What’s the privacy criteria you are thinking about?
What’s the privacy criteria you are thinking about?
[# Systematic Destruction (Hacking the Scammers pt. 2)
Taking on the “Smishing Triad”](https://blog.smithsecurity.biz/systematic-destruction-hacking-the-scammers-pt.-2) g
His blog on the topic if you don’t want the wired summary.
A brief technical summary from iMAP reveals what happens when users attempt to access sites using Cloudflare and Google DNS.
• On Maxis, DNS queries to Google Public DNS (8.8.8.8) servers are being automatically redirected to Maxis ISP DNS Servers;
**
• On Time, DNS queries to both Google Public DNS (8.8.8.8) and Cloudflare Public DNS (1.1.1.1) are being automatically redirected to Time ISP DNS servers.
“Instead of the intended Google and Cloudflare servers, users are being served results from ISP DNS servers. In addition to MCMC blocked websites, other addresses returned from ISP DNS servers can also differ from those returned by Google and Cloudflare,” iMAP warns.
…
"Users that are affected, can configure their browser settings to enable DNS over HTTPS to secure their DNS lookups by using direct encrypted connection to private or public trusted DNS servers. This will also bypass transparent DNS proxy interference and provide warning of interference,” iMAP concludes.
Essentially Malaysia law required ISP to drop DNS entries for some sites, local users started using public DNS. ISP started redirecting public DNS requests, and local users started using DNS over HTTPS.
The pirate wars continue in their arms races.
What in the world are they digging for?
I did a quick search and they don’t make it easy. Peter Lowe’s ad and tracking server blocklist is the only one I found. EasyList doesn’t seem to have a donation link, nor Dan Pollock at someonewhocares.org. Also worth noting that UBO doesn’t take donations. You could always subscribe to AdGuard, but that’s mixed.
Alternative link non paywalled
The DDOS attack or the lawsuits?
State budgets are difficult, but perhaps this helps:
https://www.volckeralliance.org/state-budgets/
and this:
https://www.pewtrusts.org/en/research-and-analysis/data-visualizations/2014/fiscal-50
If this request worked, it meant that I could use an “encryptedValue” parameter in the API that didn’t have to have a matching account ID.
I sent the request and saw the exact same HTTP response as above! This confirmed that we didn’t need any extra parameters, we could just query any hardware device arbitrarily by just knowing the MAC address (something that we could retrieve by querying a customer by name, fetching their account UUID, then fetching all of their connected devices via their UUID). We now had essentially a full kill chain.
I formed the following HTTP request to update my own device MAC addresses SSID as a proof of concept to update my own hardware:
…
Did it work? It had only given me a blank 200 OK response. I tried re-sending the HTTP request, but the request timed out. My network was offline. The update request must’ve reset my device.
About 5 minutes later, my network rebooted. The SSID name had been updated to “Curry”. I could write and read from anyone’s device using this exploit.
This demonstrated that the API calls to update the device configuration worked. This meant that an attacker could’ve accessed this API to overwrite configuration settings, access the router, and execute commands on the device. At this point, we had a similar set of permissions as the ISP tech support and could’ve used this access to exploit any of the millions of Cox devices that were accessible through these APIs.
Blows me a away that an unauthenticated API with sensitive controls and data was publicly facing. Corporations these days want all your data but wonder why some customers are worry about how it is protected, it let alone if it’s being sold. Why should I allow you to control my hardware when you can’t protect yourself.
Paid, but less crap.
Seconded
Jellyfin is great. Worth the time and effort to get it setup. Infuse is worth the money as an AppleTv frontend too.
You will definitely need toimprove your lan speed though. I’drecommende getting off WiFi for as much of the media as you can. If not that, put in triband WiFi connection and wire them in if possible. Mesh will work, but bring your speed down.
What are a few? Any good lists?
In technical terms you mean doing an incremental or differential back up to a local network storage location, correct?
This alongside using Backblaze is what I would suggest assuming you are thinking online. Cheap and reliable, also relatively easy via a cron job. https://help.backblaze.com/hc/en-us/articles/1260804565710-Quickstart-Guide-for-Rclone-and-B2-Cloud-Storage
Deezer for one. Doesn’t have quite the same amount of music, but I don’t seem to have the issue with travel considering I am literally away for half the year.
Many others though.
https://www.lifewire.com/best-alternatives-to-spotify-5217870
Anyone have the unwalled content?
Looks like industry got what they wanted.
I think they dodged that as well… https://arstechnica.com/?p=1989111
“Android users’ hopes that Apple’s iMessage would be forced to open up in the European Union have been dashed. Bloomberg reports that iMessage won’t qualify for the EU’s new “Digital Markets Act,” allowing Apple to keep iMessage exclusive to Apple users. …”
Yt-DLP and it’s variation (Seal, YTDLnis, etc.), newpipe and it’s variation (Tubular, Newpipe Sponsorblock, etc) already allow you to do this without having to get manual.