Link

Hacking US Diplomats in Uganda May Have Led to NSO Group Downfall

Andrew Orr ·

ArsTechnica shares the story of how U.S. diplomats in Uganda were hacked by Pegasus, a spyware tool from NSO Group.

Israeli and US officials declined to confirm that the Ugandan hack directly triggered a decision to blacklist NSO. But one US official who discussed the issue with Israel’s defense ministry said: “Look at the entire sequence of events here—this is careful, not by chance.” He added that putting NSO, one of the jewels of Israel’s tech community, on a US blacklist was designed to “punish and isolate” the company.

Link

DuckDuckGo to Release Private Browser for Mac in 2022

Andrew Orr ·

On Tuesday, DuckDuckGo shared its review of achievements and improvements in 2021. Looking ahead, the company plans to release a private browser for the desktop.

Instead of forking Chromium or anything else, we’re building our desktop app around the OS-provided rendering engines (like on mobile), allowing us to strip away a lot of the unnecessary cruft and clutter that’s accumulated over the years in major browsers. With our clean and simple interface combined with the beloved Fire Button from our mobile app, DuckDuckGo for desktop will be ready to become your new everyday browsing app.

Link

'Have I Been Pwned' Completes FBI Ingestion Pipeline for Passwords

Andrew Orr ·

Troy Hunt, creator of Have I Been Pwned, has completed a pipeline that enables the ingestion of passwords from law enforcement agencies, like the FBI.

The premise is simple: during the course of their investigations, they come across a lot of compromised passwords and if they were able to continuously feed those into HIBP, all the other services out there using Pwned Passwords would be able to better protect their customers from account takeover attacks. Fast forward to now and that ingestion pipeline is finally live.

Link

State Legislators Help Libraries in Fight Over Ebook Licensing Terms

Andrew Orr ·

A report from Axios says libraries want better licensing terms for eBooks from Amazon and other publishers. States are stepping in to help the libraries.

A Maryland law set to take effect in January and a similar bill in New York would require publishers that sell ebooks to consumers to also license them to libraries on reasonable terms. The Maryland law and New York bill say it is not reasonable to limit the number of ebook licenses libraries can buy at the same date they are available to the general public.

Link

Loopring Releases Layer 2 Counterfactual Wallet for iOS

Andrew Orr ·

On Tuesday Loopring announced the release of its Layer 2 Counterfactual Wallet for cryptocurrency.

With the release of our Counterfactual Wallet, users can now deploy the Wallet on L2-only, bypassing a costly creation fee on L1. This-try-it-before-you-buy-it option allows users to experience the power of Ethereum L2 right away. If users would like to withdraw funds to L1, they can deploy their Ethereum L1 smart contract wallet, paying for the creation cost at that time.

Link

'Merry Christmas' - First SMS Ever Sent Sells for US$121,000

Charlotte Henry ·

The first SMS ever sent sold for €107,000 euros (US$121,000) as an NFT at an auction in Paris on Tuesday, Reuters reported. The message says “Merry Christmas” and was sent on December 3, 1992, by an engineer at UK carrier Vodafone.

Vodafone engineer Neil Papworth sent the SMS from his computer to a manager in the United Kingdom, who received it on his 2-kg (4 lb) “Orbitel” telephone – similar to a desk phone but cordless and with a handle. “They were in the middle of end-of-year events so he sent him the message ‘Merry Christmas’,” said Maximilien Aguttes, head of development for the Aguttes Auction House…The selling of intangible goods is not legal in France and so the auction house has packaged the text message in a digital frame, displaying the code and communication protocol, Aguttes said.

[Image credt: Agutess]

‘Cryptomator’ 2.0 is Here and it Integrates Into iOS Files App
Cool Stuff Found

'Cryptomator' 2.0 is Here and it Integrates Into iOS Files App

Andrew Orr ·

The team behind Cryptomator has rewritten the app in Swift, and with version 2.0 the app is completely integrated into the Files app. This means that your vaults are directly accessible from there. For example, you can now save and edit a Word document directly in an encrypted vault via the Files app. In addition, features like thumbnails, grid view, swiping through images, and drag & drop are possible with the new app. To summarize, Cryptomator gives you end-to-end encryption for your files. You can store them in Google Drive, iCloud Drive, Dropbox, and more. You can also store them offline in the Files app or on a hard drive.

Check Out These Colorful X-Ray Wallpapers for Your iPhone
Cool Stuff Found

Check Out These Colorful X-Ray Wallpapers for Your iPhone

Andrew Orr ·

The Basic Apple Guy (via 9To5Mac) created a series of colorful iPhone wallpapers based on the X-ray images from iFixit. These iPhone 13 Pro | Pro Max schematics are a fun way to let you know the details hiding underneath your display. “Ten different designs have been created: Black, Xray, Sunset, Slate, Neon Blue, M1, Card, Blueprint, Rainbow Bloom, & Rainbow . And as a special treat, I’ve also added three additional designs: 3021, R08135, & DF, which celebrate figures in the community I admire. I plan on creating other colour patterns to release over the next few months, with these 11 being the first of many to come.”

Link

Explaining 'log4j' and Why it's a Serious Cybersecurity Threat

Andrew Orr ·

In early December a cybersecurity threat was discovered with the popular “log4j” utility. The Post has a good piece on the exploit, explained in non-jargon.

The fact that log4j is such a ubiquitous piece of software is what makes this such a big deal. Imagine if a common type of lock used by millions of people to keep their doors shut was suddenly discovered to be ineffective. Switching a single lock for a new one is easy, but finding all the millions of buildings that have that defective lock would take time and an immense amount of work.

Link

Wi-Fi Gateway From Airangel Affects Hundreds of Hotels

Andrew Orr ·

Security researcher Etizaz Mohsin says that the Airangel HSMX Gateway, used by many hotels to offer Wi-Fi to guests, contains hardcoded passwords that are easy to guess.

With those passwords, which we are not publishing, an attacker could remotely gain access to the gateway’s settings and databases, which store records about the guest’s using the Wi-Fi. With that access, an attacker could access and exfiltrate guest records, or reconfigure the gateway’s networking settings to unwittingly redirect guests to malicious webpages, he said.