Payment apps are watching what you say (Lock and Code S07E11)

This week on the Lock and Code podcast … In the United States today, you can have your bank account closed, your credit cards cancelled, and your online payments revoked for any number of crimes, like funding terrorism, engaging in money laundering, or violating sanctions. Sensible, right? Well,...

Chilling Effects

Younger Americans have soured on the second Donald Trump presidency, but they are not protesting it. Despite an unpopular Iran war and an even more unpopular Trump administration, college campus protests nationwide have gone silent. And at many schools, student activism is virtually nonexistent...

[SECURITY] Fedora 43 Update: tor-0.4.9.8-1.fc43

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and...

[SECURITY] Fedora 44 Update: tor-0.4.9.8-1.fc44

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and...

Taking a Bite out of the Forbidden Fruit: Characterizing Third-Party Iranian IOS App Stores

Due to U.S. sanctions and strict internet censorship, Iranian iOS users are barred from accessing the Apple App Store and developer services. In response, despite violating Apple's developer terms, a thriving underground ecosystem of third-party iOS app stores has emerged to serve Iranian users...

EUVD-2025-208314

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection DPI systems to trivially identify and block proxy traffic, undermining censorship circumvention...

CVE-2025-13476

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection DPI systems to trivially identify and block proxy traffic, undermining censorship circumvention...

CVE-2025-13476 Rakuten Viber uses broken or risky cryptographic Algorithm

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection DPI systems to trivially identify and block proxy traffic, undermining censorship circumvention...

PT-2026-23467

Name of the Vulnerable Software and Affected Versions Rakuten Viber versions 25.6.0.0 through 25.8.1.0 Description Rakuten Viber’s Cloak mode on Android version 25.7.2.0g and Windows versions 25.6.0.0 through 25.8.1.0 employs a consistent TLS ClientHello fingerprint that lacks extension diversity...

Why Tehran’s Two-Tiered Internet Is So Dangerous

Iran is slowly emerging from the most severe communications blackout in its history and one of the longest in the world. Triggered as part of January's government crackdown against citizen protests nationwide, the regime implemented an internet shutdown that transcends the standard definition of...

What can’t you say on TikTok?

This week on the Lock and Code podcast … A funny thing happened on TikTok last month, and it has brought allegations of censorship, manipulation, and control. It was the week of January 22, and after a long legal battle, TikTok had finally—for the first time in its company history—moved its...

Password Managers Share a Hidden Weakness

Plus: The cybersecurity community grapples with Epstein files revelations, the US State Department plans an online anti-censorship “portal” for the world, and more...

Chinese Surveillance and AI

New report: "The Party's AI: How China's New AI Systems are Reshaping Human Rights." From a summary article: China is already the world's largest exporter of AI powered surveillance technology; new surveillance technologies and platforms developed in China are also not likely to simply stay there...

Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs

New research from CrowdStrike has revealed that DeepSeek's artificial intelligence AI reasoning model DeepSeek-R1 produces more security vulnerabilities in response to prompts that contain topics deemed politically sensitive by China. "We found that when DeepSeek-R1 receives prompts containing...

Censorship Chokepoints: New Battlegrounds for Regional Surveillance, Censorship and Influence on the Internet

Undoubtedly, the Internet has become one of the most important conduits to information for the general public. Nonetheless, Internet access can be and has been limited systematically or blocked completely during political events in numerous countries and regions by various censorship mechanisms...

Massive Leak Shows How a Chinese Company Is Exporting the Great Firewall to the World

Geedge Networks, a company with ties to the founder of China’s mass censorship infrastructure, is selling its censorship and surveillance systems to at least four other countries in Asia and Africa...

Network-Level Censorship Attacks in the InterPlanetary File System

The InterPlanetary File System IPFS has been successfully established as the de facto standard for decentralized data storage in the emerging Web3. Despite its decentralized nature, IPFS nodes, as well as IPFS content providers, have converged to centralization in large public clouds...

Google Will Use AI to Guess People’s Ages Based on Search History

Plus: A former top US cyber official loses her new job due to political backlash, Congress is rushing through a bill to censor lawmakers’ personal information online, and more...

Evasion under Blockchain Sanctions

Sanctioning blockchain addresses has become a common regulatory response to malicious activities. However, enforcement on permissionless blockchains remains challenging due to complex transaction flows and sophisticated fund-obfuscation techniques. Using cryptocurrency mixing tool Tornado Cash as...

SoK: Current State of Ethereum'S Enshrined Proposer Builder Separation

Initially introduced to Ethereum via Flashbots' MEV-boost, Proposer-Builder Separation allows proposers to auction off blockspace to a market of transaction orderers, known as builders. PBS is currently available to validators through the aforementioned MEV-boost, but its unregulated and...