HTTPS Everywhere Is Saying Goodbye - Surveillance Report 56

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone and welcome to surveillance report 56 where we're dedicated to keeping you private and secure with the latest news this report is going to recap some of the most notable events in the last week um this is honestly there weren't that many massive stories but i think the main ones is going to be the epic data breach there's going to be some cool google changes some apple updates and then i think https everywhere is about to be phased out which is very neat i am henry from teclor i am nathan from the new oil this week's promo is going to be monero we support monero you can donate through monero nathan also supports the monero on the new oil so you can use monero on both of our websites to give us some support and make sure these stay free for all of you because it's completely free content so give back if you can um nathan also just started up his formal consulting program too so if you want to get consulting through nathan go ahead and check it out in the description too and on that note we will jump straight into the data breaches once again we don't have a lot this week and that's always a good thing the really the only one that came across my desk this week is a leak from the uk ministry of defense that put several uh 250 says afghan interpreters lives at risk i didn't fully understand the details of this maybe that was on purpose but from basically from what i understand the uk ministry of defense emailed a bunch of afghan interpreters who had expressed interest in reloading to the relocating to the uk somehow or another they did this email wrong and exposed all the email addresses to everyone they emailed and some of those people even did like a reply all which you know had more sensitive information in their responses yeah i guess the the moral to take away from this one is to compartmentalize your email addresses be careful who has them because you know now god forbid if the taliban gets a hold of any of those email addresses it's probably pretty easy to look up who they belong to so that was pretty messy and then our second data breach is actually just an update from last week this for the record i i did see this but not until after surveillance report was published the epic data breach impacted more than just customers and that's just kind of the update last week we talked about epic who hosts like parlor and gab and stuff like that there was a big web scrape where a whole bunch of their registration information was leaked in an attempt to dox those people well it turns out that a lot of non-customers were also cut up caught up in that data breach and it seems like some of the people who were caught up were not affiliated with epic in any way or had never gone to any of their sites it's unclear or at least i didn't i wasn't able to ascertain from the article exactly where the data came from but it got caught up in the scrape and yeah unfortunately now some people who have never been affiliated in any way are caught up in that again compartmentalize your email addresses okay and now we're gonna move on to companies really short data breach section this week and we're going to start off with google this is something i'm really excited for to give some context most android devices have at most three years of software updates most have two and a big reason for that is because of the way google android and just the messiness of android altogether handles updates google is trying to make some updates to this and they're doing this by shifting to an upstream first linux kernel approach for android features i'm going to really simplify this to make it easy to understand essentially previously google would push out updates and it would rely on manufacturers to have to individually add updates on top of that on top of the standardized android operating system google is now trying to mitigate this problem by standardizing as much of the upstream operating system as possible to make sure there's faster patching faster updates and hopefully better security for people and better update support kind of a side story um google is also releasing their own soc which hopefully similar to apple will lead to an increased amount of time that we get updates i really do think we're going to see a pixel that's going to be supported for close to five years within the next few years be released which i'm very excited for okay our next story um this is kind of anecdotal but the person who posted it did provide evidence so it's just a post on mastodon it says if you use gmail google keeps records of everything you buy even if you delete the email receipt and even if you didn't buy the product from google and then they included a screenshot here's metadata from my takeout showing price delivery address description vendor etc so that is super unsettling and it's might be a little too technical for some of your friends to understand but you know if if your friends do understand this stuff could be a good thing to show them to remind them they need to get off gmail the next one is from mozilla who says that chrome's latest feature enables surveillance so chrome 94 has a new feature called idle detection api which tells the websites when you visit them that you're idle at your device and not paying attention to the page i guess uh the most realistic example i can give you is if you're on youtube youtube might now know that you're not actually actively engaging with the youtube website which i don't like to hear and it seems like mozilla doesn't like to hear that either so just so you know that's a new api being introduced in chrome our next story comes from apple and the title of this report says apple working on depression detection for iphones and i mean that title pretty much says it all uh apple is trying to use iphones interestingly they're trying to use the phones instead of the watches which generally are considered to have more access to health data because the watches you know they can take your pulse and your i think now they can even take like your blood sugar and all kinds of stuff but yeah so for some reason they're trying to use the phones instead of the watches but apple is basically trying to expand the way that they're using iphones in order to look for signs of mental illness i'm actually i'm going to spring this on you last second there's was another article that came out this week that also said they're trying to use the iphone camera to detect autism in childhood so apple is really trying to expand what the iphone can do on the health front and personally i don't find that too concerning i think that would be awesome to be able to detect depression and autism and things like that early as with most technologies my concern is you know is this going to be opt-in who's going to handle the data where is it going to be processed all that fun stuff and but yeah these are early features right now so unfortunately we don't have answers to any of that at the moment another apple story a new report has claimed that apple has the best privacy among video streaming providers which for the record isn't too hard to do but they did do that so it's this is comparing to nvidia shield roku amazon fire and google tv apple claims not to sell user data and correlate it across the web that's essentially that and honestly this kind of sucks too but it's probably a similar story with streaming services if you're comparing deezer spotify and apple music honestly apple music is probably the better bet unless you're gonna you know have your own music library and avoid this stuff all together that's mostly anecdotal by the way based on my own research and not an actual report the the music part of that the only reason i'm still stuck with spotify is because so many of the podcasts i listen to are spotify only isn't that terrible isn't it really genuinely makes me upset like even as a spotify user it's like why are you doing this it sucks because music has always been so good in the sense of like it doesn't make sense to pirate music anymore because these streaming services are so convenient they're five bucks a month ten bucks a month and you get all the music in one place and now they're trying to make exclusives out of podcasts and they're trying to fragment that so it's gonna turn out to be exactly like these damn streaming services for movies where you have to spend ten dollars for like eight different services to get maybe 80 of the movies you want to watch yeah it's ridiculous oh so annoying okay moving on our next story is going to go to microsoft where microsoft's auto discover was abused to collect web requests and credentials researchers at avp i don't know what prompted them to do this but they found that they could register domains that were autodiscovered.com dot whatever they could put a u dot io dot whatever and uh somehow that simple trick fooled microsoft into automatically submitting user credentials sometimes over plain text over http so that is very unsettling they did uh it i could have been misreading this article but from what i read and what i understood they they basically did almost nothing other than register these domains and various microsoft services just automatically started trying to connect to those domains and submitting credentials to log into the domains and you know a malicious attacker could set that up and start start stealing credentials so scary microsoft get it together our next story is also unsettling it comes from a stalker ware firm called pc tattletail who i just have to know has god-awful grammar on their website that really frustrated me and they are well you know they're a soccerware company so of course they're not doing good things they are leaking real-time screenshots of people's phones so the way that this particular software that's called what it is stalkerware works is uh it saves victim data to an aws cloud take a shot which required no authentication to view so uh and and the images that it took the screenshots that it took and all the information were formatted in a very predictable url pattern that anyone could guess if they figured out the pattern which wasn't hard to do and then on top of that there was no rate limiting so once you figured out the pattern so once you found the cloud that required no authentication of you once you figured out the pattern you could easily build a script that could just scrape every single image on the cloud and you know since it was automatically uploading these periodically you're basically getting people's phones in real time so that is horrifying and a reminder that personally i don't trust my phone with anything i try to as little as possible our next story's headline is banks beware amazon walmart ikea experiment with their own embedded finance service the main takeaway from this story is more and more companies are trying to get in between banks and customers which gives them access to customer data and any other possible incentives for them so this can take the form of amazon's buy now pay later it's mercedes allowing you to use their cars to pay for gas there's so many different opportunities here your financial data is valuable as you probably know and people are trying to get our next story is uh probably more relevant to parents and certain developers it comes from roblox who is beginning an opt-in age verification process in order to better protect children on the platform and also the developers you know um roblox i'm sure many of us have heard is popular with kids and therefore has unfortunately in some cases attracted some less than desirable people so roblox is trying to create uh basically just like a verification system where when you're verified you get more permissions so that way if you're not verified and therefore potentially dangerous you're have less permissions yeah all that but anyways it's you know the usual you scan your id and take a selfie thing um the only thing that stuck out to me is am i the only person who didn't have a photo id before i got my learner's permit because they're talking about letting kids as young as 13 scan like a government id and like sure you can get those but i mean the first time i had a photo id that wasn't a school id was like my learner's permit i don't know that's kind of weird but yeah so that's a thing uh just to be aware of and you know i i guess if you use roblox that's up to you to decide if you want to be verified or not it is opt in at this time and uh i guess that's the good side our next story is about voip.ms which is a canadian-based voice-over iep provider with over 80 000 customers in 125 countries and they are currently experiencing an ongoing distributed denial of service tech which is you know where botnets relentlessly ping the service until it gets overwhelmed and drops down and of course they're being held ransom you have to pay us so much money so we'll stop uh one of my readers when i posted this article they did actually say that they were impacted by this they use voip.ms and they reported that their service is now spotty and unreliable you know sometimes they get messages and calls sometimes they don't and it's very very frustrating so uh i think if there's a lesson we can take away from this story it's that you should always have a backup communication solution for when your primary solution goes down and finally really really quick story 11 netgear routers need to be patched immediately there's some context here disney teamed up to allow parental controls for these routers long story you should be updating these routers if you want to see if your router's affected go ahead and check out the sources in the description so patch your firmware stay on top of updates and cut out the crap when you can including these weird features and also nathan wrote in here to use ddwrt which is an open source router firmware that you can flash on some routers all right that was our last business story company story so let's move on to research and we are going to start with a another story about routers and vpns vpn users were unmasked by zero-day vulnerability in virgin media routers researchers found a quote-unquote dns rebinding attack in virgin media routers but they do suspect that this is possible to replicate in other routers they were only they only had the virgin media routers to work with but they assumed that this probably works on other routers virgin was alerted to this almost two years ago and claims that they are still working on a technical fix so i don't know what a dns rebinding attack is i don't know if it's just that hard to fix or a virgin is just being that lazy probably the second one because virgin is also trying to downplay this they're saying like this is a really complicated attack it requires quote a very specific set of circumstances and they called it a quote-unquote edge case so uh assuming they are telling the truth that means you are unlikely to be hit by this but yeah researchers are recommending firewalling your traffic to the router or ensuring that land traffic on a vpn is blocked set up your router's right have a good firewall and stuff like that and also you know we always encourage layering your strategies all right the next research piece is actually really interesting so this is something that affects google chrome's strict site isolation via speculative execution and type confusion there's a lot of jargon uh don't worry it's not that hard to grasp but once you see it in action so i actually recommend if you're listening go ahead in the sources right now and click the second link in the research section and there's a cool little video that you can watch along as i talk to you pretty much what happens is you can have a website you can click on a link that redirects you to a different tab and then that original website can run javascript that still captures the autofill password for the second site um the example they use is you click tumblr on their web page it opens tumblr in a new link and when chrome autofills tumblr credentials it actually captures your tumblr username and password and then they put input that into a new browser and sure enough those are your credentials so it's pretty much a way to get your passwords in a new tab from a site via javascript the spookier part is this can actually be embedded into an extension so it can work on an extension basis another reminder to not install any extensions you don't need because any extension could be possibly malicious and most extensions have elevated privileges this has not been caught to to be exploited in the wild at all so you're likely not impacted by this but now that it is public it is public and i do believe it has been patched up next super quick story headline is ddox attacks are becoming more prolific and more powerful warn cyber security researchers title says it all secure your devices so they can't be used in the botnet some general things to do keep your stuff up to date don't use what you don't need to use and also just make sure you're trying to pick what are currently touted as the more secure options when you're doing research before you buy your products our next story is also a quick one the headline says unpatched mac os vulnerability lets remote attackers execute code to me the vulnerability isn't really so interesting so much as it is that uh the way it spreads is by opening attachments long story short when you open an attachment there's a like a shortcut that max use that can be abused to open something other than the attachment so i think the real takeaway here is just you know remember when you get an attachment make sure it's something you're actually expecting and be careful when you're opening it actually one of my moderators will not open anything i send him he makes me screenshot everything the next one's a really interesting one and it's a very real world kind of research and i think you're going to enjoy this so more than one in three people have tried to guess someone else's password three and four succeed go ahead and read it yourself very recommended lots of fun stuff in there the noteworthy ones 73 percent of people interviewed so almost three and four managed to successfully guess a password about half of them tried to guess a romantic partner's password and were successful and 22 percent tried to guess a co-workers and were successful about 20 percent tried to guess an ex partner or boss's password and were successful as well the most common tactic is using information known about the other person which is forty percent well eighteen point four percent check the person's social media profiles to try and guess a final stat over two and five try to guess passwords for personal email accounts and almost one in three try to guess phone passwords so this is the research it's funny because i've actually i don't think i've ever tried guessing someone's password so i don't know how exactly going through their social media would get you their password i don't get it and i don't know how you can be successful with that but this is the research and i trust the research so it's pretty interesting stuff i was gonna say i'll i'll be honest i i did guess a password one time mostly because i didn't think it would actually work and um yeah i didn't i didn't go through social media it was just literally spur of the moment um somebody's phone was sitting asking if somebody knew it wasn't like a stranger but it was someone i was close to but their phone was sitting i was not that available but yeah i know um i don't know yeah i don't know how that works either all right and our final research story the headline says 2021 has broken the record for zero day hacking attacks you can read this article i highly encourage it but the moral of the story updates updates updates people we are finding more and more zero days which are kind of a good thing because you know that means we can fix them as well but only if you install the updates updates are important and with that we will move into politics we're going to start off with a ransomware a 5.9 million ransomware attack on a farming co-op called new cooperative inc who provides software that helps out about 50 of grain production in the us uh grain production and feed schedules of 1.1 million farm animals such as chicken and pigs so uh i believe the headline said this could affect like grain pork and chicken shortages possibly if this doesn't get resolved in time they were attacked by the black matter group who claims that it does not hit critical infrastructure but their definition of critical infrastructure is hospitals oil and gas non-profits government defense power generation and water treatment apparently food is not critical infrastructure to them new cooperative has isolated the attack they are you know they've called law enforcement and the specialist they're trying to get back up and running they have also tried to contact black matter and be like we are infrastructure please give us the decrypter and black matter is being quite rude from the screenshots i saw and they're like no you're not we're not going to give you money just give us give us money anyways uh this goes under the politics section because the u.s is really trying to crack down on ransomware right now and they're trying to like sanction companies that pay the ransomware and there's just a lot of uh uncertainty about you know do they count as a critical infrastructure uh is the government going to help them are they gonna get any kind of any kind of government assistance at all so yeah it's it will be interesting to see how this unfolds and hopefully will not unfold or hopefully will be resolved quickly because yeah that's that's a lot of very popular and important foods next one the takeaway is very quick so i'm going to keep it brief the headline is four months on from a sophisticated cyber attack alaska's health department is still recovering the story is just illustrating that cyber attacks happen and it's not just a oh it's fixed now a week later even with ransomware people think they pay the ransomware and the problem's just gone there's still months of fallout there's still so many people affected i think these data breaches happen so frequently that we almost don't even take in the lasting effects that it has on both customers as well as the companies some of alaska's systems are still offline and it's been months so again this stuff affects people and it's a real thing and it's really easy to gloss over the fact that they're not a big deal because we might talk about eight data breaches in a single week but this stuff is serious all right our next story all right nathan don't mess this one up the good news is i can't put my opinion into this because i don't know what to think of this story so okay so what happened was a man uploaded child pornography to gmail to his gmail account and this definitely happened gmail detected it via hashes they they did not open it they passed it along to the national center for missing exploited children who also did not open it who passed it along to the san diego police department who then did open it got a warrant to search his computer in his house went and arrested him and all this um this week this case was appealed and the court ruled that this violated the fourth amendment and that the police should have gotten a warrant before opening the attachments i think what their their reasoning for that was is because nobody else had opened it and therefore the police didn't have probable cause i guess or they didn't have like the legal justification there there are uh for those of you who don't know there are situations where the police are allowed to do things without a warrant uh one of them i think is probable cause or like another one is like um it i forget what it is but like for example if they pull you over and they smell pot they're allowed to search the car without a warrant or you know if they hear somebody screaming in a house they're allowed to break into the house without a warrant because somebody screamed so there there are situations where they are allowed to search without a warrant but the police ruled that or the courts ruled that this was not one i i mean on the one hand i i do like that you know the police are being told to get a warrant and respect our privacy but on the other hand like if two separate companies agreed that there was a hash there i feel like to me that counts as justification i don't know but maybe he should like maybe that's enough justification to go get a warrant like i don't know man i really don't know i feel like this these kinds of things don't happen when they should happen and so i want to praise the fact that they did hold the the investigation accountable for once it feels like because a lot of times we see these stories where someone like didn't even do anything wrong and the the investigation was never even held accountable and they still have to go through a lengthy process and so now we actually see them being held accountable when it seems like this person is very clearly guilty i don't know it's hard i i don't i don't have many thoughts on this one it's a tricky one and it really is and yeah i think you said it you said it pretty well i think i think most people are gonna be on the same page there of like oh man that's tricky yeah the final political story the lithuanian government has warned about secret censorship features in xiaomi phones this is pretty much a security audit that covers the three popular 5g smartphone models that are manufactured in china and it recommends that citizens avoid or stop using at least two of the three devices citing privacy infringements and secret censorship capabilities they found words and phrases like free tibet democratic movement taiwan independence and others that were censored so the module is not enabled in every device but could have been enabled in many of them secretly so uh something you should know about this is actually one of the first actual pieces of evidence that there is some kind of secret thing happening on the phone that's undetected but look it still is detected and now we know about it so i don't want to hear any more people tell me that google pixels have secret chips that spy on them with custom roms because it's not true and you don't have evidence and it's easy to disprove and these researchers are telling us that there is something happening in some part of the world and this is a very valid problem that we are going to be talking about i mean to those people this defense in in a year or two they might come out with a similar study about the google pixel they they could but like you can't just say oh google has now invented a whole new way of communicating that someone with wireshark at home can't analyze to see if they're still spying on you like yeah you gotta you gotta have evidence for that you gotta have evidence for it and it's very easy to throw anything out there i can tell you that linux is compromised and you're going to be like no it's not and i'm going to be like no it is it's like what's your evidence i don't need any i just know like okay what's evidence yeah like if if you're saying something that i guess wild without evidence it's really hard to disprove it the lack of a rebuttal doesn't mean that like you're right yeah i try to make a point of saying like i have no evidence for this but this is what i believe yeah i wish more people did that all right and with that we are going to move on to our free and open source software foss news we're going to start off with some good news for android people there is a new app called air guard and it is open source it's on github it's on f droid and it's on google play and what this does is it periodically scans for air tags and other find my enabled devices and warns you if they might be tracking you so this is great when apple launched their air tags earlier this year the iphone came with a lot of features to help you detect possible tracking android users were basically sol you know crap out of luck and now somebody has built an app that you can download if you think that you may be being tracked but you don't have an iphone now they have built a device that you can or an app that you can download and detect potential tracking by the way f droid is an open source app store that you can download on any android device so even those of you out there with your samsung devices and whatnot just go online and download f droid have some fun yep all right the next story guys https everywhere is is gonna die it's a thing um but it's but it's for exactly press f but it's actually for a good cause it's not what it sounds like so the eff is going to be phasing out their legendary https everywhere plug-in simply due to the fact that https is just such a great standard and most people are utilizing it and many browsers nowadays are natively supporting the same capability as the plugins so it's pretty much becoming useless at this point this is all great news in fact i think one or two months ago we talked about how browsers are actually implementing a lot of great stuff now out of the box and it's something that we're very happy to see it's getting to the point that the amount of extensions that we're recommending is going down in fact there's browsers now you don't even need to use extensions so it's pretty nifty stuff makes privacy easier for everyone makes security better for everyone we're all about that okay our next story brave has launched brave talk for privacy preserving video conference all right um i like brave i'm sorry to the the brave fans that i'm about to offend i think this is dumb but here's the facts it's basically braves jitsi instance i mean that's that's a fact it's what it is uh they claim they don't log any metadata it's only available for one-to-one calls if you want to have three four five people you have to pay seven dollars a month for the extra features which again these features are standard on the regular jitsi server uh these are features like call recording muting participants entry passcodes and group calls like uh actually my band that's how we wrote our album over lockdown is jitsi but uh i will say to their defense it is probably a lot more stable with large calls like that's a ding that i've heard on people who have tried to use jitsi instead of like zoom or something is once you get over a certain number of participants jitsi gets really unstable so i mean if you want to use a replacement for zoom at your business then this is probably a pretty good idea and it's probably worth paying seven dollars a month for but i mean just for individuals it's honestly probably something you can pass on yeah if i could chime in and i'm this is like a major devil's advocate thing i'm probably gonna be called the brave shield for this even though i'm saying that like i don't agree with it i think this brave talk is kind of dumb too it's not something i'm literally ever going to use like most other things in the brave browser but i think it's kind of nifty how brave tries to like integrate everything into their browser like it's getting to the point that it has its own torrent client it supports um well let me look at the tour window it's got the tour like exactly it has tor and they say they added something else in that same release ipfs they have ipfs they have their cryptocurrency wallets you can store ethereum inside like you can literally say brave search brave news that's what they mentioned yeah the article it's kind of lit like if you like the brave ecosystem it literally replaces the need for you to have a torrent client it replaces the need for you to have news you can use it as your rss feed you can add manual rss links inside of brave like it's kind of nifty i don't like the ecosystem so i don't use it but i think it's kind of cool that we're seeing um these privacy oriented whether or not you think brave is private it's at least they're at least trying to be private um it's cool that we're seeing these privacy ecosystems come out like protonmail's trying to replace the google suite brave is kind of trying to replace i don't know they're they seem to have a little loss of vision there of what they're trying to replace but they're trying to make their own thing which i'm kind of like okay cool go off and i mean to be fair i'm not i'm not saying like this is a terrible idea nobody should use it it's just kind of one of those things that i'm like i don't know if anybody asked for this but you know hey i don't think anyone is going to use it though like why are you going to use i the only thing i can think of is some person is like man i really like brave talk and the only way someone else is going to be able to use brave talk is if they download brave so now they're going to get more monthly active users that's the only thing i can think of maybe that's all it is but like i said maybe maybe there is actually a company out there that's you know wants to get off google or zoom or whatever and maybe they're willing to pay for it but i think those are probably gonna be few and far between so maybe i don't know i do trust brave though from a business pov i think brendan's a very good businessman and i think they're going to make the right moves to i i'm going to say this i think br if you check brave stats it's only up guys every month they're only gaining users um from a business perspective they know what they're doing firefox is the it's quite the inverse that's all i'm gonna say um i wouldn't be surprised in two years if we see uh brave overtake firefox so i'm gonna say not that i agree with either one of them make your own browser choice i'm just saying from a business perspective i do wish firefox was making better decisions um and the final fast story ubuntu linux 14.04 and 16.04 have each got a decade of support from canonical kind of back to where we were talking about updates earlier i love updates i love making things last a long time and i love seeing things get a decade of support that's it that's awesome i wish everything was built to last a decade or more why not why not a century i didn't throw it in here but there was actually an article earlier this week from uh i can't remember who it was but it was it was somebody well reputed and he was basically saying like this whole two three four years of updates thing has got to stop and companies have got to basically promise support for as long as the thing is in use i'm surprised there's no regulation for it yet i mean the eu i don't know we're not going to talk about this story but the eu just recently is trying to push on apple to implement usbc as a standard they're trying to make usbc a requirement it's weird that like we're talking about that and the ports and everything which i think is important but we're not talking about the fact that a lot of these phones aren't supported for more than two or three years i feel like that's such a massive issue for for carbon footprint for for so many different things like for security for protecting people for making their phones last longer it saves money i just i don't know yeah now that you mention it that is kind of weird yeah i'm surprised there's no regulation for that at least in the eu and finally let's move into our misfit section we're gonna start off with a real quick one joker has been spotted on the google play store probably nothing new uh joker is a malware that basically what it usually does i mean it does i think it has a couple of capabilities but the most common one is it signs you up for subscriptions without telling you so you charge a lot of money and the you know the criminals get like a kickback from those subscriptions but yeah it's back they found it in several apps so as always as we mentioned before be careful what you install ask if you really need it uh our next story the finn8 finate finite i don't know the finney cyber crime gang backdoors u.s finance organizations with a new malware again this isn't a terribly new story um finn a has been around for some time they just have a new malware they typically typically target uh the hospitality industry restaurants retail and healthcare and their goal is to steal credit card data from point-of-sale systems so the reason we wanted to share this is the moral here remember to be careful using cards try to use cash whenever possible or whenever possible use mask payment methods like privacy.com uh revolut prepaid cards things like that um and our final story for the week the nsa and cia use ad blockers because because online advertising is so dangerous ver the title pretty much explains it all if you want to get more information i'd read the source as we always recommend um so this is a lesson use u-block origin and kind of a side note like we post stuff on youtube youtube has ads i actually get this question a lot like oh you guys are monetized and it's like yeah i know some people still use ads you can choose to keep ads running or you can use you block origin we don't care um we ask it doesn't have to be for us but i generally this is a personal thing i like to recommend to people take your top three creators and find a way to support them be it join their communities be it leave a comment to support them emotionally just anything just try to support your three creators in some way be it patreon paid methods or free methods just try to do something for them whatever that means to you i think that's a good thing to try to do for everyone to at least try to take some money away from the monetization model but you can do what you want that's just how i like to look at things do you have anything to add there nate i think we're pretty fortunate to have a really positive uplifting community um that was something that really surprised not surprised me but uh something that i was pleasantly surprised to see when i i joined uh surveillance report is you know most of the comments are very uplifting and helpful and even the ones who are critical are usually constructive like you know just hey so you know it's it's this instead of this usually with my pronunciations but uh you know it's it but yeah so i mean you know unfortunately some people aren't fortunate enough to have attracted positive viewers like that so yeah i like what you said about like leaving a positive comment and stuff that can definitely help a long way to to balance out all the the jerks who leave negative comments i don't think people realize how stressful dealing with that stuff is like imagine that like posting something it can be yeah for like thousands of people and there's like at least a dozen people and everything being like wow everything you do sucks at a certain point it does kind of suck you know but you gotta just like power through it and it's just nice to see all the positive comments because they completely overpower those and i think we've talked about this before the human brain is this is an actual fact the human brain is like wired to pay attention to negative things because it's like a survival instinct and so you can scroll through and i know you've seen me do this you can scroll through like 50 comments of like this is awesome this is great thanks for the content keep up the good work and then just like the one person that words it the right way and it's just like oh that guy's a jerk and now that's all i can think about for three days like yeah but but yeah like like you said like those positive comments and they help like to keep it in perspective like okay this one person was a jerk but look how many people liked it and thought it was valuable and yeah so take away just support your 3 510 or just your top favorite creator if you can because at the end of the day you're probably getting their content for free in some way shape or form so yeah just keep that in mind and then real quick just to add on to the end of the the actual story there was also a story this week about a malware that is delivering ransomware payloads using google ads so we'll throw that at the end of the show notes too well now that's going to wrap up the news for this report um again there weren't that many massive stories this week but it was still a lot of important stuff that you should know about again keep everything you do up to date because that's probably the biggest takeaway and like just like it was last week i believe or the week before just keep things up to date and we want to thank you for listening to the surveillance support we're happy to know you're trying to stay safe out there this is a lot of fun to do and it's always awesome to see your comments um people are really starting to like this a lot and we're getting a very loyal weekly following for this which is just awesome to see the final thing we want to ask you to do is to share a podcast around make sure you're subscribed if you're on a platform that allows that or just follow the rss feed and definitely definitely give us a rating if you're listening on a platform where that's an option most notably um whatever the apple thing calls it apple podcasts or whatever you guys you guys know what you're talking about if you're on the apple platform um we want privacy to reach as many people as possible and ratings and things like that do help with that and yeah i wish it wasn't like that but it is so help us out if you can thanks again for listening and see you all next week

Info

Channel: Techlore

Views: 31,122

Rating: 4.9395771 out of 5

Keywords: privacy news, surveillance report, facial recognition, security news, cyber security, online privacy, facebook privacy, breaking news, online security, apple privacy, google privacy, the new oil, techlore, HTTPS Everywhere, privacy news online, apple privacy news, data privacy news, online privacy 2021, online privacy & security, mozilla, mozilla firefox, brave talk, online privacy tips, online privacy guide, iphone privacy news, google privacy news, infosecurity news

Id: 9OYpyYqHH9I

Channel Id: undefined

Length: 37min 56sec (2276 seconds)

Published: Sun Sep 26 2021