user rights Archives

AppWizard

July 7, 2025

Google Gemini app gains automatic Android access to phone and messaging data

On July 7, 2025, Google Gemini app users experienced automatic activation of permissions for accessing phone calls, messaging services, WhatsApp, and system utilities on Android devices, following a privacy policy update on June 11, 2025. This change affects millions of users globally and allows user data to be reviewed by humans for AI training. Users can disable these permissions through the app's settings, but the option to opt-out is criticized for being difficult to find. Legal experts have raised concerns about compliance with GDPR regulations due to the lack of explicit user consent for these changes. The data collected supports machine-learning development and may be retained for up to three years, even after users delete their activity.

Winsage

July 2, 2025

How to secure your printer with Windows 11’s new Protected Print mode

Nine percent of Windows security issues are attributed to its printing system. In 2021, a flaw in the printer spooler, known as "Print Nightmare," was discovered, allowing attackers elevated system rights. Microsoft introduced Windows Protected Print mode (WPP) in the Windows 11 24H2 update to address these vulnerabilities. WPP replaces manufacturer-specific drivers and prevents the installation of new printer drivers, limiting printer spooler tasks to user rights. WPP is based on the Internet Print Protocol (IPP) and is compatible with printers certified by the Mobile Printing Alliance. Users must manually enable WPP through the Settings menu. Once activated, Windows manages print jobs using its WPP driver, and users can find additional tools in the Microsoft Store. To deactivate WPP, users can return to the Settings and remove it, which requires reinstalling the original manufacturer’s drivers.

Winsage

June 18, 2025

Windows 10 End Nears: Switch to Linux for Security

Microsoft will cease support for Windows 10 on October 14, 2025, affecting an estimated 200 to 400 million devices that will no longer receive updates or patches, exposing them to security vulnerabilities. Transitioning to Windows 11 requires modern hardware specifications, which many older devices lack. Users must decide between investing in new hardware, opting for extended security updates, or switching to alternative operating systems like Linux. The Document Foundation advocates for Linux and LibreOffice as viable alternatives, emphasizing their ability to run on older hardware and providing robust security updates. Linux offers users greater control and transparency, addressing privacy concerns associated with proprietary systems. LibreOffice supports open document formats, ensuring long-term accessibility without vendor constraints. The end of Windows 10 support may prompt significant shifts in the tech industry, encouraging a move towards systems that prioritize sustainability and user rights.

Winsage

June 17, 2025

Windows 10 End Nears: Switch to Linux for Security

Microsoft will cease support for Windows 10 on October 14, 2025, leaving an estimated 200 to 400 million devices vulnerable to security risks due to a lack of updates. Users must choose between upgrading to Windows 11, which has strict hardware requirements, paying for extended security updates, or switching to alternative operating systems like Linux. The Document Foundation advocates for Linux and LibreOffice as viable options, emphasizing their ability to run on older hardware and provide robust security updates without vendor lock-in. Privacy concerns regarding data collection by major tech companies are highlighted, with Linux offering users greater control and transparency. The transition away from Windows 10 is seen as an opportunity to promote user empowerment and sustainability in technology choices.

AppWizard

May 22, 2025

Telegram CEO Pavel Durov launches $50K viral video contest to expose WhatsApp’s ‘cheap copycat’ moves | – The Times of India

Telegram has launched a contest with a prize pool of 0,000 inviting participants to create a viral video that showcases Telegram's technological innovations compared to WhatsApp. The contest was announced on May 19, 2025, and submissions are due by May 26, 2025. It is open to global participants, with videos required to be in English and suitable for platforms like TikTok and Instagram Reels. The contest allows the use of AI tools and evaluates entries based on clarity, visual impact, meme potential, and virality. Pavel Durov, the founder of Telegram, has publicly accused WhatsApp of smear campaigns and emphasizes Telegram's commitment to privacy and political neutrality, rejecting government requests to censor political content. The contest aims to expand Telegram's user base and engage content creators by promoting its unique features, which include end-to-end encrypted chats, large group chats, bots, and advanced privacy controls. Winners will be announced in June 2025.

Winsage

April 10, 2025

Don’t pay more for Windows Pro’s advanced features. Use these free tools instead

The Windows Home and Pro editions differ primarily in several key features relevant to personal users: - Bitlocker Encryption: Exclusive to the Pro edition, it secures drives, but Windows 11 Home includes device encryption requiring a Microsoft account. - Hyper-V: Available only in Pro, but alternatives like VirtualBox can be used in Home. - Remote Desktop: Pro allows full remote access, while Home offers limited support; third-party tools can provide alternatives. - Group Policies: Primarily for corporate use in Pro, but local group policies can be activated in Home with alternative tools available. Windows 11 24H2 Home includes a new device encryption feature requiring a Microsoft account. Veracrypt is a free alternative for encryption, allowing for encrypted containers and compatibility across multiple operating systems. Upgrading from Windows 11 Home to Pro requires a new product key. VirtualBox offers a free option for creating virtual machines. For remote access, tools like Rustdesk can be used without needing the Pro edition's capabilities.

Winsage

March 4, 2025

Feds add Windows, router vulnerabilities to actively exploited list

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its list of actively exploited vulnerabilities, highlighting several critical exploits. Key vulnerabilities include: - CVE-2023-20118: Affects specific Cisco Small Business Router models (RV016, RV042, RV042G, RV082, RV320, RV325), allowing hackers to remotely execute arbitrary commands via specially crafted HTTP requests, potentially granting root-level privileges. - CVE-2023-20025: Could enable hackers to bypass admin credential requirements for CVE-2023-20118. - CVE-2018-8639: Affects various Windows operating systems (Windows 7, Windows Server 2012 R2, Windows 10) due to the Win32k component's failure to manage memory objects, allowing local attackers to execute arbitrary code in kernel mode. Neither Microsoft nor Cisco has issued specific security advisories regarding these vulnerabilities.

Winsage

March 4, 2025

CISA tags Windows, Cisco vulnerabilities as actively exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory for U.S. federal agencies to enhance their defenses against cyberattacks targeting vulnerabilities in Cisco and Windows systems. Two specific vulnerabilities have been identified: 1. CVE-2023-20118, which allows attackers to execute arbitrary commands on certain VPN routers, requiring valid administrative credentials for exploitation. This vulnerability can be combined with CVE-2023-20025, an authentication bypass that grants root privileges to attackers. Cisco acknowledged this issue in an advisory in January 2023, with proof-of-concept exploit code publicly available. 2. CVE-2018-8639, a Win32k elevation of privilege flaw that allows local attackers to execute arbitrary code in kernel mode, enabling data manipulation and unauthorized account creation. Microsoft issued a security advisory regarding this vulnerability in December 2018, affecting both client and server platforms. CISA has added both vulnerabilities to its Known Exploited Vulnerabilities catalog, requiring Federal Civilian Executive Branch agencies to secure their networks against these vulnerabilities by March 23, as per the Binding Operational Directive 22-01. Additionally, CISA has alerted federal agencies to another critical vulnerability, CVE-2024-21413, in Microsoft Outlook, requiring patches by February 27.

Winsage

March 4, 2025

U.S. CISA adds Multiple Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog, which now includes several significant security flaws: - CVE-2023-20118: A command injection vulnerability in Cisco Small Business RV Series Routers with a CVSS score of 6.5, allowing authenticated remote attackers to execute arbitrary commands. Cisco will not provide a fix for this issue. - CVE-2022-43939: An authorization bypass vulnerability in the Hitachi Vantara Pentaho BA Server. - CVE-2022-43769: A special element injection vulnerability in the Hitachi Vantara Pentaho BA Server. - CVE-2018-8639: An elevation of privilege vulnerability in Microsoft Windows with a CVSS score of 7.8, allowing an attacker to run arbitrary code in kernel mode. - CVE-2024-4885: An unauthenticated remote code execution vulnerability in Progress WhatsUp Gold with a CVSS score of 9.8, allowing command execution with iisapppoolnmconsole privileges. CISA has mandated that federal agencies address these vulnerabilities by March 24, 2025, under Binding Operational Directive (BOD) 22-01, and advises private organizations to review the KEV catalog for necessary actions.

AppWizard

December 24, 2024

Controversial messaging app Telegram is profitable, says its founder. Here’s how it makes money.

Encrypted messaging service Telegram has achieved profitability after 11 years of operation, with revenue surpassing billion in 2024 and cash reserves of 0 million. CEO Pavel Durov attributed this success to advertising and premium subscriptions. The company introduced initiatives like a revenue-sharing model for content creators and a premium subscription tier priced at .99 per month. Telegram has reduced its billion debt and noted a significant turnaround from the previous year, when it reported a loss of million on revenues of million. Despite its financial success, the platform faces global scrutiny over misinformation and limited content moderation, with bans in several countries and a history of being prohibited in Russia from 2018 to 2020.