data access Archives

Tech Optimizer

April 28, 2026

Constructive Open Sources Agentic DB, the Postgres Memory Layer for AI Agents

Constructive has released agentic-db, an open-source Postgres database aimed at improving AI agents with features like persistent memory, structured knowledge, and hybrid retrieval. This database allows for efficient searching, filtering, and ranking of information, addressing inefficiencies associated with traditional markdown file storage. Key features of agentic-db include long-term memory, conversation tracking, a versioned registry for skills and tools, rules and policies for governance, task orchestration, and runtime observability. It is delivered as a single installable Postgres schema, indexed for multiple retrieval modes, and supports integration with various AI assistants through generated Agent Skills and CLIs. agentic-db is available under the MIT license for local use, with a cloud offering in development for secure, scalable solutions. Developers can access it on npm and GitHub.

AppWizard

April 24, 2026

Another spyware maker caught distributing fake Android snooping apps

The Italian digital rights organization Osservatorio Nessuno has revealed a new malware called Morpheus, used by government agencies for surveillance. Morpheus is disguised as a phone updating application and can extract various data from targets' devices. The spyware is linked to IPS, an Italian firm specializing in lawful interception technologies, which claims to operate in over 20 countries. Morpheus is categorized as "low cost" due to its straightforward infection method, which involves tricking targets into installing the software. Authorities collaborated with the target's mobile service provider to obstruct data and send an SMS prompting the installation of the malware. Once installed, Morpheus exploits Android's accessibility features to access extensive information and masquerades as the WhatsApp application to solicit biometric data. The spyware's code contains Italian phrases and references to "Gomorra," indicating its connection to the Italian spyware industry. The attack is likely linked to political activism in Italy. IPS is among several Italian spyware manufacturers that have emerged following the decline of Hacking Team.

Tech Optimizer

April 23, 2026

Take Control: Customer-Managed Keys for Lakebase Postgres

Encryption at rest is essential for cloud environments, especially in regulated sectors. Lakebase offers Customer Managed Keys (CMK), allowing organizations to control their encryption keys from preferred Key Management Services (KMS) like AWS KMS, Azure Key Vault, or Google Cloud KMS. Lakebase CMK manages both persistent storage and ephemeral compute, ensuring data security. Lakebase's architecture separates storage and compute layers, enabling elastic scaling and serverless operations. The storage layer maintains persistent data, while the compute layer consists of dynamic Postgres instances. This separation poses encryption challenges, addressed by Lakebase CMK through a hierarchical Envelope Encryption model. The key hierarchy includes: 1. Customer Managed Key (CMK): The Root of Trust in the cloud KMS, never accessed in plaintext by Databricks. 2. Key Encryption Key (KEK): A transient key for wrapping data keys. 3. Data Encryption Keys (DEKs): Unique keys for each data segment, stored in an encrypted state. When data access is needed, Lakebase retrieves DEKs by unwrapping keys from the KMS. If a key is revoked, access to the data is denied, and ephemeral compute instances are terminated. In practice, CMK applies to: 1. Persistence Layer (Storage): All data segments are encrypted with keys controlled by the CMK. 2. Ephemeral Layer (Compute): Each compute instance generates a unique ephemeral key, and upon revocation, the instance is terminated, destroying in-memory keys. CMK implementation follows a delegation model, allowing Security Admins to manage keys without accessing data. The process includes key configuration, workspace binding, and lifecycle management. Key rotation is seamless, requiring no data re-encryption. All cryptographic operations involving the CMK are logged by the cloud provider's audit service. Lakebase CMK is available for Enterprise tier customers, allowing organizations to manage their encryption keys effectively.

Tech Optimizer

April 20, 2026

Databricks Postgres Gets Customer Key Control

Databricks has introduced customer-managed keys (CMK) for its Lakehouse Postgres offering, allowing users to control their data encryption and utilize their own Key Management Service (KMS) from major cloud providers like AWS KMS, Azure Key Vault, or Google Cloud KMS. The Lakehouse Postgres architecture features a hierarchical envelope encryption model with three tiers: the customer-managed root key (CMK), a Key Encryption Key (KEK) used by Databricks' Key Manager Service, and unique Data Encryption Keys (DEKs) for each data segment. If a CMK is revoked, access to the data is denied, and active compute instances are terminated, serving as a failsafe for high-compliance workloads. The implementation allows for granular control over key management and supports seamless key rotation without data re-encryption or downtime. All cryptographic operations are logged within the customer's cloud audit services, available to Databricks Enterprise tier customers.

Winsage

April 16, 2026

Windows 11’s Recall tool has been cracked open again, and Microsoft doesn’t see that as a problem

Alexander Hagenah has developed a tool called TotalRecall Reloaded that exploits a vulnerability in Microsoft's AI feature, Recall, which manages data. Recall was designed to store AI-generated insights but was found to potentially store sensitive information in plain text, prompting Microsoft to delay its rollout. The vulnerability lies in AIXHost.exe, which lacks essential security measures, allowing unauthorized processes to extract sensitive data, such as decrypted screenshots and metadata, after user authentication via Windows Hello. Microsoft has downplayed the risks, asserting that existing security controls mitigate unauthorized access. TotalRecall Reloaded is available on GitHub for further exploration.

AppWizard

April 5, 2026

Kremlin’s drive for a state-backed messenger touches a nerve for some

The Kremlin is promoting its state-backed messenger service, MAX, but many Russians are skeptical about it due to privacy and functionality concerns. The initiative occurs alongside extensive internet censorship and the blocking of popular messaging platforms like Telegram. While some users have adapted to MAX, the majority remain cautious. Officials justify MAX as essential for national security, arguing that foreign apps pose risks. The parent company, VK, claims 107 million users, expanding its reach beyond Russia. Opposition activists warn of potential state surveillance and user data access. Many users feel compelled to download MAX due to state requirements but prefer other options like Telegram. There is a strong sentiment among the public that app usage should be a personal choice, with critics expressing discontent over the government's approach to mandating downloads.

BetaBeacon

April 5, 2026

PC Gaming on Android at 100 FPS, Battery Efficiency : Red Magic 11

The Red Magic 11 Golden Saga Edition features the Snapdragon 8 Elite Gen 5 processor, Adreno 840 GPU, 24 GB LPDDR5T RAM, and up to 1 TB UFS 4.1 Pro storage for high-performance gaming.

AppWizard

April 3, 2026

Android Spy Apps: 7 Best Tools for Real-Time Monitoring (2026)

Concerns about online safety have led to increased use of Android spy apps, which provide access to messages, calls, and real-time locations. Testing shows that top apps can sync data in under 5 seconds and track over 15 social platforms. Users can monitor behaviors and interactions through a single dashboard, with effective tools operating in stealth mode. uMobix is highlighted as the best Android spy app, scoring 9.8/10, with real-time updates every 3–5 seconds, access to calls, SMS, deleted messages, and GPS locations. It supports tracking for over 30 data types and has a starting price of .99/month. XNSPY, scoring 9.5/10, offers detailed monitoring with call and SMS updates every 10–15 seconds and remote control features, starting at .99/month. xMobi, rated 9.2/10, provides essential features with quick setup and a responsive dashboard, starting at .99/month. SpyBubble Pro, scoring 9.0/10, specializes in stealth monitoring with data syncing every 15 seconds, starting at .49/month. AccountViewer, rated 8.9/10, focuses on social media insights, starting at .99/month. PeekViewer, scoring 9.1/10, allows anonymous profile viewing, starting at .99/month. mSpy, rated 9.4/10, is designed for parental control, starting at .99/month. Effective Android spy apps should provide real-time tracking under 10 seconds, support multiple social platforms, and operate in stealth mode. Installation typically requires physical access to the device, and monitoring begins immediately after setup. The legality of using these apps depends on consent and local laws.

AppWizard

April 3, 2026

Which messaging app takes the most limited approach to permissions on Android?

Messaging applications Messenger, Signal, and Telegram exhibit significant differences in permissions and operational behaviors that impact user privacy. Telegram has the fewest total permissions at 71, with 25 classified as dangerous; Signal requests 72 permissions, including 19 dangerous ones; and Messenger requests the most at 87, with 24 dangerous permissions. Messenger also has the highest number of vendor-specific unknown permissions. Access to sensitive resources is crucial for messaging functionalities, with permissions for contacts, camera, microphone, location, storage, and calendar being essential. Telegram and Messenger request additional system-level permissions, while Signal is more conservative and does not request certain permissions like phone-call control or overlay windows. The analysis, using the Mobile Security Framework (MobSF), indicates all three apps are in the medium risk category, with Messenger having more flagged issues. Telegram allows cleartext connections by default, potentially exposing traffic, while Signal uses encrypted connections by default and only permits limited cleartext traffic for certificate checks. Messenger's issues include world-writable files and remote debugging enabled in WebViews. Messenger uses third-party SDKs, while Signal and Telegram do not disclose third-party trackers. All three utilize Firebase Cloud Messaging for notifications without sensitive data leakage. Data exchange patterns show Messenger primarily routes traffic through North America, while Telegram and Signal focus on Europe with some additional connections in the U.S. and Asia.

AppWizard

March 16, 2026

Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services

Android 17 has introduced Advanced Protection Mode (AAPM) to enhance user security by preventing non-accessibility applications from using the Accessibility API, which has been exploited by malware. AAPM allows only verified accessibility tools to utilize the API and implements stricter security settings, including blocking installations from unknown sources, limiting USB data access, and mandating Google Play Protect scans. Applications must declare themselves as accessibility tools with the attribute isAccessibilityTool="true" to use the Accessibility Services API. Additionally, Android 17 features a new contacts picker that allows applications to request access to specific contact fields instead of the entire address book, enhancing user privacy.