Tux Machines
Posted by Roy Schestowitz on Sep 06, 2023,
updated Sep 08, 2023
=> Databases: SQL Injections, PostgreSQL, and MySQL | Arti 1.1.8 is released: Onion service infrastructure
=> ↺ Mozilla calls cars from 25 automakers 'data privacy nightmares on wheels'
The foundation, the Firefox browser maker’s netizen-rights org, assessed the privacy policies and practices of 25 automakers and found all failed its consumer privacy tests and thereby earned its Privacy Not Included (PNI) warning label.
In research published Tuesday, the org warned that car manufacturers may collect and commercially exploit much more than location history, driving habits, in-car browser histories, and music preferences. Instead, some makers may handle deeply personal data, such as – depending on the privacy policy – sexual activity, immigration status, race, facial expressions, weight, health, and even genetic information, the Mozilla team found.
=> ↺ The Mozilla Blog: A New York Times Magazine editor on her internet obsessions
Here at Mozilla, we are the first to admit the internet isn’t perfect, but we know the internet is pretty darn magical. The internet opens up doors and opportunities, allows for human connection, and lets everyone find where they belong — their corners of the internet. We all have an internet story worth sharing.
Speedometer 3 is a cross-industry effort to build a modern browser benchmark rooted in real-world user experiences. Its goal is to focus browser engineering effort towards making the Web more smooth for actual users on actual pages. This is hard to do and most browser benchmarks don’t do it well, but we see it as a unique opportunity to improve responsiveness broadly across the Web.
This requires a deliberate analysis of the ecosystem — starting with real user experiences and identifying the essential technical elements underlying them. We built several new tests from scratch, and also updated some existing tests from Speedometer 2 to use more modern versions of widely-used JavaScript frameworks.
A critical memory safety bug has been discovered in Thunderbird 115.0 and Thunderbird 102.13 ( CVE-2023-4056 ). Due to the severity of this vulnerability's threat to the confidentiality, integrity, and availability of impacted systems, it has received a National Vulnerability Database base score of 9.8 out of 10. Other severe vulnerabilities have also been found in Thunderbird, including improper validation of the Text Direction Override Unicode Character in filenames ( CVE-2023-3417 ) and copying of an untrusted input stream to a stack buffer without checking its size ( CVE-2023-4050 ).
UPDATE
=> ↺ It’s Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy
Ah, the wind in your hair, the open road ahead, and not a care in the world… except all the trackers, cameras, microphones, and sensors capturing your every move. Ugh. Modern cars are a privacy nightmare.
Car makers have been bragging about their cars being “computers on wheels" for years to promote their advanced features. However, the conversation about what driving a computer means for its occupants' privacy hasn’t really caught up. While we worried that our doorbells and watches that connect to the internet might be spying on us, car brands quietly entered the data business by turning their vehicles into powerful data-gobbling machines. Machines that, because of their all those brag-worthy bells and whistles, have an unmatched power to watch, listen, and collect information about what you do and where you go in your car.
=> ↺ Mozilla: It’s Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy
Proof, once again, that running Linux does not automatically make a device privacy-friendly.
One late piece:
=> ↺ Mozilla: Modern Cars Are A Privacy Shitshow
Mozilla’s latest *Privacy Not Included report isn’t subtle when it comes to calling out the shortcomings of modern, internet-connected vehicles:
=> gemini.tuxmachines.org This content has been proxied by September (ba2dc).Proxy Information
text/gemini;lang=en-GB