https://empirestatecannabis.org/community/internet-security/ Empire State Cannabis Discussion Board en-US Fri, 24 Apr 2026 14:35:35 +0000 wpForo 60 https://empirestatecannabis.org/community/internet-security/smishing-scams/ Wed, 11 Jan 2023 18:18:31 +0000
I got a text from area code 816, which is Kansas City. The text claimed to come from USPS, and said my deliveries are on hold due to incomplete house number. First of all, I know this was BS. The numbers on my place are three inches tall and reflective; very easy to see day or night. It requested that I open a URL and provide additional information. It would probably take a crowbar (and a gun) to seperate me from my personal info.

Long story short: Per the United States Postal Service, they will never text you unless you have requested text updates for a specific package. Requesting text updates is done package by package, meaning if one requests text updates for package A, you will not recieve updates for subsequent packages without an additional request.

Additionally, texts from USPS will not come from a phone number, but from 28777 (2USPS).

This happens throughout the year, but is more prevalent around Xmas, when lots of folks are expecting packages.

I know everyone here is probably aware of these things to some extent, but I think this bears repeating. Be safe. Protect your info.]]> Internet Security orthene https://empirestatecannabis.org/community/internet-security/smishing-scams/ https://empirestatecannabis.org/community/internet-security/duckduckgo-browser-allows-microsoft-trackers-despite-reputation-for-privacy/ Wed, 25 May 2022 22:12:02 +0000
Recent findings show that the typically privacy-focused DuckDuckGo browser is purposely allowing Microsoft trackers on third-party sites. This is due to an agreement within their syndicated search contract between the two companies.

DuckDuckGo is a search engine that focuses on privacy. The search engine does not track your searchers nor your behavior as users perform searchers. DuckDuckGo also doesn’t build user profiles to display advertisements based off interests. Instead, the company uses contextual advertisements from partners, such as Ads by Microsoft.

DuckDuckGo Browser Allows Microsoft Trackers
While DuckDuckGo does not store a user’s personal identifiers with search queries, Microsoft advertising may track your IP address and additional information when clicking on an ad link. This tracking is for “accounting purposes”. Though it is is not associated with a user advertising profile.

Security researcher Zach Edwards first made the discovery, as reported by BleepingComputer. The researcher made the discover during a security audit, where Edwards discovered that while DuckDuckGo’s browser does indeed block Google and Facebook trackers, Microsoft’s tracker continued to run.

Further tests revealed that DuckDuckGo also allowed trackers related to bing.com and linkedin.com domains while also blocking all other trackers.

While Edwards posted a long Twitter thread about the ordeal, CEO of DuckDuckGo and Founder Gabriel Weinberg did confirm that the browser intentionally allows Microsoft trackers. Weinberg argued that this is due to a search syndication agreement with Redmond.

The CEO Makes a Statement
Weinberg made it clear that the restriction is only in the DuckDuckGo browser, and has no affect on the DuckDuckGo search engine. This information has started an uproar on Hacker News, where the CEO has defended the company’s transparency concerning the issue.

Though DuckDuckGo is usually transparent regarding its advertisement partnership with Microsoft, what is not clear is why the company did not disclose the acceptance of Microsoft trackers until it was discovered.

To conflate matters, DuckDuckGo recently fired shots at Google for the company’s new ‘Topics’ and ‘FLEDGE’ tracking methods. DuckDuckGo stated in a Tweet, “Google says they’re better for privacy, but the simple fact is tracking is tracking, no matter what you call it”.

After BleepingComputer published the story, DuckDuckGo’s Weinberg sent a response to their Tweet. The CEO stated that they are working to remove this restriction from their agreement. The company also wants to be more transparent in descriptions on the App Store.]]> Internet Security orthene https://empirestatecannabis.org/community/internet-security/duckduckgo-browser-allows-microsoft-trackers-despite-reputation-for-privacy/ https://empirestatecannabis.org/community/internet-security/hard-to-delete-cryptocurrency-miner-irks-norton-360-users/ Thu, 06 Jan 2022 16:02:44 +0000
NortonLifeLock is facing complaints for bundling a hard-to-delete cryptocurrency mining tool into its antivirus software.

The company announced the cryptocurrency miner in June as a useful way for Norton 360 users to earn extra cash from their idle graphics card. The tool, dubbed Norton Crypto, mines Ethereum and gives users an 85% cut. The rest goes to NortonLifeLock. 

However, the cryptocurrency miner is now facing backlash after a few Twitter users noticed that the Norton 360 software force-installs the mining tool on PCs through a program called NCrypt.exe, which is difficult to uninstall.

The tweets triggered some users to condemn the company for installing the alleged bloatware. Meanwhile, others are wondering why NortonLifeLock is encouraging users to waste electricity through the Ethereum mining.

“Norton is pretty much amplifying energy consumption worldwide, costing their customers more in electricity use than the customer makes on the mining, yet allowing Norton to make a ton of profit,” tweeted security researcher Chris Vickery.

In a statement, NortonLifeLock notes the tool is off by default. “Norton Crypto is an opt-in feature only and is not enabled without user permission,” a company spokesperson told PCMag. “If users have turned on Norton Crypto but no longer wish to use the feature, it can be disabled through Norton 360. Additional information can be found on our Norton Crypto FAQ page."

It’s also important to note the cryptocurrency miner only works on PCs with AMD or Nvidia graphics cards and at least 6GB of video memory.

Nevertheless, NortonLifeLock declined to say whether the company will make it easier to remove the NCrypt.exe program for customer systems. In the meantime, a company employee posted a workaround that involves disabling the “Norton Tamper Protection” function in the antivirus program’s settings, after which you can delete the NCrypt.exe program.]]> Internet Security orthene https://empirestatecannabis.org/community/internet-security/hard-to-delete-cryptocurrency-miner-irks-norton-360-users/ https://empirestatecannabis.org/community/internet-security/the-earn-it-bill/ Sun, 15 Mar 2020 07:05:36 +0000 Internet Security Smoke https://empirestatecannabis.org/community/internet-security/the-earn-it-bill/ https://empirestatecannabis.org/community/internet-security/disable-facetime-now-bug-lets-callers-snoop-on-you-without-permission/ Mon, 28 Jan 2019 22:12:10 +0000
A serious Apple iOS bug has been discovered that allows FaceTime users to access the microphone and front facing camera of who they are calling even if the person does not answer the call.

To use this bug, a caller would FaceTime another person who has an iOS device and before the recipient answers, add themselves as an additional contact to Group FaceTime. This will cause the microphone of the person you are calling to turn on and allow the caller to listen to what is happening in the room. Even worse, if the person that is being called presses the power button to mute the FaceTime call, the front facing camera would turn on as well.

What this means, is if someone is calling you on FaceTime, they could be listening and seeing what you are doing without you even knowing.

BleepingComputer has tested and confirmed that this bug works in iOS 12.1.2 and we were able to hear and see the person. When testing it against an Apple Watch, though, we were not able to get the audio portion of the bug to work.

While it is not known who first discovered this bug, numerous people have been posting about it on social media and making video demonstrations as shown below.

When 9to5Mac first reported on the bug, they were only able to get the microphone snooping working. Later, BuzzFeed reported that they could also access the front facing camera and that Apple stated that they are "aware of this issue and we have identified a fix that will be released in a software update later this week."

Natalie Silvanovich, a Google Project Zero security researcher who has discovered numerous FaceTime issues in the past, has a theory as to how this could be happening.

For those who are rightfully concerned about this bug, my suggestion is that you disable FaceTime immediately until Apple releases a patch. Otherwise, people can not only listen in on what you are doing, but in some cases also see what you are doing. This could allow people to take compromising videos and audio without your knowledge.

To disable FaceTime you can follow these steps:

Go into Settings
Tap FaceTime
Now toggle the FaceTime switch so that it is disabled and your screens looks like the following.



Now that FaceTime is disabled, callers will be unable to utilize this bug to listen and watch you without your permission through FaceTime.]]> Internet Security orthene https://empirestatecannabis.org/community/internet-security/disable-facetime-now-bug-lets-callers-snoop-on-you-without-permission/ https://empirestatecannabis.org/community/internet-security/internet-security-who-are-you-giving-access-to-your-info/ Fri, 30 Mar 2018 18:22:47 +0000
    ]]> Internet Security orthene https://empirestatecannabis.org/community/internet-security/internet-security-who-are-you-giving-access-to-your-info/ https://empirestatecannabis.org/community/internet-security/proton-mail/ Sat, 11 Feb 2017 09:15:33 +0000
I've switched over to a Proton account for the lounge, and turned on the allow email function should yall need to reach me outside the Lounge.]]> Internet Security Uruk-High https://empirestatecannabis.org/community/internet-security/proton-mail/ https://empirestatecannabis.org/community/internet-security/given-the-recent-rash-of-maintenance-down-time-for-email-services/ Thu, 05 Nov 2015 19:15:52 +0000
My belief and I could very well be wrong is that there are strong political reasons for this, namely labeling lots of activity under the guise of terrorism. This should come as no surprise to anyone except the scope of it is larger than ever.

Beyond that thought, I would not speculate why or how, nor would I get paranoid more than you already are about it. Except Kratom imports are being throttled. So maybe FDA crap? I don't know.

Just my two cents/pounds/pennies/pesos/centisimos worth Rather talk about boobs  :tits3:]]> Internet Security JustSayin https://empirestatecannabis.org/community/internet-security/given-the-recent-rash-of-maintenance-down-time-for-email-services/ https://empirestatecannabis.org/community/internet-security/countermail-is-down-now-too/ Thu, 05 Nov 2015 18:40:56 +0000 Internet Security Admin https://empirestatecannabis.org/community/internet-security/countermail-is-down-now-too/ https://empirestatecannabis.org/community/internet-security/hushmail-is-down-for-maintenance-too/ Thu, 05 Nov 2015 10:58:20 +0000 Internet Security Admin https://empirestatecannabis.org/community/internet-security/hushmail-is-down-for-maintenance-too/