Shamar @Shamar@qoto.org

Ecco la presentazione del nostro piano d'azione per attuare gli impegni di @CoARAssessment https://zenodo.org/doi/10.5281/zenodo.11553723 Quanto per noi è facile, perché siamo indipendenti dalla valutazione di stato, è invece molto difficile per gli enti sotto il suo tallone (https://commentbfp.sp.unipi.it/maria-chiara-pievatolo-the-scale-and-the-sword-statal-science-and-research-evaluation/) Gli italiani, come mostra la vicenda dei #nutriscore (https://ilfattoalimentare.it/italia-blocca-nutri-score.html), sono peraltro bravissimi a far fallire iniziative europee quando capita che siano a favore dei molti invece che dei pochi.

Le slide della nostra presentazione al Capitolo nazionale italiano del 6 giugno 2024 sono visibili qui: abbiamo cercato di spiegare perché quanto risulta difficile per gli enti soggetti alla valutazione di stato italiana è invece per noi facile.

https://aisa.sp.unipi.it/presentazione-del-piano-dazione-di-aisa-per-lapplicazione-degli-accordi-di-coara-6-giugno-2024/

#Napoli, comitato per l'#acqua pubblica contro il sindaco Manfredi. Padre #Zanotelli si incatena in piazza Municipio

In prima fila il padre comboniano Alex Zanotelli che si è incatenato contro la modifica dello statuto dell’azienda speciale del Comune di Napoli per il ciclo delle acque, Abc (Acqua Bene Comune).

Zanotelli ha spiegato: “Come deciso nel referendum sull’acqua del 2011, questo bene deve essere sottratto al mercato e alle logiche di #profitto”.
https://www.ildesk.it/campania/napoli-comitato-per-lacqua-pubblica-contro-il-sindaco-manfredi-padre-zanotelli-si-incatena-in-piazza-municipio/

Elezioni Europee: nell'Europarlamento uscente solo 4 italiani hanno preso una posizione netta contro #Chatcontrol

@eticadigitale

Sono i tre MEP ex M5S Corrao, che non si ricandida, Pedicini, candidato con Pace, terra, dignità di Santoro e Rosa D'Amato, candidata con Alleanza Verdi SInistra come il 4o MEP, Smeriglio che allora votò in dissenso con il PD e col gruppo PSE).

Qui potete vedere le posizioni dei MEP di tutti i paesi:

https://mepwatch.eu/9/vote.html?v=164216&country=

To those people who are coming at me about security training - at best, it reduces the problem, but doesn’t come close to eliminating it. And you’ve not lived until you have a person who opened the wrong email being skewered by senior management, who insists the whole thing was their fault, after all, “they took the training”

No, I am not on that train. It is part of a program, but it is NOT a security control. I will die on this hill.

It just clicked in my brain. What I haven't been able to articulate about why I'm so anxious about #Windows Recall. I'm sure others have already gotten to where I am.

It's worse than "a system that tracks everything you do" and stores that info in a basic database that could be easily compromised.
It's worse than a nanny surveillance tool for companies to spy on their employees.

It's inescapable.

It doesn't matter if I make a dozen "how to disable recall" tutorials. The second YOUR data shows up on someone ELSE'S screen, it's in THEIR recall database.

It won't matter if you're a master #security expert specialist. You can't account for EVERY other computer you've ever interacted with. If a family member looks up an old email with your personal data in it, your data is now at risk.

If THEIR system is compromised YOUR data is at risk.

I just went from "vague feeling of unease" to "actively writing templates to canvas elected officials, regulators, and attorneys general."

Google Leak Reveals Thousands of Privacy Incidents (incluso registrazione di voce di bambini) https://blog.quintarelli.it/2024/06/google-leak-reveals-thousands-of-privacy-incidents-incluso-registrazione-di-voce-di-bambini/

🚨 noyb has filed two complaints against #Microsoft (365 Education) for violating children's data protection rights!

👉 The company shifts responsibility for #GDPR compliance to local schools...

👉 ...and places tracking cookies without consent

Read all about it here:

https://noyb.eu/en/microsoft-violates-childrens-privacy-blames-your-local-school

🚨 BREAKING 🚨

We've sent an open letter with 60+ orgs to the EU urging them to protect your #privacy.

Defend #encryption! 🔒 ➡️ https://tuta.com/blog/joint-statement-eu-compromise-csam-scanning

Chatcontrol sta arrivando: gli utenti che rifiutano la scansione non potranno condividere foto e link

Lo riporta Euractiv e lo confermano documenti interni. La Francia considera in linea di principio la nuova proposta di “moderazione degli upload” come un’opzione praticabile

@eticadigitale

https://pirati.io/2024/06/possibile-accordo-di-maggioranza-per-chatcontrol-gli-utenti-che-rifiutano-la-scansione-non-potranno-condividere-foto-e-link/

@ayo >the lack of browser-integrated account and session management is a major contributor to the centralization of the web.
I'm not sure what you're on about - the main reason why the proprietary web is so centralized is due to how google pushes a browser-integrated user account in google chrome.

I don't see a way how you could add proprietary global accounts to a browser and not centralize the crap out of everything (after all, each proprietary account results in centralization if it can be used with more than one website).

>Github as an example, here's how most people would comment on a project's issue tracker:
>Open issues page -> write comment.
No, that is not how it works.

It's; >Open issues page -> go to sign-up form -> run the proprietary malware JavaScript -> open password manager -> generate & save password -> back to sign-up form -> Agree to surrender your soul -> open email program -> (wait for email to arrive) -> click link in email -> go back to issues page -> write comment.

If I remember correctly, there's the option to "sign up" with a google account as well and a few more botnet providers and you just need to enter a username, but that's in total more steps than the email method.

People seem to be preconditioned to be glad to sell their soul to one botnet "platform" despite the busywork required to sign up and unreasonable, as it only really needs to be done once (and "everyone uses it"), but then complain when it comes to "signing up" for an account on another forge under reasonable terms.


For any decent project, the ability to post an issue is an simple as;
>With literally any email software (or handcraft an SMTP message with netcat and make up a from: email), send an email to the mailing list detailing the issue - no "sign-up" with any account required (many GNU Mailman based mailing lists request that you subscribe to the list to send emails to it, but that's entirely optional, as the email will just go to the list moderator for approval if you don't subscribe)
Or even better;
>Fix the issue >Send in that patch with git send-email

The vigilance should never stop. With #earnit, #onlineharms, #chatcontrol the legislatures seek to break encryption and read your DMs.

https://chaos.social/@onepict/103651892192364802

Back in August 1996 @ietf
 thought incredibly carefully about cryptography and the internet.  

https://tools.ietf.org/html/rfc1984  

Even back then governments were trying to interfere with the internet with weak cryptography.  I love the RFC number.   Read each point. It's still very relevant all these years later.

#RFC1984

@Shamar @mcp_ É colorata con vernice tecnologica e condita con una buona dose di psicopatia, ma quello che racconta l'articolo è semplicemente la buona vecchia Cosa Nostra - vale a dire un potere informale che cerca di ridimensionare, infiltrare e sottomettere il potere formale dello stato di diritto. Non che non fosse un esito prevedibile dell'ideologia neoliberale. Ecco un testo vecchissimo, scritto in tempi non sospetti: https://archiviomarini.sp.unipi.it/723/

Wait until Recall is enforced for schools or business computers so the sys admins or whatever decides it can enforce "only allowed activities on these machines" then constantly check and enforce it by having some AI analysing it all searching for "bad activity"

🍌🙃

Things I’ve been asked to produce over the years as a manager in security:

- Blockchain strategy
- Metaverse strategy
- Generative AI strategy

Amount of times this has had any value: 0

Perhaps the reason businesses largely haven’t grown for a decade is because they have failed to concentrate on ensuring good operations and making products customers care about.. but instead they’ve rushed off the latest fad cliff like Lemmings.

Your WiFi router is leaking its precise location… but you can easily change that.

Recently, researchers discovered that Apple was leaking every WiFi router’s precise latitude and longitude to anyone who would ask. They even send you the location of the 400 closest WiFi routers around it.

If you are interested in the technical details and the reason for it, you can read this excellent article on Brian Krebs’ blog.

Fortunately, we have a rather simple way to remove our WiFi Access Points out of this massive collection by Apple and Google (Yes, Google does it too, although they don’t leak your location to anyone that asks).

The method to opt-out, that both tech companies propose, is they will ignore any WiFi that has a name that ends with “_nomap”.

The owner of a Wi-Fi access point can opt it out of Apple’s Location Services — which prevents its location from being sent to Apple to include in Apple’s crowd-sourced location database — by changing the access point’s SSID (name) to end with “_nomap.” For example, “Access_Point” would be changed to “Access_Point_nomap.”

https://support.apple.com/en-us/102515

Now, I guess we have to trust they actually do this, but not doing it would expose them to be caught lying about respecting people’s privacy. That’d be too damaging to their brand.

So now, the hardest part is, you’ll probably have to find the way to login into your router again (it’s probably sitting at http://192.168.1.1 or http://192.168.0.1 ), change the name of the WiFI that was probably set by default by your Internet provider and, at the minimum, add “_nomap” at the end of it.

Then you’ll have to reconnect every piece of smart home equipment you own, from your Roomba to your dishwasher, to your new WiFi network. And congratulate yourself for that hard work, because here is one bit of private information Big North American Tech is not capitalizing on anymore.

If you regularly set your mobile phone as a hotspot, you’ll probably want to do the same with the name of that network. Apple does provide a mechanism by default to protect iPhone users from tracking, but Android doesn’t.

While your changing your WiFi name, you might want to put in a funny one. So I’ve compiled for you a list of puns that end with _nomap.

getlost_nomap
noneed_nomap
cantfind_nomap
youvegot_nomap
nomoney_nomap
nolegend_nomap 
nowoman_nomap
nodetours_nomap
notreasure_nomap
nodirection_nomap
nocompass_nomap
nosurveillance_nomap

You’re welcome.

https://p.xuv.be/one-simple-addition-to-your-wifi-fixes-a-privacy-leak

#Apple #Google #map #privacy #WiFi

Tech companies will not save our kids. But, even when we introduce strong law, we fail to enforce it.

When democratic rulemaking doesn’t change anything, we have a big problem.

It's time to focus on enforcing the law.

We have the tools: GDPR and AVMSD.

https://iccl.ie/news/tech-companies-will-not-save-our-kids-iccl-speaks-at-oireachtas-childrens-committee/

🇬🇧🚨Beware: The #ChatControl proposal which has been stalling could be adopted by EU governments after all. France is considerung to give up its resistance.

The "compromise": Either you agree to have your chats scanned or you can no longer share&receive pictures/videos and links!

Read all about it: https://www.patrick-breyer.de/en/majority-for-chat-control-possible-users-who-refuse-scanning-to-be-prevented-from-sharing-photos-and-links/