Beiträge die mit security getaggt sind

China: Daten aus Videoüberwachung frei zugänglich im Netz #KI #Security #Sicherheit #Überwachung
Übergriff in der Klinik St. Georg?: Zwei gegen einen #StGeorg #Asklepios #ObdachlosigkeitinHamburg #Sicherheitsdienst #Security #Notaufnahme #Hamburg #Nord
JuliaTeam verspricht Unternehmen mehr Kontrolle beim Programmieren mit Julia #Julia #OpenSource #Programmiersprache #Security
The Niger Delta Avengers hope to change Nigeria's president through polls, but threaten violence if vote fails. #Africa #Nigeria #War&Conflict #MuhammaduBuhari #Elections #Security
Bitkom-Umfrage: Mehrheit hat Angst vor Cyberkrieg #Bitkom #Cybercrime #Cyberwar #Politik #Security
Sehr cool, #Google: #Fingerabdruck nicht so sicher wie komplexes Muster oder PIN.
Positiv überrascht! 👍
#Android #security
Fuzzing für alle: Google verwandelt ClusterFuzz in ein Open-Source-Projekt #ClusterFuzz #Fuzzing #Google #OSSFuzz #Security

Signal Messenger Has A Clever New Way To Shield Your Identity - A "sealed sender" Feature

A key part of what makes Signal the leading encrypted messaging app is its effort to minimize the amount of data or metadata each message leaves behind. The messages themselves are fully encrypted as they move across Signal's infrastructure, and the service doesn't store logs of information like who sends messages to each other, or when. On Monday, the nonprofit that develops Signal announced a new initiative to take those protections even further. Now, it hopes to encrypt even information about which users are messaging each other on the platform.

"While the service always needs to know where a message should be delivered, ideally it shouldn’t need to know who the sender is," Moxie Marlinspike, the creator of Signal, wrote on Monday. "It would be better if the service could handle packages where only the destination is written on the outside, with a blank space where the 'from' address used to be."


#signal #privacy #security #encryption #Signal #messaging

Time to update: Nextcloud 15.0.4, 14.0.7 and 13.0.11 are here!

Today we have made available security and stability updates to Nextcloud 15, 14 and 13. These aim to improve the stability, security and reliability of your server. We restrict minor updates to bug fixes and minor, non-intrusive improvements because both home and enterprise users need to know that these upgrades are safe and reliable. Customers can rely on the stand-by upgrade support from Nextcloud GmbH if needed.

As there are many new and updated apps, remember: Up to date means more secure. And don’t forget to update your apps regularly too!

Improvements in this release

Nextcloud 15.0.4 brings a little over 40 changes, from fixes in file versioning and uploading to small user interface and design improvements, especially in the high contrast and accessibility theme. Nextcloud 14.0.7, with a bit less than 30 changes, is bringing 14 closer to a very mature version.

As always, the changes are small and will make for a safe and reliable update.

The list of changes in Nextcloud 13.0.11 is even smaller. As it nears the end of its public support cycle, we strongly recommend users to migrate to Nextcloud 14. If you are still on Nextcloud 13 and want to continue to keep your data secure, request access to the Long Term Support service of Nextcloud GmbH for further security and stability updates.

What’s new?

Of course the list is much longer, but here are some highlights from today’s release. You can find a full overview of changes in our changelog.

In all versions:
  • The drag and drop upload of a Folder into a Nextcloud folder are fixed in the web UI
  • A better cleanup of stray locks helps reduce “File locked” errors
  • Some versions of dependencies were updated
In Nextcloud 14.0.7 and 15.0.4:
  • For Swift’s v2 authentication users: tokens are now cached
  • Upload to object store storage has been improved
  • A repair job that failed in some corner cases was fixed
  • The user’s locale is now defining the file listing order
In Nextcloud 15.0.4 only:
  • Versions of shared files are shown for all users again
  • A series of small UI and UX fixes were made, especially in the high contrast and accessibility theme
  • A multipart uploader is now always used for S3 storages
  • As issue that caused the list of deleted files to not appear in the “Deleted files” section was fixed

Stay safe: keep your server up-to-date!

Minor Nextcloud releases are security and functionality bug fixes, not rewrites of major systems that risk user data! We also do extensive testing, both in our code base and by upgrading a series of real-world systems to the test versions. This ensures that upgrades to minor releases are painless and reliable. As the updates not only fix feature issues but also security problems, it is a bad idea to not upgrade!

This is, of course, also true for apps: Keeping them updated has security benefits, besides the new features and other bug fixes.

If you are maintaining a mission-critical Nextcloud system for your enterprise, it is highly recommended that you get yourself some insurance (and job security… who gets blamed if the file handling system isn’t working as expected?). A hotline to the core Nextcloud developers is the best guarantee for reliable service for your users, and the job safety of you as system administrator.
#news, #release, #security
Pants down: Sicherheitslücke in Server-Fernwartung #BMC #BaseboardManagementController #Fernwartung #Firmware #IPMI #Security #Server #Sicherheitslücken
Sicherheitslücke: Tausende Smart-Home-Geräte angreifbar #35C3 #ESP8266 #Espressif #Firmware #Security #Sicherheitslücken #SmartHome #WLAN

Major Wi-Fi security flaw discovered - chip used in including Samsung Chromebooks, Microsoft Surface laptops, Valve’s Steam Link, and PlayStation 4 and Xbox One consoles

Security firm Embedi discovered a number of vulnerabilities in the chip’s firmware, and drew attention to the most serious flaw which allows devices to be compromised without any interaction from the owner.

“This vulnerability can be triggered without user interaction during the scanning for available networks,” Embedi stated.

“This procedure is launched every 5 minutes regardless of a device being connected to some Wi-Fi network or not.”

Nothing mentioned yet about patching or resolution but always wise to check weekly for patches and updates for your router or modem software. If your device does not get updates, get a different device.


#marvell #wifi #vulnerability
Major Wi-Fi security flaw discovered
#Embedi #Marvell #securityflaw #Wi-Fichip #Security

"Smart Lock" hell: forced electronic access conversion on 40,000 apartments in the US

So today, I spoke to both my landlady (in person) and a lawyer. This smart home migration apparently is covering my whole (nationwide) apartment co. So this will hit more of y'all. My landlady is super nice (and clearly has no say in this).
Lesley Carhart is in Chicago, and is looking for legal representation and support. #EFF won't take the case.

#InternetOfThings #InternetOfShit #Chicago #Privacy #Security #YaleLocks

Twitter: Lesley Carhart on Twitter (Lesley Carhart)

Danke Anke!
Innenstaatssekretär Mayer blamiert sich mit Aussagen zum Staatstrojaner
#Netzpolitik #Staatstrojaner #Security #PoweredByRSS #NoCSU
Also die Kombination #IPFire #Fail2Ban und #OSSEC finde ich echt klasse. Gefällt mir immer mehr.

#Linux #SysAdmin #security
!Friendica Admins !Friendica Admins
neuer älter