Favorite Security researchers at Citizen Lab discovered a number of cryptographic vulnerabilities in the Sogou Input Method keyboard software made by Tencent, the most popular input method in China. These vulnerabilities allow adversaries with a privileged network position (such as an ISP or anyone with access to upstream routers) to read the text a user…
All posts tagged Technical Analysis
How Do Different Encrypted Messaging Apps Treat Deleted Messages?
Favorite A feature of various end-to-end encrypted (E2EE) messaging apps and other non E2EE social media messaging are disappearing messages, which automatically delete after a set period of time. This feature may be useful for general privacy within your extended network, high-risk users, and preemptively clearing side conversations easily within linear chats. However, different messaging…
Android TV Boxes Sold on Amazon Come Pre-Loaded with Malware
Favorite Certain Android TV Box models from manufacturers AllWinner and RockChip, available for purchase on Amazon, come pre-loaded with malware from the BianLian family, a variant of which we investigated last year. The malware, discovered by security researcher Daniel Milisic, adds your smart set-top box to a botnet for initiating coordinated attacks. Affected models include…
Uncle Sow: Dark Caracal in Latin America
Favorite In 2018, EFF along with researchers from Lookout Security published a report describing the Advanced Persistent Threat (APT) we dubbed “Dark Caracal.” Now we have uncovered a new Dark Caracal campaign operating since March of 2022, with hundreds of infections across more than a dozen countries. In this report we will present evidence that…
Is Mastodon Private and Secure? Let’s Take a Look
Favorite This post is part of a series on Mastodon and the fediverse. We also have a post on why the fediverse will be great—if we don’t screw it up, and more are on the way. With so many users migrating to Mastodon as their micro-blogging service of choice, a lot of questions are being…
Snowflake Makes It Easy For Anyone to Fight Censorship
Favorite Tor, the onion router, remains one of the most effective censorship circumvention technologies. Millions of people use the Tor network every day to access the internet without fear of surveillance and censorship. Most people get on the Tor network by downloading the Tor Browser and connecting to a relay. But some countries, such as…
Study of Electronic Monitoring Smartphone Apps Confirms Advocates’ Concerns of Privacy Harms
Favorite Researchers at the University of Washington and Harvard Law School recently published a groundbreaking study analyzing the technical capabilities of 16 electronic monitoring (EM) smartphone apps used as “alternatives” to criminal and civil detention. The study, billed as the “first systematic analysis of the electronic monitoring apps ecosystem,” confirmed many advocates’ fears that EM…
EFF’s “Cover Your Tracks” Will Detect Your Use of iOS 16’s Lockdown Mode
Favorite Apple’s new iOS 16 offers a powerful tool for its most vulnerable users. Lockdown Mode reduces the avenues attackers have to hack into users’ phones by disabling certain often-exploited features. While providing a solid defense against intrusion, it is also trivial to detect that this new feature is enabled on a device. Our web…
Keeping Your Smart Home Secure & Private
Favorite Here at EFF, we fight hard to ensure your security and privacy rights are maintained in the digital world. Back when we were founded in 1990, a dream of a world united by the internet was accompanied by forward-thinking visions of connected devices of all kinds making our lives more convenient and luxurious. The…
Daycare Apps Are Dangerously Insecure
Favorite Last year, several parents at EFF enrolled kids into daycare and were instantly told to download an application for managing their children’s care. Daycare and preschool applications frequently include notifications of feedings, diaper changes, pictures, activities, and which guardian picked-up/dropped-off the child—potentially useful features for overcoming separation anxiety of newly enrolled children and their…