FISA Section 702 expires tonight, but US surveillance authorities continue under existing FISC certifications until 2027. 🛰️
Certifications under the FISA Court remain active until March 2027, enabling continued collection that includes incidental US communications. 🔐

🔗 https://arstechnica.com/tech-policy/2026/06/controversial-fisa-spying-law-expires-tonight-the-spying-will-continue/

#TechNews #FISA #Section702 #Surveillance #Privacy #Security #CivilLiberties #CyberSecurity #Government #Surveillance #Encryption #DataPrivacy #US #USA #Trump

GrapheneOS notes Android 17 “sort of” support, reflecting early compatibility work rather than a fully stable rollout across devices. 📱
It tracks Android 17 privacy upgrades like stronger permissions and encryption while maintaining its hardened AOSP-based security model. 🔐

@privacyguides
@GrapheneOS

🔗 https://www.privacyguides.org/news/2026/06/17/android-17-launched-what-new-privacy-security-features-does-it-bring/

#TechNews #GrapheneOS #Android #Privacy #Security #OpenSource #FOSS #Mobile #MobileSecurity #Encryption #AOSP #CyberSecurity #DataProtection #Linux #UserPrivacy

ChatGPT finance tools now allow some users to link bank and credit card accounts via Plaid for budgeting and spending analysis. 💳
Privacy experts warn conversational AI may increase sensitive financial oversharing despite read-only access and user-controlled disconnect options. 🔐

🔗 https://www.investopedia.com/chatgpt-can-connect-to-your-financial-accounts-experts-warn-against-sharing-11993408

#TechNews #AI #FinTech #Privacy #CyberSecurity #OpenAI #ChatGPT #Security #Banking #PersonalFinance #Plaid #Consumer #FOSS #MachineLearning

strncpy() has been removed from the #Linux kernel. All former callers have +been migrated to safer alternatives. strncpy() is major source of bugs. The replacements are listed now.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1a3746ccbb0a97bed3c06ccde6b880013b1dddc1
FYI, this is starting from Linux kernel v7.2 but it was the need of the hour.

#security #infosec

bigvirtue1
🔐 BV1 Vault Free v1.0.0 Released!
Tired of Windows? Switched to Linux? So did I. Why I built this for everyone — FREE
✅ AES-256-GCM military-grade encryption
✅ Argon2id (GPU attack resistant)
✅ Auto-install — desktop icon created automatically
✅ 100% Free · No ads · No tracking
📥 Download 3 files:
- bv1vault_free
- install.sh
- install.txt
chmod +x install.sh && ./install.sh
🐧 A gift to the world's Linux users!

👉 https://github.com/bigvirtue1/bv1vault-free/releases/tag/v1.0.0

#Linux #Encryption #Privacy #Security #Free

I predict it won't be long, before there is a grid of low-flying surveillance drones hovering over every part of the world which is wealthy enough to have them.

https://www.theguardian.com/uk-news/2026/jun/20/motorway-traffic-drones-driving-distraction-virtual-reality-simulation

#surveillance #masssurveillance #bigbrother #1984 #society #privacy #security #drone #drones #development #developed #wealth #wealthy #rich #poor #poverty #crime #police #government

https://www.xda-developers.com/discord-begins-testing-age-verification-with-google-wallet-and-credit-cards-but-face-scans-are-still-on-the-table/

Discord will begin testing new forms of Age verification, face scans will still be an option, but now they will trial accepting Google Wallet & credit Card Checks. Face scans will now occur On-Device with a new vendor named "Incode"

#Discord #AgeID #AgeVerification #Privacy #Security

With recent reports showing plans to expand mass surveillance and tracking, keeping your digital footprint secure is no longer optional.
ISPs are logging your every move. Traditional VPNs are easily flagged and blocked.
If you want to understand how modern DPI bypass technology works and what tools you can use on Windows, macOS, Linux, and mobile to secure your connection, check this updated directory: https://github.com/ubub111/awesome-dpi-bypass
Let's keep the web open and decentralized.
#privacy #Security

ProPublica: “Digital Colonialism”: U.S. Demands to Access Africans’ Data Raise Privacy, Sovereignty Concerns. “Frank Ssekamwa says the United States presented his country with an impossible choice. If it accepted the terms of a new health agreement, Uganda would have to give the U.S. access to the data of millions of his fellow citizens — a decision he worries would make their personal […]

#Meta Lobbies #Congress For Protection From Child-Harm #Lawsuits

Meta has lobbied the U.S. Congress for legal immunity from child-harm claims tied to social media products such as #Instagram , as it faces thousands of lawsuits from young users and their families, according to a source familiar with the matter and proposed legislative language reviewed by Reuters. If adopted by lawmakers and passed into law as part of the #KidsOnlineSafetyAct (#KOSA ) under consideration in the U.S. Senate, such a provision could undermine thousands of lawsuits against Meta and other online platforms over harms to #children.
#socialmedia #security #privacy #childharm

https://tech.slashdot.org/story/26/06/18/2342227/meta-lobbies-congress-for-protection-from-child-harm-lawsuits?utm_source=rss1.0mainlinkanon&utm_medium=feed

Password reuse is the leading cause of credential-stuffing attacks: one breached site gives attackers the key to every other account using the same password. #privacy #security #passwords #indigoprivacy

Security Advisory: CVE-2025-60471 - Use-After-Free in GPAC MP4Box PID Reconfiguration

Processing a crafted MPEG-2 TS file with MP4Box `-info` can trigger a heap use-after-free in `gf_filter_pid_reconfigure_task_discard()`, causing a crash and potential code execution.

Summary:
The `gf_filter_pid_reconfigure_task_discard()` function in `filter_core/filter_pid.c` can access a freed `pid_inst` structure during PID reconfiguration task disposal. When MP4Box processes a specially crafted MPEG-2 Transport Stream file containing broken PMT descriptors, missing packet sync markers, unsupported stream types, and invalid packet data, a PID instance can be freed by `gf_filter_pid_inst_swap_delete()` and later accessed in `gf_filter_pid_reconfigure_task_discard()`.

AddressSanitizer reports a `heap-use-after-free` at `filter_core/filter_pid.c:1341`, with a `READ of size 8` from a freed 336-byte heap region.

CWE:
CWE-416 - Use After Free

Affected Component:
```
filter_core/filter_pid.c:1341
Function: gf_filter_pid_reconfigure_task_discard()
```

Affected Product:
MP4Box (GPAC Multimedia Open Source Project)

Affected Version:
The issue was reproduced on:
```
GPAC version: 2.5-DEV-rev1557-g62714f27c-master
Commit: 62714f27c64a3d1eb7e880f9eed2d38673cb43ce
```

The MITRE response states that GPAC Project/MP4Box before `26.02.0` is affected. Local MITRE data also describes affected GPAC MP4Box 2.4 and earlier, including development branches that contain the vulnerable PID reconfiguration lifecycle handling.
Builds before the fix commit `868c6801c226e9964cace54cfd5a759f152780b4` should be considered affected if they contain the vulnerable path.

Attack Conditions:
An attacker supplies a crafted MPEG-2 TS file with corrupted PMT descriptors and invalid packet data. The issue can be reproduced locally with:
```
./MP4Box -info 31_gf_filter_pid_reconfigure_task_discard_filter_core_filter_pid_c_1341
```

No elevated privileges are required. User interaction is required when the victim manually processes the malicious file, or an automated media workflow invokes MP4Box on attacker-controlled input.

Impact:
The immediate observed impact is Denial of Service due to process termination. Because the vulnerability is a heap use-after-free, memory corruption and potential arbitrary code execution are possible.

Fix / mitigation status:
The issue was fixed in GPAC commit:
```
868c6801c226e9964cace54cfd5a759f152780b4
```
Users should update to a GPAC build containing this commit or later. The affected filter PID reconfiguration path should ensure that PID instance lifetime is valid before task discard logic accesses the object.

References:

- Issue: https://github.com/gpac/gpac/issues/3279
- PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/31/31_gf_filter_pid_reconfigure_task_discard_filter_core_filter_pid_c_1341
- Fix: https://github.com/gpac/gpac/commit/868c6801c226e9964cace54cfd5a759f152780b4
- CVE record: https://www.cve.org/CVERecord?id=CVE-2025-60471

Credit
Alexander A. Shvedov (@sigdevel)

#fuzzing #infosec #security #aflplusplus #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory #media #gpac

The #UK Will Scan Asylum-Seekers’ Faces for Age Checks—Despite Knowing the Tech Is Flawed

Internal Home Office tests of age-verification technology show the risks of life-altering errors. It’s moving forward anyway.
#asylum #ageverification #security #privacy

https://www.wired.com/story/facial-age-estimate-uk-asylum-seekers/

#Android verification is coming: #Google confirms timeline & supported app stores

Almost 20 years ago, Google pitched Android as the more open alternative to Apple's walled garden. Last year, Google announced it would begin erecting its own walls through #developer #verification. The company has issued an update on its plans, affirming that the verification system will begin rolling out in select countries later this year. We're also learning which app stores are participating in verification & the timeline for key features like the recently revealed "advanced flow" for bypassing verification.

Google has claimed that developer verification is a necessary change to #smartphone software distribution, pointing to the increased prevalence of #scams that trick Android users into installing #malware apps. Google's solution requires verifying the identities of developers outside the Play Store just like it does for devs publishing on its platform.
#privacy #security

https://arstechnica.com/gadgets/2026/06/google-shares-updated-timeline-for-rolling-out-android-developer-verification/

Hello #fediverse

I'm an independent developer who believes in Digital Sovereignty—people should own their tools and control their data.

As a Linux user, I build privacy-first local AI, security & cryptography tools, and system automation scripts to solve real-world problems.

Here to build in public, learn, and connect with people who value open source, privacy, and user freedom.

Feel free to follow along or check out my GitHub!

#Linux #FOSS #OpenSource #Privacy #Security #LocalAI

Finalmente secret chat crittografate su Telegram Desktop! Mercurygram porta privacy e sicurezza sul tuo Linux. #Mercurygram #TelegramDesktop #Linux #Privacy #Security #OpenSource

https://www.linuxeasy.org/mercurygram-desktop-telegram-secret-chat-crittografati/?utm_source=mastodon&utm_medium=jetpack_social

Meet #ArcaneChat: a secure and decentralized private messenger

Anonymous: No phone number or any data required for registration!

Private: All your conversations and pictures are end-to-end encrypted, only visible by the chat members

Discreet: No one can discover you or know that you are using the app! only people you share your invitation link can talk to you

It is magic! ✨

#digitalindependence #privacy #security #family #encryption #autonomy #european #openSource #europe #decentralization

UK device-scanning proposal for nude image detection draws Signal criticism over mandatory on-device inspection and expanded age verification across phones and apps. 📱
Signal warns the plan risks normalizing client-side surveillance and weakening private communication protections under encrypted messaging systems. 🔐

@signalapp

🔗 https://www.techspot.com/news/112712-signal-attacks-uk-plan-scan-devices-nude-images.html

#TechNews #Privacy #Encryption #Signal #UK #OnlineSafety #Surveillance #Cybersecurity #DigitalRights #FOSS #Messaging #DataPrivacy #Security

Brave Origin, minimalist paid build, launches at $59.99 one-time, removing AI, VPN, Wallet, Rewards, while retaining Shields and Chromium patches.🧭
Linux users get Origin free, while other platforms can toggle or strip optional features, reflecting a more modular, privacy controlled browser build.🔧

🔗 https://brave.com/blog/brave-origin/

#TechNews #Brave #BraveOrigin #Privacy #Browser #FOSS #Cybersecurity #OpenSource #Linux #AI #VPN #DataPrivacy #Tech #Security #Chrome #Chromium #Free

A Proton survey of 3,000 people in the UK, France, and Germany found 45% may avoid businesses using US tech for data storage over privacy concerns 🇪🇺
The survey also found 65% believe European businesses should prioritize local technology providers, highlighting interest in digital sovereignty 🔐

@protonprivacy

🔗 https://proton.me/business/blog/european-digital-independence-survey-2026

#TechNews #Proton #Europe #DigitalSovereignty #Privacy #DataProtection #US #Cybersecurity #Business #OpenSource #Security #Technology #USA #Infrastructure #EU

The UK plans to ban under-16s from major social media platforms by spring 2027, with age checks that could require more biometric and identity data. 🔒
Australia’s similar ban has seen many teens bypass restrictions, raising questions about privacy and the effectiveness of age-based enforcement. ⚖️

🔗 https://proton.me/blog/uk-social-media-ban-privacy

#TechNews #UK #SocialMedia #Privacy #AgeVerification #OnlineSafety #Proton #DataProtection #Surveillance #DigitalRights #Security #Policy #Technology #Internet #Freedom

Four easy steps to elevate your privacy & security this year:

Choose a privacy-respecting browser 🌐 Check out: https://privacytests.org/

Use a privacy-first search engine 🔎 (Startpage, DuckDuckGo, self-hosted options etc.) further reading: https://www.privacyguides.org/en/search-engines/?h=search+engine

Use privacy-respecting email 📧 (Proton, Tuta, ) further reading: https://www.privacyguides.org/en/email/

Use only E2EE messaging apps 🔒 (cross-platform with minimal metadata: Signal) further reading: https://www.privacyguides.org/en/real-time-communication/

You're welcome… spread the word! Sharing is caring 🎁💬

The gift that keeps on giving: data retention, compartmentalization, FOSS, privacy & security. #FCKBigTech stick it to them… #FCKSurveillanceCapitalism 🖕Privacy security isn't a sprint; it is a marathon… Even a journey of over 9k steps begins with the first one… 🙏 💚Use E2EE, full-disk encryption, back up, and update…

#Privacy #Security #E2EE #FOSS #OpenSource #DataProtection #Browser #SearchEngine #Email #Messaging

AMD silently removes memory encryption from consumer Ryzen CPUs

https://www.tomshardware.com/pc-components/cpus/amd-silently-removes-memory-encryption-from-consumer-ryzen-cpus-leaving-users-unaware-that-they-may-be-vulnerable-security-feature-vanishes-after-newer-agesa-firmware-amd-engineers-go-radio-silent-when-pressed-about-the-change

#HackerNews #AMD #Ryzen #memory #encryption #security #vulnerability #CPUs #firmware #news

404 Media: Cops Keep Getting Arrested for Using Flock to Stalk People. “The contours of each story are much the same, with the police officer in question using their access to the system to repeatedly track a specific person over the course of weeks or months. The cases highlight the fact that Flock can be used to track the whereabouts of individual people, that police do not get a warrant in […]

Gizmodo: Signal Veterans Want to Encrypt Slack, Google Docs, and Basically Every Other App. “A team of developers, including the co-creator of the Signal protocol and contributors from Microsoft and Harvard, are building out open-source software that can help bring the sort of hardened privacy and security offered via Signal’s end-to-end encryption (E2EE) to more collaborative types of apps, […]

0 days since provenance checks protected us from [checks notes] another project starting to upload distributions via #uv.

#Python #security

WhatsApp Clone, but Decentralized with P2P Messaging

App: https://Enkrypted.Chat

"Secure and private" is the general goal.

This is a technical/concept demo of a fairly unique approach using a browser-based, local-first and webrtc.

This is intended to introduce a new paradigm in client-side managed secure cryptography. We can avoid registration of any sort.

Features:

* P2P
* End to end encryption
* Signal protocol
* Post-Quantum cryptography
* File transfer
* Local-first
* No registration
* No installation
* No database
* TURN server

Feel free to reach out for clarity instead of diving into the docs/code.

IMPORTANT: While this is aiming to provide a secure experience, it isnt audited or reviewed. **Shared for testing, feedback and demo purposes only.** Please use responsibly.

#Privacy #OpenSource #P2P #WebRTC #Decentralization #DigitalSovereignty #CyberSecurity #FOSS #SelfHosted #NoCloud #AntiCorp #Encryption #WebDev #TechLiberty #PrivateMessaging #Networking #DataPrivacy #InternetFreedom #LocalFirst #SoftwareEngineering #WebApps #ZeroKnowledge #PrivacyTech #IndieDev #NoSignup #NoInstall #DecentralizedWeb #SecureMessaging #BrowserApp #TechEthics #P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #CloseSource #OpenSource #WebDev #GitHub #TechDevelopment #WhatsApp #ChatApp #InstantMessaging #PWA

Voice Age Verification

https://agewarden.ai/

#HackerNews #Voice #Age #Verification #technology #AI #age #verification #security #privacy

#Meta Tapped a #Pentagon Supplier to #Prototype #FaceRecognition for Its Glasses

#RankOne , whose board includes a former #CIA deputy director and a former #FBI science chief, supplied face recognition to Meta for internal development of its smart glasses app.
#privacy #security

https://www.wired.com/story/meta-rank-one-computing-face-recognition-smart-glasses/

Canadian Government Gears Up to Pretend to Care About Privacy

Reports are surfacing saying that privacy reform is going to be tabled soon. We've been through this song and dance before.

https://www.freezenet.ca/canadian-government-gears-up-to-pretend-to-care-about-privacy/

#News #Privacy #Security #Canada #legislation #PrivacyReform

Congress and the administration are wrangling over reauthorization of a national security surveillance tool. Viewing security and constitutional rights as compatible rather than competing may help. #congress #security #privacy

https://www.csmonitor.com/Editorials/the-monitors-view/2026/0612/Upholding-US-values-of-security-and-privacy?utm_source=flipboard&utm_medium=activitypub

Posted into Now What? @now-what-csmonitor