bcl @bcl@infosec.exchange

Chinese subway stations now let you pay for tickets by scanning your face

Facial recognition technology is used across China for everything from identifying criminals to measuring students’ attention in class. Now, it has debuted a system in its subway that lets you use your face as a ticket. A report from South China Morning Post suggests the subway system in the southern city of Shenzhen has started using facial recognition …

https://thenextweb.com/world/2019/09/23/chinese-subway-stations-now-let-you-pay-for-tickets-by-scanning-your-face/

SecureDrop 1.0.0 is out and includes support for v3 onion services plus significant updates to SecureDrop’s web-based Source Interface and Journalist/Admin Interface.
https://securedrop.org/news/securedrop-100-released/
.onion: https://secrdrop5wyphb5x.onion/news/securedrop-100-released/

The fight for diversity, equality and inclusion is the fight for software freedom. Our movement will only be successful if it includes everyone. RMS does not speak for these values.
https://sfconservancy.org/news/2019/sep/16/rms-does-not-speak-for-us/

There are so many WTF moments with #Google taking down my #PfP extension that I felt a blog post was in order.

https://palant.de/2019/09/09/state-of-the-art-protection-in-chrome-web-store/

After nearly a year since releasing the alpha version of Tor Browser on Android, it's time to sunset Orfox 🌇

Thanks to the work of our friends at Guardian Project and members of our community who helped pave the way for Tor Browser on Android with Orfox.
https://blog.torproject.org/orfox-paved-way-tor-browser-android

Yikes. Hacked sites could take over iPhones for years. https://techcrunch.com/2019/08/29/google-iphone-secretly-hacked/
#infosec

A Book from Alan Turing… and a Mysterious Piece of Paper

https://blog.stephenwolfram.com/2019/08/a-book-from-alan-turing-and-a-mysterious-piece-of-paper/

I'm disappointed with what Firefox does on first startup. They should get rid of the google API calls. Yes, this is hard. Yes, they can.

https://hn.premii.com/#/comments/20794937

You may think your Gmail account is private, but Google disagrees. Google told a judge that users have "no legitimate expectation of privacy." https://www.cnet.com/news/google-filing-says-gmail-users-have-no-expectation-of-privacy/ Proton = privacy.

RT @lizhenry@twitter.com

Who knew there was a sort of hanky code for hexadecimal. Thanks Datamation magazine from 1968 #prelingerwiki

🐦🔗: https://twitter.com/lizhenry/status/1165760903809130496

Crown Sterling, the Time AI people, are apparently filing a lawsuit against Black Hat's operator UBM. https://www.businesswire.com/news/home/20190823005050/en/Crown-Sterling-Files-Complaint-UBM----Owner

Here's my story on the company's controversial claims, which experts have decried as "snake oil."
https://www.pcmag.com/news/370119/black-hat-attendees-sponsored-session-was-snake-oil-crypto

Alert for those still using Webmin

Backdoor Found in Webmin Utility

Last year, an attacker was able to compromise the build system used for Webmin development and inserted a backdoor into the code, which was only revealed this week.

https://duo.com/decipher/backdoor-found-in-webmin-utility

And it creeps into the world...

https://amzn.to/31Me84a

Our report showed that technology providers are spying on students—and school districts are unwittingly helping them do it, frequently without the awareness or consent of students and their families. 3/ https://www.eff.org/wp/school-issued-devices-and-student-privacy