muntashir

@muntashir@infosec.exchange

Open source contributor with interests in privacy, security and usability. Creator of https://floss.social/@appmanager

This profile is from a federated server and may be incomplete. Browse more on the original instance.

jerry, to random

I am learning tonight that the Google Play store is/was a paragon of robust security

muntashir,

@jerry Theoretically, yes. Practically, no.

muntashir, to Signal

has finally started testing public usernames which can be tested by anybody via The Staging Environment. No ETA for a stable release yet.

https://community.signalusers.org/t/public-username-testing-staging-environment/56866

muntashir, to random

Being able use an app or service without worrying that they might be tracking every keystrokes and interactions is quite satisfying...

muntashir, to random

Upcoming: A threat actor is selling govt backdoors present in a cryptographic algorithm

https://securityaffairs.com/152811/cyber-crime/facebook-and-instagrams-police-portal-access.html

MishaalRahman, to random
@MishaalRahman@androiddev.social avatar

Android's platform QR scanner, available on Android 13+ devices with GMS, is getting support for adding passes & IDs with QR codes to Google Wallet. These include things like boarding passes, driver's license, COVID cards, etc.

(Image credits: @AssembleDebug)

(1/3)

muntashir,

@MishaalRahman @AssembleDebug Why do you call it platform QR scanner since it's only available through GMS?

MishaalRahman, to random
@MishaalRahman@androiddev.social avatar

Google Play Protect is adding real-time scanning for app installs!

Starting today, Play Protect will prompt users to perform a real-time, code-level scan when users install an app that hasn't been analyzed before by Google.

This scanning will extract important signals from the app and send them to the Play Protect backend for code-level evaluation. Once the real-time analysis is done, users will get a result letting them know if the app looks safe to install or is potentially harmful.

(1/3)

muntashir,

@MishaalRahman Great. They'll now block legitimate apps installed outside Google Play Store in real time, but let users install stealer apps such as โ€œBattery Transfer/Receiverโ€.

muntashir, to random

Read access to clipboard should've been a dangerous, one time permission. Instead it is controlled by an application operation () which can only disabled via root or ADB.

https://fingerprint.com/blog/android-14-clipboard-security-leak/

muntashir, to random

https://www.wired.com/story/millions-of-workers-are-training-ai-models-for-pennies/

fdroidorg, to random
@fdroidorg@floss.social avatar

This week in F-Droid (TWIF) was published again. This week it's about a reminder to update apps affected by the libwebp vulnerability, a new release of the F-Droid client, other new & updated apps, plus some more.

https://f-droid.org/en/2023/10/12/twif-vulnerability-patching-fdroid-client-radiodroid-revival.html

Be welcome to join the TWIF forum thread if you have any news piece from around the community, maybe it will be featured next week: https://forum.f-droid.org/t/new-twif-submission-thread/23546

muntashir, (edited )

@fdroidorg Glad to see โ€œLibreAVโ€ removed. Now and then I receive emails from frustrated users seeking my help as this app marks a lot of apps in red.

muntashir, to random

โ€œthereโ€™s a $12K prize to recover the hash seeds.โ€

https://www.schneier.com/blog/archives/2023/10/bounty-to-recover-nists-elliptic-curve-seeds.html

muntashir, to random

โ€œDaniel Bernstein at the University of Illinois Chicago says that the US National Institute of Standards and Technology (NIST) is deliberately obscuring the level of involvement the US National Security Agency (NSA) has in developing new encryption standards for โ€œpost-quantum cryptographyโ€ (PQC). He also believes that NIST has made errors โ€“ either accidental or deliberate โ€“ in calculations describing the security of the new standards. NIST denies the claims.โ€

https://www.newscientist.com/article/2396510-mathematician-warns-us-spies-may-be-weakening-next-gen-encryption/

catsalad, to random

deleted_by_author

    •
    muntashir,

    @catsalad Thanks. I do apologise for not replying to your last email. I quite forgot about it after the accident I had a few months ago.

    muntashir, to privacy

    New blog article: An introduction to threat modelling

    (This is intended for regular users, not developers)

    https://muntashirakon.github.io/blog/2023/10/12/intro-to-threat-modelling/

    petergleick, to Energy
    @petergleick@fediscience.org avatar

    So AI may destroy the planet, but not the way you were thinking.

    #energy
    #climatechange

    https://futurism.com/the-byte/ai-electricity-use-spiking-power-entire-country

    muntashir,

    @petergleick We already know that an energy crisis would be imminent. In Matrix trilogy, humans were used as batteries so that the Matrix would continue to run. AI may never be as smart the Matrix, but if the theories were correct, humans alone would be enough to do it for them.

    nixCraft, to random
    @nixCraft@mastodon.social avatar

    wtf? ๐Ÿคก

    muntashir,

    @nixCraft Same happened to . Maybe the results of the same heuristic algorithms that used to falsely identify as a possible threat.

    ronald, to random
    @ronald@ohai.social avatar

    apparently the old plugin IS actually still being maintained or revamped, i found https://github.com/milkdrop2077/MilkDrop3 which is amazing

    muntashir,

    @ronald An Android app, uses but not sure if it's this library.

    Edit: Poweramp uses Milkdrop2.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • โ€ข
  • JUstTest
  • GTA5RPClips
  • DreamBathrooms
  • InstantRegret
  • magazineikmin
  • khanakhh
  • Youngstown
  • ngwrru68w68
  • slotface
  • everett
  • rosin
  • thenastyranch
  • kavyap
  • tacticalgear
  • megavids
  • cisconetworking
  • normalnudes
  • osvaldo12
  • ethstaker
  • mdbf
  • modclub
  • Durango
  • tester
  • provamag3
  • cubers
  • Leos
  • anitta
  • lostlight
  • All magazines
    •