Category: Security & Privacy

If you have a Samsung phone, look out for the next security update, it is massive

Posted on by Martin Brinkmann

Android phone and tablet owners know the drill. Google releases monthly security updates for Android and pushes them to supported Pixel devices quickly. Other manufacturers, Samsung, Xiaomi or Sony, to name a few, create patches for their devices and push them to these devices as well.

Depending on how much you paid for the device and its status in the support lifecycle, your devices may also receive monthly security updates. Some devices receive delayed updates, which makes them vulnerable to potential attacks.

Samsung has just posted information about the January 2026 Patch Day, and it is a massive one. The company has corrected a total of 55 security issues.

Here are the highlights:

  • The update includes a fix for a critical vulnerability, and 28 vulnerabilities rated high.
  • 23 of the included patches are provided by Google (with two not applying to Samsung devices).
  • The remaining 34 vulnerabilities come from Samsung Semiconductors (4) and Samsung Mobile (30).

Select Settings > About Phone > Software Update to check manually for the update. Samsung delivers updates on a monthly, quarterly, or biannual schedule.

Samsung’s security model

Samsung releases monthly security updates for Flagship- and Enterprise-devices only. You find Galaxy Fold and Galaxy S supported here mostly. In fact, the only non-Enterprise A-series model is the Galaxy A 56 5G device.

Most non-Flagship devices receive quarterly updates only. This is a problem from a security point of view, as Samsung collects security updates for these devices to release them once every quarter. If you have any A-series device other than the latest A5x, your devices will receive quarterly updates only, unless it is an Enterprise-device.

While Samsung has extended updates support in recent time, only its Flagship devices offer a monthly update frequency.

Brave slashes memory use of its ad-blocker by at least 45 megabytes on all platforms

Posted on by Martin Brinkmann

Brave Browser is one of the few major web browsers that supports native content blocking on all supported platforms that is enabled by default. It should not come as a surprise that the browser is on an upwards trajectory when it comes to users and popularity.

While Brave is not without controversy, it is clear that Brave Software has made several meaningful strategic decisions in the past that has benefitted the business immensely.

Quick Tip: do this, if websites do not react anymore in Brave on first load.

Content blocker improvements

Brave announced today that it has improved the memory usage of its internal content blocker significantly. The company claims that it has reduce memory usage by about 75 percent, which equates to a reduction of about 45 megabytes on all supported platforms.

Brave says that users who have enabled additional filters will see an even larger reduction in memory usage going forward.

How it managed to do that? Brave explains:

..we achieved this major memory milestone by iteratively refactoring the adblock-rust engine to use FlatBuffers, a compact and efficient storage format. This architectural transition allowed us to move the roughly 100,000 adblock filters shipped by default from standard, heap-allocated Rust data structures (such as Vecs, HashMaps, and structs) into a specialized, zero-copy binary format.

Brave notes that it has implemented several optimizations in addition). These are:

  • Memory management: Used stack-allocated vectors to reduce memory allocations by 19% and improved building time by ~15%.
  • Matching speed: Improved filter matching performance by 13% by tokenizing common regex patterns.
  • Sharing resources: Resources are shared between instantiations of adblock engines, saving ~2 MB of memory on desktop.
  • Storage efficiency: Optimized internal resource storage memory by 30%.

The main memory reduction and optimizations landed in Brave 1.85 while additional optimizations will be included in the next release of the browser.

It will be interesting to see how users who have enabled additional filters in Brave benefit from the change.

Adding extra filters in Brave

It is quite easy to add more filters to Brave to extend the content blocking functionality.

Note: Each list that Brave supports natively offers a short description of what it does. Fanboy’s Anti-Newsletter list, for instance, blocks newsletter popups on websites.

  1. Select Menu > Settings, or load brave://settings/ directly in the address bar.
  2. Go to Shields > Content filtering.
  3. Click on “show full list” to display all included filter lists.
  4. Check the lists that you want to enable in Brave.

Note that adding lists will increase the memory usage of the content blocker and thus Brave. It is recommended to keep the list as short as possible.

As for recommendations, it depends largely on your Internet browsing and which annoyances you encounter regularly. YouTuber regulars, for instance, could enable filters for mobile distractions and recommendations, if they use Brave on their mobile devices.

There are also language-specific block lists, which are useful if you visit websites regularly in a specific language.

Featured Chrome extension with millions of users caught harvesting AI interactions

Posted on by Martin Brinkmann

Several Chrome and Microsoft Edge extensions, designed to protect users online, were discovered to include AI harvesting code that captured, among other things, every AI prompt and response made in the browser it was installed in.

This is the second major discovery by security researchers at KOI. In July, the company discovered 18 malicious Chrome extensions with millions of installations that ran malicious tasks in the background.

Security researchers at KOI discovered Urban VPN Proxy by chance. The Chrome extension had over 6 million users, a 4.7 star rating at the Chrome web store, and a featured badge by Google.

Featured meant that Google reviewed the extension manually to ensure that it follows “technical best practices” and meets “a high standard of user experience and design”.

The makers of the extension, which was also installed by over 1.3 million Microsoft Edge users via Microsoft’s own extensions store, promised unhindered access to any website and the unblocking of content.

According to KOI, the extension did not always have AI harvesting functionality baked into it. This started on July 9, 2025 with the release of version 5.5.0. It shipped with AI harvesting enabled by default.

This meant that AI interactions of any user who updated the extension to the new version or installed it anew were collected.

KOI says the following gets captured:

  • Every prompt you send to the AI
  • Every response you receive
  • Conversation identifiers and timestamps
  • Session metadata
  • The specific AI platform and model used

The extension supports ten major AI platforms, including ChatGPT, Gemini, Claude, Microsoft Copilot, Grok, Meta AI, Perplexity, and DeepSeek, according to KOI.

It injects scripts into the AI platform’s website whenever a supported site is loaded in the browser. From there, it manipulates browser functions to route all network requests through itself. These requests get parsed and then exfiltrated by a background service worker.

A quick search for extensions that use the same code revealed three additional extensions, available on both the Chrome and the Microsoft Edge web store.

These are 1ClickVPNProxy, Urban Browser Guard, and Urban Ad Blocker. All eight extensions have an accumulated user count of over 8 million.

How could this have been prevented?

Unlike Mozilla, which reviews the updates of featured extensions for Firefox as well, neither Google nor Microsoft seem to do that. This is a loophole that gets exploited over and over again: create or buy a harmless extension that is useful, get the feature badge by passing the manual review, and release an update with malware code later on, as (some?) updates seem to be accepted automatically.

So, if you use extensions, Firefox is the safer bet, but only for featured extensions. This has downsides of its own, including that it takes longer before updates become available.

Mozilla reassures Firefox users that AI will be completely optional and include a kill-switch feature

Posted on by Martin Brinkmann

Many makers of web browsers are evolving the browsers that they develop into AI-based browsers. How and to what degree depends much on the company or organization that is involved. From integrating options to chat with AI and basic AI features, such as getting a summary of a webpage, to agentic browsers, like Perplexity, that are designed to act on the user’s behalf.

Mozilla’s new CEO Anthony Enzor-DeMeo published his vision for the organization and its main software, Firefox, about a week ago. While much of what Enzor-DeMeo wrote resonated well with large parts of the community — turning Mozilla into the most trusted software company — it was a single pargraph that stood out and incurred the ire of parts of the community.

Firefox will grow from a browser into a broader ecosystem of trusted software. Firefox will remain our anchor. It will evolve into a modern AI browser and support a portfolio of new and trusted software additions.

While Enzor-DeMeo did state that “AI should always be a choice” and that it should be something that “people can easily turn off”, Firefox users expressed their concern over the AI-focus that the new Mozilla head described in the post.

The official Firefox for Web Developers account on Mastadon published several clarifications to address user concerns. The posts are attributed to Jake Archibald, who is Mozilla’s Web Developer Relations lead.

The main takeaways are the following two statements regarding AI:

  • All Firefox AI features will be opt-in.
  • Firefox will get a “kill-switch” for all AI features, which disables them completely.

Mozilla would introduce AI features in Firefox in a way that I would like all browsers to follow: make them opt-in, instead of opt-out. There are certainly users out there that use AI and will use AI features in browsers. Heck, some might even spring on the agentic-bandwagon and let AI buy stuff for them or to other things.

As long as this is optional, and not enabled by default, I would not mind much, especially if other features do not get pushed down the priority letter in favor of AI features.

How many browser users want AI in their browsers, or would start using the features once they land without knowing about them prior? I find that number hard to estimate. AI is a trend at the moment, and while companies have created some useful features powered by AI, it has not been proven yet that AI is a feature that can sustain itself once the hype ebbs down.

Now it is your turn. Have you tried AI features in browsers or elsewhere already? Is there anything that you liked in particular, or did not like? Feel free to leave a comment down below.

Brace yourself, OpenAI to introduce ads into its apps

Posted on by Martin Brinkmann

The free AI ride is as good as over. Free meaning no ads in this case. The writing was on the wall: AI processing, infrastructure and upkeep are expensive and companies can only burn through a specific amount of money before investors demand a return on their investment or they run into payment issues.

ChatGPT is probably the most used AI out there. You can use it in apps or on the official website, and it is also found in many third-party apps.

Soon, ChatGPT may introduce advertisement into its Android application, reports Tibor Blaho on X. Hhe user found references to ads in the last Android beta.

Strings, such as AdTarget, SearchAd, or ApiSearchAd were discovered in the beta. While version 1.2025.329 of ChatGPT did not include any ads during tests, the existence of the strings suggests that ads are coming.

It is likely that OpenAI will limit ads to free users, which make the bulk of users right now. Turning on ads could boost the company into the upper-elite of advertising, rivaling the likes of Meta (not Google, for obvious reasons).

It is unclear how ads will look like and if they will be easily distinguishable from the AI’s output to the user’s request.

The question is, what will users do when they encounter ads in ChatGPT? Will they keep on using the software or switch to another, one that does not have ads yet? It will be interesting to see.

Ads may also lead to a credibility problem, especially if the ad highlights a product that the AI also recommended in the answer to the user.

Now You: Do you use an AI right now? If so, which and how is your experience so far? If not, why not? Feel free to leave a comment down below.

Gemini in Gmail may have been enabled by default, and turning it off takes other features with it

Posted on by Martin Brinkmann

If you are using Google’s Gmail email service, you may have stumbled upon Smart Features already, especially if you are using the web-version of the service. Up until recently, Smart Features did not include AI, but this changed in 2025.

Now, Google has baked its AI Gemini into the Smart Features of Gmail. Depending on where you live, Smart Features are enabled by default. Note that while Google claims that Smart Features are not turned on for user in the European Union (Japan, UK and Switzerland are the three other regions), they were in fact enabled in one of my accounts.

So, what do you get with Smart Features?

  • Automatic email filtering and categorisation.
  • Smart Compose.
  • Smart Reply.
  • Nudges (suggests emails to reply to or follow-up on)
  • Summary cards above emails.
  • Grammar, spelling, and auto-correction.

Some of these features are powered by AI nowadays and Gemini, Google’s AI, needs access to your data for the features to work. Google claims that personal data is not used for training and that everything is kept within the boundaries of the account.

However, if you prefer that Gemini does not access your emails at all, your only option is to turn of the Smart Features in Gmail.

Here is how that is done:

  1. Load https://mail.google.com/mail/u/0/#settings/general in a web browser.
  2. Scroll down to Smart Features in Settings under General.
  3. Remove the checkmark of the Smart Features box.
  4. Confirm the removal.
  5. Gmail restarts.

Smart Features should be turned off now.

Note that you may also need to click on “Manage Workspace smart feature settings”, if the account is a Google Workspace account and not just a single Gmail account.

There you can turn off Smart Features for Gmail and other Google products.

Again, when you enable the feature you do not get any auto-corrections anymore as well. That is a trade-off for some, others may use the functionality that their browser provides for that anyway.

Now You: do you use Gmail as your mail provider or another service? Black Friday might be a good option to make a switch, as plenty of deals are live already or will be offered in the coming weeks.

Google Search

Google is starting to show ads in AI Mode

Posted on by Martin Brinkmann

The number one advertisin company on the Internet seems to have found another place to show you ads. Reports are coming in that more and more users are starting to see ads in AI Mode.

AI Mode? It is a new option in Google Search that you may use to ask Google’s Gemini AI questions and get answers. The mode supports deep search functionality, which Google says is its “most advanced research tool in Google Search”.

Anyway, if you select the mode, you may now also get a good chunk of advertisement according to Bleeping Computer and several other sites and Internet users.

Earlier this year, Google started to show ads in AI Overviews. Unlike AI Mode, which users need to select actively, AI Overviews are attached to regular search results pages on Google Search.

Not all AI chats and modes show advertisement right now. However, there is a very good chance that many will in the not so distant future. These businesses can’t run on love alone and there does not seem to be enough money in selling paid memberships.

So, in the future, you will pay with your data and your eyes on ads when you use the majority of AI chats that will be still around in a year or two.

Speaking of which, if you are subscribed to a Gemini plan, you are still going to see ads in AI Mode and AI Overviews (of course), unless you use a content blocker.

Phishing: Don’t let your eyes deceive you

Posted on by Martin Brinkmann

Phishing is a constant battle and problem on today’s Internet. While it is easy to spot most phishing attacks, if you are experienced, many Internet users fall for these attacks.

The use of AI in attacks helps attackers, even though AI is also used by the developers of security solutions. It is an arms race that has been going on for a long time.

I stumbled upon a new phishing post on LinkedIN recently. It showed a phishing email that looked like it came from noreply@microsoft.com. Upon closer inspection, it came from noreply@rnicrosoft.com.

You may spot the difference easily, but depending on the mail client that you are using, it may not be as easy to figure out that the phishing email does not come from the microsoft.com domain, as the m has been replaced by the two letters r and n.

It is simple, but very effective, especially in an age where everyone seems to be in a hurry.

This goes to show that threat actors do not always have to come up with new sophisticated schemes for their attacks. Sometimes, it is enough to register lookalike-domains by replacing just one or two characters in a domain name.

This goes hand in hand with registering domain names that look like the real deal, but are not, like microsoft-support.com.

What is the best line of defense in those cases? Never, ever, click on links in emails. Also, do not call, text, or interact with anything else in emails. Instead, verify, if you are unsure.

For instance, if you do get a password reset email, but did not request a password reset, it is very likely that this is fake. You could visit the website directly and sign-in to your account to find out, or contact support, if there is any.

Have another tip regarding the threat of phishing? Feel free to leave a comment down below.

Firefox 143.0.3 is out with security fixes and more

Posted on by Martin Brinkmann

Mozilla released a new point update for its Firefox web browser today. Firefox 143.0.3 is a security update that fixes also some non-security issues in the open source browser.

The new update is available already via the browser’s automatic update feature. Existing users may speed up the installation of the update by selecting Menu > Help > About Firefox. This opens a small window in the browser that displays the current version and a check for updates.

Firefox should pick up the update automatically at this point, but you need to restart the browser once to complete the installation. Opening the page again after installation should reveal the new version.

The official security release notes reveal that Mozilla addressed two security vulnerabilities in the release. Both have a severity rating of high. They affect the JavaScript engine and the Canvas2D component of the browser. Mozilla makes no mention of exploits in the wild, but it is still recommended to update quickly.

The non-security release notes list six issues that Mozilla fixed or improved in the release. Probably the most noteworthy is a fix for extension not updating via the add-ons manager of the browser.

Another issue fixes a Firefox crash that could happen when certain extensions are installed. These caused a storage issue that could lead to Firefox crashing on start of the browser.

Firefox users who noticed long delays when opening certain websites may also see improvements after installing Firefox 143.0.3. Mozilla reduced the delays, which happen on certain websites if the network blocks UDP connections.

The three remaining fixes address minor problems in Firefox, such as Firefox View sections not collapsing or expanding as expected. You can check out the full release notes on Mozilla’s website.

Who would have thought? Customers of Samsung fridges are not happy about ads their smart fridges started to show

Posted on by Martin Brinkmann

Do fridges, toasters and other household appliances may come with “smart functionality” or wireless connectivity these days. In the case of some, TVs for instance, the functionality may also be used to display advertisement to users and collect data about users.

Samsung recently announced that its smart fridges would start showing ads. A software update introduced the feature and first reactions of customers are not exactly glowing.

The company introduced the change for some of its Family Hub refrigerators in the United States. This turned the screen of the device into a vehicle for ads. And who does not love ads, especially for items that cost thousands of Dollars?

Techspot reports that the update introduced new Terms of Service and a Privacy Notice that covers the addition of advertisement. Samsung’s smart fridge displays the ads on the fridge’s screen. It appears when the screen is idle, which likely means most of the time and only if users have selected certain themes, including weather, daily board, or color.

Users may enable certain themes to avoid ads for now. If the cover screen is set to art mode, which displays photos, then no ads are shown. A setting to fully disable ads is not provided, but users may block certain ads from reappearing.

You could disconnect the fridge from the network, but might not be able to use most of its functions in that case.

Samsung says that the advertisements “are designed to enhance value for owners”. I’m pretty certain that most owners would beg to differ.

Maybe next time, it would be better to buy a “dumb” fridge or other items, especially if the provided functionality is not adding value or has the chance of being turned into something that is highly annoying or invasive.