Are you interested in air purifiers?
There is one important metric that is 'hidden' from consumers, that being the CADR (Clean Air Delivery Rate)
See the explanation in video, as given by Healthy Home Guide:
A letter from Quong Tart to Prime Minister Edmund Barton.
See copy of letter to the Prime Minister regarding provisions of the Immigration Restriction Act (1901):
The colonialisation of this land has quite sordid beginnings and even tough after some settling down the immigration policies by those in government over the years are quite questionable to say the least.
Years ago, the catch phrase by the authorities was to allegedly stop the “boat people”, a similar scenario for people living here before 1788.
So these boat people were to start off on this land by committing a criminal act, that being entering illegally.
Well that is no longer the case, as times have changed, where ‘we’ (the people) no longer have “boat people”, i.e. criminals entering this nation, but rather we now have “plane people” meaning criminals entering this nation by plane, where there is allegedly more control on who steps foot on this Australia’s soil.
Irrespective of this so called control, immigration policy over the past generation or more has deliberately brought in disproportionately huge criminal elements from places like India the Middle East and Africa.
What’s worse is that when or rather if caught, there is very little the authorities do, and certainly there is no deportation to “go back where you came from”.
Basically these creature are here to stay to cause more dis-ease/harm in the community.
‘Indian’ (Indian/Bangladeshi/Pakistani/Nepalese, etc) scammers are no longer the stereotypical call centre criminals committing fraud over the internet, where in Australia they have diversified into the building and services, people moving and real estate industries, just to name a few.
The building industry is rife with low quality (Indian/Pakistani/etc) as well as Middle Eastern 'builders', where the word is not to touch any property that is worked on by them.
So what are the authorities doing about it? Pretty much - nothing, or rather handing out more builder's licences to criminal operators.
"Australia, the lucky country", aye?
If people think they have a right to ‘free speech’ now, they are sadly mistaken.
You are only allowed to write/post what governments and corporations allow you to.
Eric Arthur Blair’s Nineteen Eighty-Four is kindergarten material compared to what is being enacted today.
Corporations like Google work with the FiveEyes governments in censoring, removing/deleting videos from their platforms, in this case YouTube in effect ‘removing’ history.
A clip that was posted on YouTube features censored words, where attention was paid to one word.
Is this word vulgar or 'politically incorrect'?
Does this word 'hurt' people's feelings or offends a minority?
What is so heinous about this word that the 'public' cannot see it in its pure unadulterated spelling?
Well the word is "heart".
Not only is the subtitle censored but also the audio is edited
It's irrelevant whether it is self censored or whether the platform censored it, the problem is that it was censored.
You can see the censored video in all its glory:
Link: https://www.youtube.com/shorts/mVm1udAU9dk
Cybersecurity firm Mandiant has unveiled a groundbreaking discovery that demonstrates how threat actors could potentially bypass browser isolation technologies using QR codes as a covert command-and-control (C2) communication channel. The research, disclosed on December 8, 2024, raises significant concerns about the effectiveness of current browser isolation security measures.
The novel technique, developed by Mandiant's Red Team, leverages machine-readable QR codes embedded within web pages to establish unauthorized communication channels. This method proves effective against all major types of browser isolation solutions, including remote, on-premises, and local implementations, potentially compromising organizations' security infrastructure.
"The discovery highlights a critical weakness in what many organizations consider a robust security measure," explained a senior researcher at Mandiant. "By utilizing QR codes as a transmission medium, attackers can effectively circumvent traditional browser isolation protections that are designed to separate user browsing activity from the corporate network."
The proof-of-concept implementation demonstrated by Mandiant researchers utilizes Google Chrome in headless mode, integrated with Cobalt Strike's External C2 feature. The malicious implant operates by rendering web pages in a headless browser, capturing screenshots of embedded QR codes, and subsequently decoding them to extract command data.
However, the technique does come with notable limitations. The researchers found that the QR code-based C2 method is constrained by a maximum data capacity of 2,189 bytes, primarily due to streaming quality issues. Additionally, the communication process experiences significant latency, with each request taking approximately five seconds to complete, making high-throughput operations like SOCKS proxying impractical.
"While the current implementation may not be optimal for large-scale data exfiltration, it proves the concept that browser isolation can be circumvented through creative means," stated a Mandiant Research Team. "This should serve as a wake-up call for organizations relying solely on browser isolation as their primary defense mechanism.
"In response to these findings, Mandiant has issued several recommendations for organizations to strengthen their security posture. These include implementing comprehensive traffic inspection mechanisms to detect anomalous patterns indicative of QR code-based C2 activity, conducting regular domain reputation checks, and deploying advanced URL scanning solutions.
Security experts emphasize the importance of adopting a multi-layered "defense in depth" strategy rather than depending on a single security solution. "Organizations need to understand that no single security measure is foolproof," noted a cybersecurity analyst familiar with the research. "This discovery reinforces the need for comprehensive security strategies that combine multiple protective layers."
The revelation has prompted increased attention from the cybersecurity community, with several organizations already beginning to evaluate their browser isolation implementations in light of this new threat vector. Security vendors are also expected to develop countermeasures to detect and prevent such QR code-based bypass attempts.
As organizations continue to rely on browser isolation technologies as part of their security infrastructure, Mandiant's discovery serves as a crucial reminder of the ever-evolving nature of cyber threats and the importance of maintaining robust, multi-layered security defenses.
Found this article interesting? Keep visit thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive tips like this.
Source:thesecmaster.com
See also other articles on QR Codes:
We live in a fascist on-line world, where there is an attack on privacy and also 'free speech'.
Corporations that are in the top tier of surveillance, that being the 5Eyes, stringently moderate people's posts, just like they do in China.
An article that was published on the 13th of December 2024, was removed by Google, citing a violation of so called 'Community Standards'.
Was there a violation of 'Community Standards'?
Can Google respond with which section was 'violated'?
The article contained government and mainstream media information, which was collated into one area.
YOU be the judge.
These are screen captures of the removed article:
These are the links that were within the post:
Australian health businesses advertising health information from global corporations?
https://oversight.house.gov/wp-content/uploads/2024/12/12.04.2024-SSCP-FINAL-REPORT.pdf
https://corpau.blogspot.com/2020/07/covid-test-useless-faith-in-quick-test.html
The advisory was issued on Wednesday by cyber defence watchdog the Australian Signals Directorate (ASD) and its Australian Cyber Security Centre (ACSC), alongside security agency counterparts from the US, Canada, and New Zealand.
The notice urged telecommunications companies to increase their network security in the wake of some US residents having their phone conversations, text messages, or related call and text records accessed.
For many people, this allegedly included metadata being stolen — which can include information on the dates, times, locations, and recipients of calls and text messages.
"We believe a large number of Americans' metadata was taken," a US official told local journalists on the condition of anonymity, as Reuters reported.
"We do not believe it's every cell phone in the country, but we believe it's potentially a large number of individuals that the Chinese government was focused on."
At least eight US telecommunications providers have been affected by the cyber espionage campaign, and hackers were likely to maintain some access to US networks, according to the White House.
The wide-ranging incursion came to light earlier this year, and while the threat has remained since, the true extent to which Salt Typhoon hackers still had access to critical networks around the world remained unclear.
The Australian government has not confirmed whether Australian telecommunication networks have been breached.
US senator Mark Warner, chairman of the country’s senate intelligence committee, told The Washington Post in November that the attacks were the "worst telecom hack in our nation's history — by far".
Chinese officials have denied responsibility and have previously described allegations of state-based hacking as disinformation, or false narratives.
Australian organisations urged to boost cyber security
Telcos and organisations working to defend communications infrastructure in Australia should “strengthen their visibility and harden devices against [People’s Republic of China]-affiliated and other malicious cyber actors”, ASD said in a statement.
“Our US partners have observed these actors compromising networks of major global telecommunications providers.
“Actors have focused on large US internet backbone routers, such as provider edge and customer edge routers.
“The compromises and malicious activity target exposed and vulnerable services, unpatched devices, and under-secured environments.”
ASD said it encouraged Australian organisations to maintain "high visibility” networks so that cyber defenders had “detailed insight into network traffic, user activity, and data flow” to help them detect potential threats.
The Australian government has accused China of being behind numerous cyber attacks and related security incidents in recent years.
In September, authorities said around 2,400 devices in Australia had been compromised by a China-backed cyber crime group.
In July, the Australian government blamed a series of cyber attacks on the Chinese government and a state-sponsored group known as APT40.
Telephone calls involving “very senior” US political figures had been targeted and recorded by Salt Typhoon hackers this year, the White House alleged on Saturday.
Anne Neuberger, the US deputy national security advisor for cyber and emerging technology, said while the metadata of a large number of Americans had likely been stolen, officials believed “the purpose of the operation was more focused”.
"We believe ... the actual number of calls that they took, recorded and took, was really more focused on very senior political individuals," she said, as Reuters reported.
Neuberger did not reveal the names of anyone who was targeted, but said the US was “still investigating the scope and scale” of the hacking campaign.
The New York Times reported in October that phones used by then-presidential candidate Donald Trump, members of Trump's family, members of president Joe Biden’s administration, and officials at the US State Department had been targeted by China-linked hackers.
Asked about US reports of potential telecommunications attacks on 28 October, a spokesperson for China’s Ministry of Foreign Affairs, Lin Jian, said, “China urges the US to stop various types of irresponsible moves to blame the victim, stop cyberattacks globally, and stop using cyber security issues to vilify China.”
Neuberger said on Saturday that Biden had been briefed on the US government’s latest findings and the White House "has made it a priority for the federal government to do everything it can to get to the bottom of this".
US government officials reportedly told NBC News that citizens could use encrypted messaging apps — the likes of which include Facebook Messenger, Signal, WhatsApp, and Telegram — to minimise the chance of their communications being intercepted.
A US senate commerce subcommittee hearing is expected to discuss the Salt Typhoon hacking on 11 December, local time.
Source: acsinformationage
People in power will tell you this: “Nothing to hide, nothing to fear”, right?
So, let's have the password to your email, or code for your phone since you have "nothing to hide", no?
Sydney Criminal Lawyers will tell you of The Fallacy of 'You Have Nothing to Fear if You Have Nothing to Hide'.
Privacy is something valued by all of us, at least to some degree. Arriving home at the end of the day, it’s important to know that what goes on behind closed doors is not being monitored by authorities or some other party.
Equally, we may not want all of our personal communications with friends, partners and family members to be available without proper justification by some government employee, or our intimate images to be accessible to others without our consent.
In the 1949 novel Nineteen Eighty-Four, George Orwell imagined a dystopian future where telescreens monitoring citizens in both the public and private realms were ubiquitous. And while this idea might send shivers down the spine, the reality is that it’s not far from the truth in 2018.
Indeed, authoritarian leaders of days past could only have dreamed about having access to information as private and pervasive as metadata and the vast amounts of personal information contained in our mobile phones and other devices.
The use of CCTV cameras in public places has been well-established in this country for decades now. And soon, these cameras are set to be linked to a national database containing all Australian driver licence and passport photos, enabling almost-instantaneous biometric matching.
The 2013 Snowden leaks revealed just how far-reaching government digital surveillance has become, along with its deep encroachment upon people’s privacy. The documents revealed that the NSA, along with other Five Eyes nations, were involved in colossal global surveillance programs on their own people.
Many in the community simply shrug off the ever-increasing whittling away of the basic right to privacy, as it’s supposedly being carried out in the name of protecting us against terrorists. “If you’ve got nothing to hide,” they assert, “then you’ve got nothing to fear.”
But these people may want to think again, as the removal of a basic right is incremental, and, once it’s gone, the legislation and policies that withdrew it can be very hard to knock down.
Chair of the Electronic Frontiers Australia policy team Angus Murray said the nothing to hide argument is a “fundamentally dangerous” proposition, as it creates the premise that “privacy is only invoked where criminals are involved.”
“Unfortunately, the nothing to hide rhetoric has created a situation where this fundamental right has been somewhat distorted,” Mr Murray told Sydney Criminal Lawyers®.
According to him, the starting point to the argument should not be grounded in “criminality or the criminal justice system,” but “rather it should be about a fundamental human right not to be subject to arbitrary interference in private life.”
“This is particularly pervasive in the context of mass surveillance,” he continued, “wherein law-abiding citizens have their private life, often unknowingly, interfered with on the pretence that this is in their best interest, or more correctly, it’s not in their worst interest.”
And the digital rights advocate should know. Electronic Frontiers Australia has been at the frontline of monitoring the encroachment upon the rights of Australians in the digital environment since 1994.
Article 17 of the International Covenant on Civil and Political Rights enshrines the right to privacy in international law. Being a signatory to the agreement, Australia has committed to uphold the rights contained in the document at the international level.
But, at the domestic level, Australia doesn’t have a bill guaranteeing citizens’ basic rights under the law, and therefore there is no general recognition of privacy being a fundamental right. Indeed, Australia is the only democratic nation in the world without a national bill of rights.
The federal Privacy Act 1988 is the principle piece of legislation protecting Australians’ personal information, although, it’s long been criticised for providing inadequate protections against data breaches.
The Office of the Australian Information Commissioner is the body responsible for enforcing the provisions of the Act. It announced last month that the federal Department of Health had breached privacy laws after it published de-identified health records of 2.5 million Australians online.
It was subsequently found the data could be re-identified. And the commissioner made the announcement a year and a half on.
The federal Coalition government has been implementing policies that have grave implications for citizens’ privacy. Its mandatory data retention regime, which requires all telcos and ISPs to store their customers’ metadata for the period of two years, came into effect on October 13 2015.
The metadata that is stored relates to the time and date of calls, emails, text messages and internet sessions. It reveals who an individual has been in contact with, and their location at the time. And privacy experts warn that a lot can be ascertained about a person via this information.
Currently, warrantless access to this data is reserved to 21 law enforcement agencies led by ASIO.
On October 5 last year, all state and territory leaders signed off on the Turnbull government’s National Facial Biometric Matching Capability, which is a database that will store all Australians’ drivers licence and passport photos.
This mass hoarding of most of the population’s images will then be linked up through an exchange, so that it can be instantaneously macheted to identify people captured on CCTV cameras in public places.
The legislation to enact this system was introduced into parliament last month, and is currently under the review of the joint parliamentary committee on intelligence and security. When the program was announced, the prime minister claimed it had nothing to do with mass surveillance.
And in July last year, Turnbull said his government was proposing new laws that would require social media and technology companies, such as Facebook and Google, to allow Australian security agencies access to people’s encrypted messages.
Those who simply scoff at this encroachment upon our privacy, declaring that they have nothing to hide, are missing the point. If you mine any individual’s data in a thorough way, it’s sure that you’ll find something that looks suspect.
The deniers are similar to climate change sceptics. Long-term changes to weather are almost imperceptible on a daily basis, just like the erosion of the right to privacy, so the benefits of new technologies are easy to utilise, whilst refraining to consider the detrimental impact they’re having.
“Too many wrongly characterize the debate as security versus privacy,” US computer security expert Bruce Schneier explained. “The real choice is liberty versus control.” And with a network of CCTV cameras linked to facial recognition technology, the ability of authorities to control will be overwhelming.
As far as Murray is concerned, the nothing to hide argument sets off the debate around privacy on “an ill-founded footing,” as those who are most vocal about the need for the right to privacy to be upheld are somehow cast as suspects.
“A person does not require something to hide to care about their privacy and the burden should not be reversed onto citizens to demonstrate that they have nothing to hide,” Mr Murray concluded.
“This should be a matter for law enforcement in the course of lawfully obtaining a judicial warrant.”
In any event you can read the heavily redacted document that Australian taxpayers paid for:
See also a narrative on this document:
Keeping the serfs in the dark - another day in the colony.
The Australian government has new laws on the books to hack your computer, your online accounts, and just about any piece of technology and networks you come into contact with. It can happen without a warrant and without you ever knowing. That’s just the start of it. Outraged? Good.
Earlier in August, the Parliamentary Joint Committee on Intelligence and Security (PJCIS) released a report on the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 recommending it be passed with significant changes. Most notably, they recommended narrowing the scope of the new powers introduced by the bill, by limiting the criteria for issuing new warrants, requiring approval from a superior court judge and calling for stronger oversight and review mechanisms.
The bill was passed just over a week later by both houses. Needless to say, most of the recommendations of the PJCIS report have gone ignored, similarly to the concerns previously raised by us, Human Rights Law Center and several others. So let’s dive right in and take a closer look at the powers the legislation will grant to law enforcement. The three big powers given to the Australian Federal Police (AFP) or the Australian Criminal Intelligence Commission (ACIC) are:
A couple of additional notes on data disruption “warrants” is that they: can be issued on devices even if the individual’s identity is not known, if the device is “likely connected” to a suspected offence, or if the information could “assist” in an investigation. It should also be noted that in the final text an emergency authorisation can also be used to simply get “access to data held in a computer.” To do this, the final text allows them to use a computer, a telecommunications facility, any other electronic equipment or a data storage device.
AN ACCOUNT TAKEOVER WARRANT enables the law enforcement agencies to take control of an account, and even lock the account holder out of it. This can be done covertly and without consent, so the individual wouldn’t necessarily know what is going on until or if they are ever charged. It includes removing two-factor authentication and using one account to gain access to others (directly contradicting cyber security best practices for staying safe and secure online). The warrant is applicable for a maximum of 90 days (though extensions are possible) — so that is the length of time a law enforcement officer can impersonate you or use your accounts to monitor your activity and gather information. The emergency authorisation, overseen by a magistrate, is also available under this power.
NETWORK ACTIVITY WARRANTS allow access to networks where there is suspicion of serious online offences, although what qualifies as “serious” has a variety of definitions in the legislation. The desire to “overcome security features like encryption” on this scale should have us all extremely concerned. In their submission to the PJCIS, the Human Rights Law Centre raised alarm at the definitions used under this power, which are so dangerously overbroad they would enable widespread surveillance across social media and messaging platforms. Yes, that means if someone is suspected of using Whatsapp (for instance) for criminal purposes, the power would allow the AFP and ACIC access to all of Whatsapp. They are subject to the same secrecy and time limitation (90 days with a possible extension) as account takeover warrants. Unlike the other powers, evidence gathered this way cannot be used in court, but it can inform further warrants and inform officials where to look — this warrant allows for mass network surveillance.
And we can also note that while there are some restrictions on the extraterritorial application of these warrants, mostly that a consenting official from another country is required in order to proceed with such an investigation, the judge is allowed to authorize network activity warrants for other jurisdictions if the location of the data is unknown or cannot be reasonably determined.
The PJCIS report also insisted on increased powers of reporting for the Independent National Security Legislation Monitor (INSLM). In fact, setting the egregious scope of these new warrants aside for a moment, there are fundamental shifts that happen in these laws about how surveillance power is distributed and overseen in Australia. The distinction between a superior court and the Administrative Appeals Tribunal (AAT) is huge, and most of TOLA is now subject to the oversight of the AAT (see below section on ‘context’ for more information). All these bodies are equipped and resourced in completely different ways. The rules of evidence are different, just as the decision-makers are different; only recently there was a scandal that Christian Porter was appointing underqualified people to the AAT. The INSLM can in fact provide independence in their review, but it is not immune from politics, and reports from the office can certainly be completely ignored at the discretion of the government.
In the final text of Identify and Disrupt, the AAT is given a massive task when evaluating the merits of any application. Among countless other things, it is up to them to determine whether:
On the last point, it is not the responsibility of the officers to present that to the tribunal members, just as it is not up to them to run a full privacy impact assessment, or consult software developers or engineers before compromising a piece of equipment. Ultimately, the tribunal members of the AAT who are overseeing these overbroad hacking powers are expected to have a level of technical expertise which many actual subject experts, let alone judges, would struggle to be certain of.
One of the recommendations by the PJCIS was to introduce a public interest advocate in the decisions regarding these warrants, which was also ignored across the board. A public interest candidate is someone who would argue on behalf of the affected individual in the room where right now only a police officer and a judge get to play judge and jury. The PJCIS foresaw using this only in certain instances, but we have suggested a similar mechanism for other surveillance operations. As it stands, the Australian government remains uninterested in allowing individuals to defend their rights: there is no one to argue on your behalf, and there is never any notification to the individual (even after the fact) so you will never know if you were subject to any of these powers.
There was an international uproar when the Australian government passed the Assistance and Access Act, also known as TOLA. Introduced in 2018, it contains some of the broadest powers for law enforcement to intercept and monitor encrypted communications. Its only international parallel is the UK’s equally infamous Investigatory Powers Act, which is under ongoing challenges in the UK Courts over its infringement on privacy — an avenue for challenge that remains unavailable to Australians where the right to privacy continues to be ignored by the federal government (and thus out of reach for such court challenges).
But TOLA, which gave law enforcement and intelligence agencies the power to infiltrate and compromise encrypted communication channels, has been deemed to be not quite enough. It should be said that TOLA remains under review for its incompatibility with human rights and the right to privacy and freedom of expression, and is still waiting for amendments as suggested by the Independent National Security Legislation Monitor (INSLM) in June 2020. In spite of that, the Australian government went on to add two new pieces of legislation to expand its mass surveillance mandate:
We can refer to both now as acts because — in what is an increasing trend in the Australian Parliament — the bills flew through both houses in a single day.
The Identify and Disrupt Act grapples with the same issue that TOLA did — the need for law enforcement to see and intercept what we do online. However, Identify and Disrupt goes much further and where it was not completely true to call TOLA an attempt at mass surveillance, Identify and Disrupt now provides that capability and overreach for both AFP and ACIC.
In the INSLM report on TOLA, Dr James Renwick, who was serving as the INSLM at the time, recommended that the powers under TOLA be extended to a federal level Independent Commission Against Corruption (ICAC) — this was a calculated decision to pressure politicians to consider what this power means when it extends to investigations of corruption at the federal level. Alas, we will continue holding our breath and waiting for the politicians to hold themselves equally accountable to the surveillance regime they’ve built for the rest of us.
Finally, it should be noted that Australia’s electronic surveillance regime will be overhauled in the years ahead following the recommendations of the Richardson Review into the National Intelligence Community, made public last year. So if you are frustrated with the system, gear up and join us for an end to mass surveillance and a fair system in Australia.
Source:digitalrightswatch.org
