Forwarded from BlackBox (Security) Archiv
facebook-sealed-exhibits.pdf
627.5 MB
Facebook fought to keep a trove of thousands of explosive internal documents and emails secret. They were just published online in full.
Thousands of pages of internal Facebook documents were published on Wednesday, shedding new light on how the company profited from user data and grappled with rivals.
👉🏼 Read more:
https://www.businessinsider.nl/facebook-internal-documents-executive-emails-published-six4three-court-leak-2019-11
#DeleteFacebook #documents #secret #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Thousands of pages of internal Facebook documents were published on Wednesday, shedding new light on how the company profited from user data and grappled with rivals.
👉🏼 Read more:
https://www.businessinsider.nl/facebook-internal-documents-executive-emails-published-six4three-court-leak-2019-11
#DeleteFacebook #documents #secret #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Forwarded from WABetaInfo - WhatsApp beta news
🚨 Reports say that WhatsApp is banning groups having a suspicious name
https://wabetainfo.com/reports-say-that-whatsapp-is-banning-groups-having-a-suspicious-name/
Were you banned for a similar situation? Let me know!
https://wabetainfo.com/reports-say-that-whatsapp-is-banning-groups-having-a-suspicious-name/
Were you banned for a similar situation? Let me know!
WABetaInfo
Reports say that WhatsApp is banning groups having a suspicious name | WABetaInfo
Read this article to learn more about how people are banned from using WhatsApp when someone changes the group subject using a malicious name!
Forwarded from Police frequency
Hong Kong Police Seeks to Hack Telegram, Key Tool in Protests, the Epoch Times reports. The Hong Kong Police Force has been trying to find out the identities of the people running those two Telegram accounts, including by seeking help from cyber experts outside Hong Kong. One cyber expert, who wished to remain anonymous for fear of reprisal, said that over the past few months, he was repeatedly approached by senior inspectors to use “any means necessary” to uncover their identities. In one phone call from a senior inspector, the officer asked the source whether it was possible to break Telegram’s encryption protocol to find out who the administrators behind “dadfindboy” and “tanakayotsuba” were, and where they live, with the intention of arresting them at their homes, the source said. “They’re very desperate,” he said, adding that the police force was seeking “demigod” level access to Telegram.
Brian left his own company, and calls out Facebook for exploiting his invention. And Tweets #DeleteFacebook so why should you continue to feed Facebook with your data? #SwitchToSignal #SwitchToTelegram
Spywhere in your pocket, the Facebook apps, which most likely control your entire social life online.
“We scanned thousands of faces in DC today to show why facial recognition surveillance should be…” by Fight for the Future https://link.medium.com/QvcQaAvOC1
Medium
We scanned thousands of faces in DC today to show why facial recognition surveillance should be banned
Today, activists working with digital rights group Fight for the Future conducted live facial recognition surveillance in the halls of…
“Facebook Pay Is a New Name for What Facebook Was Already Doing With Your Data” by Eric Ravenscraft https://link.medium.com/0ph4TtrNG1
Medium
Facebook Pay Is a New Name for What Facebook Was Already Doing With Your Data
The initiative highlights how confusing the connections between Facebook’s various payment systems have been until now
Forwarded from NoGoolag
WhatsApp Vulnerability Allows Code Execution Via Malicious MP4 File
A security vulnerability in WhatsApp that was made public last week could be abused to execute arbitrary code remotely on affected devices.
Tracked as CVE-2019-11931, the issue is a stack-based buffer overflow that can be triggered by sending a specially crafted MP4 file via WhatsApp, Facebook explains in an advisory.
https://www.securityweek.com/whatsapp-vulnerability-allows-code-execution-malicious-mp4-file
Read Via Telegram
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
A security vulnerability in WhatsApp that was made public last week could be abused to execute arbitrary code remotely on affected devices.
Tracked as CVE-2019-11931, the issue is a stack-based buffer overflow that can be triggered by sending a specially crafted MP4 file via WhatsApp, Facebook explains in an advisory.
https://www.securityweek.com/whatsapp-vulnerability-allows-code-execution-malicious-mp4-file
Read Via Telegram
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
"Every time WhatsApp has to fix a critical vulnerability in their app, a new one seems to take its place. All of their security issues are conveniently suitable for surveillance, look and work a lot like backdoors."
Pavel Durov
Pavel Durov
Telegraph – Pavel Durov
Why WhatsApp Will Never Be Secure
The world seems to be shocked by the news that WhatsApp turned any phone into spyware. Everything on your phone – including photos, emails and texts – could be accessed by attackers just because you had WhatsApp installed [1]. This news didn’t surprise…
Forwarded from Pavel Durov
In May, I predicted that backdoors in WhatsApp would keep getting discovered, and one serious security issue would follow another, as it did in the past [1]. This week a new backdoor was quietly found in WhatsApp [2]. Just like the previous WhatsApp backdoor and the one before it, this new backdoor made all data on your phone vulnerable to hackers and government agencies. All a hacker had to do was send you a video – and all your data was at the attacker’s mercy [3].
WhatsApp doesn’t only fail to protect your WhatsApp messages – this app is being consistently used as a Trojan horse to spy on your non-WhatsApp photos and messages. Why would they do it? Facebook has been part of surveillance programs long before it acquired WhatsApp [4][5]. It is naive to think the company would change its policies after the acquisition, which has been made even more obvious by the WhatsApp founder’s admission regarding the sale of WhatsApp to Facebook: “I sold my users’ privacy” [6].
Following the discovery of this week’s backdoor, Facebook tried to confuse the public by claiming they had no evidence that the backdoor had been exploited by hackers [7]. Of course, they have no such evidence – in order to obtain it, they would need to be able to analyze videos shared by WhatsApp users, and WhatsApp doesn’t permanently store video files on its servers (instead, it sends unencrypted messages and media of the vast majority of their users straight to Google’s and Apple’s servers [8]). So – nothing to analyze – “no evidence”. Convenient.
But rest assured, a security vulnerability of this magnitude is bound to have been exploited – just like the previous WhatsApp backdoor had been used against human rights activists and journalists naive enough to be WhatsApp users [9][10]. It was reported in September that the data obtained as a result of the exploitation of such WhatsApp backdoors will now be shared with other countries by US agencies [11][12].
Despite this ever-increasing evidence of WhatsApp being a honeypot for people that still trust Facebook in 2019, it might also be the case that WhatsApp just accidentally implements critical security vulnerabilities across all their apps every few months. I doubt that – Telegram, a similar app in its complexity, hasn’t had any issues of WhatsApp-level severity in the six years since its launch. It’s very unlikely that anyone can accidentally commit major security errors, conveniently suitable for surveillance, on a regular basis.
Regardless of the underlying intentions of WhatsApp’s parent company, the advice for their end-users is the same: unless you are cool with all your photos and messages becoming public one day, you should delete WhatsApp from your phone.
[1] – Why WhatsApp will never be secure
[2] – WhatsApp users urged to update app immediately over spying fears
[3] – WhatsApp Android and iOS users are now at risk from malicious video files
[4] – Everything you need to know about PRISM
[5] – NSA taps data from 9 major Net firms
[6] – WhatsApp co-founder Brian Acton: 'I sold my users' privacy'
[7] – Hackers can use a WhatsApp flaw in the way it handles video to take control of your phone
[8] – WhatsApp is storing unencrypted backup data on Google Drive
[9] – WhatsApp hack led to targeting of 100 journalists and dissidents
[10] – Exclusive: Government officials around the globe targeted for hacking through WhatsApp - sources
[11] – Police can access suspects’ Facebook and WhatsApp messages in deal with US
[12] – Facebook, WhatsApp Will Have to Share Messages With U.K.
WhatsApp doesn’t only fail to protect your WhatsApp messages – this app is being consistently used as a Trojan horse to spy on your non-WhatsApp photos and messages. Why would they do it? Facebook has been part of surveillance programs long before it acquired WhatsApp [4][5]. It is naive to think the company would change its policies after the acquisition, which has been made even more obvious by the WhatsApp founder’s admission regarding the sale of WhatsApp to Facebook: “I sold my users’ privacy” [6].
Following the discovery of this week’s backdoor, Facebook tried to confuse the public by claiming they had no evidence that the backdoor had been exploited by hackers [7]. Of course, they have no such evidence – in order to obtain it, they would need to be able to analyze videos shared by WhatsApp users, and WhatsApp doesn’t permanently store video files on its servers (instead, it sends unencrypted messages and media of the vast majority of their users straight to Google’s and Apple’s servers [8]). So – nothing to analyze – “no evidence”. Convenient.
But rest assured, a security vulnerability of this magnitude is bound to have been exploited – just like the previous WhatsApp backdoor had been used against human rights activists and journalists naive enough to be WhatsApp users [9][10]. It was reported in September that the data obtained as a result of the exploitation of such WhatsApp backdoors will now be shared with other countries by US agencies [11][12].
Despite this ever-increasing evidence of WhatsApp being a honeypot for people that still trust Facebook in 2019, it might also be the case that WhatsApp just accidentally implements critical security vulnerabilities across all their apps every few months. I doubt that – Telegram, a similar app in its complexity, hasn’t had any issues of WhatsApp-level severity in the six years since its launch. It’s very unlikely that anyone can accidentally commit major security errors, conveniently suitable for surveillance, on a regular basis.
Regardless of the underlying intentions of WhatsApp’s parent company, the advice for their end-users is the same: unless you are cool with all your photos and messages becoming public one day, you should delete WhatsApp from your phone.
[1] – Why WhatsApp will never be secure
[2] – WhatsApp users urged to update app immediately over spying fears
[3] – WhatsApp Android and iOS users are now at risk from malicious video files
[4] – Everything you need to know about PRISM
[5] – NSA taps data from 9 major Net firms
[6] – WhatsApp co-founder Brian Acton: 'I sold my users' privacy'
[7] – Hackers can use a WhatsApp flaw in the way it handles video to take control of your phone
[8] – WhatsApp is storing unencrypted backup data on Google Drive
[9] – WhatsApp hack led to targeting of 100 journalists and dissidents
[10] – Exclusive: Government officials around the globe targeted for hacking through WhatsApp - sources
[11] – Police can access suspects’ Facebook and WhatsApp messages in deal with US
[12] – Facebook, WhatsApp Will Have to Share Messages With U.K.