The Difference Between:
Privacy | Security | Anonymity
by Jonah Aragon
“What is privacy and why does it matter?
Privacy, Security, and Anonymity are three important — but distinct! — concepts you should know about.
PRIVACY is the assurance that your data is only seen by the parties you intend to view it. In the context of an instant messenger, for example, end-to-end encryption provides privacy by keeping your message visible only to yourself and the recipient.
SECURITY is the ability to trust the applications you use—that the parties involved are who they say they are — and keep those applications safe. In the context of browsing the web, for example, security can be provided by HTTPS certificates.
Certificates prove you are talking directly to the website you're visiting, and keep attackers on your network from reading or modifying the data sent to or from the website.
ANONYMITY is the ability to act without a persistent identifier. You might achieve this online with Tor, which allows you to browse the internet with a random IP address and network connection instead of your own.
(Pseudonymity is a similar concept, but it allows you to have a persistent identifier without it being tied to your real identity. If everybody knows you as @GamerGuy12 online, but nobody knows your real name, that is your pseudonym.)”
Here’s a link to Jonah’s original article. It’s well worth reading.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #18/2023 is out! It includes, but not only:
‣ 🇷🇺 🇫🇷 Pro-Russian Hackers Claim Downing of French Senate Website
‣ New #Android FluHorse #malware steals your passwords, 2FA codes
‣ 🇰🇵 Kimsuky hackers use new recon tool to find security gaps
‣ Why Robot Vacuums Have Cameras (and What to Know About Them)
‣ Researchers Discover 3 Vulnerabilities in #Microsoft#Azure API Management Service
‣ #Cisco phone adapters vulnerable to RCE attacks, no fix available
‣ 🇺🇸 Coming to DEF CON 31: Hacking AI models
‣ 🇷🇺 🇺🇦 Russian hackers use #WinRAR to wipe #Ukraine state agency’s data
‣ #Facebook disrupts new #NodeStealer information-stealing malware
‣ 🇺🇸 🇷🇺 Russian national charged for role in stolen credit card verification scheme
‣ 🇺🇸 Court Rules in Favor of Merck in $1.4 Billion Insurance Claim Over #NotPetya Cyberattack
‣ 💸 When it comes to online scams, ‘#ChatGPT is the new #crypto’
‣ #Google starts rolling out passkey support for Google Accounts
‣ 🇺🇸 🇺🇦 FBI seizes 9 crypto exchanges used to launder #ransomware payments
‣ 🇪🇺 288 #darkweb vendors arrested in major marketplace seizure
‣ 🇰🇷 #Samsung Bans Staff’s AI Use After Spotting ChatGPT Data Leak
‣ 🎙️ Decipher Security Podcast: @Weld and @spacerog
‣ 🇷🇺 New ‘Lobshot’ hVNC Malware Used by Russian Cybercriminals
‣ T-Mobile discloses second #databreach since the start of 2023
‣ 🇻🇳 Vietnamese Threat Actor Infects 500,000 Devices Using 'Malverposting' Tactics
‣ 🇮🇷 ‘BouldSpy’ Android Malware Used in Iranian Government Surveillance Operations
‣ 🇺🇦 Hackers use fake ‘Windows Update’ guides to target Ukrainian govt
This week I’ll be attending the #EIC conference in #Berlin 🇩🇪 On Wednesday evening I’m part of a panel discussing #authorization. On Thursday my buddy @charlieegan3 will be talking #OPA! And many interesting sessions on #security, #Identity and more. Anyone else going?
After quite the hiatus...Techlore Coaching is officially BACK on the site! 🎉
Many clients have found the service invaluable in achieving their goals - ranging from public personas, to company executives, and casual internet users alike.
Privacy, #Security, and #Anonymity are important concepts to understand, and the importance of #Privacy is unquestionable: "So much of our modern society is structured around information. When you shop online, read the news, look something up, vote, seek directions, or really anything else, you are relying on information. If we live in an information society, our information matters, and therefore privacy matters."
With Google recently announcing “The beginning of the end of the password” I started thinking about #WordPress and what plugins are available that allow for #passkey support for #authentication. Using only your username you can use the passkey system to use your computer or mobile device to perform the rest of the login sequence.
[EN] We have our @rosenpass strategy meeting this weekend and I don’t have much to contribute to the current topic, so I found something else to do! 😁
[DE] Dieses Wochenende ist #Rosenpass Strategie-Meeting und ich habe zum aktuellen Thema nicht viel beizutragen, deshalb habe ich mir eine andere Beschäftigung gesucht! 😁
Twitter notifies 'affected users' over privacy breach exposing 'Circle' messages
Twitter confirmed Saturday a privacy breach resulted in the public exposure of tweets originally meant for users' "Twitter Circle," — also known as "close friends," The Guardian reports.
This mini-insight into the #2FA world has shown me how well @signalapp actually does things (apart from their minor version problems with the app stores that might fuck up migration, but that's fixable with a bit of googling).
Easy transferral of accounts from old phone to new phone, auto-kill of old sessions, easy re-auth in desktop clients.
#Security#UX well done. It seems easy, if people commit.
Learn how to install Brave Browser on Ubuntu, Debian, Linux Mint, Fedora, Arch Linux, Manjaro, openSUSE, and more with this step-by-step guide for a faster, more private browsing experience.
privacy breach at Twitter published tweets that were never supposed to be seen by anyone but the poster’s closest friends to the site at large, the company has admitted after weeks of stonewalling reports.
People have been reporting this issue for some time ,and now twitter has sent an e-mail to users noting a security breach earlier in the year.
Hey #security minded bubble, I vaguely remember there were more open versions of keybase, but I can't remember the name, does anybody know what I'm talking about?
Western Digital just sent an email informing users about a recent data breach incident. The email only contains an image of the letter. Users can't read the email without allowing loading remote content. And the link doesn't use HTTPS.
Did WD learn anything from this incident?