History Repeats Itself: UK Age Verification Law Fails

Under age teens are once again circumventing the age gates on a massive scale, causing the UK age verification laws to catastrophically fail.

https://www.freezenet.ca/history-repeats-itself-uk-age-verification-law-fails/

#Censorship #News #Privacy #Security #AgeVerification #fail #SocialMedia #UK #VideoGames

It's official: #Utah is the U.S. state closest to #banning #VPNs - Yahoo Tech

When Utah's Senate Bill 73 goes into force on May 6, websites subject to the state's age verification law will be legally barred from explaining how to use a #VPN to get around age #restrictions. They'll also be liable for enforcing age #verification for any user within Utah's physical borders — regardless of their apparent virtual location.
#ageverification #privacy #security #utah #SB73

https://tech.yahoo.com/vpn/article/its-official-utah-is-the-us-state-closest-to-banning-vpns-153556814.html

#Roblox Blames Age-Verification Rollout for Lowered Growth. #Stock Tumbles 22%
#ageverification #privacy #security

https://yro.slashdot.org/story/26/05/04/0217228/roblox-blames-age-verification-rollout-for-lowered-growth-stock-tumbles-22?utm_source=rss1.0mainlinkanon&utm_medium=feed

Shut Down Turnkey #Totalitarianism

William Binney, the #NSA #surveillance architect-turned-whistleblower, called it the "turnkey #totalitarian state." Whoever sits in power gains access to a boundless surveillance empire that scorns #privacy and crushes #dissent. Politicians will come and go, but you can help us claw the tools of oppression out of government hands.
#security #whistleblower

https://www.eff.org/deeplinks/2026/04/claw-back

#Python #cryptography library (yes, the one that criticizes everything and everyone) is now vibecoded. Our future is truly bright!

Noticed because apparently "Claude" wrote a test that OOM-ed my system. But hey, #RustLang protects against memory errors, so it's fine to vibecode your security critical components.

https://github.com/pyca/cryptography/pull/14782

#security #AI #LLM #NoAI #NoLLM

iOS 26.5 adds default end-to-end encryption for RCS messages between Apple and Android, now in beta with supported carriers and a lock icon in chats 🔐
The update follows GSMA changes, improving cross-platform privacy but remaining tied to proprietary apps and carrier support, limiting user control and transparency 📱

🔗 https://www.engadget.com/2164303/ios-26-5-will-add-end-to-end-encryption-for-rcs-messages/

#TechNews #Apple #iPhone #iOS #iOS26 #iOS265 #RCS #Android #Encryption #Privacy #E2EE #Messaging #FOSS #OpenStandards #Security #Data #Transparency #Tech

RE: https://vebinet.com/@kristin/116517777869130935

Reminder: If someone is claiming to be Signal Support, or your organization's/company's support on Signal, and asking you to provide your PIN or authentication code, then you can be sure it's phishing.

Never accept contact requests and never ever give your PIN or authentication code.

Encryption protects you, but the moment you give these 2, it cannot do so anymore. You can imagine it as walls of the castle. They will protect you, but if you open the gates, then walls have no use anymore.

And as @kristin mentioned, if you use other apps and services, it's smart advice to apply these rules too.

#security #privacy #DataSecurity #safety #encryption #phishing #SocialEngineering #fraud #Signal

Utah’s VPN Ban Law Goes Into Effect in Age Verification Escalation

Utah is attempting to cover up the failures of their age verification law by effectively banning VPNs.

https://www.freezenet.ca/utahs-vpn-ban-law-goes-into-effect-in-age-verification-escalation/

#Censorship #News #Privacy #Security #AgeVerification #encryption #law #legislation #US #Utah #VPN

Newly appointed COSIC professor Yunwen Liu gave her inaugural lecture today on “Security and Privacy Challenges in Distributed Ledger Technologies.”
We’re delighted to officially welcome Yunwen to the COSIC team!
#choosecosic #security #privacy

I Reached Out to the White House Counterterrorism Czar for Comment. He Lashed Out on X.
---

Sebastian Gorka accused a ProPublica reporter of writing a “putrid piece of hackery” about him. Here’s how basic beat reporting led to a broader story about the state of the U.S. counterterrorism mission at a critical moment.
https://www.propublica.org/article/sebastian-gorka-counterterrorism-reporting?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon-post

#News #WhiteHouse #Government #USPolitics #Security #Journalism

Signal is developing a standalone desktop app without requiring a smartphone for setup or use, based on recent open-source code changes. 🖥️
The update adds more desktop controls while keeping end-to-end encryption, improving device independence with a privacy-first design. 🔐

@signalapp

🔗 https://aboutsignal.com/news/signal-desktop-without-a-mobile-phone-standalone-version-in-development/

#TechNews #Signal #Messaging #Privacy #E2EE #Encryption #EndToEndEncryption #OpenSource #FOSS #Cybersecurity #Security #Data #Internet #Freedom #Software #Tech #Communication

Greece plans to require social media users to verify real identities, limiting anonymity to curb abuse and misinformation, raising privacy risks ⚖️
Officials say pseudonyms may remain but tied to real identities, highlighting tensions between state oversight, platform control, and user anonymity 🔐

🔗 https://www.euractiv.com/news/greece-to-ban-anonymity-on-social-media/

#TechNews #Greece #SocialMedia #Privacy #DigitalRights #Cybersecurity #Surveillance #FOSS #Security #Data #Internet #Freedom #Censorship #Regulation #Tech #Europe #EU #Greek

Turkey plans to ban unlicensed VPNs and require approved providers to log user activity and share data with authorities, restricting anonymous access. 🚫
VPN signups surged as users seek privacy tools amid blocks, highlighting tensions between state control, surveillance risks, and user autonomy online. 🔐

🔗 https://reclaimthenet.org/turkey-to-ban-anonymous-vpns

#TechNews #Turkey #VPN #Cybersecurity #Privacy #Surveillance #FOSS #Security #Data #Internet #Freedom #Censorship #Encryption #Tech #Europe #EU #Türkiye #Anonymity

Ubuntu will add opt-in AI features via Snaps in 26.10, including speech tools and automation, without a global disable switch, raising user control concerns. 🤖
Canonical says AI Snaps can be removed, but some users want AI-free builds or may switch to Linux Mint or Pop!_OS, citing privacy and autonomy risks. 🔐

🔗 https://www.theverge.com/tech/920723/linux-ubuntu-ai-features-ai-kill-switch

#TechNews #Ubuntu #Canonical #Linux #OpenSource #AI #ArtificialIntelligence #Privacy #FOSS #Security #Transparency #Data #Software #Freedom #Computing #Tech

Plus: The NSA tests Anthropic’s Mythos Preview to find vulnerabilities, a Finnish teen is charged over the Scattered Spider hacking spree, and more.

Alt...

Disneyland Now Uses Face Recognition on Visitors

Greg Kroah-Hartman: "If you look there are thousands of unfixed CVEs in the older LTS kernels right now, and if distros or users that rely on those older branches wish to see those resolved, they need to provide working backports to us to apply, as our first attempt did not work (which is why they are unfixed in those branches.)"

Really asking for a "Pray tell us", given that nobody actually bothered disclosing the problem to downstreams and that the commit message was hiding it.

Either way, apparently the great LLM-backed patch backporting process that #NVidia is so proud of doesn't really work. Upstream doesn't really care about #LTS branches, and they should be considered insecure by default.

https://lore.kernel.org/stable/2026050114-supernova-angler-2de1@gregkh/

#Gentoo #Linux #CopyFail #security

Government Shuts Down Debate on Political Party Surveillance Bill

Nothing restores confidence in a surveillance bill quite like the government telling everyone to shut up about it.

https://www.freezenet.ca/government-shuts-down-debate-on-political-party-surveillance-bill/

#News #Privacy #Security #BillC25 #BillC4 #Canada #PersonalInformation #PoliticalParties #politics

The Illinois Biometric Information Privacy Act (BIPA) creates a private right of action with statutory damages for the unauthorized collection of biometric identifiers, including facial geometry captured by drone-mounted cameras, potentially exposing individuals to $1,000 per negligent violation or $5,000 per intentional or reckless violation.

Where would forget what youve heard about drones and personal sp... break first in your environment?

Read more: https://steelefortress.com/fortress-feed/forget-what-youve-heard-about-drones-and-personal-space-why-legal-frameworks-are-actually-helping-to-erase-privacy-concerns

CyberSecurity #Privacy #InfoSec #Security

🎥 Watch Teaser: https://steelefortress.com/ayxthd

Utah’s New Law Targeting VPNs Goes Into Effect Next Week

Instead of realizing that mass #surveillance and age gates aren't exactly crowd favorites, #Utah lawmakers have decided that VPNs themselves are the real issue.

Next week, on May 6, 2026, Utah will become, to EFF’s knowledge, the first state in the nation to target the use of VPNs to avoid legally mandated age-verification gates.
#VPN #privacy #security #ageverification

https://www.eff.org/deeplinks/2026/04/utahs-new-law-regulating-vpns-goes-effect-next-week

EU-funded programs and institutions are financing spyware firms like Intellexa and Paragon, despite use against journalists and activists in Europe. 🕵️‍♂️
Reports cite weak oversight and transparency, raising risks to privacy, encryption, and democratic rights. 🚨

🔗 https://edri.org/our-work/its-not-just-spyware-scandals-eu-is-funding-the-industry-that-spies-on-europeans/

#TechNews #EU #Europe #Spyware #Privacy #Surveillance #Intellexa #Paragon #Cybersecurity #Encryption #FOSS #OpenSource #DataProtection #DigitalRights #Security #Transparency #Journalism #Activism

Proton CEO Andy Yen warns global age-verification laws could end anonymity via ID or biometric checks and centralized databases. 🔐
He calls for open-source, on-device, encrypted checks, warning they could expand controls, reducing user control and enabling tracking. ⚠️

@protonprivacy

🔗 https://www.techradar.com/vpn/vpn-privacy-security/proton-ceo-warns-global-age-verification-push-will-mean-the-death-of-anonymity-online

#TechNews #Proton #Privacy #AgeVerification #Cybersecurity #Encryption #FOSS #OpenSource #DataProtection #Surveillance #BigTech #Security #DigitalRights #Anonymity #Internet

So you read about #CopyFail, and are like… owww, shit. But then you see that it was responsibly disclosed after being fixed in main, we had releases since, they went stable in #Gentoo (over other #security fixes), so we should be good, right?

Except that it turns out that after it has been fixed in mainline, nobody bothered actually backporting the fix to all the LTS branches. And it doesn't apply cleanly (https://social.treehouse.systems/@thesamesam/116490971618284574). What a shitshow!

(And we've been only talking how 5.x don't get vulnerability fixes in time — but it turns out that anything but the latest is insecure to use!)

#Gentoo #Linux

Jesus Michał von Gentoo 🏔 (he) boosted

sam » 🌐 2026-04-30
@thesamesam@social.treehouse.systems

Very unfortunate that the fix for CVE-2026-31431 isn't easily backportable, with a new API being added, and then its implementation details changing, since the last LTS (6.12 vs 6.18).

Ever notice how physical parking meters are disappearing? Replaced by QR codes and mandatory app downloads?

That's not just modernization. It's coerced consent.

When a city outsources parking to private vendors, they're outsourcing surveillance. You're handing over location data, device IDs, and payment info just to occupy public space.

We cover the risks, breaches, and how to protect yourself without getting towed.

Listen: ImpracticalPrivacy.com

#Privacy #Security #OpenSource #TechPolicy

Deploying ambient computing systems without embedded privacy architecture is a recipe for catastrophic financial losses, with estimated annual costs ranging from $150,000 to $432,000 and a risk-adjusted value of avoidance between $75,000 and $250,000 due to regulatory penalties.

Where would the invisible threat lurking in your daily interacti... break first in your environment?

Read more: https://steelefortress.com/fortress-feed/the-invisible-threat-lurking-in-your-daily-interactions-the-privacy-implications-of-ambient-computing-and-invisible-interfaces

CyberSecurity #Privacy #InfoSec #Security

🎥 Watch Teaser: https://steelefortress.com/09o6mj

Google blocks 8.3B Policy-Violating Ads in 2025, launches Android 17 Privacy Overhaul.

The new policy updates relate to contact and location permissions in Android, allowing third-party apps to access the contact lists and a user's location in a more privacy-friendly manner. This includes a new Contact Picker, which offers a standardized, secure, and searchable interface for contact selection.

"This feature allows users to grant apps access only to the specific contacts they choose, aligning with Android's commitment to data transparency and minimized permission footprints," Google said.

https://android-developers.googleblog.com/2026/03/contact-picker-privacy-first-contact.html

⁉️To comply with this update, developers are being urged to review their apps location usage to ensure that they are requesting the minimum amount of location data necessary for them to function.⁉️

#android #security #privacy #engineer #media #infosec #developer #tech #news

Alt...

⁉️"If your app targets Android 17 and above and uses precise location for discrete, temporary actions, implement the location button by adding the onlyForLocationButton flag in your manifest," the tech giant said. "If your app requires persistent, precise location to function, you will need to submit a Play Developer Declaration in Play Console to show why the new button or coarse location isn't sufficient for your app's core features."⁉️ The declaration form is expected to be available before October 2026, with pre-review checks in the Play Console to go live starting October 27 to identify potential contacts or location permissions policy issues. 👾Google is also implementing a secure way for businesses to transfer ownership of their apps through a native account transfer feature built into Play Console so as to stay protected against fraud. The company is recommending that app developers handle account ownership changes through this feature starting May 27, 2026.👾 "That means that unofficial transfers (like sharing login credentials or buying and selling accounts on third-party marketplaces), which leave your business vulnerable, are not permitted," it said.

Alt...

👾Previously, apps requiring access to a specific user's contacts relied on READ_CONTACTS, an overly broad permission that granted apps the ability to access all contacts and their associated information. With the latest change introduced in Android 17, apps can specify which fields from a contact they need, such as phone numbers or email addresses, as opposed to reading the entire record.👾 The updated policy will require all applicable apps to use the picker [or the Android Sharesheet] as the main way to access users' contacts, with READ_CONTACTS now reserved only for apps that can't function without it. It's advised to entirely remove the READ_CONTACTS permission from the app manifest declaration if it's targeting Android versions 17 [currently in beta] and later. <https://developer.android.com/training/sharing/send> ⁉️The second policy change revolves around a streamlined location button that Google has introduced in Android 17 that enables apps to request one-time access to a user's precise location. In doing so, it allows the user to make a better choice about how much information they want to share and for what duration. What's more, a persistent indicator will appear to alert a user every time a non-system app accesses their location.⁉️ <https://android-developers.googleblog.com/2026/03/location-privacy.html>

Home #security giant #ADT #DataBreach affects 5.5 million people

https://www.bleepingcomputer.com/news/security/home-security-giant-adt-data-breach-affects-55-million-people/

#cybersecurity #privacy

The articles about AI ganking production make me think of an altered version of Lucius Fox's comments in The Dark Knight:

"Let me get this straight.. you wired up SuperAutocomplete to a Magic 8-Ball for an RNG and your plan is to give this thing access to production operations and your backups? Good luck."

I'm sure using TheNonDeterministic Engine without guardrails is consistent with contractual and regulatory requirements for data governance and privacy..

TNDE: Makes changes including opening all S3 buckets to public access
User: Yay, prod isn't a smoking ruin so it probably did what I asked.

The original scene is amazing btw.
https://youtu.be/1z6o1GIEsQE?t=49

#security #snark #ai

The Register: Scotland Yard can keep using live facial recognition on people in London, say judges. “London’s Metropolitan Police Service (MPS) has survived a legal challenge that attempted to curb its rollout of live facial recognition (LFR) technology across the capital. The challenge was brought against the Met by civil liberties organization Big Brother Watch, which was representing Shaun […]

Proton analyzed 54k profiles using 2025 ad auction data, estimating US user value at $1,605/year, ranging from $31 to $17,929 by age, device, and behavior. 📊
Desktop users generate ~4.9× more value than Android users, and the top 10% of profiles account for 43% of total advertiser value. 🔒

@protonprivacy

🔗 https://proton.me/blog/what-is-your-data-worth-to-google

#TechNews #Google #Proton #AdTech #Privacy #DataEconomy #Surveillance #FOSS #Encryption #Security #BigTech #DigitalRights #Transparency #Internet #Data #Ad #US #USA

#Colorado Adds Open-Source Exemption to Age-Verification Bill
#opensource #ageverification #security #privacy

https://yro.slashdot.org/story/26/04/25/2124221/colorado-adds-open-source-exemption-to-age-verification-bill?utm_source=rss1.0mainlinkanon&utm_medium=feed

FTC reports $2.1B lost to social media scams in 2025, up 8× since 2020, with Facebook driving most losses via targeting, account abuse, and ads 🔐
Meta added scam warnings, detection tools, and takedowns, but centralized platforms still expose user data at scale, raising privacy and transparency risks ⚠️

🔗 https://www.bleepingcomputer.com/news/security/ftc-americans-lost-over-21-billion-to-social-media-scams-in-2025/

#TechNews #FTC #Facebook #Meta #WhatsApp #Instagram #Privacy #Security #Cybersecurity #Scams #Data #Surveillance #Transparency #Socialmedia #Scam #Hacking

Geofencing: The Supreme Court case that could redefine your digital privacy

https://www.npr.org/2026/04/26/g-s1-118359/supreme-court-geofencing-explainer-video

#tech #technology #news #technews #security #privacy #scotus #police #politics

Do age-verification laws work? Not according to this study.

https://mashable.com/article/age-verification-laws-dont-work-nyu-study

#tech #technology #news #technews #security #privacy #ageverification

CalMatters: Websites break California privacy law at ‘industrial scale,’ survey finds. “A new audit has found that websites across the internet may be failing to abide by California privacy law, ignoring a requirement to not track visitors who set a privacy control.”