India Considers Enforcing A-GPS on Mobile Devices
India’s government is considering a proposal to force smartphone manufacturers to enable GPS tracking at all times.
Fria Reyes
Fria is a privacy advocate and synthwave enthusiast who has been volunteering with Privacy Guides since 2023. They are an unapologetic tech optimist, and believes with the right technology we can solve any problem.
Android Authority: “Aluminium” will be code name for merger of Android and ChromeOS
According to Android Authority, the operating system that’s meant to merge Android and ChromeOS into one, unified OS is called “Aluminium OS.”
IVPN announces V2Ray obfuscation on Android
IVPN recently announced that they now support V2Ray obfuscation on their Android client, meaning they now support it on all platforms where they offer a client.
GSMA Report Warns of “Fragmented Cybersecurity Regulation”
In a new study by the GSMA, they criticize the state of cybersecurity regulation “including fragmented policies and regulatory frameworks, limited institutional capacity to support mobile operators, rigid or prescriptive rules, and a lack of effective platforms for threat intelligence sharing.”
GrapheneOS Now Has Experimental Support for Pixel 10 Series
GrapheneOS announced that they now have experimental support for the Pixel 10, Pixel 10 Pro, Pixel 10 Pro XL and Pixel 10 Pro Fold.
Trail of Bits Adds Constant Time Support to LLVM, Bolstering Encryption Security
Today, Trail of Bits announced they’ve added constant-time coding support for LLVM, “providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks.”
Signal Rolls Out Secure Backups for iOS in Beta
Signal has rolled out secure end-to-end encrypted backups for iOS users, after Android users already got the features months earlier.
Proton Launches Beta Access for Proton Pass CLI
Proton has launched the beta for their command line interface for Proton Pass, Proton’s password manager software.
“Trivially Exploitable” Vulnerabilities Left Cloud Environments Vulnerable for Over 8 Years
Researchers at Oligo have found several “trivially exploitable” vulnerabilities in the widely-used Fluent Bit logging software that left users vulnerable for over 8 years.
Forensic Software Company Gives Personalized Password Cracking Tips
Elcomsoft, seller of forensic tools for law enforcement to extract data from user devices like phones and computers, has released a blog post on using information collected about individuals to make password cracking more efficient.
Major Banks Reeling After Data Customer Data Leaked in Cyber Attack Against SitusAMC
According to TechCrunch, SitusAMC, a company that provides technology for major banks like JPMorgan, Citigroup, Morgan Stanley, and even state governments, has had a major breach of customer data including “accounting records and legal agreements.”
SHA1-HULUD Malware Infects Developers, Posts Secrets to Their Public GitHub Repos
According to researchers at Wiz, a supply chain attack on npm packages is exfiltrating developers’ credentials and posting them to public GitHub repositories.
CSA Announces Matter 1.5, Adding Secure Camera Support and New Devices
Matter 1.5 has released, bringing with it lots of new supported device types. Among the new additions are support for cameras, soil sensors, and what they call “closures.”
GrapheneOS Releases QPR1 Update
GrapheneOS users have received the long-awaited Android 16 QPR1 update to GrapheneOS.
iOS Developers Claim 1Password isn’t Removing Deleted Profile Pictures
The iOS developer and security researcher duo mysk claim that after deleting their 1Password account, their profile picture was still being stored and remained publicly accessible via a URL.
California Court Ends Smart Meter Dragnet Surveillance Program
According to the EFF, the Sacramento County Superior Court has determined that a surveillance program run by the Sacramento Municipal Utility District (SMUD) and the police is illegal.
Pornhub Urges Big Tech Companies to Adopt Device-Based Age Verification
According to Wired, Pornhub's parent company has sent letters to Apple, Google, and Microsoft urging them to device-based age verification.
Thunderbird Pro Enters Closed Testing Phase
A new announcement from Thunderbird Pro sees the services entering an “initial closed test run” with a “core group of community contributors.”
Twitch Added to Age Restricted Social Media in Australia
Australia’s eSafety Commissioner has added Twitch to its growing list of age-restricted social media sites.
EFF Files Lawsuit Against DOJ and DHS to Uncover Information About Removed ICE-Tracking Apps
The EFF has filed a lawsuit against the US DOJ and DHS to uncover information their demands to censor apps.
Brave Announces Verifiable and Transparent TEE Support in Leo
Today, Brave announced that their Leo AI assistant inside of the Brave browser will utilize NEAR AI Nvidia-backed Trusted Execution Environments (TEE).