27 October 2025

The lie of anonymous communications with authorities


What many people may not comprehend is that Australians live under a totalitarian regime.

'Normal' modes of communication, by default are far from anonymous.

Even if you hide your (mobile) number via the appropriate menu setting it is not hidden from the authorities.

Australia is a signatory to the Five Eyes data hoovering surveillance network, where all our digital traffic is logged and stored to be later used against the people.

To advertise or inform the general public that you can "Tell us anonymously" is a deliberately blatant lie, where the 'Shopping Centre Council of Australia' and 'Crime Stoppers' should be sued in a competent court of law for false advertising.

Will this ever happen? 

Most definitely not, and if that action was to occur the Anglo-Masonic legal system would not let anyone from the pleb pool sue successfully.

That's life in a (penal) colony.

You'll have better luck suing in a place touted as 'the land of the free'.

 

23 October 2025

Proclamation of the Australia Act 1986


This post is to provide clarity on the enactment of the Australia Act 1986, many people lay claim the Queen assented (signed) the Australia Act.

This is a misinterpretation of historical facts, the Queen did not provide her personal assent to the Australia Act 1986(Cth), nor did Bob Hawke assent to the Australia Act 1986.

The act followed constitutional requirements set out in section 58 of the Constitution Act 1900 (Royal Assent).

See Government Gazette, Tuesday 14 January 1986:




Source:constitutionwatch.com.au

19 October 2025

Invasive Israeli-founded bloatware is harvesting data from Samsung users


While this action may not specifically pertain to Australian users, it does apply to Samsung's A and M (and possibly F) series smartphones.

Across West Asia and North Africa (WANA), growing concerns about digital surveillance have placed Israeli cybersecurity firms and their software under intense scrutiny. Among the most alarming cases is AppCloud, a pre-installed application on Samsung’s A and M series smartphones.

The bloatware cannot be uninstalled easily because it runs on the device’s operating system. Uninstalling it requires root access (the highest level of control in a computer system) of the phone to remove the AppCloud package. Its privacy policy is nowhere to be found online and opting out is not always available. 

But the real concern lies in who owns AppCloud. When investigating further, we discovered that AppCloud’s privacy policy can be traced back to the controversial Israeli-founded company ironSource (now owned by the American company Unity). ironSource is notorious for its questionable practices regarding user consent and data privacy.

From AppCloud’s Privacy Policy (2025).

The implications for Samsung users in WANA are particularly severe. Not only does AppCloud silently harvest user data, but its ties to an Israeli firm raise serious legal and ethical questions in a region where Israeli companies are legally barred from operating in several countries. Despite these concerns, Samsung continues to install AppCloud by default, offering users no clear way to remove or even fully understand what data is being collected.

A Sordid History

ironSource frustrated users, cybersecurity experts, and tech communities with its invasive and questionable practices. One of the company’s most critiqued programs is “Install Core,” advertised as a third party cross-platform installer and advertisement-technology platform (also known as adtech). However, the program was found to be quietly invasive as it allows the installer to install programs on the user’s device without permission. It circumvents the user validation process and successfully bypasses multiple security checks, including antivirus programs, according to investigations by MalwareBytes and Sophos (a British cybersecurity firm). 

Game developers for the Unity Engine were so concerned that they even submitted a collective ultimatum to Unity, ironSource’s parent company. They cited its use as malicious adware and its former installer Install Core, particularly on mobile apps and games. 

ironSource has even been a part of a class action lawsuit settlement alongside fellow adtech firms from Israel’s Download Valley for tracking and targeting children with predatory purchases in games. It is even more troubling that Israeli tech firms focusing on advertising intelligence are often associated with spyware and surveillance.

AppCloud in WANA

AppCloud may be unlisted on the ironSource website, but it is preinstalled in Samsung M and A models of the Galaxy smartphone line in the WANA region, following an expanded partnership between Samsung MENA and ironSource in 2022. This bloatware is installed without the explicit permission of the consumer during the purchase or phone set up. While it has been found on other devices and in other regions, Samsung M and A models are the most consistently infected devices in our region. This is made even more nefarious given that uninstalling the bloatware app is not possible without root access and a bit of technical work. Since AppCloud seems to be built into the system by Samsung, there is no way to purchase a new model without it.


SMEX’s Tech Unit explained that many Android device providers have their own custom version of Android OS, which is optimized for their chipset. This customized Android OS comes with some additional software, which are not necessary for the functioning of the device. They are commonly referred to as “bloatware.” Bloatware is hard to remove and requires mostly flashing the device, breaking the warranties. This is especially concerning given that Samsung is the lead smartphone in terms of device usage in the WANA region, sitting at around 28% market share according to Canalys

Additionally, both ironSource and Samsung do not present users consistently nor sufficiently with AppCloud’s privacy policy to WANA users. Since AppCloud is unlisted online there is no copy of its privacy policy or terms of service available to the wider public. It is also not a traditional application in the sense of being able to access and open it from the regular android operating system menu. Instead, AppCloud is basically buried in the backend of the phone making its terms of service inaccessible from the phone without a prompt. 

While Samsung’s terms of service includes agreements to third party applications, there is nothing specific to AppCloud or ironSource. Which is concerning given the significant amount of data the application collects such as biometric data, IP Addresses, and more. On top of all of this, there is no clear opt-out option made available to all users. They are essentially stuck with the application if they wish to use their phone. An application that is given an unprecedented level of control and authority over their smartphones, especially for an application that is pre-installed on the concerned Samsung smartphones. 

Call to Action

Given the invasive and likely illegal nature of AppCloud’s data harvesting, we call for Samsung to immediately halt pre-installing the application on its series M and A smartphones. It potentially violates a number of data privacy laws in the region. Egypt, UAE, and Saudi Arabia are three examples of countries with data protection laws that necessitate explicit user consent and transparency. Additionally, Israeli companies are legally barred from interacting with citizens of many countries in the region. Lebanon, for example, bars and boycotts Israeli companies products starting with the Lebanese Anti-Israel Boycott Law of 1955.

Samsung must also make AppCloud’s privacy policy and terms of service easier to access and read. This can be done by making the application more visible. This means making it accessible with a clear and easy method of opting-out of its services entirely. 

Users can also limit how much AppCloud harvests data from them. Users can access the apps list in their settings to disable AppCloud, but this does not uninstall it from the device. While this should prevent the bloatware app from running, some users have noted that the application reappears after system updates. The only way to fully remove AppCloud requires rooting your phone and voiding the warranty. 

Source:smex

Do you truly understand where your goes from your smartphone?



14 October 2025

Who REALLY Writes Australia's News? (The truth About AAP)

Monopoly Men

The colonialists are still in charge of the residents of this (penal) colony.

Australians live under a false presumption that they live in a democracy, where a totalitarian state is the order of the business day.

With one of the more important aspects of penal colony policies being in place is the flow of information, which now it’s more important than ever.

The narrative that is ‘advertised’ to the masses must be strictly controlled and what better way to do it than with only a few in charge of it.

They hide under not-for-profit organisations or charities/trusts.

Their narrative is strictly controlled and must be regurgitated by the over 400 media outlets across the colony called Australia.

Australian ‘consumers’ or subscribers of news or rather entertainment conglomerates that supply so called ‘news’ believe that they have a choice from different sources or that even there is ‘opposition’ where in fact it’s controlled opposition.

See how Tim Penhalluriack unpacks:

  •     How AAP operates as a centralised newswire
  •     Who its key donors and corporate backers are
  •     Why the same journalist byline appears across multiple outlets
  •     How this affects media diversity and public trust
  •     Whether “fact-checking” is really as objective as it sounds

in the following 17 minute video:







10 October 2025

Qantas data breach: How Aussies can join potential class action

Qantas has confirmed that a serious cyber incident may have exposed the personal details of up to six million customers, following a breach of a third-party contact centre platform. The national carrier said it detected “unusual activity” on Monday involving one of its offshore service platforms, which is operated by a call centre based in Manila. The airline said the breach has now been contained.

One of Australia's legal firms has taken Qantas to task over a massive data breach that has left millions of customers' private information in the hands of criminals who are also targeting Telstra. 

A legal firm is investigating a potential class action against Qantas after hackers threatened to release private data from their customer database.

Names, numbers, emails, addresses, birthdays and frequent flyer numbers from 5.7 million Qantas customers are at risk of being publicised, unless software company Salesforce pays a ransom by Friday.

The hacker group, Scattered Lapsus$ Hunters, also claims to have the details of Telstra customers.

In an update on its ransom site on Thursday, the group threatened to leak 100GB of Telstra customers’ personal information.

Maurice Blackburn lawyers, Australia’s leading class actions law firm, has filed a complaint to the Office of the Australian Information Commissioner (AIC) against the airline for a breach of privacy.

If you have been impacted, here’s how you can get involved.

HOW DO I KNOW IF I’M AFFECTED?

Customers have been affected differently, but if you have been a Qantas passenger you may be at risk.

By now, all impacted customers should have received an email titled “confirmation of your details impacted by the cyber incident.”

The email explains exactly which of your details were accessed by the hacker and flags an update to the Qantas Frequent Flyer platform which will be available soon and allow customers to see the “types of data held on the compromised system.”

“Our customer records are based on unique email addresses, so if you have multiple email addresses registered with Qantas, you may have received a separate notification to different impacted email addresses,” Qantas said.

Make sure to check your spam or junk folder.

WHAT IS MAURICE BLACKBURN’S COMPLAINT ABOUT?

The data breach representative complaint have been made against Qantas because they claim the airline has breached the Privacy Act 1988.

This is a law the protects how personal data is handled by the government and by many private organisations.

Maurice Blackburn alleges that Qantas failed to adequately protect the personal information of its customers.

Complaining through a representative can allow a large number of the same complaint to be processed at the same time. 

WHAT PERSONAL DATA WAS STOLEN?

A wide range of personal data was accessed by the hacker.

For four million customers, the data accessed is limited to their name, email address and Qantas Frequent Flyer details.

Of these four million, 1.2 million customers only had their name and email address accessed by the hacker and the remaining 2.8 million also had their Qantas Frequent Flyer number accessed.

Most of the customers whose frequent flyer number was accessed also had their tier and, in a lesser umber of cases, their points balance and status credits.

However for 1.7 million customers, the data hack was more substantial.

Of these customers, 1.3 million had their address revealed to the hacker – this includes business addresses and also the addresses of hotels customers may have stayed in which Qantas had records of for the purpose of reuniting them with misplaced baggage.

Around 1.1 million people had their date of birth accessed.

Approximately 900,000 customers had their phone numbers accessed, 400,000 had their gender revealed to the hacker and 10,000 the meal preferences they chose on flights.

No financial data was breached.

WHO CAN PARTICIPATE IN THE COMPLAINT?

If you have been notified by Qantas that your information is at risk, then you’re able to participate.

This includes former and current customers.

It doesn't cost any more upfront and if there is a successful outcome, the cost of the service paid to Maurice Blackburn for their legal service will be deducted by the payment affected customers are entitled to.

If it’s unsuccessful no money is owed to Maurice Blackburn.

HOW DO I PARTICIPATE?

For those keen to get involved in the class action, you need your name, number, email and address to register with Maurice Blackburn.

Even if you’ve already interested your interest with another law firm you can register with Maurice Blackburn to get updates about their investigation into potential compensation.

To sign up, you can to the Register now page on the Maurice Blackburn Lawyers site under Qantas Data Breach in the Join a class action section.

Alternatively, you can get in touch with the lawyers using qantasdatabreach@mauriceblackburn.com.au

QANTAS WAS CONTACTED BY THE HACKER – WHAT’S THE LATEST?

The bad actor responsible for the hack has contacted Qantas who have refused to comment further given the active criminal investigation.

Precedence, including the Optus and Medibank incidents, suggest it is unlikely Qantas will cave and pay the ransom demand of the hacker which have not been made public but could be in the many millions of dollars.

The hacker dated the potential release of the information as October 10.

ARE CUSTOMERS VULNERABLE TO SCAMS NOW?

Qantas has recommended customers take precautionary steps and maintain an increased level of vigilance in the wake of the cyber attack.

“Remain alert, especially through email, text messages or telephone calls, particularly where the sender or caller purports to be from Qantas,” an email to impacted customers reads. “Always independently verify the identity of the caller by contacting them on a number available through official channels.

“Do not provide your online account passwords, or any personal or financial information. “Qantas will never contact customers requesting passwords, booking reference details or sensitive login information.”

Source:supplied.

08 October 2025

Discord discloses data breach after hackers steal support tickets


Hackers stole partial payment information and personally identifiable data, including names and government-issued IDs, from some Discord users after compromising a third-party customer service provider.

The attack occurred on September 20 and affected “a limited number of users” who interacted with Discord’s customer support and/or Trust and Safety teams.

Discord was created as a communication platform for gamers, who represent more than 90% of the userbase, but expanded to various other communities, allowing text messages, voice chats, and video calls.

According to the platform’s statistics, more than 200 million people are using Discord every month.

Hackers demanded a ransom

In the notification to affected users, the messaging company says that the attack occurred on September 20 and “an unauthorized party gained limited access to a third-party customer service system used by Discord.”

On Friday, Discord disclosed the incident publicly, saying that it took immediate action to isolate the support provider from its ticketing system and started an investigation.

This included revoking the customer support provider’s access to our ticketing system, launching an internal investigation, engaging a leading computer forensics firm to support our investigation and remediation efforts, and engaging law enforcement - Discord

The attack appears to be financially motivated, as the hackers demanded a ransom from Discord in exchange for not leaking the stolen information.

Exposed data includes personally identifying information such as real names and usernames, email addresses, and other contact details provided to the support team.

The social communication service says IP addresses, messages and attachments sent to customer service agents were also compromised.

The hackers also accessed photos of government-issued identification documents (driver’s license, passport) for a small number of users.

Partial billing info, like payment type, the last four credit card digits, and purchase history associated with the compromised account, were exposed as well.

Discord's data breach notification to affected users
source: VX-Underground

VX-Underground security group notes that the type of data stolen from Discord users represents “literally peoples [sic] entire identity.”

Alon Gal, Chief Technology Officer at threat intelligence company Hudson Rock, believes that if the hackers release the Discord data, it could provide crucial information to help uncover or solve crypto hacks and scams.

“I’ll just say that if it leaks, this db is going to be huge for solving crypto related hacks and scams because scammers don’t often remember using a burner email and VPN and almost all of them are on Discord,” says Alon Gal, Chief Technology Officer at Hudson Rock

Currently, it is unclear how many Discord users are affected, and the name of the third-party provider or the access vector has not been disclosed publicly.

However, the Scattered Lapsus$ Hunters (SLH) threat group claimed the attack earlier today.

An image the hackers posted online shows a Kolide access control list for Discord employees with access to the admin console. Kolide is a device trust solution that connects to Okta cloud-based Identity and Access Management (IAM) service for multi-factor authentication.

SLH confirmed to BleepingComputer that it was a Zendesk breach that allowed stealing the Discord user data.

Update: While SLH initially appeared to confirm to BleepingComputer that they were behind the Discord Zendesk compromise, they later stated that it was a different group that they know and interact with.

BleepingComputer contacted Discord with a request for more details about the attack, but a comment from the social communications platform was not immediately available.

It is worth noting that hundreds of companies had their Salesforce instances compromised after the ShinyHunters extortion group accessed them using stolen Salesloft Drift OAuth tokens.

Last month, the hackers claimed to have stolen more than 1.5 billion Salesforce records from 760 companies.

More recently, ShinyHunters launched a data leak site listing more than three dozen victims.

Source: Discord.

Will Australian governments notify 'consumers' when (not 'if) hackers breach servers that users were 'mandated' to upload their government IDs? 

All part of the Nanny State agenda, nothing to do with 'child safety'?

If 'child safety' was on the agenda, the Epstein files would have been released a while ago.

04 October 2025

Exposing The Dark Side of America's AI Data Center Explosion


The explosion of AI across every industry has seen hundreds of water- and power-hungry server farms sprout up across the US. Already, one-third of the world's internet traffic flows through data centers in just one US state: Virginia.

However, until now, there has been no official record of the number of data centers in America, who owns them, or how much electricity they consume.

In an exclusive deep dive into the industry, Business Insider reporters cracked the code and, for the first time, revealed the true cost of the data warehouses feeding our growing appetite for cloud computing and AI. We travelled to Virginia to meet people living in the shadow of 80-foot-high boxes that emit a constant drone, and to the drought-ridden state of Arizona, where some data centers are using as much as a million gallons of water a day to help cool their computer servers.

Business Insider also discovered that the power needs of data centers have forced some states to withdraw from their carbon emissions targets. Power companies are even looking to extend the life of coal and gas plants to help meet the unprecedented demand.

See 31 minute documentary:




The explosion of AI across every industry has seen hundreds of water- and power-hungry server farms sprout up across the US. Already, one-third of the world's internet traffic flows through data centers in just one US state: Virginia. However, until now, there has been no official record of the number of data centers in America, who owns them, or how much electricity they consume. In an exclusive deep dive into the industry, Business Insider reporters cracked the code and, for the first time, revealed the true cost of the data warehouses feeding our growing appetite for cloud computing and AI. We travelled to Virginia to meet people living in the shadow of 80-foot-high boxes that emit a constant drone, and to the drought-ridden state of Arizona, where some data centers are using as much as a million gallons of water a day to help cool their computer servers. Business Insider also discovered that the power needs of data centers have forced some states to withdraw from their carbon emissions targets. Power companies are even looking to extend the life of coal and gas plants to help meet the unprecedented demand.

30 September 2025

Brief Note On Mobile Phone Measurements With Airplane Mode On/Off



This report describes the results of a brief investigation, as to whether enabling airplane mode on a mobile phone disables all cellular transmissions. 

In summary, we found no evidence of cellular transmissions when airplane mode is on. 

The mobile handsets studied were:

 - Pixel 8 (running GrapheneOS/Android 15), 

- iPhone 15 (iOS 17.1.1), 

- Samsung A23 (Android 13), 

- Xiaomi Redmi Note 11 (Android 11)

See report by DJ Leith and D Malone, Trinity College, Dublin, Ireland from the 18th of Spetember 2025:


26 September 2025

Cookie, Identifiers and Other Data That Google Silently Stores on Android Handsets


This paper presents the results of a measurement study on the cookies, identifiers and other data sent by Google servers and stored on Android handsets by pre-installed Google apps, including the Google Play Services and Google Play store apps. 

To the best of our knowledge this is the first such study and the first time that the data stored by these apps has been publicly documented.

See paper by D.J. Leith, Trinity College Dublin, Ireland.


24 September 2025

No limiting AI chatbots for ‘child safety’ in Australia?

The people in the Australian government have ‘advertised’ that they’re implementing measures for ‘child safety’, regarding ‘social media’, knowing full well that their actions will not protect the children of the corporate (nee cannon) fodder.

BUT, they have (deliberately) overlooked one prevalent technology that is used by minors, that being Artificial Intelligence chat-bots.

A ‘failure of government’?

It doesn’t seem like it but rather a deliberate inaction.

It seems that corporations, via their products (AI chat-bots) will be able to abuse children for some time.

See a 7 minute clip from a Senate Judiciary Committee hearing from 16 September 2025:


The (penal) colony called Australia, is very quick to implement dubious speed restrictions on road for the purpose of purely raising revenue, but very slow to action on child safety concerns, like the child care centres abuse that has recently make it into the public eye but has been going on for quite a while.

The government also admitted that during the recent pandemic mental health of the general population was not under consideration, where unlawfully issued fines were a priority to cash in on the unsuspecting masses.