Google Got a VPN! - Surveillance Report 24

welcome to sr 24 covering the news from

october

10th to november 7th um we're already in

november

life is moving very quickly hopefully

everyone will survive

past 2020. things are always interesting

this year

welcome to surveillance report this is

where we cover our weekly

ish security and privacy news and this

is sr24 so welcome aboard

uh this episode is brought to you by our

patreon community which

we are we recently hit 80 and now we're

back to 78 so let's let's keep moving

those numbers

up um we want to get as many patrons as

possible support our work and i want to

definitely thank all of our current

patrons

for helping support us up until this

point so

yeah tag along there's a lot of cool

benefits and there's lots of cool things

there waiting for you there's a new

theme now

and yeah it's it's awesome just tag

along so as always we have our

categories today

we are going to start with companies

just like every week

and google gets to kick things off so

google has released their own vpn

right of course i mean you remember

facebook released a novo

back back then and now google has their

own thing this is exclusive to google

one subscribers and it's part of the two

terabyte plan

and everything's packaged together yeah

you know considering the thing with vpns

is you're pretty much transferring trust

from your isp to a company i don't know

if you're going to want to be using

google

as a vpn company i don't i'm not quite

sure if google's any more trustworthy

than your isp

so i guess think about that if you

decide to go with this i'd

probably recommend some free vpns before

recommending

the google one vpn like proton vpn and

winscribe's free plan are probably a

little bit more trustworthy than this

zoom is back on the news as well so um

they've been on the news a lot ever

since lockdown happened and they've been

very much uh under the microscope for

security concerns and one of the things

that they never

actually implemented was end-to-end

encryption and video calls which they

claimed to do in their marketing which

is why it was such a big deal it was

never

implemented um they did promise to

introduce that and it is finally

here so yeah this will be a slow phase

in supposedly where users must first use

the official client

and it's limited to i think 200

participants for both paid

and free accounts so they're not

paywalling that which is really nice

um overall good um it's about time

so uh hopefully other people will catch

up to them it's nice to see someone

introduce end to end encryption for

video calls

so good job zoom uh better late than

never

the next story i want you to go in with

an open mind

because edge come on edge is kind of the

mean browser

previously known as internet explorer i

just want to clear the record

new edge isn't that bad if you've ever

used new edge it's based on chromium

it's kind of like brave in a way but

without the crypto crap

it's even got like the tracking blocking

built in and it's got some privacy tools

built in

it's it's not bad right i'm not saying

it's

the browser i recommend you use but it's

not bad if you've actually used the new

edge

it's actually a decent browser it's

recently passed up firefox as the second

most popular browser people are using

so yeah um and microsoft has now

released

their chromium-based edge for linux this

supports ubuntu

debian fedora and opensuse officially

and i'm sure you can probably find other

ways to install it on other versions

this is part of the dev version so this

is not an official release

yet but it likely will be very soon um

regardless of whether or not you like

microsoft or edge it's nice to see

software development

occurring on linux and i hope other

companies follow this path i think a big

limitation on the adoption of linux and

other open source software is the lack

of compatibility

with software that people use on a

day-to-day basis so

um yeah it's nice if someone could use

an ipad

and iphone and use linux on their

desktop and all their bookmarks sync

using edge if that's the preferred

browser they use for some reason

i'm not saying it's a realistic scenario

i'm just saying there's someone on this

planet who probably is very happy about

this

whatsapp has announced that you can

remove messages after seven days

automatically so disappearing messages

so this allows you to theoretically

have your messages deleted each week

that was very redundant i don't know why

that's put twice in the script but it

was so

you definitely retained it uh things are

end and encrypted

in whatsapp so in theory only the two

people involved can view the message and

now even that

uh should just go away after seven days

uh signal and pretty much every other

privacy and security messenger has had

this for years

so yeah i mean i'm not i'm not gonna

praise this too much

it's definitely nice to see i think we

should always praise things like this

but

um yeah there's been other people who've

done it and they've implemented it

better

and yeah so try out signal get away from

whatsapp if you can

oh gamers gamers like to stir up a lot

of stuff and it actually affected the

privacy community for once

um so sony rolled out v8 of ps4 software

which now allows for voice chats and

parties to be recorded by other players

sparking some concerns

from players about privacy they are

calling this

garbage which is the most gamer way of

describing something like this

i can possibly imagine on the bright

side they did introduce 2fa

so it's not all bad but yeah kind of

the the gamers aren't a fan of this so

that was the end of

companies and now it's time to go into

the research

side of the weekly news our first

article

talks about seven mobile browsers that

are vulnerable to address bar spoofing

attacks

so an address bar spoofing attack is

when a web browser allows a malicious

website to modify its url

and show a fake one to help a phishing

attack and trick someone into thinking

they're on a legitimate website

this impacted safari opera bolt

uc browser yandex and a couple other

browsers you probably don't

care about out of all these safari and

opera are probably the ones you

might actually use as you could expect

this all came down to messing around

with javascript

uh if security is your utmost priority

and the site is usable without

javascript i recommend you opt

not to use it definitely it's hard to

it's hard to

have javascript off for your entire

browser because a lot of sites are

actually genuinely reliant on it

but if there is a site that you find

untrustworthy it's not a bad move to

disable javascript some browsers

actually make that easy

i know brave inside the shield you can

click the brave shield and you can click

you know turn off javascript for that

one website so

it's pretty good stuff our second and uh

last research article is a study that

was done

to track the number of americans still

using their ex's

passwords oh we are all we've all done

this true story this

the reason to get into a relationship as

a privacy advocate

is to get free netflix without having to

supply personal information

input any subscription service for

netflix spotify disney plus it doesn't

matter

that's what relationships are for if

you're into privacy um

so most passwords shared were for video

streaming

followed by mobile devices so like the

the password that you use

to get into your phone a whopping half

of americans in a relationship

share a social media password and 38

share personal email okay i i cannot

imagine like

actually sharing my personal email

account

with anybody else um the most shocking

was a quarter of respondents

confessed to still tracking their ex's

real-time location

and 30 confessed to secretly logging

into an ex's social media account

at least once um so yeah if you go

through a breakup and you share your

accounts which i don't recommend doing

but if you did do it at the very least

change your passwords after the fact

because

who knows what they're going to post and

then you're going to be held responsible

for it and then

i don't know what are the consequences

going to be for that um

there are a lot more stats that we can't

cover on this video

so i just recommend checking out the

source because it's a pretty fun little

article

i believe it was done by expressvpn it

just did this for fun for some reason so

check it out politics oh man the world

is world is

feisty right now with the elections here

in the united states but before we get

into that we're actually not going to

get into that but before we get kind of

into it

um let's talk about this so members of

the five eyes the intelligence sharing

alliance published a statement calling

on tech companies to come up with a

solution

for law enforcement to access end-to-end

encryption

um we've kind of seen this pattern quite

a lot recently of

subtle ways of trying to attack

end-to-end encryption

and this is just i guess going down that

same path

so australia fell victim in late 2018 to

a partial encryption busting law

and the eu and the us are still standing

strong but there is

more pressure that we've been seeing as

of late

so yeah nothing really has come out of

this yet it's just something to bring to

your attention

on to other news in the u.s a police

surveillance center in jackson

mississippi is conducting a 45-day pilot

program to live stream security cameras

including amazon rings of residents who

opt in so yes a police officer can just

be at his computer

and he can see the live feed of what's

happening with your amazon ring

you do have to be opt into this i guess

the main concern behind this right now

is i would say is the normalcy of this

kind of technology

apple for example plays this really

smart google is really dumb google's

like hey

here here's google glass just swear on

the streets and there's cameras all over

it

and people obviously did not approve of

that and so google glass was not very

socially acceptable

apple played things a lot smarter though

because apple removed all cameras from

their upcoming eye

glass whatever the hell they call it um

so the glasses will be normalized and i

guarantee you over time they will add

cameras to it once it's socially

acceptable uh

i'm guessing this might be a similar

tactic being done by the police

if it's considered more socially

acceptable for the police to

have direct access to your cameras in

your home then other people might start

seeing it as being

okay so yeah doesn't make it okay i'm

just saying that that's probably what's

going on here and it's why you should

be concerned even though this is opt in

even if it's not opt-in if you go to

someone's house who

is opted-in then a police officer might

be watching you go to your friend's

house so think about that too

just because someone else might be doing

it it could still impact you indirectly

but let's get on to positive news which

actually somewhat

involves the election so portland in

maine not

not the oregon one um but portland and

maine has voted in favor to ban

facial recognition this is one of a few

cities now in the united states that's

gone ahead

and banned it all together at least

until there is more regulation

and more backing that the technology is

actually

unbiased and it works properly and it's

privacy friendly so

good job portland maine it's nice to see

that happen

california is currently the only state

with some form of privacy regulation

it's called the california consumer

privacy act the ccpa

and that has now been expanded a bit

with proposition

24. this is actually a bit controversial

since the eff

and a lot of other privacy organizations

stand as a no on prop 24

but the reason is mostly because they

want something

better and they think that this is kind

of a band-aid half-assed solution

either way it's nice to see someone in

the united states seems to give a single

shred of a dam about regulating data and

privacy and it seems like california is

the person who's doing that

so it is nice to see all this i think

that we should give credit

where it's due china sure got spooky

this week as they launched high-tech

bird drones to watch

over their citizens they're called doves

and

they're pretty creepy if you're here

watching the video on youtube it's

some spooky stuff i would check out the

source at the very least in the

description to see a picture of this

thing

i'm guessing you wouldn't be able to

tell it's a fake bird if it's far away

enough from you

so creepy stuff and the craziest part is

that this could just be

made smaller and smaller imagine if

there's like bug drones

sometime in the future where you can't

even see them and they can just fly into

your house

underneath your door isn't that not

creepy

uh very spooky stuff to think about

let's hope that i don't live long enough

and you don't live long enough to ever

have to deal with it

i'm just kidding we should actually step

up and

do something about it while we still can

alright so the next

category is free and open source or fuss

and this is where we cover

the news of updates in the foss

community so the desktop environment kde

plasma just hit version 5.20 which

includes better wayland support and some

polishing and refinements with some new

feature improvements if you want more

information check out the sources and

i'm sure there's a very long change log

with a lot more fine-tuned changes

another person who hit version 5.2 was

line the compatibility layer to run

windows programs inside of linux

they also hit version 5.2 so yeah

there's also a lot of bug fixes and

changes that you can check out on their

website

microsoft open source their windows

calculator app in 2019

and now that app has been ported to

linux

packaged as a snap uh who will do this

with the ios calculator app

and port it to the ipad because i'm

still waiting for an ipad calculator app

and a weather app okay apple you can

screw off with that because it's

ridiculous i can't believe there's no

calculator app on an ipad pro

you're calling this a laptop replacement

well at least my laptop

you know has a calculator all right

another another thing wow it went dark

because the screen's dark okay

open bsd hit version 6.8 as part of

their 25th anniversary

good stuff uh up next the recording

industry association of america

also known as satan's devils on earth

have decided they're tired of tools

enabling people to access music and

videos they shouldn't have

access to rather than finding a real

solution and an effective way of dealing

with piracy

they decided to force take down several

projects on github

including youtube dl a very popular tool

to download youtube videos people are

very upset and are spreading the code

even more

and just bringing more attention to the

entire problem streisand affect anybody

at least the github ceo has spoken out

against this he is against it and is

doing what he can to get the repo

reinstated

either way i think most of us can agree

that the higher-ups of the music

industry

act in the most evil ways and let me

give you guys some tips

if you want to prevent piracy why don't

you just

make music and videos more accessible to

the public

so that way they don't feel like they

have to pirate and they actually get

things for a fair price

just a thought there's a lot of research

done behind that that shows when things

are actually given

conveniently enough and cheaply enough

to the end user they won't feel the need

to pirate but

all right and the misfits you better

have seen this one coming uh

mr donald trump felt it was necessary to

tell some

fun facts about hacking and info

security

uh here's a little clip nobody gets

hacked

to get hacked you need somebody with 197

iq

and he needs about 15 of your password

right

the the infosec community had a blast

over this on twitter

thank you all for the memes uh funny

enough after he said this

his twitter account got hacked by a

researcher who guessed his password

obviously with a 197 iq

then then and then there's another one

his campaign website got hacked as well

by cryptocurrency scammers i had no idea

there were so many people with such high

iqs in the world

so props to them i will still be taking

some duolingo

lessons and whatever other mobile games

are designed to boost your brain

capacity oh gosh those things are

totally legit

i'll get there soon enough and then once

that happens i'll be able to hack

anybody

look at this here the article trump said

nobody gets hacked but forgot his hotel

chain was hacked twice

so i guess there was more that i forgot

to bring up so

yeah lots of 197 iq people out there all

right our last article for the week

um ad block nano is now malicious and

should be removed the creator of hugh

block origin discovered the developers

of nano adblocker

pushed out malicious code this is pretty

serious overall it could have been used

to steal cookies to access your accounts

just a reminder that just because

something is open source does not

make it private and secure for you and

vice versa

so yeah that's that's it just

avoid nano ad blocker this headline's a

little misleading it makes it sound like

every ad blocker

is malicious it's just nano and i guess

nano defender as well

and that my friends is it my laptop is

at 13

battery so i have to wrap this up real

quick uh this video is brought to you by

our patreon community who again

is just looking for your support well

we're looking for your support through

our patreon community

but seriously there's a lot of cool

perks there um it only starts at one

dollar a month and you can actually get

that cheaper if you get it for the year

i think it's like 10

off so it's actually less than a dollar

a month if you get it for the year

and it's like 12 bucks like come on just

give us some support this is all free

information we hope to keep it that way

and

one of the ways that we're able to do

that is because of our patreon community

so thank you all of our patrons and i

we welcome everyone else who wants to

support us um don't forget to like

subscribe follow rates or do whatever

you want to

with surveying support depending on

where you're listening in from right

it's a podcast

and a video so if you're on the podcast

check out the video on youtube peertube

and library and if you're watching the

video there is a podcast if you want to

listen to this

while you're in the bathtub i don't know

whatever you're doing i don't know when

people listen to podcasts but

it's there for you and that's all i have

to share with you there's going to be

another surveying support ideally next

week i'm trying to stick to a better

schedule

and yeah see everybody next time thank

you for listening in

and stay safe out there