Category: Uncategorized

The Windows taskbar is something that we see all the time, but don’t pay much attention to. It’s there. It exists. And if you’re like most people, you probably only use it for interacting with the Start menu, switching apps, or accessing the Quick Settings every now and then.

But hidden in that quiet corner of your screen are a few icons that deserve way more attention than they get. These icons appear when apps are using sensitive features like your microphone or your location. And if you ignore them for too long, you might be giving away more of your privacy than you realize.

Most people ignore these taskbar icons, but they’re crucial

These icons are trying to tell you something

Every time an app uses your microphone, you’ll see a tiny microphone icon right next to the system tray. If you hover over it, Windows will show you the name of the app that’s using it. If multiple apps are listening or recording at once, Windows will list all of them.

This works the same way for location access. When an app is accessing your location, you’ll see a tiny arrow instead. And if both your microphone and location are being accessed at once, you’ll see both icons stacked together.

The problem is that most people never notice these indicators, or they see them and never bother to check what they mean. Also, these icons disappear as soon as the app stops using the microphone or location, so they are very easy to miss. It’s not like your webcam’s LED indicator that lights up right in front of you. They’re small, quiet icons that appear in a corner you rarely focus on, but they’re just as important.

A look at the privacy menu can reveal more

The activity log most people never open

Even if you miss the microphone and location taskbar icons, you can still check which apps are using your PC’s sensitive features. For that, you need to dive into Windows’ privacy settings.

Head to Settings > Privacy & security > App permissions and click Microphone. Expand Recent activity, and you’ll see a list of apps that have accessed your mic in the past 7 days. It also shows the exact date and time each app used it. This makes it easy to determine whether the activity lines up with something you actually did, like joining a video call, or whether an app accessed your mic when you were not expecting it.

The same applies for location tracking. Go back to App permissions and click Location instead. You will see which apps have used your location and when. And while Windows doesn’t show a camera icon when an app is using your webcam, you can find details about camera activity in the privacy menu.

This menu is basically a detailed history of which apps have been peeking behind the curtain. The taskbar icons show you what’s happening in the moment, and the privacy settings show you what has been happening over time.

Stop these apps from invading your privacy before it’s too late

Cut off unnecessary access

Knowing which apps are accessing your microphone, camera, or location is only half the battle. If something looks suspicious, you also need to know how to put a stop to it. Of course, the most straightforward way is to just uninstall the app or program, but that’s not always an option or even necessary. In some cases, you might actually need the app, just not its constant access to your personal data.

To get around this, you can revoke camera, location, or microphone permissions for such apps. Head to Settings > Privacy & security > App permissions and select the permission you want to manage. Then expand Let apps access your camera/microphone/location and use the toggles to revoke access for apps that don’t need it.

One tricky part is that when a website uses your microphone or location, Windows’s taskbar icon or privacy menu will only show the name of the browser. This means you won’t be able to tell which website was actually accessing it from the taskbar.

If you don’t want to revoke camera or microphone access for your browser entirely, most browsers also show information about which websites have accessed your PC’s sensitive features like the camera, microphone, or location. For instance, in Edge, you can head to Settings > Privacy, search, and services > Site permissions > Recent activity to see if any website has accessed your camera, microphone, or location. You can then click on the website that looks suspicious and block its access from there.

---

Most of us don’t really pay much attention when setting up an app for the first time. In a rush to try something new, we often grant all the permission an app needs without thinking it through. The good thing is that Windows has your back and can notify you when apps use sensitive information. But it is still up to you to notice those indicators and act on them before they become a bigger problem.

Millions of people around the world are living with the harsh reality of Alzheimer’s disease, which also significantly impacts family members. Nobody is immune, as A-list actor Chris Hemsworth discovered when his own father was recently diagnosed. The revelation inspired Hemsworth to embark on a trip down memory lane with his father, which took them to Australia’s Northern Territory. The experience was captured on film for A Road Trip To Remember, a new documentary film from National Geographic.

Director Tom Barbor-Might had worked with Hemsworth on the latter’s documentary series, Limitless, also for National Geographic. Each episode of Limitless follows Hemsworth on a unique challenge to push himself to the limits, augmented with interviews with scientific experts on such practices as fasting, extreme temperatures, brain-boosting, and regulating one’s stress response. Barbor-Might directed the season 1 finale, “Acceptance,” which was very different in tone, dealing with the inevitability of death and the need to confront one’s own mortality.

“It was really interesting to see Chris in that more intimate personal space, and he was great at it,” Barbor-Might told Ars. “He was charming, emotional, and vulnerable, and it was really moving. It felt like there was more work to be done there.” When Craig Hemsworth received his Alzheimer’s diagnosis, it seemed like the perfect opportunity to explore that personal element further.

Hemsworth found a scientific guide for this journey in Suraj Samtani, a clinical psychologist at the New South Wales Center for Healthy Brain Aging who specializes in dementia. Recent research has shown that one’s risk of dementia can be reduced by half by maintaining regular social interactions and even after a diagnosis, fostering strong social connections can slow cognitive decline. Revisiting past experiences, including visiting locations from one’s past, can also boost cognition in those with early-onset dementia or Alzheimer’s—hence the Hemsworth road trip.

The first stage was to re-create the Melbourne family home from the 1990s. “The therapeutic practice of reminiscence therapy gave the film not only its intellectual and emotional underpinning, it gave it its structure,” said Barbor-Might. “We wanted to really explore this and also, as an audience, get a glimpse of their family life in the 1990s. It was a sequence that felt really important. The owner extraordinarily agreed to let us revert [the house]. They went and lived in a hotel for a month and were very, very noble and accommodating.”

Today, AWS Organizations announces support for upgrade rollout policy, a new capability that helps customers stagger automatic upgrades across their Amazon Aurora (MySQL-Compatible Edition and PostgreSQL-Compatible Edition) and Amazon Relational Database Service (Amazon RDS) including RDS for MySQL, RDS for PostgreSQL, RDS for MariaDB, RDS for SQL Server, RDS for Oracle, and RDS for Db2 databases. This capability eliminates the operational overhead of coordinating automatic minor version upgrades either manually or through custom tools across hundreds of resources and accounts, while giving customers peace of mind by ensuring upgrades are first tested in less critical environments before being rolled out to production.

With upgrade rollout policy, you can define upgrade sequences using simple orders (first, second, last) applied through account-level policies or resource tags. When new minor versions become eligible for automatic upgrade, the policy ensures upgrades start with development environments, allowing you to validate changes before proceeding to more critical environments. AWS Health notifications between phases and built-in validation periods help you monitor progress and ensure stability throughout the upgrade process. You can also disable automatic progression at any time if issues are detected, giving you complete control over the upgrade journey.

This feature is available in all AWS commercial Regions and AWS GovCloud (US) Regions, supporting automatic minor version upgrades for Amazon Aurora and Amazon RDS database engines. You can manage upgrade policies using the AWS Management Console, AWS CLI, AWS SDKs, AWS CloudFormation, or AWS CDK. For Amazon RDS for Oracle, the upgrade rollout policy supports automatic minor version upgrades for engine versions released after January 2026.

To learn more about automatic minor version upgrades, see the Amazon RDS and Aurora user guide. For more information about upgrade rollout policy, see Managing organization policies with AWS Organizations (Upgrade rollout policy).

Your digital footprint is often larger than you think. It includes all the emails you’ve sent, subdomains you’ve created, and the services you signed in to, not to mention the alarming amount of information Google knows about you. In many cases, this data is visible, and mapping it takes just a few minutes. Certain tools collect public data, revealing exactly what anyone can see about you online. This practice is known as Open Source Intelligence (OSINT). The thing is that if you can do it, so can anyone else.

theHarvester is one of the most easily accessible tools for this. With the right commands, it gathers data from search engines and public repositories. It even accesses security APIs, revealing hosts, emails, and subdomains you forgot about. I got my hands on this tool, and it taught me how exposed we can be.

Setting up theHarvester

Even though theHarvester may sound like a specialized cybersecurity tool (it comes preinstalled on the pentesting-focused distro, Kali Linux), I use it on Linux Mint, and installation is quite easy. You only need to clone theHarvester from its GitHub repository to guarantee you have the latest version and all current APIs and modules.

1. Launch your terminal and run the commands below:

    sudo apt install git python3-venv -y
   
    git clone https://github.com/laramies/theHarvester.git 
   
    cd theHarvester
   
    python3 -m venv venv 
    source venv/bin/activate 
   
    pip install .

2. After the installation finishes, run the command below to confirm it is working:

   theHarvester -h

You should see theHarvester’s menu as confirmation that it has been properly installed.

theHarvester obtains publicly available information using DuckDuckGo, CRT.sh, CertSpotter, DNSDumpster, VirusTotal, and other certificate and threat-intel feeds. You can integrate free API keys for Shodan or Hunter.io by directly adding them to theHarvester’s api-keys.yaml file. This will give your results a boost, even though the tool is still very capable without this upgrade.

Running your first scan

Mapping what the internet already knows about you

Now that you’re set up, it’s time to discover what your online footprint looks like. To start, launch the terminal in theHarvester’s folder and run the command below, replacing example.com with a test domain or an actual one.

theHarvester.py -d example.com -b all -l 100

You can also run the command below from a general terminal to launch theHarvester.

Using the -b all flag in the command above lets theHarvester search in all available data sources, and -l 100 will limit the results so they’re readable.

Shortly, results will appear in the terminal. They typically contain emails, subdomains, hostnames, IP addresses, and sources. When I ran this search on a personal domain, I was surprised to see the amount of personal information I had floating on the internet—information anyone may find from public sources.

Running it on a domain you manage would probably reveal old emails connected to accounts you’ve forgotten and subdomains for test environments you no longer run. It does all this without invading privacy or bypassing security.

Making sense of the results

Understanding emails, subdomains, and digital exposure

The amount of information in the results can be intimidating; once you know what to look for, interpreting it becomes straightforward. The sections are different parts of your digital map. The Emails section appears first, showing publicly exposed contact points. For a company, you may see addresses such as support@domain.com, info@domain.com, or individual employee names. These details can become a weapon for attackers to send phishing emails or to identify hierarchy within an organization. For an individual, if the results show old emails, it should serve as a wake-up call to close those accounts or take steps to limit their online visibility.

Subdomains are another element to look out for. If the results return entries similar to test.example.com or oldblog.example.com, they can indicate forgotten servers or outdated sites. Unattended subdomains run on separate endpoints and can serve as entry points for attackers. You should clean them up or redirect them to reduce the risks of exposure.

The Hosts and IP Addresses section lists IP addresses and hosts. They can reveal outdated infrastructure and show where domains are hosted. However, in all this, the bigger picture is that what you consider hidden is, in fact, publicly available and not that difficult to retrieve.

Simple ways to tighten your digital security right now

It’s unsettling to see your digital footprint laid out in theHarvester’s results, but it’s good to have this awareness. It gives you an idea of how to act to shrink it. A drastic approach can be removing yourself entirely from the internet.

However, a less aggressive starting point is subdomain hygiene. Disable or delete unused accounts and decommission or secure unused subdomains/staging environments. Every deactivated subdomain is one less risk.

Also, tackle email exposure. You may use email aliases for addresses that are easily searchable. I personally use aliases for almost everything, especially online shopping. So rather than afam@yourdomain.com, you use newsletter@yourdomain.com. This will shield your primary inbox from being listed in public databases.

Last but not least, conceal domain registration details. A WHOIS lookup service can show if your personal information is publicly visible; if so, enable domain privacy protection via your registrar.

The bigger picture

TheHarvester is a mirror that displays exactly what someone may find about you online if they know where to look. For me, it started as a simple scan but quickly became a realization that the web remembers too much—connections, emails, and forgotten pages.

Awareness is key—you can’t take control if you’re uninformed. While this tool is great for managing an organization’s domain, it’s also useful for personal sites. Regular checks are a small habit that ensures your online presence is secure.