They will bring Jesse Faden, current director of the FBC.

I don’t know about exchange, but you can sell your camera on gameloot.in, or maybe cashify.in too.

The company behind the Proton Mail email service, Proton, describes itself as a “neutral and safe haven for your personal data, committed to defending your freedom.”

But last month, Proton disabled email accounts belonging to journalists reporting on security breaches of various South Korean government computer systems following a complaint by an unspecified cybersecurity agency. After a public outcry, and multiple weeks, the journalists’ accounts were eventually reinstated — but the reporters and editors involved still want answers on how and why Proton decided to shut down the accounts in the first place.

Martin Shelton, deputy director of digital security at the Freedom of the Press Foundation, highlighted that numerous newsrooms use Proton’s services as alternatives to something like Gmail “specifically to avoid situations like this,” pointing out that “While it’s good to see that Proton is reconsidering account suspensions, journalists are among the users who need these and similar tools most.” Newsrooms like The Intercept, the Boston Globe, and the Tampa Bay Times all rely on Proton Mail for emailed tip submissions.

Shelton noted that perhaps Proton should “prioritize responding to journalists about account suspensions privately, rather than when they go viral.”

On Reddit, Proton’s official account stated that “Proton did not knowingly block journalists’ email accounts” and that the “situation has unfortunately been blown out of proportion.” Proton did not respond to The Intercept’s request for comment.

The two journalists whose accounts were disabled were working on an article published in the August issue of the long-running hacker zine Phrack. The story described how a sophisticated hacking operation — what’s known in cybersecurity parlance as an APT, or advanced persistent threat — had wormed its way into a number of South Korean computer networks, including those of the Ministry of Foreign Affairs and the military Defense Counterintelligence Command, or DCC.

The journalists, who published their story under the names Saber and cyb0rg, describe the hack as being consistent with the work of Kimsuky, a notorious North Korean state-backed APT sanctioned by the U.S. Treasury Department in 2023.

As they pieced the story together, emails viewed by The Intercept show that the authors followed cybersecurity best practices and conducted what’s known as responsible disclosure: notifying affected parties that a vulnerability has been discovered in their systems prior to publicizing the incident.

Saber and cyb0rg created a dedicated Proton Mail account to coordinate the responsible disclosures, then proceeded to notify the impacted parties, including the Ministry of Foreign Affairs and the DCC, and also notified South Korean cybersecurity organizations like the Korea Internet and Security Agency, and KrCERT/CC, the state-sponsored Computer Emergency Response Team. According to emails viewed by The Intercept, KrCERT wrote back to the authors, thanking them for their disclosure.

A note on cybersecurity jargon: CERTs are agencies consisting of cybersecurity experts specializing in dealing with and responding to security incidents. CERTs exist in over 70 countries — with some countries having multiple CERTs each specializing in a particular field such as the financial sector — and may be government-sponsored or private organizations. They adhere to a set of formal technical standards, such as being expected to react to reported cybersecurity threats and security incidents. A high-profile example of a CERT agency in the U.S. is the Cybersecurity and Infrastructure Agency, which has recently been gutted by the Trump administration.

A week after the print issue of Phrack came out, and a few days before the digital version was released, Saber and cyb0rg found that the Proton account they had set up for the responsible disclosure notifications had been suspended. A day later, Saber discovered that his personal Proton Mail account had also been suspended. Phrack posted a timeline of the account suspensions at the top of the published article, and later highlighted the timeline in a viral social media post. Both accounts were suspended owing to an unspecified “potential policy violation,” according to screenshots of account login attempts reviewed by The Intercept.

The suspension notice instructed the authors to fill out Proton’s abuse appeals form if they believed the suspension was in error. Saber did so, and received a reply from a member of Proton Mail’s Abuse Team who went by the name Dante.

In an email viewed by The Intercept, Dante told Saber that their account “has been disabled as a result of a direct connection to an account that was taken down due to violations of our terms and conditions while being used in a malicious manner.” Dante also provided a link to Proton’s terms of service, going on to state, “We have clearly indicated that any account used for unauthorized activities, will be sanctioned accordingly.” The response concluded by stating, “We consider that allowing access to your account will cause further damage to our service, therefore we will keep the account suspended.”

On August 22, a Phrack editors reached out to Proton, writing that no hacked data was passed through the suspended email accounts, and asked if the account suspension incident could be deescalated. After receiving no response from Proton, the editor sent a follow-up email on September 6. Proton once again did not reply to the email.

On September 9, the official Phrack X account made a post asking Proton’s official account asking why Proton was “cancelling journalists and ghosting us,” adding: “need help calibrating your moral compass?” The post quickly went viral, garnering over 150,000 views.

Proton’s official account replied the following day, stating that Proton had been “alerted by a CERT that certain accounts were being misused by hackers in violation of Proton’s Terms of Service. This led to a cluster of accounts being disabled. Our team is now reviewing these cases individually to determine if any can be restored.” Proton then stated that they “stand with journalists” but “cannot see the content of accounts and therefore cannot always know when anti-abuse measures may inadvertently affect legitimate activism.”

Proton did not publicly specify which CERT had alerted them, and didn’t answer The Intercept’s request for the name of the specific CERT which had sent the alert. KrCERT also did not reply to The Intercept’s question about whether they were the CERT that had sent the alert to Proton.

Later in the day, Proton’s founder and CEO Andy Yen posted on X that the two accounts had been reinstated. Neither Yen nor Proton explained why the accounts had been reinstated, whether they had been found to not violate the terms of service after all, why had they been suspended in the first place, or why a member of the Proton Abuse Team reiterated that the accounts had violated the terms of service during Saber’s appeals process.

Phrack noted that the account suspensions created a “real impact to the author. The author was unable to answer media requests about the article.” The co-authors, Phrack pointed out, were also in the midst of the responsible disclosure process and working together with the various affected South Korean organizations to help fix their systems. “All this was denied and ruined by Proton,” Phrack stated.

Phrack editors said that the incident leaves them “concerned what this means to other whistleblowers or journalists. The community needs assurance that Proton does not disable accounts unless Proton has a court order or the crime (or ToS violation) is apparent.”

Is this really a thing, now, with Spotify? Or is this just a future joke?

It’s like Jellyfin but with a red UI.

Yes, GOS’s camera app is very good. And if you still don’t like it, you can use the proprietary Google camera app, with it’s internet connection disabled. In GOS, when you don’t give an app internet access, it cannot even connect to local services like Google Play Services, if installed, which is not the case in many other custom ROMs.

I would rather host PeerTube. But I want to be a bit discoverable. With self-hosted solutions, I will have to promote myself by myself.

Edit - I just discovered owncast.directory. This changes everything.

Just looked up “Gibby fat cakes” on YouTube.

Context:

Wdym? I am using the latest (1.13.6) on Graphene.

There was a news some time ago, that a man was arrested for clicking nude pictures of children, later it was found out that he was sending pictures of his child to a doctor for diagnosis. How did that happen?

I’ll link the source if I find it.

Update:

NYTimes - https://www.nytimes.com/2022/08/21/technology/google-surveillance-toddler-photo.html

Paywall removed - https://removepaywalls.com/https://www.nytimes.com/2022/08/21/technology/google-surveillance-toddler-photo.html

Yes, this happens. Even if you turn off all the syncing etc, they will shoot an update and all your settings will revert to default. This has happened with my father’s phone a lot.

And even if you keep all these settings off, they are still scanning all photos to check for CSAM.

I highly recommend deGoogling your phone. If you cannot install a custom ROM, check out Universal Android Debloater. There are many sources for degoogling your life. Check out c/degoogle on Lemmy (I forgot the instance name, just search for it). Or if you want we have small group on Signal for deGoogling related talks, DM me and I can share the link to join. (Signal does require a phone number to register, but since usernames are a thing your phone number will not be available publicly.) That group link is disabled, but I can share other group links like Linux and FOSS, or other privacy related groups.

The thing is people expected it to be like the games. If you do not consider the games and keep this separate, it’s a great film!

On my old MacBook, I have Fedora. On my work laptop and gaming PC, I have Nobara. On my home server I have Ubuntu server.

There is no best distro. You should try a few and find one that suits you. If you want something that just works and is relatively stable, go for Fedora. And if you have some peripherals or devices that require proprietary drivers, like Nvidia GPU, broadcom wifi, then go for Nobara.

Mint and Pop_OS are also good.

You will also have to recompile the official apps with the new domain/IP. And then keeping both updated. That’s too much work. I’d rather self-host Matrix without federation. Or XMPP.

I am also running Lineage on Tab 7, but iirc, I flashed it using Linux only.

Edit - i just checked and yes it does require Odin. I don’t remember using windows for this. Does it work using wine?

Not sure about Facebook, but Instagram will definitely ask you for a selfie if you sign-up using a VPN.