Forwarded from BlackBox (Security) Archiv
Academics find crypto bugs in 306 popular Android apps, none get patched
Only 18 of 306 app developers replied to the research team, only 8 engaged with the team after the first email.
A team of academics from Columbia University has developed a custom tool to dynamically analyze Android applications and see if they're using cryptographic code in an unsafe way.
Named CRYLOGGER, the tool was used to test 1,780 Android applications, representing the most popular apps across 33 different Play Store categories, in September and October 2019.
Researchers say the tool, which checked for 26 basic cryptography rules (see table below), found bugs in 306 Android applications. Some apps broke one rule, while others broke multiple.
The top three most broken rules were:
‼️ Rule #18 - 1,775 apps - Don't use an unsafe PRNG (pseudorandom number generator)
‼️ Rule #1 - 1,764 apps - Don't use broken hash functions (SHA1, MD2, MD5, etc.)
‼️ Rule #4 - 1,076 apps - Don't use the operation mode CBC (client/server scenarios)
These are basic rules that any cryptographer knows very well, but rules that some app developers might not be aware of without having studied app security (AppSec) or advanced cryptography prior to entering the app development space.
👀 👉🏼 https://www.zdnet.com/article/academics-find-crypto-bugs-in-306-popular-android-apps-none-get-patched
#cryptography #bugs #android #apps
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Only 18 of 306 app developers replied to the research team, only 8 engaged with the team after the first email.
A team of academics from Columbia University has developed a custom tool to dynamically analyze Android applications and see if they're using cryptographic code in an unsafe way.
Named CRYLOGGER, the tool was used to test 1,780 Android applications, representing the most popular apps across 33 different Play Store categories, in September and October 2019.
Researchers say the tool, which checked for 26 basic cryptography rules (see table below), found bugs in 306 Android applications. Some apps broke one rule, while others broke multiple.
The top three most broken rules were:
‼️ Rule #18 - 1,775 apps - Don't use an unsafe PRNG (pseudorandom number generator)
‼️ Rule #1 - 1,764 apps - Don't use broken hash functions (SHA1, MD2, MD5, etc.)
‼️ Rule #4 - 1,076 apps - Don't use the operation mode CBC (client/server scenarios)
These are basic rules that any cryptographer knows very well, but rules that some app developers might not be aware of without having studied app security (AppSec) or advanced cryptography prior to entering the app development space.
👀 👉🏼 https://www.zdnet.com/article/academics-find-crypto-bugs-in-306-popular-android-apps-none-get-patched
#cryptography #bugs #android #apps
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
ZDNet
Academics find crypto bugs in 306 popular Android apps, none get patched
Only 18 of 306 app developers replied to the research team, only 8 engaged with the team after the first email.
Social Engineering Through Financial Institutions: Dutch Bank Links Customers’ Expenditure with CO2 Emissions
We’ve recently published articles about governments in Bologna, Vienna, Bavaria and Belgium making plans to implement social credit systems: those who consume less CO2 will be rewarded. In the Netherlands, starting on 22 April, the first Dutch bank, and possibly the first in Europe, is linking payment transactions with CO2 emissions. Mastercard, in collaboration with…
https://dailyexpose.uk/2022/04/30/social-engineering-through-banks/ #nwo #worldgovernment #bugs
We’ve recently published articles about governments in Bologna, Vienna, Bavaria and Belgium making plans to implement social credit systems: those who consume less CO2 will be rewarded. In the Netherlands, starting on 22 April, the first Dutch bank, and possibly the first in Europe, is linking payment transactions with CO2 emissions. Mastercard, in collaboration with…
https://dailyexpose.uk/2022/04/30/social-engineering-through-banks/ #nwo #worldgovernment #bugs
The Expose
Social Engineering Through Financial Institutions: Dutch Bank Links Customers’ Expenditure with CO2 Emissions
We’ve recently published articles about governments in Bologna, Vienna, Bavaria and Belgium making plans to implement social credit systems: those who consume less CO2 will be rewarded. In th…
Netherlands to SHUT DOWN 11,200 farms (20% of their farms) to meet climate goals
Hostile takeover of food supply accelerates - complete enslavement of humanity - must be stopped
#eu #nwo #bugs @iceagefarmer
https://petersweden.substack.com/p/dutch-farmers-11200
Hostile takeover of food supply accelerates - complete enslavement of humanity - must be stopped
#eu #nwo #bugs @iceagefarmer
https://petersweden.substack.com/p/dutch-farmers-11200
The Freedom Corner with PeterSweden
Netherlands to SHUT DOWN 11 200 farms to meet climate goals
The farmers are not happy about it.
The European Commission has just approved bugs as food
https://www.opindia.com/2022/08/europe-price-rise-energy-crisis-europian-commission-approves-locusts-crickets-and-worms-as-food
https://twitter.com/EU_Commission/status/1558014404855209986
#bugs
https://www.opindia.com/2022/08/europe-price-rise-energy-crisis-europian-commission-approves-locusts-crickets-and-worms-as-food
https://twitter.com/EU_Commission/status/1558014404855209986
#bugs
OpIndia
As Europe battles price rise and energy crisis, European Commission approves locusts, crickets and worms as ‘food’
The European Commission which provides the approval had stated then that these insects can be sold, and marketed as snacks or food ingredients either in dried or frozen form with legs removed or in a powder form. | OpIndia News
Beyond Meat Plant’s Dirty Conditions Revealed in Photos, Internal Documents
• Products from the plant tested positive for Listeria, a harmful bacteria, on at least 11 occasions during the second half of last year and the first half of 2022.
• Photos taken by a former employee from inside the plant in January and April show what appear to be spills, unsafe use of equipment, and mold on walls and ingredient containers, while spreadsheets, photos and internally prepared reports reveal that foreign materials such as string, metal, wood and plastic have been found in food from the plant at least as recently as last December.
🔗 Full Article
#beyond #meat #bugs
• Products from the plant tested positive for Listeria, a harmful bacteria, on at least 11 occasions during the second half of last year and the first half of 2022.
• Photos taken by a former employee from inside the plant in January and April show what appear to be spills, unsafe use of equipment, and mold on walls and ingredient containers, while spreadsheets, photos and internally prepared reports reveal that foreign materials such as string, metal, wood and plastic have been found in food from the plant at least as recently as last December.
🔗 Full Article
#beyond #meat #bugs
This media is not supported in your browser
VIEW IN TELEGRAM
eat the #bugs secretions
#bugs #eu
The EU Commission regulates mealworm powder as a novel food, allowing its use in various products, with labeling requirements for vitamin D content. The Commission grants exclusive authorization to the applicant for 5 years, despite limited research on potential allergens, and recommends further study.
⚖🇪🇺 Commission Implementing Regulation (EU) 2025/89 of 20 January 2025 authorising the placing on the market of ultraviolet radiation-treated powder of whole larvae of Tenebrio molitor (mealworm) as a novel food in the region
3. [...] The applicant requested that UV-treated powder from whole larvae of Tenebrio molitor be used in breads and rolls, biscuits and pastries, pasta products, processed potato products, cheese and derived products, and fruit or vegetable compotes, intended for the general population.
7. In its scientific opinion, the Authority concluded that UV-treated powder from whole larvae of Tenebrio molitor is safe under the proposed conditions and at the proposed levels of use. Therefore, that scientific opinion provides sufficient grounds to determine that UV-treated powder of whole larvae of Tenebrio molitor [...]
8. [...] the name of the novel food should be accompanied by the statement "contains vitamin D produced by UV treatment" and the nutritional declaration should include the amount of vitamin D.
9. Based on a limited number of published evidence on food allergies related to the consumption of UV-treated larvae [...] containing a set of potentially allergenic proteins, the Authority concluded in its opinion that consumption of the novel food may also cause sensitisation to larval proteins. The Authority therefore recommended further research into the allergenicity of these larvae.
10. In order to respond to the Authority's recommendation, the Commission is currently considering how to carry out the necessary research on the allergenicity of larvae [...] since the evidence directly linking the consumption of larvae to cases of primary sensitisation and allergies is limited, the Commission considers that, in the conditions of use of the novel food, no specific labelling requirements should be included in relation to the potential of UV-treated powder of whole larvae to cause primary sensitisation.
14. The applicant declared that it had proprietary rights and exclusive rights to refer to the scientific studies and data concerning the detailed description of the production process and the detailed results of the compositional analyses, in accordance with national legislation, at the time of submitting the application, and that no third party may legally access, use or refer to those data and studies.
15. The Commission assessed all the information provided by the applicant and considered that the applicant had sufficiently justified compliance with the requirements laid down [...] the authorisation to place UV-treated powder obtained from whole larvae on the market in the European Union should be granted to the applicant on an exclusive basis for a period of five years from the entry into force of this Regulation.
17. UV-treated powder obtained from whole larvae of Tenebrio molitor should be included in the Union list of novel foods set out in Implementing Regulation (EU) 2017/2470.
📎 Source (auto-translated)
The EU Commission regulates mealworm powder as a novel food, allowing its use in various products, with labeling requirements for vitamin D content. The Commission grants exclusive authorization to the applicant for 5 years, despite limited research on potential allergens, and recommends further study.
⚖🇪🇺 Commission Implementing Regulation (EU) 2025/89 of 20 January 2025 authorising the placing on the market of ultraviolet radiation-treated powder of whole larvae of Tenebrio molitor (mealworm) as a novel food in the region
3. [...] The applicant requested that UV-treated powder from whole larvae of Tenebrio molitor be used in breads and rolls, biscuits and pastries, pasta products, processed potato products, cheese and derived products, and fruit or vegetable compotes, intended for the general population.
7. In its scientific opinion, the Authority concluded that UV-treated powder from whole larvae of Tenebrio molitor is safe under the proposed conditions and at the proposed levels of use. Therefore, that scientific opinion provides sufficient grounds to determine that UV-treated powder of whole larvae of Tenebrio molitor [...]
8. [...] the name of the novel food should be accompanied by the statement "contains vitamin D produced by UV treatment" and the nutritional declaration should include the amount of vitamin D.
9. Based on a limited number of published evidence on food allergies related to the consumption of UV-treated larvae [...] containing a set of potentially allergenic proteins, the Authority concluded in its opinion that consumption of the novel food may also cause sensitisation to larval proteins. The Authority therefore recommended further research into the allergenicity of these larvae.
10. In order to respond to the Authority's recommendation, the Commission is currently considering how to carry out the necessary research on the allergenicity of larvae [...] since the evidence directly linking the consumption of larvae to cases of primary sensitisation and allergies is limited, the Commission considers that, in the conditions of use of the novel food, no specific labelling requirements should be included in relation to the potential of UV-treated powder of whole larvae to cause primary sensitisation.
14. The applicant declared that it had proprietary rights and exclusive rights to refer to the scientific studies and data concerning the detailed description of the production process and the detailed results of the compositional analyses, in accordance with national legislation, at the time of submitting the application, and that no third party may legally access, use or refer to those data and studies.
15. The Commission assessed all the information provided by the applicant and considered that the applicant had sufficiently justified compliance with the requirements laid down [...] the authorisation to place UV-treated powder obtained from whole larvae on the market in the European Union should be granted to the applicant on an exclusive basis for a period of five years from the entry into force of this Regulation.
17. UV-treated powder obtained from whole larvae of Tenebrio molitor should be included in the Union list of novel foods set out in Implementing Regulation (EU) 2017/2470.
📎 Source (auto-translated)