❌

Normal view

Claude Desktop changes app access settings for browsers you don't even have installed yet

20 April 2026 at 21:56

Installation and pre-approval without consent looks dubious under EU law

One app should not modify another app without asking for and receiving your explicit consent. Yet Anthropic's Claude Desktop for macOS installs files that affect other vendors' applications without disclosure, even before those applications have been installed, and authorizes browser extensions without consent.…

Google Chrome lacks protection against one of the most basic and common ways to track users online

16 April 2026 at 02:28

Browser fingerprinting is everywhere

Google markets its Chrome browser by citing its superior safety features, but according to privacy consultant Alexander Hanff, Chrome does not protect against browser fingerprinting – a method of tracking people online by capturing technical details about their browser.…

Cryptographers engage in war of words over RustSec bug reports and subsequent ban

20 March 2026 at 22:07

Rust security maintainers contend Nadim Kobeissi's vulnerability claims are too much

UpdatedΒ  Since February, cryptographer Nadim Kobeissi has been trying to get code fixes applied to Rust cryptography libraries to address what he says are critical bugs. For his efforts, he's been dismissed, ignored, and banned from Rust security channels.…

Google gives Android users a way to install unverified apps if they prove they really, really want to

19 March 2026 at 19:30

Chocolate Factory describes concession as an attempt to balance openess with safety

It turns out you won't be limited to Google-verified apps and developers on Android after all. In the face of sustained community dissatisfaction with its developer verification requirement, Google has given Android users an out.…

DIY AI bot farm OpenClaw is a security 'dumpster fire'

3 February 2026 at 11:14

Your own personal Jarvis. A bot to hear your prayers. A bot that cares. Just not about keeping you safe

OpenClaw, the AI-powered personal assistant users interact with via messaging apps and sometimes entrust with their credentials to various online services, has prompted a wave of malware and is delivering some shocking bills.…

Java developers want container security, just not the job that comes with it

30 January 2026 at 01:12

BellSoft survey finds 48% prefer pre‑hardened images over managing vulnerabilities themselves

Java developers still struggle to secure containers, with nearly half (48 percent) saying they'd rather delegate security to providers of hardened containers than worry about making their own container security decisions.…

Surrender as a service: Microsoft unlocks BitLocker for feds

23 January 2026 at 21:41

If you're serious about encryption, keep control of your encryption keys

updatedΒ  If you think using Microsoft's BitLocker encryption will keep your data 100 percent safe, think again. Last year, Redmond reportedly provided the FBI with encryption keys to unlock the laptops of Windows users charged in a fraud indictment.…

Flipping one bit leaves AMD CPUs open to VM vuln

15 January 2026 at 22:11

Fix landed in July, but OEM firmware updates are required

If you use virtual machines, there's reason to feel less-than-Zen about AMD's CPUs. Computer scientists affiliated with the CISPA Helmholtz Center for Information Security in Germany have found a vulnerability in AMD CPUs that exposes secrets in its secure virtualization environment.…

❌