Chipp.in Tech News and Reviews

Windows, Security & Privacy, Open Source and more

Menu
  • Home
  • Windows
  • Security & Privacy
  • Gaming
  • Guides
  • Windows 11 Book
  • Contact
  • RSS Feed
Menu

Category: Security & Privacy

Encryption

DiskCryptor 2.0 released: disk encryption software makes a comeback

Posted on July 9, 2026July 9, 2026 by Martin Brinkmann

Remember when the developers of TrueCrypt suddenly stopped the project back in 2014 and recommended that users started looking for alternatives? One of these alternatives was VeryCrypt, a fork of the TrueCrypt. Another Disk Cryptor, which I did use for some years.

Disk Cryptor development stopped about ten years ago and it looked as if the project was dead. However, in 2019, David Xanatos took over and started to released new versions of the software. You may know the developer from some of his other projects, such as Sandboxie Plus. DiskCryptor was first released as beta builds but then also as final builds.

The initial builds of the application were focused on improving compatibility and integrating support for new technologies. As a consequence, DiskCryptor should work fine under the latest versions of Windows 10 and 11.

The developer has released DiskCryptor 2.0 this week (and bug fix release 2.0.1), marking a major milestone in the development of the program.

He writes:

This release introduces substantial improvements across virtually every part of the software, including modern cryptography, hardware-backed security, storage management, performance, reliability, and usability.

A major addition is support for the Argon2id key derivation function, providing a modern, memory-hard alternative to the traditional KDFs for significantly improved resistance against password cracking attacks.

DiskCryptor now also supports optional TPM integration in the DCS bootloader, enabling hardware-backed protection and unattended system unlock configurations. Combined with optional Secure Boot support, this allows systems to take advantage of modern platform security features while maintaining DiskCryptor’s flexible boot architecture.

Since this is a major change, the new version is released as a pre-release at the time to gather feedback and react to any issues that might occur.

Is it ready for broader use again? I’m pretty happy with VeraCrypt at the moment and have no desire to switch to another encryption program at the moment, as it would be time consuming. However, if you still use an earlier version of DiskCryptor or want to start encrypting your drives for better protection, it may be worth a try.

I suggest you wait a bit though until the developer gives the okay that the pre-release phase is over. (via Günter Born)

Opera Browser gets new security feature to protect the Clipboard

Posted on July 6, 2026July 6, 2026 by Martin Brinkmann

Opera Software announced a new feature for its Chromium-based Opera browser: Paste Protect is designed to block suspicious content from accessing the Clipboard of the operating system.

Introduced in Opera One as an experimental feature, Paste Protect is designed to protect against two specific attack types, notes Opera Software in an official blog post:

  1. It actively prevents the malicious code from being copied onto your clipboard.
  2. It lets you know that there was an attempt to copy something onto your clipboard that’s potentially harmful.

The main idea is to protect users from copying malicious code to the Clipboard. In the past, attackers have used this to get Internet users to execute malicious code or instructions on their computer systems.

The developers at Opera describe a common form of attack that exploits this on the blog as well:

  1. The website displays a Captcha and ticking a box to confirm that the user is human.
  2. A second verification prompt is displayed after the check. It copies data to the Clipboard of the system in the background.
  3. Instructions are displayed that ask the user to open the run box (Windows+R) and use the Ctrl-V shortcut to paste the content of the Clipboard. All that is required then is for the user to hit ok to run the instructions on the system.

Opera says that the new Paste Protect feature blocks this type of attack. The company explains how its security feature handles potential threats:

When there is something copied to your clipboard, the Opera browser checks the content for potential threats and harmful commands. If a potential threat is detected, Opera will automatically block the capability for the browser to copy something onto your clipboard from the malicious website and provide you with the option to close the site safely.

The browser displays a red warning icon to indicate that it has blocked a threat. It will recommend to close the tab the attack originated from.

Paste Protect is enabled by default, but only available in Opera One. It follows Hijack Protection, which Opera Software introduced in 2021 in the browser. The feature protected the clipboard from so-called hijacking attempts, such as replacing URLs in the clipboard or replacing a bank account number.

Brave 1.92 launches with support for Containers

Posted on July 3, 2026July 3, 2026 by Martin Brinkmann

Brave Software announced that the latest version of Brave Browser supports the Containers feature now. The main idea behind it is to isolate website data. When you load a website in one container, its data and any third-party data is only accessible in that container. Think of a sandbox for sites.

Containers is not a new feature, as it was originally developed and launched by Mozilla in Firefox. The Brave integration is built-in. I had to enable the feature under chrome://flags/#containers first, but it should be available without that in the coming days.

Visit brave://settings/braveContent then to toggle “Enable Containers” there. This turns the feature on so that it is ready for use in the browser.

Like Firefox, Brave includes a set of default containers — personal, work, social and school — but you can add new containers, remove the defaults or rename them.

Once done, right-click on any link or tab and select “Open in Container”. You get the option to pick one of the existing containers and Brave highlights this with a new container icon in front of the tab and also in the address bar.

You may also right-click on the new tab icon to create a new container directly and without opening another website first.

Last but not least, you may also create temporary containers. Regular containers offer the same functionality as open tabs. Means, unless you close the sites or the container, they persist over sessions and you can restore tabs in them using restore functionality.

The main difference to temporary tabs is that they can’t be restored. When you close them, they are gone for good and tab or session restore options do not work for them.

LastPass Hit by Third-Party Data Breach: What You Need to Know About the Klue Incident

Posted on June 25, 2026June 25, 2026 by Martin Brinkmann

Anyone still using LastPass? If so, you need to be aware about a new security incident that has been confirmed by the company this week.

In the modern SaaS ecosystem, a digital fortress is only as secure as the side door left open for third-party vendors. Password management firm LastPass has disclosed a new data breach that involved the intelligence platform Klue.

According to an official incident report published on the LastPass blog, threat actors recently compromised Klue’s systems to steal OAuth tokens, granting them unauthorized access to LastPass’s Salesforce environment.

What the Attackers Obtained

The threat actors compromised Klue’s systems to steal OAuth tokens, which they then used to access LastPass’s Salesforce environment. The exposed data was limited to standard CRM and business contact information:

  • Customer names
  • Email addresses
  • Phone numbers
  • Physical addresses
  • Support case data
  • Sales-related data

What They Did NOT Obtain

The core architecture of LastPass remained unbreached. The attackers did not gain access to:

  • Customer Vaults: All stored passwords, secure notes, and saved data remained encrypted and secure
  • Master Passwords: Because of LastPass’s zero-knowledge architecture, master passwords are never known or stored by the company, and they were not exposed here.
  • Core Systems: LastPass products, services, and primary infrastructure were entirely unaffected

LastPass reveals that the information can be used for phishing attacks and other social engineering attempts. It recommends that “customers remain vigilant” and “exercise caution regarding unsolicited communications, including emails, phone calls, or requests for sensitive information.”.

For LastPass users suffering from breach fatigue, this latest headline likely induces a familiar sense of dread. However, when put into perspective, the Klue incident is a far cry from the devastating, back-to-back breaches of 2022, where threat actors successfully made off with encrypted customer vault backups and proprietary source code.

Still, while this is fundamentally a story about a third-party CRM leak rather than a critical product failure, the stolen contact information arms hackers with exactly what they need to launch highly convincing phishing campaigns.

uBlock Origin extension bypasses no longer working in Chrome: your options

Posted on June 15, 2026June 15, 2026 by Martin Brinkmann

We all knew that the time would eventually come. Google is removing bypasses in Chromium and Google Chrome that allowed users to run legacy extensions in the browser.

Google moved to a new extension rules system, called Manifest V3, which turned out to be a very controversial move. The company claimed that this was all for performance and security, but the change had the fortunate side effect that it would impact content blocker extensions more than any other extension type.

Google modified the rule set several times, which would have killed content blockers more or less in the beginning, and content blockers continue to be available.

However, Chrome users who have enabled bypasses to continue using these extensions will soon realize that they can’t anymore. The reason is simple: Google removed them.

This is not the end of content blocking in Chrome and other Chromium-based browsers. Here are the options that you have going forward:

  • Switch to a MV3 extension: Browser extensions such as uBlock Origin Lite are available. These continue to block ads in Chrome, but they lack some of the advanced features of the classic blocker.
  • Use a Chromium-based browser that continues to support MV3 extensions: Brave, Vivaldi and Opera all pledged to support MV2 extensions going forward. It remains to be seen whether this is going to be the case once the bypasses are removed.
  • Switch to Firefox: Firefox supports MV2 and MV3 extensions. You can install uBlock Origin in Firefox and get the best level of protection out of any version of the extension.
  • Use a browser with a built-in content blocker: Plenty of options, Brave, Opera or Vivaldi all come with the functionality.

Mozilla is giving away unlimited VPN bandwidth in Firefox

Posted on June 10, 2026June 10, 2026 by Martin Brinkmann

Firefox VPN is a built-in browser proxy to browse anonymously in the open source browser. It is a free service that protects your device’s IP address by routing traffic through secure servers.

While not as powerful as standalone VPN services, which protect all activity on a device, it is a handy privacy feature nevertheless. Users should not confuse it with Mozilla VPN, which is a device-wide VPN service that is not free.

Mozilla increased the available bandwidth for free users to 50 gigabytes recently. That is a generous amount already. This week, the organization announced another, temporary, increase of the VPN bandwidth.

Bandwidth is unlimited until September 1, 2026, according to the blog post. So, if you really need a lot of bandwidth, for instance for massive downloads or media streams, then this should get you through the coming months without ever worrying about hitting bandwidth limits.

In addition, users may connect to more than 25 different exit regions when they use the browser VPN.

The full set of countries available during this summer period include: Australia, Austria, Belgium, Bulgaria, Canada, Chile, Colombia, Denmark, Finland, France, Germany, Ireland, Italy, Malaysia, Mexico, Netherlands, New Zealand, Portugal, Singapore, Spain, Sweden, Thailand, Norway, South Africa, United Kingdom and United States.

Firefox’s built-in VPN supports turning off the secure connection for specific sites. That’s useful in some cases, for example, when sites do not work properly while the VPN is active.

All in all, if you do not use a VPN service already, this one may be an option to upgrade your privacy on the Internet.

You can now block automatic extension updates in Brave Browser

Posted on June 7, 2026June 7, 2026 by Martin Brinkmann

Most modern browsers install extension updates automatically. The developers claim that this improves security, and this is true to a degree. However, automatic extension updates do open a whole new can of worms, as problematic updates do get installed automatically as well.

Consider this: when an extension gets bought, the new owner may push updates and these will get installed on user systems, often without users knowing about the change in owner. The same is true for extensions that get hijacked or when a developer introduces features that are unwanted.

Firefox is the gold standard when it comes to controlling extensions. Users of the browser can block automatic updates for extensions entirely or for specific add-ons installed in the browser.

Chromium-based browsers do not have these native capabilities. The workaround until now was to install an extension through sideloading. These bypassed the entire updating mechanics, but it also meant that the browser might show a reminder that developer extensions are running.

The most recent update of Brave Browser introduces native support to it. This sets it apart from other Chromium-based browsers, which do not offer this feature.

Here is what it does: Once enabled, Brave browser stops updating extensions in the background. You can run the update process at any time from the extensions page of the browser, which makes it comfortable compared to the sideloaded extensions bypass. The main downside is that it is an all or nothing approach, but there is a workaround.

To enable it, it is necessary to configure an experimental flag in the browser.

  1. Load chrome://flags/#brave-user-extension-auto-update in the address bar.
  2. Set the flag to Disabled.
  3. Restart the web browser.

To update all extensions, do the following:

  1. Open the Extensions page in Brave: brave://extensions/
  2. Check the Developer Mode toggle at the top right corner.
  3. Click on the update button that appears.

This runs the update check for all installed extensions and will download and install any update found during the process.

There is no direct option to run a check for individual extensions, it is an all-or-nothing approach. There is a workaround though, but it requires manual steps and it has disadavantages.

If you want to update a highly trusted tool (like a password manager) but want to keep a smaller utility frozen on its current version, you can manually force a single update by refreshing it.

  1. Go to brave://extensions.
  2. Click Remove on the specific extension you want to update.
  3. Head to the Chrome Web Store, search for it, and click Add to Brave.

This installs the latest version in the browser. Note that uninstalling an extension will remove its data. Any custom configurations or personal data is removed in the process. Works best for extensions that do not have any of that.

Brave has not revealed much about the feature at this stage. Since it is experimental, there is the possibility that it will get more comfortable in the future. For now, Firefox remains the gold standard for users who want to stay in full control over extension updates.

Using 7-Zip? Time to update, as your version may be vulnerable

Posted on May 27, 2026May 27, 2026 by Martin Brinkmann

7-Zip is a popular open source archiver that is a popular option on Windows. While Windows comes with its own basic archive creation and extracting options, it is significantly slower compared to third-party apps such as 7-Zip.

A vulnerability in earlier versions of 7-Zip was discovered in April 2026 that could allow attackers to cause the application to crash or run arbitrary code.

The affected version is 7-Zip 26.00 and earlier versions appear also affected by the vulnerability. The latest version is 7-Zip 26.01 and this version is safe to use.

If you run the archiving software on your devices, you may want to check the installed version and update if it is 26.00 or earlier.

You can check the installed version under Settings > Apps > Installed Apps. Type 7-Zip into the search box and wait for the app to appear. The version is shown in its title.

Updating is a flawless process. Just download the latest version from the official developer website and run it after the download finished. The installed version will be updated and any attacks targeting the vulnerability won’t have an affect on the app or the system anymore.

You can also check the version when you launch 7-Zip on the system. Select Help > About 7-zip in that case to display the installed version.

Google introduces Approximate Location sharing in Chrome: here is what it does

Posted on May 6, 2026May 6, 2026 by Martin Brinkmann

Mobile devices and web browsers support the sharing of the current location. This gives apps, websites and services access to a user’s location in the world. Ideally, to provide custom information, such as zooming to that location on a map, showing businesses nearby, providing directions, or loading specific information on a website.

While useful in that regard, location does reveal information about the user. The feature is usually locked behind a permission, but some apps may not start at all without it or block access to features.

Google announced on its official The Keyword blog that it is introducing approximate location sharing in Chrome. The feature lands in Chrome for Android first before it will also be introduced in the desktop versions of the browser.

Here is what it does: Google Chrome’s new Approximate Location Sharing feature enhances privacy by giving users a third option when websites request their whereabouts: sharing a general regional area rather than the exact coordinates. While users can still grant precise location access for tasks that genuinely need it—such as getting turn-by-turn navigation, placing a delivery order, or finding a nearby ATM—everyday browsing activities like checking local weather or reading regional news can now function perfectly well with just a neighborhood or city-level location.

In other words, websites and apps get information about a region a user is in and not the precise location. This new permission is intended for services that do not require accurate information and for users who do not want to share their exact location.

When a location prompt pops up on the mobile, users can now pick between “precise” and “approximate” and the usual options to “never allow”, “allow this time”, or “allow while visiting the site” options. Google says that the feature will land on desktop in Chrome in the coming months as well. For now, it is only available in Chrome for Android.

How useful is it for privacy? It can be used to share less-exact information about ones location. That is useful, especially for services that do not require it to function. If you want to get local news or weather, it does not really matter if the service that is providing the information knows the exact location or not. In that regard, it is a useful addition for users who share location but prefer it to be less exact whenever possible.

Firefox

How to enable Firefox’s secret ad-blocker

Posted on April 24, 2026April 26, 2026 by Martin Brinkmann

For years, I asked myself why Mozilla did not add a good content blocker to Firefox. It would be a great fit. An organization that values privacy, an open source browser that blocks most tracking out of the box.

However, for Mozilla, integrating a content blocker would also mean torpedoing its main revenue stream coming from Google.

Mozilla never made the step and others, including Brave, led by Mozilla’s ex-CEO, stepped in to fill that gap.

This changed recently

Mozilla did integrate Brave’s Rust-based adblock engine into its Firefox browser. More precisely, it is part of Firefox 149 and Mozilla describes it as a prototype rich content blocking feature.

It is not yet available as an option in the user-facing interface, let alone as something similar to the Shield feature of Brave. Still, users who run Firefox 149 can enable the content blocker and make use of it right away for testing.

Here is how that works:

  1. Load about:config in the Firefox address bar.
  2. Search for privacy.trackingprotection.content.protection.enabled
  3. Set the value to True with a click on the toggle on its right.
  4. Search for privacy.trackingprotection.content.protection.test_list_urls.
  5. Paste https://easylist.to/easylist/easylist.txt|https://easylist.to/easylist/easyprivacy.txt as the value.
  6. Restart Firefox

This enables two EasyLists, but you can add any other list that uses the same format. Separate lists with the character |.

Clearly, this is done for testing purposes. Mozilla would very likely add controls to the preferences or another user facing interface to make this easier to configure and use.

For now, it is a work in progress implementation, but one that shows that Mozilla could finally integrate what many users of its browser have wanted (or did not know they wanted) for a long time.

  • 1
  • 2
  • 3
  • 4
  • …
  • 14
  • Next

Support This Site

If you like what I do please support me!

Any tip is appreciated. Thanks!
  • July 16, 2026 by Martin Brinkmann Windows Tweaker ShutUp10 updated with new options to disable AI and other potentially unwanted content
  • July 14, 2026 by Martin Brinkmann Microsoft promises improved Windows Search Box and the removal of ads
  • July 13, 2026 by Martin Brinkmann Mozilla moves Firefox to a 2-week release cycle in September
  • July 11, 2026 by Martin Brinkmann Browser extension filters pseudo-brands on Amazon
  • July 10, 2026 by Martin Brinkmann The Tables Have Turned: Why Sony’s All-Digital Future Could Be Microsoft’s Perfect Revenge

About

We talk, write and dream about Technology 24/7 here at Chipp.in. The site, created by Martin Brinkmann in 2023, focuses on well-researched tech news, reviews, guides, help and more.

Legal Notice

Our commitment

Many websites write about tech, but chipp.in is special in several ways. All of our guides are unique, and we will never just rehash news that you find elsewhere.

Read the About page for additional information on the site and its founder and author.

Support Us

We don't run advertisement on this site that tracks users. If you see ads, they are static links. Ads, including affiliate links, never affect our writing on this site.

Here is a link to our privacy policy

©2026 Chipp.in Tech News and Reviews