https://web.archive.org/web/20250915135020/https://www.404media.co/airlines-sell-5-billion-plane-ticket-records-to-the-government-for-warrantless-searching/

cross-posted from: https://programming.dev/post/37353326

cross-posted from: https://programming.dev/post/37278389

Optical blur is an inherent property of any lens system and is challenging to model in modern cameras because of their complex optical elements. To tackle this challenge, we introduce a high‑dimensional neural representation of blur—the lens blur field—and a practical method for acquisition.

The lens blur field is a multilayer perceptron (MLP) designed to (1) accurately capture variations of the lens 2‑D point spread function over image‑plane location, focus setting, and optionally depth; and (2) represent these variations parametrically as a single, sensor‑specific function. The representation models the combined effects of defocus, diffraction, aberration, and accounts for sensor features such as pixel color filters and pixel‑specific micro‑lenses.

We provide a first‑of‑its‑kind dataset of 5‑D blur fields—for smartphone cameras, camera bodies equipped with a variety of lenses, etc. Finally, we show that acquired 5‑D blur fields are expressive and accurate enough to reveal, for the first time, differences in optical behavior of smartphone devices of the same make and model.

I am currently using Librewolf.

But Zen & floorp browser looks beautiful.

What do you suggest?

I personally like the looks of Zen.

I would also appreciate any tips to make Zen more secure than it already is.

Edit: consider this too

Negative post about zen: https://www.reddit.com/r/LibreWolf/comments/1ezumu7/comment/ljnjx2b/

Positive post about zen: https://www.reddit.com/r/browsers/comments/1fz7j9s/comment/lqzklza/

cross-posted from: https://programming.dev/post/37262246

More than twenty countries have signed on to the nonbinding Pall Mall Process Code of Practice for States since it was launched in April 2025 by the United Kingdom (UK) and France. Its focus is to “tackle the challenges posed by the proliferation and irresponsible use of commercial cyber intrusion capabilities (CCICs).” CCICs encompass a broad array of tools, including spyware—a kind of malicious software that allows “unauthorized remote access to an internet-enabled target device” for surveillance and/or data extraction. One of the pillars of the Code of Practice for States is accountability, under which countries are encouraged to establish or apply national frameworks to regulate the “development, facilitation, purchase, transfer, and use of” spyware.

Establishing new domestic frameworks or even analyzing which existing national or international frameworks apply to spyware-related activity will take significant time, likely years. Meanwhile, new instances of spyware abuses against journalists and other human rights defenders continue. It is therefore not surprising that the Code of Practice for States also recommends measures to incentivize responsible activity, encourage the use of export control and licensing frameworks, and provide support for victims. It is on one such measure for victim support that this report focuses: “procedures for those claiming redress as a result of the irresponsible use of CCICs, including ensuring access to effective judicial or non-judicial remedies.” Specifically, this report explores how existing tort law relating to abnormally dangerous activities in the United States and the UK could provide a ground for bringing cases related to spyware abuses.

Tort law allows individuals to take accountability into their own hands, which is especially important when processes to enact binding obligations on actors involved in developing and selling spyware can take years and there is no guarantee they will be successful. However, tort law differs by country and, within the United States, even by state. This makes research difficult and, at a larger scale, inconsistent. Additionally, litigation is very resource intensive both in terms of money and time and governments are typically shielded from civil liability. It is simply not possible for every victim of a spyware abuse to bring a case against the actor(s) responsible. In that sense, it is not recommended to rely exclusively on tort law for accountability, but to use it as a supplementary measure while continuing to pursue parallel efforts at regulation.

With that framing, this report looks at the possibility of bringing cases under strict liability for abnormally dangerous activities in California and the UK. These two jurisdictions were chosen because of the similarities in their legal systems, the fact that civil cases have been brought in California against spyware developers, and since the UK is one of the countries that launched the Pall Mall Process. The author is not aware of any previous cases brought under this theory of liability with respect to spyware. Given the six-factor definition of abnormally dangerous activities in California, the fact that a court decides whether an activity qualifies, and recent developments regarding jurisdiction over foreign defendants and significant damages awards, it could be possible, although still difficult, to bring a case there under this theory related to spyware harms. The development of the same doctrine in the UK, however, cautions against attempting this novel argument there. For UK plaintiffs, more research is needed on alternative grounds under tort.

cross-posted from: https://programming.dev/post/37194712

Technical Report.

cross-posted from: https://programming.dev/post/37138319

Full Report: “Shadows of Control”.

Investigation Partners

• Paper Trail Media;
• DER STANDARD;
• Follow the Money;
• The Globe and Mail;
• Justice For Myanmar;
• InterSecLab;
• The Tor Project.

The investigation exposes how Pakistani authorities have obtained technology from foreign companies, through a covert global supply chain of sophisticated surveillance and censorship tools, particularly the new firewall (the Web Monitoring System [WMS 2.0]) and a Lawful Intercept Management System (LIMS). The report documents how the WMS firewall has evolved over time, initially using technology supplied by Canadian company Sandvine (now AppLogic Networks). Following Sandvine’s divestment in 2023, new technology from China-based Geedge Networks, utilising hardware and software components supplied by Niagara Networks from the U.S. and Thales from France, were used to create a new version of the firewall. The Lawful Intercept Management System (LIMS) uses technology from the German company, Utimaco, through an Emirati company called Datafusion.

https://web.archive.org/web/20250908160532/https://www.404media.co/ice-spends-millions-on-clearview-ai-face-recognition-to-find-people-assaulting-officers/

Hello!

I have made a decentralised file system, like a cloud drive, but fully decentralised.

I feel it's time to test it more thoroughly, and publish it. To get feedback and well let users use it!

So my question is, anyone wants to try it out?

It's very easy to setup, you basically just need to forward 1 port and run a script. Or do the manual install which is just a couple of steps.

Sharing is very easy:

10f -i my_stuff image.jpg

Anyone curious enough to try it out?

Cheers

Valmond

PS. If you want to check it out, the whole story is here including quick setup, examples and so on. PPS. For the daring: Codeberg repo

cross-posted from: https://feddit.org/post/18547034

In the past, if you broke or lost your phone, your Signal message history was gone. This has been a challenge for people whose most important conversations happen on Signal. Think family photos, sweet messages, important documents, or anything else you don’t want to lose forever. This explains why the most common feature request has been backups; a way for people to get Signal messages back even if their phone is lost or damaged.

After careful design and development, we are now starting to roll out secure backups, an opt-in feature. This first phase is available in the latest beta release for Android. This will let us further test this feature in a limited setting, before it rolls out to iOS and Desktop in the near future.

Here, we’ll outline the basics of secure backups and provide a high-level overview about how they work and how we built a system that allows you to recover your Signal conversations while maintaining the highest bar for privacy and security.

Secure Backups 101

Secure backups let you save an archive of your Signal conversations in a privacy-preserving form, refreshed every day; giving you the ability to restore your chats even if you lose access to your phone. Signal’s secure backups are opt-in and, of course, end-to-end encrypted. So if you don’t want to create a secure backup archive of your Signal messages and media, you never have to use the feature.

If you do decide to opt in to secure backups, you’ll be able to securely back up all of your text messages and the last 45 days’ worth of media for free.

If you want to back up your media history beyond 45 days, as well as your message history, we also offer a paid subscription plan for US$1.99 per month.

This is the first time we’ve offered a paid feature. The reason we’re doing this is simple: media requires a lot of storage, and storing and transferring large amounts of data is expensive. As a nonprofit that refuses to collect or sell your data, Signal needs to cover those costs differently than other tech organizations that offer similar products but support themselves by selling ads and monetizing data.

Anatomy of Secure Backups: Privacy First, Always

At Signal, our commitment to privacy informs which features we build and the ways that we build them.

Using the same zero-knowledge technology that enables Signal groups to work without revealing intimate metadata, backup archives are stored without a direct link to a specific backup payment or Signal user account.

At the core of secure backups is a 64-character recovery key that is generated on your device. This key is yours and yours alone; it is never shared with Signal’s servers. Your recovery key is the only way to “unlock” your backup when you need to restore access to your messages. Losing it means losing access to your backup permanently, and Signal cannot help you recover it. You can generate a new key if you choose. We recommend storing this key securely (writing it down in a notebook or a secure password manager, for example).

These choices are part and parcel of Signal’s guiding mission to collect as close to no data as possible, and to make sure that any information that is required to make Signal robust and usable cannot be tied back to the people who depend on Signal. This is why wherever there’s a choice between security and any other objective, we’ve prioritized security.

Enabling Secure Backups

If you want to opt in to secure backups, you can do so from your Signal Settings menu. For now, only people running the latest beta version of Signal on Android will be able to opt in. But soon, we’ll be rolling this feature out across all platforms.

Once you’ve enabled secure backups, your device will automatically create a fresh secure backup archive every day, replacing the previous day’s archive. Only you can decrypt your backup archive, which will allow you to restore your message database (excluding view-once messages and messages scheduled to disappear within the next 24 hours). Because your secure backup archive is refreshed daily, anything you deleted in the past 24 hours, or any messages set to disappear are removed from the latest daily secure backup archive, as you intended.

Backing up, moving forward

We’re excited to introduce secure backups, making sure you can retain access to your Signal messages even when your phone is lost or destroyed. But secure backups aren’t the end of the road.

The technology that underpins this initial version of secure backups will also serve as the foundation for more secure backup options in the near future. Our future plans include letting you save a secure backup archive to the location of your choosing, alongside features that let you transfer your encrypted message history between Android, iOS, and Desktop devices.

Secure backups are available in today’s Android beta release. A full public release, along with iOS and Desktop support, is coming soon.

cross-posted from: https://lemmy.dbzer0.com/post/52731585

I was reading around about private browsers and I came across mullvad's browser (only know them for the VPN), do you have experience using it? does it do anything different? I currently use librewolf and from what I can see the mullvad browser also is build from firefox. I generally prefer firefox-like browsers to chromium since i like way its set up and what it allows me to do. Its supposedly build by the same guys who made the tor browser (tbh i feel like thats just marketing). From their website it says its tor without tor but instead with a VPN. So technically I can accomplish the same thing with librewolf and a VPN?? Does the mullvad browser do anything new/different? One thing they do mention is browser fingerprinting does it do anything special to combat that? if i switch to mullvad instead but still have the same extensions is it more private?

I saw a message asking why serious attacks on privacy have started simultaneously around the world right now. Personally, I can't say that they have just begun, as surveillance without warrants has always been conducted. The issue is more about mass surveillance, which has been happening almost since the advent of computers. I can't say that today's situation is that different *in this regard. *

As for the question, technology has become much more advanced; the storage capacity of devices has increased exponentially, and the efficiency of processors has improved dramatically. In short, in the past, even if there was a desire to store all phone conversations in the world or surveillance camera footage, there was no physical capability to do so, as it would have required an area the size of the USA to store everything on floppy disks and army of secret agents who will process it.

To sum up, laws began to be applied when it became possible to enforce them. Now, with the capability to scan everything using large language models (LLMs), they are starting to implement these laws, and that's all there is to it.

does anyone have something to add?

cross-posted from: https://sh.itjust.works/post/45425575

I mean we all know about the sideloading restriction thing. So I wanna explore alternative OSes, just gathering info, not sure if I'll even end up buying another phone (currently have a Samsung as a main phone, and in North America they are bootloader locked).

Like I know Graphene OS is supposedly more secure, but is it worth paying so much more for a phone? And used phones are kinda sketchy btw, most originate from a carrier so unlockability is in question (I'm not playing the buy/return "lootbox" game lol, so much hassle and its never guaranteed when a seller would even accept a return).

The moto I was looking at apparantly was on CalyxOS's supported list, but they suspended development for some reason, so Lineage is the only Custom ROM left other than Graphene.

Graphene seems cool, but idk if its really that much better. Getting a pixel is directly giving Google the most money, and I don't feel so good about that after they closed sourced Pixel device tree codes (or whatever that thing was called that they closed sourced), and then they killed sideloading, feels wrong to be buying a pixel right now. So that leaves me with just Lineage. And I could get a much cheaper phone too going Lineage.

So TLDR: If you were to recommend a phone to someone, which would you recommend? Expensive phone for Graphene, or Cheap phone and just use Lineage? Or something else?