@b The sherr fact that @signalapp ties stuff to a #PhoneNumber is inherently bad and gives them the same stench as #EncroChat & #ANØM did.

• Why else would they not flat-out ban #PhoneNumbers from #NorthKorea, #Iran, #Russia and #Cuba?

It"s just #deanonymization with a single step in between from demanding "#KYC" with an #ID!

@rysiek
> Signal is safe.

#signal has long had issues with phone number leaks: even when set to hidden, phone numbers can sometimes be revealed. 🔓

this means that adversaries can get the phone numbers from an entire network of #signal users from just one compromised device. 🛂

this puts real people in real danger, but #signal is such a strong brand now that many would rather blame those who get hurt than take a critical look at their favourite chat app. ⚠️

more info, including links to some relevant #github issues:
https://veganism.social/@pelle/115673510840264510

#signal doesn't take the phone number leaks seriously, and it's not clear to me from their replies whether they've fixed it. 🪲

#deltachat / #arcanechat (#decentralized #securityaudited #e2ee chat app) avoids accidentally revealing phone numbers by not asking for them. also, allowing for multiple profiles makes it harder for adversaries to track people across different chats, as opposed to #signal with its one profile per device policy. 👥

if #deanonymization is a risk for you, then #signal is not safe. 🥸

unfortunately i had to experience this first hand, which is why i consider »signal is safe« unhelpful advice. 😐

#Republican plan would make #deanonymization of #census data trivial

But now, a little-known #algorithmic process called “differential privacy,” created to keep census data from being used to identify individual respondents, has become the right’s latest focus. WIRED spoke to six experts about the #GOP ’s ongoing effort to falsely allege that a system created to protect people’s #privacy has made the data from the 2020 census inaccurate.

https://arstechnica.com/tech-policy/2025/10/republican-plan-would-make-deanonymization-of-census-data-trivial/

I get wanting to protect #ICE agents from #doxxing. I also get wanting to ensure #LawEnforcement #LEO can't avoid #accountability by masking. Why not allow masks, but require large print, unique ID numbers on the mask and uniform to allow #deanonymization if an abuse surfaces?

@thenewoil which it inevitably does!

• There is no way to do effective #AgeVerification without #Deanonymization - either explicit or implicit.

I really like this kind of content that breaks down research papers for the rest of us. I had no idea that BGP hijacking was such a threat.

I wonder if any security folks out there have more up-to-date information on the resilience of OVH, Hetzner, DigitalOcean and other major provider networks. Are Counter-RAPTOR guards, counter-fingerprinting measures, BGP monitoring and RPKI being deployed in the wild?

https://youtu.be/XDsLDhKG8Cs

#Security #BGP #Networking #Tor #AttackVector #Deanonymization

Comprehensive Analysis of De-Anonymization Attacks Against the Privacy Coin XMR

https://monero.forex/is-monero-totally-private-a-comprehensive-analysis-of-de-anonymization-attacks-against-the-privacy-coin/

#HackerNews #DeAnonymization #Attacks #PrivacyCoin #XMR #Monero #Cybersecurity

Unique 0-click #deanonymization attack targeting #Signal, #Discord and hundreds of platform
https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
#twitter #x #cloudflare

Администраторов Telegram каналов теперь можно деанонимизировать по кастомным стикерам и эмоджи.

Уязвимость заключается в том, что UID стикер-пака позволяет извлечь ID его создателя, что помогает раскрыть профиль пользователя.

Авторы Telegram-каналов заказывают у дизайнеров фирменные наклейки и «регистрируют» их в мессенджере с помощью бота Stickers, не подозревая о том, что это раскрывает их аккаунт всем.

Для популярной OSINT-утилиты Maltego даже уже разработали модуль позволяющий автоматизировать данную задачу.

src: https://github.com/vognik/maltego-telegram

#blacktriangle #anonymity #deanonymization #maltego #telegram #opensource #osint

Apparently the @CCC has some infos @torproject needs, and it seems they're desperate to get their hands onto that intel.

• Dear folks at the #CCC, do the right and responsibe thing and send the details to #TorProject so they can assess the relevance re: #Tor and take appropriate steps!

Anyone who has details is asked to sent them in a #PGP/MIME-encrypted eMail to [security@torproject.org]( malto:security@torproject.org ) using the Pubkey [ 835B 4E04 F6F7 4211 04C4 751A 3EF9 EF99 6604 DE41 ]( https://keys.openpgp.org/vks/v1/by-fingerprint/835B4E04F6F7421104C4751A3EF9EF996604DE41 ].

• Anonymous submissions are accepted AFAICT - All they care is to enshure the #security of Tor #users against #deanonymization attacks, which can and will be leveraged by #dictatorships and supressive #regimes if not addressed!

#ITsec #InfoSec #OpSec #ComSec #TorNetwork #dread #CyberSecurity #News #PleaseBoost #FollowerPower #CyberSecurityNews #forensics #FLOSS #FOOS #OSS #hardening #CyberAttacks äDigitalForensics #TorBrowser

#Urgence à FranceTélévisions : inventer le #floutage de demain
https://larevuedesmedias.ina.fr/urgence-france-televisions-inventer-le-floutage-de-demain
#FranceTV is creating a new #anonymity charter with strict #guidelines on #voice and face anonymization to protect #sources, as current anonymization methods are susceptible to #AI-driven #deanonymization. After reviewing 1100 news segments, 30 were unpublished due to high deanonymization #risk.

https://arxiv.org/abs/2310.07298v1

Just tried to replicate the deanonymization technique proposed in this paper by giving it some of my old Reddit posts. My reddit profile is really puzzling to GPT-4: "Their interest in traditionally stereotyped masculine (computer science) and feminine (tea, Harry Potter books) domains makes it rather challenging to guess their gender accurately." :')

#llms #privacy #reddit #gpt4 #deanonymization

@iampytest1 @dalias @campuscodi So basically this is the same old "don't expose #darknet servers to the #clearnet" thing?

I'd be wary of even reusing the same server across different #darknets, and spinning up a VM for each is cheap-enough to do with little-enough hassle there's really no good reason not to do it.

#Anonymization #DeAnonymization

Princeton Prof. Arvind Narayanan about (not so) #anonymous users in data sets, de-anonymization, #tracking, #PIM, #fairness in machine learning and AI snake oil

https://www.quantamagazine.org/he-protects-privacy-and-ai-fairness-with-statistics-20230310/

There is also a video v=oKkzVII_wHQ (e. g. https://yewtu.be/watch?v=oKkzVII_wHQ, pick your frontend)

#machinelearning #ml #ai #snakeoil #deanonymization #princetonuniversity #cs #adm

#deanonymization
I'm Mark Ruffalo and this is my Mastodon account.

NoScript - Cross-tab Identity Leak Protection

Protection, see picture.

Cache-based Targeted #Deanonymization #Attacks Paper + Info
https://leakuidatorplusteam.github.io/

Cache-based Targeted Deanonymization Attacks can unmask anyone on any browser. Btw, Leakuidator+ is a browser extension that can successfully block this attack, you should install until browser vendors implement countermeasures to this type of attack.

https://leakuidatorplusteam.github.io

https://github.com/mjz3/LeakuidatorPlus

https://www.wired.com/story/web-deanonymization-side-channel-attack-njit/

#browser #chrome #chromium #deanonymization #firefox #tor #torbrowser

#covid19 #coronavirus #global #pandemic #IT #deanonymisation #deanonymization #privacy #politics #ethics

NHS coronavirus app: memo discussed giving ministers power to 'de-anonymise' users

https://www.theguardian.com/world/2020/apr/13/nhs-coronavirus-app-memo-discussed-giving-ministers-power-to-de-anonymise-users