this post was submitted on 05 Oct 2023
333 points (98.5% liked)

Technology

59314 readers
4948 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Here is an article where you can read more: https://foundation.mozilla.org/en/blog/mozilla-publishes-ring-doorbell-vulnerability-following-amazons-apathy/

Quoted a portion:

(SAN FRANCISCO, CA | TUESDAY, JUNE 6, 2023) -- Today, Mozilla is publicizing a security vulnerability in Amazon’s Ring Wireless Video Doorbell. Mozilla shared the vulnerability with Amazon over 90 days ago, but Amazon has yet to address the issue. Now, per industry standards, Mozilla is sharing its findings publicly to alert Ring Doorbell users and to further pressure Amazon to take action.

Following a penetration test of the Ring Doorbell conducted in October-November 2022, Mozilla and collaborator Cure53 determined that the device is vulnerable to Wi-Fi deauthentication attacks. Bad actors can leverage these weaknesses to disconnect the device from the internet using easily-accessible tools.

As a result, those bad actors could take the doorbell offline and then have their activities go unrecorded — undermining the product’s core purpose. Even after the doorbell is reconnected to the internet, a user will receive no alert about the attack.

Mozilla’s disclosure comes just days after Ring’s $5.8 million settlement with the Federal Trade Commission (FTC) over other serious privacy and security issues. The FTC found that “Ring’s poor privacy and lax security let employees spy on customers through their cameras, including those in their bedrooms or bathrooms, and made customers' videos, including videos of kids, vulnerable to online attackers.”

you are viewing a single comment's thread
view the rest of the comments
[–] Engywuck@lemm.ee 1 points 1 year ago (1 children)
  1. one can learn
  2. I can monitor DNS queries rom my own adblocker DNS server and all my DNS queries are forced through it. All other DNS servers includind DoT, DoH are blockes/redirected.
  3. See 2)
  4. A good start is to buy stuff you know you (almost) completely own. Thus, non-iStuff
[–] Salvo@aussie.zone 1 points 1 year ago

Analogies are always terrible but here are some analogies for the options you are offering.

Most people live in cities and suburbs. Downtown and Suburbia are the safe places, heavily policed and everyone is expected to conform. There are also other parts of Cities that are not heavily policed by government enforcement; they are policed by Organised crime.

Then there are people who live in the country. Some are Farmers or other Primary Industry workers, some are Moneyed individuals who own hobby farms or ranches, some live in Cultural Communes or Religious Retreats/Compounds.

The Apple Ecosystem is for the city dwellers in comfortable environments. They won’t mind certain restrictions because they know that they benefit from the security of those restrictions. Google Pixels also fall into this community, but only because there is always that weird person at the dinner party who is a little bit different, but they are still safe to be around.

The Aftermarket Android market is that part of town that your parents told you to stay away from. You can go there if you like, you might even have a good time taking drugs or spending time with sex workers, but you run the risk of getting a horrible VD or bad fit cut with drain cleaner. Even if you are street-smart, there may be someone who is smarter than you who can get past your defences.

Out in the country, people aren’t as reliant on technology, they are too busy doing “real work”. They have a phone that makes phone calls (when they have reception), take photos and send text messages. These people have Dumb Phones.

In communes and religious communities that are very insular, there is usually one person (or group of people) in charge that dictates what everyone does. They can usually spend the time to tweak their systems to best suit their community members, while their community members are busy growing food, repairing shelters and doing the menial work it takes to make a small community successful. These are the Linux-on-Phone users.

I would love to be a Linux-on-Phone user, but since I work 8-5 every day, and if I want a management role, I would need to continue working from home after hours, I use an iPhone and UniFi home network. I’m not stupid enough to use an ISP supplied router, I don’t even have time to roll-my-own-Linux or BSD-based network using something like pfSense.