Consumers should be very wary of buying cloud connected appliances or devices Flashing lights and AI-powered functionality often hides a very dark secret. Most of these devices are connected to a cloud service, you typically do not even know where that service is (and the US is as bad as China when it comes to eavesdropping, allegedly). In the linked article, a man discovered what happened when he tried to block that access, which also reveals another issue — that the devices can frequently be remotely disabled, and you would not know anything about that. Such a device connected to your main home network, as it has established a network link out through your firewall, could be used to attack or snoop on all your other network devices including computers. You certainly, as an absolute minimum, want such devices only connected to a guest network, and want that guest network isolated from the main network (the latter is not the default for consumer grade routers). In my case, my IoT devices have their own VLAN which is completely isolated from all other network devices, which are also segmented into their own VLAN groupings. In summary, just remember that a cloud dependent device can become a useless paper weight at a point in time (whether you stop paying for a subscription service, or whether the manufacturer goes out of business or ends support), it can open up external access to your network, or it can be sending out other sensitive information anywhere in the world. Because 99.9% of us have no idea what that device is actually doing, we may want to rethink supporting the purchase of such devices. The more people who buy them, the more manufacturers will produce them, and we'll see fewer alternatives available over time. I'm a cynic though, so I'm doubting the world will stand up together and only purchase non-cloud connected devices, but I thought I'd just put this out there. Credit to Security Now! podcast episode no 1049 where it was discussed. See

Futurism

Man Alarmed to Discover His Smart Vacuum Was Broadcasting a Secret Map of His House

One man's robot vacuum was constantly communicating with its manufacturer, sending a detailed 3D map of his house halfway across the world.

#technology #cloud #security #privacy

Electric vs petrol car running costs in South Africa – The winner is clear An interesting comparison that really gives this a local perspective, even given the high increases in the cost of electricity that South Africa has experienced. One also has to factor in the servicing and maintenance costs over time such as services which require oil (various) changes, spark plugs, air filters, and brake pads. Electric vehicles using regenerative braking of course also have way less brake pad wear. There is also the lowered emissions (both still give off micro-particles from the tyres and brake pads) and reduced noise levels. The ever evolving battery is sometimes cited as a future cost, but to be honest by solar system battery is warrantied for 10 years or 4,000 full cycle charges, and it seems many EV batteries have already lasted that long too, before being repurposed for static storage solutions. That said, even combustion engines require major overhaul after 300,000 or 500,000 km. Advances and research suggest EV batteries may last 40% longer than earlier estimates, and some manufacturers are aiming for batteries capable of lasting approximately 1,600,000 km. So although everything may not yet be perfect for EVs, there is a really strong case for their future, despite what a lot of heavy-duty PR from the oil companies may suggest. Every incumbent industry, throughout history, has always very strongly resisted any change away from their industry. It's just that today, industries are a lot better organised and have the financial power of lobbying at their disposal. See https://topauto.co.za/features/137133/electric-vs-petrol-car-running-costs-the-winner-is-clear #technology #EV #SouthAfrica

TT-RSS Shuts Down, but the Project Lives On Under a New Fork “In a surprising move, Andrew Dolgov (known online as “fox”), the original developer of the popular self-hosted open-source RSS reader and news aggregator Tiny Tiny RSS (TT-RSS), announced that on November 1, 2025, he will dismantle all infrastructure powering tt-rss.org, including its Git repositories, cgit instance, and user forum.” TT-RSS was one of the options I was tossing up between, before I decided on FreshRSS. It has been going for a long time though, so kudos anyway to its dev for supporting it for 20 years already. But it is important for any users to note there is a fork available, and they may want to just check out the details for any migrations required. In most cases, for self-hosted instances, that may just be the change of the image name to source the updates from. See

Linuxiac

TT-RSS Shuts Down, but the Project Lives On Under a New Fork

Tiny Tiny RSS is shutting down, but a new fork will keep the popular open-source RSS reader and news aggregator alive and maintained.

#technology #opensource #RSS

Sanity Prevails Finally! Your passwords don’t need so many fiddly characters, NIST says "The US National Institute of Standards and Technology has released its latest guidelines for password creation, and it comes with some serious changes. Gone are the days of resetting your and your employees’ passwords every month or so, and no longer should you or your small business worry about requiring special characters, numbers, and capital letters when creating those passwords. Further, password hints and basic security questions are no longer suitable means of password recovery, and password length, above all other factors, is the most meaningful measure of strength." It looks like finally the last 10 years of security researchers recommendations have been taken on board. Why now suddenly? I have no idea, but I am glad that sanity is finally prevailing. It was a few years back that the originator of that d**n 30 day password change idea admitted there were no grounds actually for it. Password length is really the key criteria. So a well-chosen phrase can now be easier to remember as well as being more difficult to crack. Of the course, the big challenge will be, how many years will it be before organisations actually adopt this change... See

Malwarebytes

Your passwords don't need so many fiddly characters, NIST says

There are new rules for your password—and the passwords of your employees. Read NIST's latest guidance on password security.

#technology #passwords #security

No surprise: Research shows you cannot believe everything on social media “An analysis of how tools to make non-consensual sexually explicit deepfakes spread online, from the Institute for Strategic Dialogue, shows X and search engines surface these sites easily.” Everyone seems to be noticing social media has just becoming worse and worse all around. If it was not trolling, it was scams and worse, it was harassment, incitements to violence, and often there seems to be a decided tendency towards trying to rile users up through the use of various triggers (politics, war, religion, discrimination, etc are all great triggers that rarely fail). I used to blame this on just masses of people getting online, and it taking all sorts, including the bad sorts. But in fact, a lot today seems to be driven by bots and even AI. What the study also seems to show (it does not state directly) is those networks and search engines, which use algorithms to lift out viral posts, are the very worst by a long shot. This makes sense as algorithms will exponentially raise visibility of some posts versus networks that just show who you are following with posts sorted chronologically. The Enshitification of social networks and search engines (including manipulated AI) is truly here. So, it is good to remember that a LOT of what you read may well be fake and just calculated to rule you up, and also that there are quieter networks where this sort of thing does not happen as much. I'm also hearing more of my friends saying they just don't read newspapers or look at social media anymore. Many have decided to just skip it all. So don't be fooled either by all those likes and reshare numbers that you see. Don't feel guilty either to just block people — no don't waste your time trying to report them as I can tell you from experience reporting posts on both Facebook and X, NEVER resulted in any positive action (“the post did not contravene our guidelines”, is the standard reply, if you get one). The most effective way to solve such a problem, if it becomes too much for you, is to just delete your account and move to another network or search engine. There are plenty of options out there. See

404 Media

New Research Shows Deepfake Harassment Tools Spread on Social Media and Search Engines

An analysis of how tools to make non-consensual sexually explicit deepfakes spread online, from the Institute for Strategic Dialogue, shows X and s...

#technology #socialnetworks #enshitification #deepfakes

20 Essential SSH Configurations and Security Tips for Linux SSH is an essential tool for anyone managing Linux servers, and using it correctly can make your work both easier and more secure. By following the tips in this guide, you can protect your servers from unauthorised access, simplify your logins with key-based authentication and aliases, and monitor activity with tools like fail2ban and session timeouts. Start with the basics, such as changing the default port, disabling root login, and setting up key-based login, and then gradually explore advanced features like two-factor authentication, SSH tunnelling, and verbose logging. The linked article is a really useful overview to skim though and see what you can use, and what can be locked down and even automated. See

20 Essential SSH Configurations and Security Tips for Linux

20 Must-Know SSH Security Settings for Linux Sysadmins

In this guide, we’ll cover essential SSH security tips every Linux beginner should know to keep their servers secure, efficient, and running smoo...

#technology #ssh #Linux #opensource

A Fascinating History in Photos of Tram and 'Bus Transport in Cape Town since the 1800s I was looking for the location of the old Tollgate depot in Cape Town when I came upon this really excellent Museum page on the GAB site showing a really well laid out chronological history of the various forms of tram and omnibus services over the years from the early 1800s up to around 2009. Apart from just the vehicles, they also cover a lot around the depots, the staff, and the company itself. I do vividly remember the City Tramways company when I used to catch the old double-deck Leyland diesel buses (the ones that chugged like the Routemaster buses), but I always thought that when they rebranded later to Golden Arrow Bus Services (GABS) that it was the usual modern naming trend. What I now see from this page was that in fact the Golden Arrow (the name) had a proud legacy itself that actually predated the City Tramways name back to 1929. Hovering over a photo also shows a lot more context and information about it. See https://www.gabs.co.za/Museum.aspx #CapeTown #History #Trams #Buses

CoolerControl is a Powerful cooling control and monitoring tool for Linux This open-source application not only has a very modern looking and configurable interface, it also has some powerful ways to control the cooling too. It can combine different device sensors (mixed profiles) to set cooling using multiple fans. Profiles for each device can be BIOS, fixed, graph curve, mix, or overlays. Thresholds can also be adjusted to eliminate false positive alerts or to smooth the response of the fans. The application can also run in headless mode on remote Linux systems, and there is a REST API that can be used to integrate remote monitoring systems. My video gives an overview of how I am using it, and what I am finding very useful. It should help you decide whether the application will be of use to you or not. Watch #technology #opensource #Linux #CoolerControl

The EFF's How to: Get to Know iPhone Privacy and Security Settings “Open up your iPhone’s Settings app and you’ll find dozens of different options with little guidance on what those options do. Some of these settings have a serious impact on your privacy and security, altering what data gets shared automatically with apps, data brokers, and Apple itself. What sorts of changes you should make depends on how you use your phone and your security plan. There is no one-size-fits-all collection of recommended settings to change, instead, we’ll explain what settings do to help you decide if they’re worth altering.” The Electronic Frontier Foundation has the user's back, unlike the case is often with Big Tech or government's themselves. This How To may be well worth reading if you use an iPhone. See

How to: Get to Know iPhone Privacy and Security Settings

Open up your iPhone’s Settings app and you’ll find dozens of different options with little guidance on what those options do. Some of these set...

#technology #privacy #iOS

You Must Be Joking: Facebook’s new button lets its AI look at photos you haven’t uploaded yet “Meta has rolled out an opt-in AI feature to its US and Canadian Facebook users that claims to make their photos and videos more shareworthy. The only catch is that the feature is designed for your phone’s camera roll — not the media you’ve already uploaded to Facebook. If you opt in, Meta’s AI will comb through your camera roll, upload your unpublished photos to Meta’s cloud, and surface “hidden gems” that are “lost among screenshots, receipts, and random snaps,” the company says.” By accessing or using this feature, users will have opted in to this. The real problem is Facebook's horrific record of privacy abuses from the Cambridge Analytica scandal, to WhatsApp T&Cs sharing metadata with partners, to being under US CLOUD Act jurisdiction, to the video I have of Mark Zuckerberg assuring everyone they will always own their own data. This is just not a company anyone can believe, and the line mentioning “might hold onto some of that data for longer than 30 days” will mean all of your data will be in there forever. I deleted the Facebook app off my phone many years ago, and I block any of their login code found littered across all of the web too. Facebook's business model is all centred around profiling users to an extreme level of accuracy, and selling that data to “partners”. They are NOT in the social network business, but rather the data harvesting/sales business. Unfortunately, yet again, most Facebook users will just fall for the glitzy pictures and the pretty user interface, and go all in. Mark will testify again in Congress at some point with his carefully crafted responses, and the cycle keeps repeating. The only power that will make any difference is when the sheep all stand together and just delete themselves from his data harvesting machine. That, though, will likely never happen unless there is some cleaner better social network (not a microblogging service) that can support a few billion users and which is not funded from a profit driven US-corporation... The next best thing is we just give up on a general social network, and all revert to microblogging platforms (like the few have done already). See

The Verge

Facebook’s new button lets its AI look at photos you haven’t uploaded yet

Like we always say, read the terms and conditions, folks.

#technology #privacy #facebook