A Palestinian photojournalist was killed in an Israeli attack in Gaza, taking the death toll of journalists since October 2023 to 227.

Momen Abu Alof, was killed along with three ambulance workers by Israeli fire during a humanitarian mission in eastern Gaza City.

The office strongly condemned “the systematic targeting, killing, and assassination of Palestinian journalists by the Israeli occupation.”

https://www.aa.com.tr/en/middle-east/palestinian-photojournalist-killed-in-gaza-as-death-toll-of-journalists-from-israeli-attacks-rises-to-227/3592834

🕎 🇵🇸 ☮️
#Gaza #Palestine
#Press #News

Dear USA

Deploying troops against civilians will not go well.

Yours
Great Britain and Northern Ireland

Il rapporto del COPASIR sul caso Graphite solleva nuove domande.
Il trattamento che è stato riservato a giornalisti e attivisti è inaccettabile in uno stato democratico.
Chiediamo trasparenza, responsabilità e risposte concrete al problema della sorveglianza di stato.

https://osservatorionessuno.org/it/blog/2025/06/il-rapporto-del-copasir-sul-caso-graphite-solleva-pi%C3%B9-domande-di-quante-ne-risolva/

Cellebrite suspends Serbia as customer after claims police used firm’s tech to plant spyware
https://techcrunch.com/2025/02/26/cellebrite-suspends-serbia-as-customer-after-claims-police-used-firms-tech-to-plant-spyware/?utm_source=flipboard&utm_medium=activitypub

Posted into Latest TechCrunch Stories @latest-techcrunch-stories-Techcrunch

Thanks for the find [1], @privacyguides !

Seems that using #GrapheneOS isn't a bad idea.

> #Cellebrite, as far as we know, publishes a support matrix for Android-based and iOS-based devices monthly or at least multiple times a year. The latest version available at time of writing is version 7.73.1 released on February 2025.

Secondary source: Osservatorio Nessuno [2]

[1]: https://discuss.privacyguides.net/t/updated-cellebrite-google-pixel-matrix-leak-february-2025/25911/4
[2]: https://osservatorionessuno.org/blog/2025/03/a-deep-dive-into-cellebrite-android-support-as-of-february-2025/#the-february-2025-support-matrix

#Cellebrite #GrapheneOS #Android #Encryption #E2EE #DataPrivacy

> Pixel devices remain quite a solid choice if kept updated. While it seems that for the standard Google ROM there are working exploits available to perform the FFS extraction in AFU state, on the contrary GrapheneOS additional hardening and protections are effective, and have been so since 2022 [1].

[1]: https://osservatorionessuno.org/blog/2025/03/a-deep-dive-into-cellebrite-android-support-as-of-february-2025/#the-february-2025-support-matrix

#Cellebrite #GrapheneOS #GooglePixel #Encryption #DataPrivacy #Android

https://osservatorionessuno.org/blog/2025/03/a-deep-dive-into-cellebrite-android-support-as-of-february-2025/#the-february-2025-support-matrix
Мой любимый графен и нелюбимый Cellebrite

#grapheneos #opsec #infosec #pixel

Digital Prison
Serbian authoritarians deploy #surveillance technology and digital repression tactics as instruments of wider state control directed against civil society. NSO Group’s #Pegasus #spyware with Android #NoviSpy & #Cellebrite UFED mobile forensics tools against environmental activists and protest organisers.
https://www.amnesty.org/en/documents/eur70/8813/2024/en/

We found an Apple Silicon CPU issue with FJCVTZS, the "JS-compatible double-to-int32 conversion" instruction that was added to ARMv8.3.

If the Flush-to-Zero flag is set in the FPCR register and FJCVTZS is used with a denormal, my M1 sets the Zero flag to 1 and M2-M4 CPUs set it to 0. This flag indicates whether the conversion was exact. I believe M1 is correct?

Test case: https://gist.github.com/jandem/e6b5660975f145b85d533b97ad054f08

🚨 New Open Source Audit Alert! 🚨

Shielder, with @OSTIF & @cloudnativefdn, audited @karmada_io:
🔍 6 issues found (1 high, 1 medium, 2 low, 2 info)
✔️ Most fixed, others planned.
🗣️ to @suidpit and @thezero

Full details in the blog post!

https://www.shielder.com/blog/2025/01/karmada-security-audit/

*Someone* seems keen to delete Wikipedia's article on Appin, the cyber mercenary firm we wrote about last year:

https://en.wikipedia.org/wiki/Wikipedia:Articles_for_deletion/Appin_(company)_(2nd_nomination)

The second edition of TumpiCon is here!
📅 June 27-28, 2025
📍 Somewhere near Turin, Italy
🔒 Invite-only

No flashy stages. No fluff. Just raw, technical, and unfiltered hacking.
More details? If you know, you know.
Follow the trail: https://tumpicon.org

@munin

For those who must use Windows 11 - here is how to disable Recall:

- Open a command prompt as Administrator (Local Admin should do)
- Type: Dism /Online /Disable-Feature /FeatureName:Recall

Disclaimer
Do understand and Please Read - This may hinder some features of the new file explorer. Because Microsoft never learns.

Backdooring thousands of pagers with explosives and then mass detonating those devices indiscriminately to injure often random humans does not feel like something any nation should be doing, supporting or celebrating. https://www.bbc.co.uk/news/live/cwyl9048gx8t?post=asset%3A45a99d22-17da-4f84-ae51-4c5b7a17b2aa#post

One of the weirdest disconnects happened a few months ago when I received a Mozilla Foundation newsletter about the evils of big corporations building unethical AI. It was a donation appeal so they could gear up to "fight" against companies like OpenAI.

This doesn't seem strange until you consider that Mozilla is currently paying a ChatGPT Enterprise license for all ~1000 of its employees. And encouraging them to use it for productivity, brainstorming, & code.

Yea, it didn't sit well. At all.

Amazon’s $1,600 Astro robot has FOUR CPUs running Linux?!!!

Amazon lists four CPUs in the specs (“2x Qualcomm QCS605, 1x Qualcomm SDA660, 1x processor with Amazon AZ1 Neural Edge”)

iFixit’s teardown shows the Snapdragon 660 (a smartphone CPU) and the Mediatek MT8512 (the CPU from the Echo Show 10)… apparently just to run the tablet at the front!

On another board, there’s the pair of QCS605 octa-core CPUs (likely for image processing).

https://www.ifixit.com/News/70384/amazon-astro-teardown

https://www.amazon.com/Introducing-Amazon-Astro/dp/B078NSDFSB

This is truly Amazon’s Juicero.

Just two days left until the first hearing in Newag's lawsuit against us (Dragon Sector members) and SPS. It will take place on 28.08.2024 at 10:00. In case you've missed it, we're being accused of infringing upon Newag's intellectual property and unfair competition. This is, of course, bullshit and a great example of a SLAPP case.

Pleased to announce the launch of Surveillance Watch, an interactive map and resource that documents the hidden connections within the opaque surveillance industry: https://www.surveillancewatch.io/

By mapping out the intricate web of surveillance companies, their subsidiaries, partners, and financial backers, we hope to expose the enablers fueling this industry's extensive rights violations, ensuring they cannot evade accountability for being complicit in this abuse.

#Privacy #Surveillance #InfoSec

#Bitwarden native mobile apps are finally getting rolled out.

New users will get the native app when first installed from your app store.

Existing users will get gradually rolled out in the coming weeks.

Android users must be on Android 10 or higher. iOS must be on iOS 15.0 or higher.

Older mobile OSes will keep using the existing app, just won't get the new native refresh.

#passwords

Back in December 2023 our researchers @thezero, @suidpit, and @mindlaess_ performed an audit sponsored by @awscloud and facilitated by @ostifofficial on boost.
It resulted in 7 findings and 15 new fuzzers.
The report is now public, check the details here: https://www.shielder.com/blog/2024/05/boost-security-audit/