I think the phrase 'the cloud is not your computer' is actually useful, since literally it is true and forces people to consider that they should be careful with data management since all that data stored on the cloud is being managed by a third party.
Readit NewsAshwinDurairaj commented on Glenn Greenwald Charged with Cybercrimes in Brazil nytimes.com/2020/01/21/wo... · Posted by u/jmsflknr
In case someone is wondering how they hacked Telegram.
They used caller id spoofing and a telco vulnerability.
1. Change your phone ID and try to login on Telegram;
2. Telegram will send an SMS with an authentication number followed by a phone call to the actual mobile phone;
3. To avoid the message going through, spams the victim with many VoIP calls;
4. The Telegram call will be recorded on the missed call voice messages;
In Brazil, you can listen to the recorded messages calling your own number. Surprisingly, the telco only checks if the calling number was equal to the called number.
5. Again, with the call id spoofing, call your own number.
6. Now you have access to the victim's Telegram (past conversations and contact list)
7. ???
8. Profit.
EDIT: I translated part of the transcription used to accuse GG in another thread.
Does anyone know if Telegram will ever move away from relying on phone numbers for authentication?
AshwinDurairaj commented on Jeff Bezos's phone 'hacked by Saudi crown prince' theguardian.com/technolog... · Posted by u/mnem
Explanation 1:
Lauren Sanchez(bezos' new girfiend) along with her brother Michael(who is also her agent), leaked the story to force Bezos to divorce his wife and get along with her.
Explanation 2:
The crown prince of Saudi Arabia personally sent a trojan file, downloaded all the data, distributed it through a gossip rag he happens to be friends with, for some kind of revenge/message
I get why Bezos has to go with explanation 2 because explanation 1 would indicate the girl he wants to have sex with or her brother is manipulative. I dont see why the rest of us have to go along with this. Even this anonymous source says he has "high confidence" not anywhere near certainty.
The motives for explanation 2 are currently not known. MBS might have had numerous reasons, ranging from WaPo or AWS. But regardless, there could have been many reasons to target Bezos. The part that doesn't sit right with me is the leaks, since it would have burned the 0day and connected Saudis to hacking phones which I doubt they would have wanted.
AshwinDurairaj commented on Jeff Bezos's phone 'hacked by Saudi crown prince' theguardian.com/technolog... · Posted by u/mnem
I don't know of any directly related to it's encryption but multiple protest organizers were identified and arrested by the Hong Kong Police Force through Telegram, I'm not 100% sure but I believe they just added lists of suspected phone numbers onto their phones and looked in Telegram see which one's matched to Group admins.
There were also claims of android keyboardd being used to log messages on Signal (and maybe Telegram), by Naomi Wu and others. No proof for this though.
AshwinDurairaj commented on Cutting Google out of your life (2019) github.com/tycrek/degoogl... · Posted by u/yarapavan
Then you may have noticed that you can’t access Google through Tor. They intentionally send you to a captcha you can never solve.
Assuming Tor Browser, just change Tor circuit, ctrl+l (I believe), until you get one without captcha (works after 2-3 times usually). Only use Google search when absolutely necessary though.
AshwinDurairaj commented on Google claims copyright on employee side projects twitter.com/marcan42/stat... · Posted by u/zoobab
DRY?
Think he means DYR, do your research.
An honest question - What outcomes would there be if countries like Spain decide one day to impose exorbant taxes, like those totalling $1b annually for Google?
Would it just be cheaper for these companies to pull out? And what international recourse would happen?
Does someone know if in cases like these Google will inform you why this happened?
A better site for someone wanting high level discussion on a narrowly focused topic is Reddit, although you will have to choose your subreddits carefully. It can be a difficult needle to thread, but there are quite a large number of quality subreddits once you know how to search.