![Community banner](https://fry.gs/pictrs/image/1a1e9226-87cb-4499-94a7-d43b1e520e50.png)
-
New technical framework for the European Digital Identity Wallet (eIDAS) reveals severe shortcomings, threatening user privacy and contradicting the regulation's intent, rights group says
epicenter.works eIDAS: Building Trust or Invading Privacy?We analysed the new technical framework for the European Digital Identity Wallet, revealing severe shortcomings that threaten user privacy and contradict the regulation's intent.
cross-posted from: https://feddit.org/post/317047
> in February 2024, the EU Parliament adopted the eIDAS regulation, creating the framework for a "European Digital Identity Wallet". This digital Wallet will enable citizens to identify themselves in a legally binding manner, both online and offline, sign documents, login into websites and share personal data about them with others. Recently, the European Commission published the Architectural Reference Framework (ARF) 1.4 for the technical implementation of the Wallet. > > The success of the EU Digital Identity Wallet depends on its ability to gain citizens' trust and establish a resilient infrastructure in our current data-driven economy. > > "However, after our analysis, we believe that this goal has been missed," says the digital rights group Epicenter Works. > > "We see severe shortcomings in the ARF that either contradict the regulation or ignore important elements of it. These issues, if left unaddressed, could significantly undermine user rights and privacy."
- www.theguardian.com Revealed: the tech entrepreneur behind a pro-Israel hate network
The Guardian used public records and open source materials to identify Daniel Linden of the Shirion Collective
- wccftech.com T-Mobile In Trouble After It Decides To Build Cell Tower That Is 'Not Safe' For Residents
T Mobile is legally pursuing the Wanaque planning board for illegally stopping the cell tower operation by rejecting the building application
- nadim.computer We Need to Talk About the State of Calendar Software on Desktop
Smartphones are fine. There are no problems today with finding good calendar software for any smartphone out there. But when it comes to desktops (or laptops), there are exactly two cases in which using calendars in 2024 isn't a complete disaster:
- humanewebmanifesto.com Manifesto for a Humane Web
We need to build a better web. A web by and for humans.
- www.engadget.com NASA and Boeing say Starliner astronauts ‘are not stranded,’ but will be on the ISS for a few more weeks
NASA and Boeing plan to spend the next few weeks conducting tests on the ground in order to better understand issues with the Starliner spacecraft’s thrusters before giving its crew the go-ahead to fly back to Earth, officials said in a press conference Friday.
- www.theverge.com Redbox’s owner files for bankruptcy after repeatedly missing payments and payroll
It owes money to Universal, Sony, Lionsgate, Warner Bros., and more.
> informed employees of the filing late Friday [...] that it had filed for a debtor-in-possession loan — a way for companies that are reorganizing after filing for bankruptcy to secure additional working capital to meet payroll. [...] employees have been waiting for paychecks since June 21st [...] it’s not certain that the company will be able to secure such a loan.
> Chicken Soup took on $325 million in debt when it acquired Redbox in 2022 and has since been sued over a dozen times over unpaid bills.
-
Supreme Court weakens federal regulators with Chevron overturning, threatening net neutrality, right to repair, big tech regulation, and more
www.theverge.com What SCOTUS just did to net neutrality, the right to repair, the environment, and moreThe end of Chevron deference will touch on everything from broadband policy to climate change.
>The downfall of Chevron deference could completely change the ways courts review net neutrality, according to Bloomberg Intelligence’s Matt Schettenhelm. “The FCC’s 2024 effort to reinstitute federal broadband regulation is the latest chapter in a long-running regulatory saga, yet we think the demise of deference will change its course in a fundamental way,” he wrote in a recent report. “This time, we don’t expect the FCC to prevail in court as it did in 2016.” Schettenhelm estimated an 80 percent chance of the FCC’s newest net neutrality order being blocked or overturned in the absence of Chevron deference.
>Federal Trade Commission Chair Lina Khan has made no secret of her ambitions to use the agency’s authority to take bold action to restore competition to digital markets and protect consumers. But with Chevron being overturned amid a broader movement undermining agency authority without clear direction from Congress, Schettenhelm said, “it’s about the worst possible time for the FTC to be claiming novel rulemaking power to address unfair competition issues in a way that it never has before.” > >Khan’s methods have drawn intense criticism from the business community, most recently with the agency’s labor-friendly rulemaking banning noncompete agreements in employment contracts. That action relies on the FTC’s interpretation of its authority to allow it to take action in this area — the kind of thing that brings up questions about agency deference.
- www.eff.org Hack of Age Verification Company Shows Privacy Danger of Social Media Laws
We’ve said it before: online age verification is incompatible with privacy. Companies responsible for storing or processing sensitive documents like drivers’ licenses are likely to encounter data breaches, potentially exposing not only personal data like users’ government-issued ID, but also...
>We’ve said it before: online age verification is incompatible with privacy. Companies responsible for storing or processing sensitive documents like drivers’ licenses are likely to encounter data breaches, potentially exposing not only personal data like users’ government-issued ID, but also information about the sites that they visit. > >This threat is not hypothetical. This morning, 404 Media reported that a major identity verification company, AU10TIX, left login credentials exposed online for more than a year, allowing access to this very sensitive user data. > >A researcher gained access to the company’s logging platform, “which in turn contained links to data related to specific people who had uploaded their identity documents,” including “the person’s name, date of birth, nationality, identification number, and the type of document uploaded such as a drivers’ license,” as well as images of those identity documents. Platforms reportedly using AU10TIX for identity verification include TikTok and X, formerly Twitter. > >Lawmakers pushing forward with dangerous age verifications laws should stop and consider this report. Proposals like the federal Kids Online Safety Act and California’s Assembly Bill 3080 are moving further toward passage, with lawmakers in the House scheduled to vote in a key committee on KOSA this week, and California's Senate Judiciary committee set to discuss AB 3080 next week. Several other laws requiring age verification for accessing “adult” content and social media content have already passed in states across the country. EFF and others are challenging some of these laws in court. > >In the final analysis, age verification systems are surveillance systems. Mandating them forces websites to require visitors to submit information such as government-issued identification to companies like AU10TIX. Hacks and data breaches of this sensitive information are not a hypothetical concern; it is simply a matter of when the data will be exposed, as this breach shows. > >Data breaches can lead to any number of dangers for users: phishing, blackmail, or identity theft, in addition to the loss of anonymity and privacy. Requiring users to upload government documents—some of the most sensitive user data—will hurt all users. > >According to the news report, so far the exposure of user data in the AU10TIX case did not lead to exposure beyond what the researcher showed was possible. If age verification requirements are passed into law, users will likely find themselves forced to share their private information across networks of third-party companies if they want to continue accessing and sharing online content. Within a year, it wouldn’t be strange to have uploaded your ID to a half-dozen different platforms. > >No matter how vigilant you are, you cannot control what other companies do with your data. If age verification requirements become law, you’ll have to be lucky every time you are forced to share your private information. Hackers will just have to be lucky once.
-
Sony will cut around 250 jobs from the recordable media business manufacturing hub and will gradually cease production of optical discs, including Blu-ray discs.
mainichi.jp Sony Group to cut 250 jobs from recordable media business' key hub - The MainichiTOKYO (Kyodo) -- Sony Group Corp. will cut around 250 jobs from its recordable media business' key manufacturing hub in northeastern Japan and offer e
-
We analyzed 54,177 collection pages on OpenSea and found that 76% of the top pages are spam
guerrillabuzz.com GuerrillabuzzOur study finds 76.82% of top OpenSea NFT pages are spam, highlighting risks and suggesting solutions to protect marketplace integrity.
-
Google, Snap, Meta and many others are "quietly" changing privacy policies to allow for AI training | It is sneaky and possibly illegal, according to the FTC
www.techspot.com Google, Snap, Meta and many others are "quietly" changing privacy policies to allow for AI trainingEarlier this year, the Federal Trade Commission warned that companies would be sorely tempted to change the terms and conditions of their privacy statements to allow them...
- www.theverge.com Framework Laptop 16, six months later
Preorders are fulfilled, it’s now on sale — is it better?
- www.theverge.com Microsoft’s AI boss thinks it’s perfectly OK to steal content if it’s on the open web
That is not how fair use works.
-
[Mental Outlaw] Korean ISP Hacks Customers Using Torrent Software
odysee.com Korean ISP Hacks Customers Using Torrent SoftwareIn this video I discuss how Korean Telecom (aka KT Corp) deployed malware to the PC's of 600k of their customers who were using bittorrent applications to share files with one another.
- www.wired.com Quora’s Chatbot Platform Poe Allows Users to Download Paywalled Articles on Demand
WIRED was able to download stories from publishers like The New York Times and The Atlantic using Poe’s Assistant bot. One expert calls it “prima facie copyright infringement,” which Quora disputes.
- arstechnica.com ChatGPT outperforms undergrads in intro-level courses, falls short later
Software that promises to detect AI-produced text fails to deliver.
Researchers create 30 fake student accounts to submit model-generated responses to real exams. Professors grade the 200 or 1500 word responses from the AI undergrads and gave them better grades than real students 84% of the time. 6% of the bot respondents did get caught, though... for being too good. Meanwhile, AI detection tools? Total bunk.
Will AI be the new calculator... or the death of us all (obviously the only alternative).
Note: the software was NOT as good on the advanced exams, even though it handled the easier stuff.
- www.theregister.com FCC proposes ending cellphone carrier locks after 60 days
Should you stay or should you go now? If Rosenworcel gets her way, there won't be trouble
>Long-term carrier lock-in could soon be a thing of the past in America after the FCC proposed requiring telcos to unlock cellphones from their networks 60 days after activation. > >FCC boss Jessica Rosenworcel put out that proposal on Thursday, saying it would encourage competition between carriers. If subscribers could simply walk off to another telco with their handsets after two months of use, networks would have to do a lot more competing, the FCC reasons. > >"When you buy a phone, you should have the freedom to decide when to change service to the carrier you want and not have the device you own stuck by practices that prevent you from making that choice," Rosenworcel said. > >Carrier-locked devices contain software mechanisms that prevent them from being used on other providers' networks. The practice has long been criticized for being anti-consumer.
- www.bleepingcomputer.com TeamViewer links corporate cyberattack to Russian state hackers
RMM software developer TeamViewer says a Russian state-sponsored hacking group known as Midnight Blizzard is believed to be behind a breach of their corporate network this week.
-
Are we <INSERT_TECHNOLOGY_NAME> yet?
github.com GitHub - avidseeker/awesome-areweyet: Current adoption status of various technologiesCurrent adoption status of various technologies. Contribute to avidseeker/awesome-areweyet development by creating an account on GitHub.
Are we Wayland yet? Are we JPEG XL yet? Are we Rust yet? Are we ActivityPub yet?
I've gathered a meta-tracker for the adoption state of futuristic technologies.
Many thanks to the Mozilla Wiki contributors: https://wiki.mozilla.org/Areweyet
- www.techradar.com Microsoft has gone too far: including a Game Pass ad in the Settings app ushers in a whole new age of ridiculous over-advertising
Ads in Windows 11 settings are coming next month
Windows 11 is getting out of hand with its push for advertisments, frankly - remember the recent full-screen pop-up to persuade users to install Edge or other Microsoft services? Then another advertisment was placed in the Start menu, and now Microsoft has finally worn my temper thin - with a new Game Pass ad coming to the Settings app.
This will likely arrive in the July update for Windows 11, or at least it’s almost certain to do so. It was present in the latest preview update Microsoft just released for the OS (and quickly paused due to a bug, but that’s another story). It’s also worth noting that the ad has been present in earlier test versions of Windows 11.
- liliputing.com Milk-V Jupiter is a mini ITX board with a SpacemiT K1/M1 RISC-V processor - Liliputing
Milk-V Jupiter is a mini ITX board with a SpacemiT K1/M1 RISC-V processor
cross-posted from: https://lemmy.ml/post/17417754
- www.theverge.com EVs still have major quality problems, and it’s mostly about the software
The tech is new, and people are still unfamiliar.
- theconversation.com ChatGPT and the movie ‘Her’ are just the latest example of the ‘sci-fi feedback loop’
Science fiction and technological innovation feed off each other in an ongoing back-and-forth that can play out over decades.
- www.neowin.net Microsoft reveals even more emails to customers were accessed by Russia-based hackers
Microsoft has confirmed that it has informed more of its customers that emails they sent to Microsoft's corporate employees were accessed by Russia-based hackers earlier this year.
>Earlier this year, Microsoft revealed that a Russia-based cybercriminal group labeled as Midnight Blizzard got access to the email accounts of its top executives in late 2023. Today, the company has confirmed that it is informing more of its customers that emails sent to those executives were seen by that hacker group.
>The Russian security breach, combined with an earlier one in 2023 by Chinese hackers who accessed Outlook-based government email accounts in the US and Europe, has been a major embarrassment to Microsoft.
-
Uncovering Every Lie in MKBHD's Softball Interview; a scathing critique of 'brand safe' influencers
YouTube Video
Click to view this content.
Louis Rossman discuses many design flaws made by Apple over the years throughout their entire catalog.
This video also came out a few days after I praise the Macbook Pro series for being higher quality then their competition as well. 😂 🫣
-
How France Adopts An Open Source-Based Education Strategy – Free of Big Tech
dataethics.eu How France Adopts An Open Source-Based Education Strategy - Free of Big Tech · Dataetisk TænkehandletankMost Danish schools use Google or Microsoft, In other countries some prefer open source tools...
cross-posted from: https://feddit.org/post/258478
> - At the Public Spaces conference in the Netherlands on June 6th, Alexis Kauffmann from the French Ministry of Education and co-founder of the non-profit software platform FraMaSoft, discussed France’s move towards a comprehensive open source-based education strategy, 2023-2027. The aim is to achieve digital sovereignty and reduce dependence on big tech companies like Microsoft and Google, which are widely used in education systems in other countries. > - “One of the key actions is to offer authoring tools to our teacher and tools based on open source software. No Google Classrooms. Not Microsoft Teams. We have chosen Moodle Elea as a learning management system,” explained Alexis Kauffmann who also pointed to other tools to learn to code and mathematics like Jupyter. > - France uses an app platform with open-source tools like Nextcloud, Big Blue Botton, and Collaboration. They even have their own ‘github’ (owned by Microsoft) called La Forge, where teachers share code. > - “To support this, we have public funds for digital commons, we organise workshops and finance the software, and therefore we can do without Microsoft and Google,” Alexis Kauffmann explained. > > “I am not saying it is easy. The biggest obstacle is political courage to resist the lobbyists both at a national and European level,” he said and pointed to other risks like the quality of big tech’s products, being isolated in Europa, and artificial intelligence. > > He hopes other European countries will follow suit and quoted The European Council Recommendation on education:
-
Remote IT management provider TeamViewer says it has been hacked, allegedly by Russian state hackers from APT29
Here is a thread on it: https://infosec.exchange/@jtig/112689665815283809
- So far "there is no evidence to suggest that the product environment or customer data is affected," the company says on its website.
- TeamViewer's internal IT environment is completely independent from its product environment, the firm adds.
[Edit typo.]
-
Beijing intervenes in China’s solar industry as overcapacity dries up profit in the country's domestic market
- China’s energy regulator said it will limit “low-end” solar panel manufacturing after industry leaders called for more government intervention earlier this month. The move is an acknowledgement by Beijing that solar panel overcapacity is a problem, one that has pushed Chinese solar firms into a price war and shriveled returns.
- The competition in China’s solar power industry is “indeed very fierce,” an official at the National Energy Administration (NEA) said at a press conference Thursday.
- A price war on solar panels in China has meant that big firms have rapidly lost profit while small firms risk bankruptcy.
- Historically, the industry has been propped up by city governments, which build solar panel factories to lease or sell to private firms. But while some local authorities have expressed willingness to continue to keep solar firms afloat, “that support may dry up as the provinces are themselves swimming in debt, largely stemming from the country’s property crisis, and solar has to compete for their support with other green tech sectors, like electric vehicles, that are also struggling with overcapacity.
- Chinese officials want homeowners to install solar panels to combat overcapacity, but China’s grid is still not able to accommodate fluctuating solar energy levels.
- One solution may be virtual power plants: smaller-scale grids that rely on local renewable energy infrastructure and incentivize homeowners to use that energy during peak times with cash payments. But beyond building a new grid meant to handle renewable energy, China also needs “improved coordination” from Beijing to enable solar-heavy provinces to trade energy with solar-weak provinces.
- China’s energy regulator is also pushing for more spot trading — where prices will fluctuate with supply and demand — rather than fixed rates, encouraging customers to use energy during low-demand periods.
-
Largest Croatian hospital under cyberattack by pro-Russian hacker group
www.helpnetsecurity.com Largest Croatian hospital under cyberattack - Help Net SecurityKBC Zagreb, the largest Croatian hospital, is under cyberattack that started on Wednesday night, the Croatian Radiotelevision has reported.
cross-posted from: https://feddit.org/post/259710
> - The University Hospital Centre Zagreb (KBC Zagreb) is under cyberattack that started on Wednesday (June 26) night. All services are working, but the processing of patients is slower than usual, Milivoj Novak, Assistant Director at the hospital, has said. > > - The attacks have been claimed by the pro-Russian NoName057(16) hacker group and have resulted in a temporary unavailability of the institutions’ websites and online portals. The sites are back online now. > > - It is currently unknown whether the cyberattack against the hospital involved the deployment of ransomware, and whether it’s connected to yesterday’s DDoS attacks on the websites of several Croatian government and financial institutions: the Ministry of Finance, the Tax Administration, the Croatian National Bank (HNB), the Economic Bank of Zagreb (PBZ), and the Zagreb Stock Exchange (ZSE).
-
TeamViewer Hacked: Attackers Accessed Internal Corporate IT Environment
On Wednesday, June 26, 2024, TeamViewer, a leading provider of remote access software, announced that attackers had compromised its internal corporate IT environment.
The company’s security team detected an “irregularity” in their internal systems, prompting an immediate response.
TeamViewer activated its incident response procedures and brought in external cybersecurity experts to investigate and implement remediation measures.
In a statement, TeamViewer emphasized that its corporate IT environment is “completely independent” from its product environment.
The company stated there is no evidence that the breach affected customer data or the TeamViewer product itself. However, investigations are still ongoing.
-
Netflix mulls introducing free ad-supported tier. The circle is complete
adguard.com Netflix might soon have a free ad-supported tier. Bad for privacyNetflix considers introducing free ad-supported versions of its service in Europe and Asia. Why?
>Netflix, once a pioneer of ad-free viewing that offered a break from traditional TV norms, is now contemplating launching free ad-supported versions of its service in markets like Europe and Asia, Bloomberg reported.
>The plans to offer a free ad-supported tier, albeit in select markets, suggests that pivot towards monetizing user data, in other words — making users and not the extensive library of award-winning shows a product, might be well in the pipeline.
- arstechnica.com Shopping app Temu is “dangerous malware,” spying on your texts, lawsuit claims
Temu "surprised" by the lawsuit, plans to "vigorously defend" itself.
-
Mac users served info-stealer malware through Google ads | Full-service Poseidon info stealer pushed by "advertiser identity verified by Google."
arstechnica.com Mac users served info-stealer malware through Google adsFull-service Poseidon info stealer pushed by "advertiser identity verified by Google."
>Mac malware that steals passwords, cryptocurrency wallets, and other sensitive data has been spotted circulating through Google ads, making it at least the second time in as many months the widely used ad platform has been abused to infect web surfers.
>Like most other large advertising networks, Google Ads regularly serves malicious content that isn’t taken down until third parties have notified the company. Google Ads takes no responsibility for any damage that may result from these oversights. The company said in an email it removes malicious ads once it learns of them and suspends the advertiser and has done so in this case.
>People who want to install software advertised online should seek out the official download site rather than relying on the site linked in the ad. They should also be wary of any instructions that direct Mac users to install apps through the right-click method mentioned earlier. The Malwarebytes post provides indicators of compromise people can use to determine if they’ve been targeted.
-
Mullvad VPN: Fourth Infrastructure audit completed by Cure53
mullvad.net Fourth Infrastructure audit completed by Cure53 | Mullvad VPNWe contracted Cure53 with performing a security audit towards our VPN infrastructure between 3rd June 2024 and 14th June 2024, this is our fourth audit in total, second with Cure53.