Dan Goodin
If the only masterpiece Brian Wilson ever made was PetSounds, his work on this earth could have been finished. Instead, he did so much more to bring happiness and beauty to the world. Rest in power, Brian.
https://www.rollingstone.com/music/music-news/brian-wilson-beach-boys-dead-1234810073/
Dan Goodin
Tracking code that Meta and Russia-based Yandex embed into millions of websites is de-anonymizing visitors by abusing legitimate Internet protocols, causing Chrome and other browsers to surreptitiously send unique identifiers to native apps installed on a device, researchers have discovered. Google says it's investigating the abuse, which allows Meta and Yandex to convert ephemeral web identifiers into persistent mobile app user identities.
Dan Goodin
Signal Messenger is warning that Recall, the AI tool rolling out in Windows 11 that will screenshot, index, and store everything a user does every three seconds, poses a risk to its users. Effective immediately, the Windows Desktop version will by default block the ability of Windows to screenshot the app. Of course, Microsoft provides no API to disable Recall from screenshotting specific apps, so Signal is getting creative. They are invoking a digital rights management API that blocks the screenshotting of copyrighted material.
Dan Goodin
Folks, there is 0 evidence that Steam passwords have been breached. Unless and until credible evidence occurs, please do NOT urge people to change their login credentials and please do NOT boost other people's toots doing the same. Creating unjustified anxiety about a non event does a disservice to us all.
Please boost for visibility.
Dan Goodin
@dalias @mischa @thinkberg @rvstaveren
I respect your preferences and choices, but I have to ask, what's the factual basis for saying Roku doesn't collect as much data as Smart TV makers? Roku collects the same data about viewing habits as Samsung et al., and they see every stream you do over its platform.
https://forums.puri.sm/t/data-collected-on-me-by-roku/16337
https://www.mozillafoundation.org/en/privacynotincluded/roku-streaming-sticks/
Dan Goodin
@mischa @thinkberg @rvstaveren @dalias
Sorry for crashing your thread, but I'm curious: do y'all just not ever stream videos or do you somehow stream without using smart TVs?
Dan Goodin
April was the first full month since I installed my 4.1 kW solar system and accompanying batteries. And just like that, I went from drawing 200-250 kWh per month from the grid to 3 kWh. For the month, I produced 583 kWh, 284 kWh of which I exported 284 kWh to the grid.
Dan Goodin
From the department of head scratches comes this counterintuitive news: Microsoft says it has no plans to change a remote login protocol in Windows that allows people to log in to machines using passwords that have been revoked.
Dan Goodin
It's one thing for Microsoft to make a call that prioritizes not getting locked out of a device. It's an entirely different thing for Microsoft to a) not prominently disclosing the behavior and b) advising users on steps they should take when their password is compromised.
Dan Goodin
About a decade ago, Apple and Google started updating iOS and Android, to make them less susceptible to “juice jacking,” a form of attack that could surreptitiously steal data or execute malicious code when users plug their phones into special-purpose charging hardware. Now, researchers are revealing that, for years, the mitigations have suffered from a fundamental defect that has made them trivial to bypass.
Dan Goodin
ICE officers in paramilitary gear inquiring about the citizenship status of passengers on a Amtrak Empire Builder train. As someone who rides Amtrak a lot, what should I say and do if I'm ever stopped like this?
Dan Goodin
Snapshotting and AI processing a screen every 3 seconds. What could possibly go wrong?
Dan Goodin
So, send an email or DM that even passes through a Windows machine with Recall turned on and it's screenshotted, swept into OCR, processed by Copilot and stashed away in perpetuity. Recall reminds me a lot of the backdoor the FBI wanted Apple to build. The FBI said it would be safe because only the FBI would have access to it. Apple rightly pointed out that no, something that powerful would inevitably get hacked and abused in ways no one could control. Now, Microsoft is trying to say that the guardrails it has put on Recall will curb any unintended consequences and we're supposed to take that at face value?
Dan Goodin
People in comments keep saying, oh well, time to move to Linux, as if that somehow insulates them. They forget that even then every interaction their Linux box has with a Windows 11 installation will STILL be compiled into a database that can be abused.
Dan Goodin
Yet another aviation accident in the US. WTF is going on here?
Dan Goodin
The problem is someone is using his current account to masqurade as him. Creating a new account from scratch won't stop that.
Dan Goodin
Reupping this request for help from someone at Facebook to help restore a journalist's hijacked account. As mentioned before, he has sent Facebook a scan of his driver license on multiple occasions and received a reset links, but they always fail to work. Please boost for reach.
Dan Goodin
Can anyone help me help a friend recover his compromised Facebook account? He's not sure how it got hijacked, but someone is using it to reach out to people, make a friend request, and then ask them out on dates. He's an investigative reporter, so it's not clear if this is a targeted attack attempting to meddle with confidential sources or an opportunistic one doing something like pig butchering. In any event, the compromised account poses a threat to Facebook users. My friend has tried recovering his account by sending FB a scan of his driver license, but the recovery link he gets gives him an error when he clicks on it. Does anyone reading this work in security at FB, or know someone who does? I (and my friend) would be so grateful for any help. Please DM me, preferably by Signal (DanArs.82) or here on Mastodon.
Dan Goodin
I dunno. I think they were going to provide some sort of explanation or account of what happened (likely whitewashy or handwavy).
Dan Goodin
When I asked Oracle for comment, a PR person responded and offered a comment on the condition I not attribute it in any way to Oracle. When I said no, the PR person said Oracle was declining to comment.
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.
