din display visas numret till exempelvis din bank. Numret i displayen ses av många av oss som en garanti för att det, i det här fallet, är banken som ringer vilket bedragarna i det här fallet utnyttjar.
Du kan alltså inte lita på att det numret som visas verkligen är den som ringer. Därför ska du vara extra misstänksam när du får oväntade samtal. Be alltid om att få motringa. //Lotta, NBC

https://www.facebook.com/Polisen-bedr%C3%A4geri-546406245370971/?hc_ref=ARQMXe9XB5FBJu5Ppsh0bsTtQlAmNjDBPM9Iq5yh1lb_hyOWTgdF_zj6edCUWu5Yyk8&fref=nf&__xts__[0]=68.ARAczMO3_l-5XyKFJhumm4FlBNIR2DngngzuweMfQm7W6XHP_qhs4jqNSkZS_WPihB4WLHbqIBkNkqP32K8o19y1_mjFx9VPJZoZ3uRyk-L-pOh7wKKWK5-kocCqUHSzrBVhQCc26T_JBRXdykTGgoc9IY8M8WeiFIl_am_IS7cJncfHwWEbPw&__tn__=kC-R

Google wants to get rid of URLs but doesn’t know what to use instead

Their complexity makes them a security hazard; their ubiquity makes replacement nigh impossible.

Sometimes URLs are explicitly typed by users; other times they’re opaque and hidden behind hyperlinks. Some URLs are good for sharing, others aren’t. Sometimes they’re shown on devices with abundant screen space, other times they’re so cramped that only a fragment of the URL can ever be seen.

https://arstechnica.com/gadgets/2018/09/google-wants-to-get-rid-of-urls-but-doesnt-know-what-to-use-instead/

IDN homograph attack

An example of an IDN homograph attack; the Latin letters ”e” and ”a” are replaced with the Cyrillic letters ”е” and ”а”.

The internationalized domain name (IDN) homograph attack is a way a malicious party may deceive computer users about what remote system they are communicating with, by exploiting the fact that many different characters look alike (i.e., they are homographs, hence the term for the attack, although technically homoglyph is the more accurate term for different characters that look alike). For example, a regular user of example.com may be lured to click a link where the Latin character ”a” is replaced with the Cyrillic character ”а”.

This kind of spoofing attack is also known as script spoofingUnicode incorporates numerous writing systems, and, for a number of reasons, similar-looking characters such as Greek Ο, Latin O, and Cyrillic О were not assigned the same code. Their incorrect or malicious usage is a possibility for security attacks.

https://en.wikipedia.org/wiki/IDN_homograph_attack

A Guide to Common Types of Two-Factor Authentication on the Web

In addition to requesting something you know to log in (in this case, your password), an account protected with 2FA will also request information from something you have (usually your phone or a special USB security key).

Two-factor authentication (or 2FA) is one of the biggest-bang-for-your-buck ways to improve the security of your online accounts. Luckily, it’s becoming much more common across the web. With often just a few clicks in a given account’s settings, 2FA adds an extra layer of security to your online accounts on top of your password.

https://www.eff.org/deeplinks/2017/09/guide-common-types-two-factor-authentication-web

US, UK, and other governments asks tech companies to build backdoors into encrypted devices

The US, UK, and three other governments have called on tech companies to build backdoors into their encrypted products, so that law enforcement will always be able to obtain access. If companies don’t, the governments say they “may pursue technological, enforcement, legislative, or other measures” in order to get into locked devices and services.

Tech companies have (also) been wary to comply. Adding a backdoor into their products would inherently mean that their promise of data privacy is broken. It would also open them up to similar requests from other countries, which could use the backdoor access for spying in inappropriate circumstances.

https://www.theverge.com/2018/9/3/17815196/five-eyes-encryption-backdoors-us-uk-australia-nz-canada