Bonjour Daniel, bonne année 2026 à toi, ton épouse, votre compagnon à pattes, et bonne année à vous tous en Suisse qui lisez la liste du Gull. Et merci à Felix de l'administrer. Et merci à Marc pour ses réponses hyper pointues. Et merci à tous ceux dont il est plaisant et instructif de lire les réponses.
> une publication émanant de la EFF, qui résume les pires "fuites" de données > pour l'année 2025. Merci pour ce lien, lui-même riche en autres liens, pour en savoir plus sur certaines de ces fuites. Les consommateurs négligent les fuites de données, tant qu'elles sont indolores à court terme. Ils commencent à se plaindre lorsqu'elles permettent aux scripts kiddies de leur voler leurs comptes de joueurs sur Playstation par exemple. On trouvait ces jours-ci le post-mortem distrayant et instructif d'un Youtuber expliquant comment la communication publique, par une photo d'écran négligente, d'un numéro de facture Sony, avait permis au pirate d'obtenir du service client la réinitialisation du compte du premier en faveur du second, et donc le vol des jeux dématérialisés achetés par le légitime propriétaire. Le propos n'est pas de taper sur Sony, en critiquant sans doute à juste titre leur procédure de réinitialisation de compte client probablement déficiente. Ce que je veux dire, c'est qu'il y a quelque chose de naturellement indolent chez nous tous, qui fait que tant que ça fonctionne, on se souci peu de sécurité. À l'exception des cercles très techno comme ici, où les questions de sécurité intéressent pour ce qu'elles sont, pour l'ingéniosité des compromissions, pour les bonnes pratiques générales qu'on peut en tirer, pour le reste, on ne voit les questions de sécurité jaillir que quand les mecs ont perdu des cryptos, des jeux vidéo, ou que l'hôpital se fait rançonner. Rapide digression, pour les cryptos, l'appât du gain rend les choses physiquement dangereuses, loin du hack informatique, mais avec des vrais enlèvements pour extorquer les clés. L'indolence vis-à -vis de la sécurité est la cousine de l'indolence face au marketing numérique. C'est grâce à notre acceptation tacite que fonctionne la vente des apps et jeux dématérialisés. On n'en possède plus une copie, seulement un droit-à -utiliser, plus ou moins privateur de liberté, le plus souvent impossible à céder. Ces structures commerciales d'extraction de richesse mises en place par des "détenteurs de droits", relativement indolores, ne seraient pas possibles sans le consentement des consommateurs. J'en faisais l'expérience à Noël, pour mon fils qui voulait Minecraft sur PC, dont on ne peut acheter qu'une licence d'usage, non une copie du jeu lui-même, licence liée à un compte Microsoft, ultérieurement incessible. Quand il ne voudra plus y jouer, impossible de céder le jeu à un autre. Je sais que cette offre commerciale m'est défavorable. Je prends ou ne prend pas ? C'est le choix laissé au consommateur. Ça s'éloigne de ton sujet, Daniel, les fuites de données, mais il reste un trait d'union: notre indolence vis-à -vis des fuites de données, notre manque de parcimonie dans leur partage (combien de fois on remplit tous les champs d'un formulaire sans discuter ?) est un écho de notre indolence en tant que consommateurs. -- Frédéric Dumas [email protected] > Le 16 janv. 2026 à 11:55, Daniel Cordey via gull <[email protected]> a > écrit : > > Hola, > Je me permets de vous faire suivre une publication émanant de la EFF, qui > résume les pires "fuites" de données pour l'année 2025. > > > -------- Forwarded Message -------- Subject: 💾 The Worst Data Breaches of > 2025—And What You Can Do Date: Wed, 14 Jan 2026 14:36:19 +0000 From: > Electronic Frontier Foundation <[email protected]> Reply-To: [email protected] To: > [email protected] > > | ____|| ____|| ____|___ __ | |_ ___ _ _ > | ____|| ____|| ____|/ -_)/ _|| _|/ _ | '_| > |______||_| |_| ___| __| __| ___/|_| > > EFFector Vol. 38, No. 1 Wednesday, Jan 14, 2025 [email protected] > > A Publication of the Electronic Frontier Foundation > ISSN 1062-9424 > > effector: n, Computer Sci. A device for producing a desired change. > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > 💾 The Worst Data Breaches of 2025—And What You Can Do > > Welcome to an all-new EFFector, your regular digest on everything digital > rights from the Electronic Frontier Foundation. > In our 836th issue: A deep dive into ICE's spy tech shopping spree, how to > follow the money on Homeland Security spending, and the most noteworthy data > breaches of 2025. > > When you lose your rights online, you lose them in real life. Become an EFF > member today! > > https://supporters.eff.org/donate/effector--8ha > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > Featured Story: The Worst, Weirdest, Most Impactful Data Breaches of 2025 > > Another year has come and gone, and, with it, thousands of data breaches > affecting millions of people. These days, the question generally isn't *if* > your information was compromised in a breach this year, it's *how many* > different breaches compromised your private data. > > Some data breaches, however, are more noteworthy than others. While one might > affect a small number of people and include little useful information, > another might include specific location information or even a potential > medical diagnosis. To bring attention to these breaches we created the > Breachies, a series of tongue-in-cheek awards highlighting each year's most > egregious data breaches. > > This year's honors include the I Didn’t Even Know You Had My Information > Award (bestowed upon location data broker Gravy Analytics for a hack that > exposed tens of millions of mobile phone coordinates), the Hacker's Hall Pass > Award (given to PowerSchool for a breach that compromised personal > information of over 60 million students and teachers), and the Annual > Microsoft Screwed Up Again Award (awarded to, duh, Microsoft). [1] [2] [3] > > Of particular note is Discord's prize, the We Still Told You So Award. EFF > has repeatedly warned that age verification laws create serious security > risks (on top of being harmful censorship and surveillance regimes). [4] > These mandates require users to hand over some of their most sensitive > information (like government IDs and faces) before accessing content > online—sensitive information that can then be compromised by hackers. And, > sure enough, much of Discord’s age verification data was breached in 2025, > including users’ real names, selfies, ID documents, and email and physical > addresses. [5] > While the seemingly endless number of data breaches can make it feel like > there's nothing you can do to protect your information, it's actually a good > reason to take action. On our blog, we name a number of steps you can take > right now to protect yourself from the next data breach. Some simple ones > include using unique passwords on all your accounts, using two-factor > authentication when it's offered, and deleting old accounts. > > Of course, individual self-protection only addresses the symptoms of a world > where companies gobble up as much data as they can, store it for as long as > possible, and don't do enough to protect it. Companies need to do a better > job of only collecting the information they need to operate, and properly > securing what they do store. And, as we've said before and will say again and > again, lawmakers need to pass comprehensive privacy protections. [6] > > READ MORE: > https://www.eff.org/deeplinks/2025/12/breachies-2025-worst-weirdest-most-impactful-data-breaches-year?utm_source�fector > > [1] https://www.wired.com/story/gravy-location-data-app-leak-rtb/ > [2] > https://techcrunch.com/2025/01/09/powerschool-says-hackers-stole-students-sensitive-data-including-social-security-numbers-in-data-breach/ > [3] > https://techcrunch.com/2025/07/23/hundreds-of-organizations-breached-by-sharepoint-mass-hacks/ > [4] https://www.eff.org/pages/whos-harmed-age-verification-mandates > [5] > https://www.bleepingcomputer.com/news/security/discord-discloses-data-breach-after-hackers-steal-support-tickets/ > [6] https://www.eff.org/wp/privacy-first-better-way-address-online-harms > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > ‌EFF Updates > 🧊 ICE SPY TECH: With billions more dollars at their disposal, the U.S. > Immigration and Customs Enforcement (ICE) has been going on a surveillance > tech shopping spree. In recent months, ICE has inked contracts for location, > social media, phone, and face surveillance tools. On our blog, we dig into > each of these—and what EFF and others are doing to stop the spying. > > https://www.eff.org/deeplinks/2026/01/ice-going-surveillance-shopping-spree?utm_source�fector > > 💰FOLLOW THE MONEY: Hundreds of companies are looking to cash in on increased > spending by the U.S. government on immigration enforcement and border > surveillance. Recently, we updated our database of vendors selling their tech > to the U.S. Department of Homeland Security (DHS). Now, we're also sharing > our research methods so that you, too, can follow the DHS spending trail. > > https://www.eff.org/deeplinks/2025/12/homeland-security-spending-trail-how-follow-money-through-us-government-databases?utm_source�fector > > 🤓 HACKERS AGAINST ICE: It can be hard to imagine how to defend oneself > against such an overwhelming force like ICE, which is spending hundreds of > millions of dollars to spy on anyone—and potentially everyone—in the United > States. But a few enterprising hackers have started projects to do > counter-surveillance against ICE, and hopefully protect their communities > through the clever use of technology. > > https://www.eff.org/deeplinks/2026/01/how-hackers-are-fighting-back-against-ice?utm_source�fector > > 🪪 AGE VERIFICATION: Age verification mandates are spreading fast, and they’re > ushering in a new age of online surveillance, censorship, and exclusion for > everyone—not just young people. Join our free livestream on Thursday, January > 15, at 12pm PT: "EFFecting Change: The Human Cost of Online Age > Verification." Speakers from EFF, Gen-Z for Change, and the Collaborative > Research Center for Resilience will discuss what we stand to lose as more and > more governments push to age-gate the web. > https://www.eff.org/deeplinks/2026/01/effecting-change-human-cost-online-age-verification?utm_source�fector > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > Don’t Let Tyrants Co-opt Tech > > Technology is supercharging the attack on democracy by making it easier to > spy on people, block free speech, and control what we do. The Electronic > Frontier Foundation’s activists, lawyers, and technologists are fighting back. > > Join the movement to Take Back CTRL. For a limited time, join EFF for as > little as $20. As our thanks, you’ll get a Take Back CTRL Camera Cover Set > with any member gift. > > https://supporters.eff.org/donate/effector--8fa > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > "The biggest thing is data minimization. It's collecting less. It is asking > less from us and storing it less." > > EFF's Thorin Klosowski in ​this week's ​EFFector audio companion​ on what > companies need to be doing to protect us from the threat constant data > breaches pose. Hear our discussion with Thorin ​here​​: > > https://youtu.be/d_homjXbdYg > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > MiniLinks > 🗣️ Free Speech > > - "How to Make Sense of Trump’s TikTok Deal" (Tech Policy Press) > > https://www.techpolicy.press/how-to-make-sense-of-trumps-tiktok-deal/ > > - "Why Are Grok and X Still Available in App Stores?" (Wired) > > https://www.wired.com/story/x-grok-app-store-nudify-csam-apple-google-content-moderation/ > > 🔒 Privacy > > - "'Worst in Show' CES products include AI refrigerators, AI companions and > AI doorbells" (Associated Press) > > https://apnews.com/article/ces-worst-show-ai-0ce7fbc5aff68e8ff6d7b8e6fb7b007d > > 🔍 Transparency > > - "Cops Forced to Explain Why AI Generated Police Report Claimed Officer > Transformed Into Frog" (Futurism) > > https://futurism.com/artificial-intelligence/ai-police-report-frog > > 🌎 International > > - "Iran’s internet shutdown is chillingly precise and may last some time" > (The Guardian) > > https://www.theguardian.com/world/2026/jan/10/irans-internet-shutdown-is-strikingly-sophisticated-and-may-last-some-time > > 🗝️ Security > > - "Founder of spyware maker pcTattletale pleads guilty to hacking and > advertising surveillance software" (TechCrunch) > > https://techcrunch.com/2026/01/06/founder-of-spyware-maker-pctattletale-pleads-guilty-to-hacking-and-advertising-surveillance-software/ > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > Announcements > > * Events > > - EFFecting Change: "The Human Cost of Online Age Verification" 🪪 Livestream > | Jan. 15 > > https://www.eff.org/event/effecting-change-human-cost-online-age-verification?utm_source�fector > > - "Democracy: How AI Will Transform Our Politics, Government, and > Citizenship" Book Discussion 📖 Livestream | Jan. 24 > > https://www.eff.org/event/rewiring-democracy?utm_source�fector > > - EFF at CactusCon 🌵 in Mesa, AZ | Feb. 6-7 > > https://www.eff.org/event/eff-cactuscon-14?utm_source�fector > > - EFF at BSides Seattle 💿 in Seattle, WA | Feb. 27-28 > > https://www.eff.org/event/eff-bsides-seattle?utm_source�fector > > * EFF Opportunities > > - Summer 2026 Legal Internship > > https://www.eff.org/about/opportunities/interns > > * Corporate Giving and Sponsorships > > EFF thanks Binary Ninja, SerpApi, Wilson Sonsini Goodritch Rosati, Fenwick & > West, AdeliaRisk, and Zellic for their generous support of our work fighting > for your privacy online. Learn how your team can join the fight for digital > rights at https://eff.org/thanks. > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > Fresh EFF Gear Is Here > > Show off your support for EFF with hot digital rights merch from ​our online > store​. Just in: A "Let's Sue the Government" ringer tee to send the signal > that our rights are not optional. > > In addition to EFF shirts and hoodies, we have a wide variety of > freedom-supporting swag in stock, including (extremely popular) ​liquid core > gaming dice​​, ​HTTP playing cards​​, and a ​​tactile Lady Justice braille > sticker​. > > https://shop.eff.org/?utm_source�fector > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > Administrivia > > Editor: > [email protected] > > Membership & donation queries: > [email protected] > > General EFF, legal, policy, or online resources queries: > [email protected] > > Reproduction of this publication in electronic media is encouraged. MiniLinks > do not necessarily represent the views of EFF. > > Back issues of EFFector are available via the Web at: > https://www.eff.org/effector/ > > Unsubscribe from future mailings or change your email preferences: > https://assets-usa.mkt.dynamics.com/94400758-7964-ef11-a66d-6045bd003934/digitalassets/standaloneforms/4a1a4f18-6a86-ef11-ac21-0022480ae97e > > Opt out of all EFF email: > https://public-usa.mkt.dynamics.com/api/v2.0/orgs/94400758-7964-ef11-a66d-6045bd003934/consent/preferences?contextIdOcb7774-24d7-43dc-a12d-8aa785e60300 > > 815 Eddy Street, San Francisco, CA 94109 USA​
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ gull mailing list [email protected] https://forum.linux-gull.ch/mailman/listinfo/gull
