For now I want you all to watch this talk from Mike Monteiro, How to fight fascism.

If you want to discuss any of these topics, hop on to the Libera.chat server (IRC), and come to the #learnandteach channel. Or you can find me on fediverse https://toots.dgplug.org/@kushal.

Now, a 2 hours long video has all the explanations as required. Watch it with your family, share it with your friends.

Links for the week

• System transparency at Mullvad
• How secure are journalists' favorite transcription tools?
• Enforcing the pyramid of open source
• Ola Bini's trial resumed
• End-to-end encryption protects children
• Mudge & Rinki Sethi are leaving Twitter
• Podcast with ippsec
• Israeli police used Pegasus against officials and family members
• EU wants own DNS service
• Jonathan Leitschuh is the inaugural Dan Kaminsky Fellow
• Tutanota on Google analytics
• Unsafe anywhere: women human rights defenders speak out about Pegasus attacks

Video for the week

Watch Brian Kernighan talking about The early days of Unix at Bell Labs.

If you want to discuss any of these topics, hop on to the Libera.chat server (IRC), and come to the #learnandteach channel. Or you can find me on fediverse https://toots.dgplug.org/@kushal.

Kushal

Staying in the same topic, The Wire released the 3rd part of their Tek Fog story.

Links to read

• Destructive malware targeting Ukrainian organizations
• Mandiant whitepaper on “Proactive Preparation and Hardening to Protect Against Destructive Attacks”
• In Russia, FSB arrested REvil team
• Launching Python, Virtual Environments, and Locking Dependencies With Brett Cannon RealPython podcast
• Chrome will limit access to private network
• Extensive Hacking of Media & Civil Society in El Salvador with Pegasus Spyware
• Rust 1.58.0 released
• Anaconda is getting a new suit

Btw, my workshop in PyCon Sweden 2021 on Writing Python modules using Rust is available on Youtube.

If you want to discuss any of these topics, hop on to the Libera.chat server (IRC), and come to the #learnandteach channel. Or you can find me on fediverse https://toots.dgplug.org/@kushal.

Kushal

I kept taking the notes in between for the newsletter but did not send it out. I guess I am in a state now to resume it again.

As a primary story, I would love if you all could take a few minutes and read this story from The Wire and learn how technology (especially big IT companies) is helping the current political party in power to

artificially inflate the popularity of the party, harass its critics and manipulate public perceptions at scale across major social media platforms.

Part 2 of the story is also out. Please share the links with our friends and family. Most people around the world will never believe that these applications exist, and they can actually affect the mass.

Links to read

• Don't mix URL parsers
• Moxie stepping down from CEO post of Signal
• T-mobile blocking iCloud private relay feature
• AMD made graphics card which is bad for mining
• Tumpa for macOS is released
• Story of Ipinfo

If you want to discuss any of these topics, hop on to the Libera.chat server (IRC), and come to the #learnandteach channel. Or you can find me on fediverse https://toots.dgplug.org/@kushal.

Kushal

Links to read

• Chinese group has broken into too many Microsoft Exchange servers
• A news on iOS security
• German prison intern posted master keys photos online
• German officials want emails to be linked with real world IDs
• Myanmar's Military using digital tools for crackdown
• Tracking pixels on emails
• Android VPN service breached
• Far right social media platform Gab was breached

Must read guide for iOS users

Device and Data Access when Personal Safety is At Risk is a special guide from Apple. It contains many useful tips which you can regularly use too.

If you want to discuss any of these topics, hop on to the Freenode server (IRC), and come to the #learnandteach channel. Or you can find me on fediverse https://toots.dgplug.org/@kushal.

Kushal

Links for the week

• Unauthorized RCE in VMware vCenter patch your systems regularly
• Vietnamese Human Rights attacked
• Changes in Indian rules for online content, you can also read Access Now story on the same.
• The Saudi Kill Team identified you can also read related backstory from Citizenlab.
• Quickbooks malware
• A rooster was held in Indian police station
• Auth-Bypass in Cisco
• NurseryCam breach
• Matrix/Element exploit

Special read

A story on Gabriel Weinberg and Duckduckgo

Podcast for the week

You should listen to Michael Foord talking to Brian from Test & Code on testing, TDD, and many things more.

If you want to discuss any of these topics, hop on to the Freenode server (IRC), and come to the #learnandteach channel. Or you can find me on fediverse https://toots.dgplug.org/@kushal.

Kushal

Another very exciting news came in the Python world, with the acceptance of PEP 634, aka “Pattern Matching”. Read the tutorial from Guido to see how it will look like. I love pattern matching in Rust, and now in the future, I will use the same in Python.

Links for the week

• An example of why building software is political and can decide who will die and who will live Must read.
• Linux powered helicopter on Mars
• Russia's Sandworm team attacking French systems CentOS, Exim, and direct attacks.
• Firefox 85 and supercookies
• Blog post from Matrix explained how they handled FOSDEM21
• Possible malware attacks via ShareIT android app
• Yandex employee sold access to customer data
• Power outage took out Internet in many states in Mexico

Must read book for the week

This Is How They Tell Me the World Ends: The Cyberweapons Arms Race by Nicole Perlroth. You can read an excerpt from the book here.

If you want to discuss any of these topics, hop on to the Freenode server (IRC), and come to the #learnandteach channel. Or you can find me on fediverse https://toots.dgplug.org/@kushal.

Kushal

Must read

• https://thewire.in/tech/rona-wilson-elgar-parishad-letters-planted-us-firm talks about how letters were planted on laptop to arrest the activists

Links for the week

• https://cyber.fsi.stanford.edu/io/news/clubhouse-china data privacy issues in Clubhouse
• https://www.bleepingcomputer.com/news/security/yandex-suffers-data-breach-after-sysadmin-sold-access-to-user-emails/
• https://news.hitb.org/content/breached-water-plant-employees-used-same-teamviewer-password-and-no-firewall real life issue of reusing the same password
• https://www.bbc.com/news/technology-55977537 hidden spyware in apps from Iran

Video for the week

This video is different, it is in Hindi language, with English subtitles. It is for the generation of folks who grew up with Internet. Please watch till the end. And if you don't know the person, then search about him after you watched the video.

Book for the week

We Are Bellingcat.

Bellingcat is an independent international collective of researchers, investigators and citizen journalists using open source and social media investigation to probe a variety of subjects

I hope you will enjoy the book.

If you want to discuss any of these topics, hop on to the Freenode server (IRC), and come to the #learnandteach channel. Or you can find me on fediverse https://toots.dgplug.org/@kushal.

Kushal

As I am trying to get back into a routine, I will most probably write much shorter notes here.

On the major news, a 6600 words memo from former Facebook data engineer, Sophie Zhang is giving us how Facebook ignored fake accounts. These accounts mostly represented governments across the world and cause misinterpretation and changed political stories in elections around the world.

Must read

A story on the recent lawsuite against The Internet Archive.

Links for the week

• https://www.cyberscoop.com/nsa-cellphone-location-data-guidance/ NSA advice on cellphone location data
• https://www.bbc.com/news/world-us-canada-54110457 Hackers targeting US election
• https://www.teiss.co.uk/marriott-ba-easyjet-security-vulnerabilities/
• https://www.cyberscoop.com/chinese-hackers-vatican-christians-church/ Chinese hackers targeting the Vatican
• https://www.zdnet.com/article/zerologon-attack-lets-hackers-take-over-enterprise-networks/ Zerologon attack on Windows servers

Service to try this week

If you have a Twitter account and want to delete old tweets/dms, you must try Semiphemeral from Micah F Lee.

Book for this week

• Working in Public: The Making and Maintenance of Open Source Software by Nadia Eghbal

If you want to discuss any of these topics, hop on to the Freenode server (IRC), and come to the #learnandteach channel. Or you can find me on fediverse https://toots.dgplug.org/@kushal.

Kushal

Links for the week

• Facebook paid third party company to develop 0day exploit for Tails to help FBI https://www.vice.com/en_us/article/v7gd9b/facebook-helped-fbi-hack-child-predator-buster-hernandez
• Recovering conversation using your light blub https://www.zdnet.com/article/lamphone-attack-lets-threat-actors-recover-conversations-from-your-light-bulb/

Must read

Many of the young readers never read the Hacker Manifesto published in the Phrack back in 1986.

Book for the week

I discovered Practical Typography and enjoyed a lot reading this. The book is filled with various practical tips and details, which we don't think much on a typical day. But, I feel this is something everyone should read at least once.

If you want to discuss any of these topics, hop on to the Freenode server (IRC), and come to the #learnandteach channel. Or you can find me on fediverse https://toots.dgplug.org/@kushal.

Kushal