Archived Version - https://archive.ph/GDyK0

This story in 1 minute

What’s the news?

~> With the sale of Amsterdam-based data security company Zivver, sensitive information about European citizens is now in the hands of Kiteworks.

~ The CEO of the American tech company is a former cyber specialist from an elite unit of the Israeli army, as are several other members of its top management.

~ Various institutions in Europe and the U.K. - from hospitals to courts and immigration services - use Zivver to send confidentia documents. While Zivver says these documents are encrypted, an investigation by Follow the Money shows that the company is able to read their contents.

Why does this matter?

~ Cybersecurity and intelligence experts told Follow the Money that the takeover should either have been prevented or properly assessed in advance.

~ Zivver processes information that could be extremely valuable t« third parties, such as criminals or foreign intelligence services.

~ That information is now subject to invasive U.S. law, and overseen by a company with well-documented links to Israeli intelligence.

How was this investigated?

~ Follow the Money investigated the acquisition of Zivver and the management of Kiteworks, and spoke to experts in intelligence services and cyber security.

This article is part of an ongoing series.

Read more here - https://archive.ph/GDyK0

I made a spreadsheet comparing different open source VPN providers.

Providers

• IVPN
• Mozilla VPN
• Mullvad VPN
• NymVPN
• Proton VPN

Notes

• Please do not start a flame war about Proton.
• Please do not start a flame war about cryptocurrencies. Monero is the only cryptocurrency listed because of its privacy.
• The very left column is the category for each row, the middle section is the various VPN providers, and the right section is which VPNs are the best in each category.
• IVPN has two differing plans, which is why "Standard" and "Pro" are sometimes differentiated.
• For accounts, "Generated" means a random identifier is created for you to act as your account, "Required" means you must sign up yourself. Proton VPN allows guest use under specific conditions (e.g. installed from the Google Play Store), but otherwise requires an account.
• Switzerland is seen as more private than Sweden. Gibraltar is seen as privacy neutral.
• All prices are in United States Dollars. Tax is not included.
• Pricing is based on the price combination to achieve the exact time frame. For example, Proton VPN does not have a 3 year plan but you can achieve 3 years by combining a 2 year plan with a 1 year plan.
• The availability section is security based. Availability is framed around a GrapheneOS and secureblue setup.
• The Proton VPN Flatpak is unofficial, but based on the official code.
• Availability on secureblue is based on the ujust install-vpn command. Security features must be disabled on secureblue in order to use the GUI for IVPN and Mullvad VPN, but not for Proton VPN. Mozilla VPN and NymVPN are available as Flatpaks, which are safer than layering packages.
• I wanted to include more categories, such as which programming languages they are written in, connection speed, and security, but that became far too difficult and complex, so I decided to omit those categories.

Takeaways

• NymVPN is very very new, but it's off to a strong start. It wins in almost every category. I actually hadn't heard of it until I started this project.
• If you want a free VPN, Proton VPN is the only one here that meets that requirement.
• If you want to pay week-by-week, IVPN is the only one that allows that.
• If you're paying month-by-month on a budget, Mullvad VPN is the cheapest option.
• NymVPN is the cheapest plan for anything past 1 month.
• If you want to use Accrescent as your main app store, IVPN is the only VPN available there for now.
• If you want to pay for a bundle of apps, including a VPN, Proton sells more than just a VPN.
• Mozilla VPN is terrible. The only thing it has going for it is a verified Flatpak, but NymVPN also has that so it doesn't even matter.

OC by @Charger8232@lemmy.ml

A group of civil society organisations in Myanmar plans to take legal action against Norwegian telecoms firm Telenor, accusing it of passing customer data to the country’s military government for use in repression.

The activists sent Telenor a notice of intent to sue on Monday, according to a statement from the Netherlands-based nonprofit Centre for Research on Multinational Corporations (SOMO), which is backing the case. The case states that the data shared by the telecoms giant was used by the military following its 2021 coup to trace and target civilians.

This app has been under development for a few months now and is ready for use.

Should be available on Google play first. IOS in the works and released soon.

If your a developer who can contribute and make it even better that is welcomed it's still very early.

The EU built a system called CounterR that essentially performs pre-crime thought surveillance. The TLDR is that an AI company, with direct input from half a dozen European police forces, built a tool that scrapes social media, forums, and other sources to assign citizens a score based on what they think as opposed to what they've actually done. The EC also has not released details of the project..

The report itself acknowledges that this sort of automated system "can trigger new fundamental rights risks that affect rights different than the protection of personal data and privacy."

The European Commission's White Paper on Al observes that Al-related processing of personal data can trigger new fundamental rights risks that affect rights different than the protection of personal data and privacy, such as the right to freedom of expression, and political freedoms - in particular when Al is used by online intermediaries to prioritise information and for content moderation.

The police were active co-developers, sitting in meetings to define the criteria and feeding real, anonymized data from their investigations to train the LLM. So now you have a feedback loop where police define the threat, the LLM learns it, and the police validate the results, with zero external oversight.

And of course, it's all shrouded in secrecy. The whole thing is confidential, the source code is proprietary so even partners can't audit it, and the ethics board is made up of the same people building the thing. There's no clear requirement to track false positives, so you could be flagged as a potential radical and never know why.

Regarding transparency of funded research, it must be noted that generally research proposals foresee Confidentiality of some results is often necessary, especially in the realm of security.

The cherry on top? The core technology, developed with public funds, was recently acquired by a private company, Logically, who can now sell this dystopian scoring system to whoever they want.

The citizens of the EU literally paid to build our own panopticon. The whole project is about normalizing the idea that the state gets to algorithmically monitor and judge your political beliefs before you ever commit a crime.

cross-posted from: https://lemmy.world/post/37009566

European SMEs have united to direct a strong open letter to urge ministers of EU member states to oppose Chat Control and to defend privacy and a strong European tech industry.