The DIY Raspberry Pi Automatic Guitar Tuner

First of all, “music is notably mathematical” is a brilliant pun. Second of all, this project is a brilliant merger of Maker DIY tech and music, especially since the gadget actually turns the pegs for you to tune your guitar strings. This Raspberry Pi project is based on Band Industries’ Roadie 3 automatic tuner. I love the fact that Jean-Gilles not only provides the instructions and source code for the project, but also the 3D printing files.

Music is notably mathematical, so it should come as no surprise that many makers turn to creating their own Raspberry Pi-based solutions for musical problems. Today we’ve got a sharp, problem-solving creation to share from maker Guyrandy Jean-Gilles. Tired of twisting his pegs, Jean-Gilles opted to develop his own Raspberry Pi Pico-powered automatic guitar tuner.

'OSX.ZuRu' Malware Spreads From Trojanized Apps via Sponsored Search Results

The latest Mac malware to be discovered is called OSX.ZuRu. It spreads via infected apps from sponsored search results.

The legitimate and the malicious iTerm2 application bundles contain a massive number of files, including several Mach-O binaries. Moreover, the malicious version appears largely benign (as is the case with most applications that have been surreptitiously trojanized). As such, it takes us a minute to uncover the malicious component.

Health Apps Must Warn Users of Data Breaches, Says FTC

The Federal Trade Commission issued a policy statement on Thursday. It says that health apps and wearable companies must warn their users of data breaches or face fines.

In a policy statement adopted during an open meeting, the Commission noted that health apps, which can track everything from glucose levels for those with diabetes to heart health to fertility to sleep, increasingly collect sensitive and personal data from consumers These apps have a responsibility to ensure they secure the data they collect, which includes preventing unauthorized access to such information.

Excellent news. Now they should make sure the fines are high enough to deter repeat offenders (cough T-Mobile).

PrivacyTools Website Rebrands as Privacy Guides (Update)

PrivacyTools.io is a website I’ve long used to learn about different types of private software. The team announced that it will rebrand as Privacy Guides.

Our work maintaining PrivacyTools has been extremely difficult of late without access to key assets such as the domain and without the participation of its founder.

This name change is the first step in this process of regaining our independence as a community. Eventually, we plan on creating a new legal organization designed around the community to ensure our long-term sustainability. This will take some careful planning and time to get right, but we’re confident we can prevent this from ever happening again, and keep us independent of any one team member.

Update: It appears there is some contention or intra-politics. The official PrivacyTools Twitter account said it is a project split, not a rebrand.

New Products at Mimeo Photos Include Mounted Prints

Mimeo Photos has recently launched mounted photos and expanded its size options for wall decor and photo prints.

Mimeo Photos users can now transform their favorite photos, designs or artwork into a customized mounted wall print to adorn the walls of their home, office or studio. Mimeo Photos also expanded its wall decor category to include eighteen new sizes and added two new sizes to its photo prints offering. As the No. 1 photo product extension in the Mac App store, Mimeo Photos continues to innovate and expand its product offering, while also being available everywhere its customers’ photos are taken and stored.

Inside Project Raven, a Team of Former NSA Analysts Who Worked for the UAE Government

Project Raven was a team that included more than a dozen former U.S. intelligence operatives recruited to help the United Arab Emirates engage in surveillance of other governments, militants and human rights activists critical of the monarchy. Reuters tells the story.

The operatives utilized an arsenal of cyber tools, including a cutting-edge espionage platform known as Karma, in which Raven operatives say they hacked into the iPhones of hundreds of activists, political leaders and suspected terrorists. Details of the Karma hack were described in a separate Reuters article today.

An interesting story. We know that iOS 14.8 patched a vulnerability used by the Pegasus spyware, but I haven’t heard much about Karma.

'SSID Stripping' Can Trick You Into Joining a Malicious Wi-Fi Network

Researchers have discovered a new type of network vulnerability dubbed SSID Stripping. It causes a network name to appear differently in a device’s list of networks, thus tricking people into joining a malicious network.

The SSID Stripping vulnerability affects all major software platforms – Microsoft Windows, Apple iOS and macOS, Android and Ubuntu. With SSID Stripping, it is possible to create a network name in a way that its display only shows a prefix that is similar to a legitimate network name (e.g. the corporate network name) while the actual network name includes the additional specially crafted information.