Privacy

Oligarchs whose business empire was under investigation by the Serious Fraud Office spied on lawyers who ran some of the UK’s most sensitive criminal cases.

The Guardian has obtained surveillance images of former SFO prosecutors taken by hired spies. Their goal is said to have been gathering information on the agency’s activities, identifying its sources and gaining “leverage”.

Instagram’s new location-sharing update is raising privacy concerns, with users reporting their whereabouts were shared without their knowledge despite Meta saying the update is opt-in.

Experts warn that location-sharing features are linked to a higher risk of tech-based coercive control.

The controversy follows other recent privacy issues for Meta, including a lawsuit over the misuse of sensitive health data from a women’s health tracking app.

Running JavaScript from inside an image? What could possibly go wrong?

Dropsitenews published a list of websites Facebook uses to train its AI on. Multiple Lemmy instances are on the list as noticed by user BlueAEther

Hexbear is on there too. Also Facebook is very interested in people uploading their massive dongs to lemmynsfw.

Full article here.

Link to the full leaked list download: Meta leaked list pdf

Transcript

A post by [object Object] (@zzt@mas.to) saying: courtesy of @davidgerard@circumstances.run, Proton is now the only privacy vendor I know of that vibe codes its apps: In the single most damning thing I can say about Proton in 2025, the Proton GitHub repository has a “cursorrules” file. They’re vibe-coding their public systems. Much secure! I am once again begging anyone who will listen to get off of Proton as soon as reasonably possible, and to avoid their new (terrible) apps in any case. https://circumstances.run/@davidgerard/114961415946154957

It has a reply by the author saying: in an unsurprising update for those familiar with how Proton operates, they silently rewrote their monorepo’s history to purge .cursor and hide that they were vibe coding: https://github.com/ProtonMail/WebClients/tree/2a5e2ad4db0c84f39050bf2353c944a96d38e07f

given the utter lack of communication from Proton on this, I can only guess they’ve extracted .cursor into an external repository and continue to use it out of sight of the public

Privacy groups report a surge in UK police facial recognition scans of databases secretly stocked with passport photos lacking parliamentary oversight.

Big Brother Watch says the UK government has allowed images from the country's passport and immigration databases to be made available to facial recognition systems, without informing the public or parliament.

The group claims the passport database contains around 58 million headshots of Brits, plus a further 92 million made available from sources such as the immigration database, visa applications, and more.

Microsoft is pushing hard for Windows users to shift from using passwords to its Hello biometrics system, but researchers sponsored by the German government have found a critical flaw in its business implementation.

In a presentation at the Black Hat conference in Las Vegas, Dr Baptiste David and Tillmann Osswald from independent security shop ERNW Research demonstrated how one can crack the Hello system and a local admin, or someone who has access to their credentials via malware or other means, can inject biometric information into a computer that would allow it to recognize any face or fingerprint.

Discover Hidden Gems: Open-Source Software You Should Know About

We all love open-source software, but there are so many amazing projects out there that often go unnoticed. Let's change that! Share your favorite open-source software that you think more people should know about. Here’s how you can contribute:

1. Single Option Per Comment: Mention one open-source software per comment to be able to easily find the most popular software.
2. No Duplicates: Avoid duplicating software that has already been mentioned to ensure a wide variety of options.
3. Upvote What You Love: If you see a software that you also appreciate, upvote it to help others discover it more easily.

Check out last year's post for more inspiration: Last Year's Post

Let's create a comprehensive list of open-source software that everyone should know about!

Ron Deibert, the director of Citizen Lab, one of the most prominent organizations investigating government spyware abuses, is sounding the alarm to the cybersecurity community and asking them to step up and join the fight against authoritarianism.

On Wednesday, Deibert will deliver a keynote at the Black Hat cybersecurity conference in Las Vegas, one of the largest gatherings of information security professionals of the year.

Ahead of his talk, Deibert told TechCrunch that he plans to speak about what he describes as a “descent into a kind of fusion of tech and fascism,” and the role that the Big Tech platforms are playing, and “propelling forward a really frightening type of collective insecurity that isn’t typically addressed by this crowd, this community, as a cybersecurity problem.”

Deibert described the recent political events in the United States as a “dramatic descent into authoritarianism,” but one that the cybersecurity community can help defend against.