from pcmag Some might say the internet was built on anonymity, paving the way for a place where free speech reigns supreme. But after years of learning about who’s snooping into everything we do online, privacy on the web is hardly a given. It’s not just about government spying; it’s also about how much data big companies such as Amazon, Google, Facebook, and Microsoft have collected in order to serve up targeted ads—not to mention how much of your personal data gets scooped up in all the breaches and hacks. There are always going to be good reasons for people to go online […]
Continue readingCategory Archives: Privacy
Time To Clip The Wings Of NSO And Its Pegasus Spyware
from The Observer What’s the most problematic tech company in the world? Facebook? Google? Palantir? Nope. It’s a small, privately held Israeli company called NSO that most people have never heard of. On its website, it describes itself as “a world leader in precision cyberintelligence solutions”. Its software, sold only to “licensed government intelligence and law-enforcement agencies”, naturally, helps them to “lawfully address the most dangerous issues in today’s world. NSO’s technology has helped prevent terrorism, break up criminal operations, find missing people and assist search and rescue teams.” So what is this magical stuff? It’s called Pegasus and it […]
Continue readingVenmo Gets More Private—but It’s Still Not Fully Safe
from Wired VENMO, THE POPULAR mobile payment service, has redesigned its app. That’s normally news you could safely ignore, but this announcement is worth a closer look. In addition to making some navigational tweaks and adding new purchase protections, the PayPal-owned platform is finally shutting down its global social feed, where the app published transactions from people around the world. It’s an important step toward resolving one of the most prominent privacy issues in the world of apps, but the work isn’t finished yet. Venmo’s global feed has for years been a font of voyeuristic insights into the financial habits […]
Continue readingGovernment Surveillance By Data
from NYTs This is the ultimate example of what’s broken in digital life: The locations of people who used apps to pray and hang their shelves wound up in U.S. military databases. Vice’s Motherboard publication this week reported that data on people’s movements collected by seemingly innocuous apps passed through multiple hands before being bought by U.S. defense contractors and military agencies. It’s not clear what the military is doing with the information. This isn’t an isolated case of government authorities buying commercially available databases containing the movements of millions of people. U.S. law enforcement agencies and the Internal Revenue […]
Continue readingThe iOS COVID-19 App Ecosystem Has Become A Privacy Minefield
from ars technica When the notion of enlisting smartphones to help fight the COVID-19 pandemic first surfaced last spring, it sparked a months-long debate: should apps collect location data, which could help with contact tracing but potentially reveal sensitive information? Or should they take a more limited approach, only measuring Bluetooth-based proximity to other phones? Now, a broad survey of hundreds of COVID-19-related apps reveals that the answer is all of the above. And that has made the COVID-19 app ecosystem a kind of wild, sprawling landscape, full of potential privacy pitfalls. Late last month, Jonathan Albright, director of the Digital […]
Continue readingStudy Shows Which Messengers Leak Your Data, Drain Your Battery, And More
from ars technica Link previews are a ubiquitous feature found in just about every chat and messaging app, and with good reason. They make online conversations easier by providing images and text associated with the file that’s being linked. Unfortunately, they can also leak our sensitive data, consume our limited bandwidth, drain our batteries, and, in one case, expose links in chats that are supposed to be end-to-end encrypted. Among the worst offenders, according to research published on Monday, were messengers from Facebook, Instagram, LinkedIn, and Line. More about that shortly. First a brief discussion of previews. More here.
Continue readingNew Report on Police Decryption Capabilities
from Schneier on Security There is a new report on police decryption capabilities: specifically, mobile device forensic tools (MDFTs). Short summary: it’s not just the FBI that can do it. This report documents the widespread adoption of MDFTs by law enforcement in the United States. Based on 110 public records requests to state and local law enforcement agencies across the country, our research documents more than 2,000 agencies that have purchased these tools, in all 50 states and the District of Columbia. We found that state and local law enforcement agencies have performed hundreds of thousands of cellphone extractions since […]
Continue readingTaking Back Our Privacy
from The New Yorker Walking down Abbot Kinney Boulevard, the retail strip in Venice, California, can feel like scrolling through Instagram. One afternoon this July, people sat at outdoor tables beneath drooping strings of fairy lights, sipping cocktails and spearing colorful, modestly dressed salads. The line for Salt & Straw, a venture-funded, “chef-driven” ice-cream shop, stretched up the block, and athleisure-clad twentysomethings photographed themselves eating waffle cones, fabric masks pulled down around their chins like turkey wattles. A month earlier, Abbot Kinney had become a central gathering place for protesters during the mass demonstrations against police brutality and systemic racism. […]
Continue readingNow You Can Enforce Your Privacy Rights With A Single Browser Tick
from ars technica Anyone who remembers Do Not Track—the initiative that was supposed to allow browser users to reclaim their privacy on the Web—knows it was a failure. Not only did websites ignore it, using it arguably made people less private because it made them stick out. Now, privacy advocates are back with a new specification, and this time they’ve brought the lawyers. Under the hood, the specification, known as Global Privacy Control, works pretty much the same way Do Not Track did. A small HTTP header informs sites that a visitor doesn’t want their data sold. The big difference […]
Continue readingThe Pandemic Is No Excuse to Surveil Students
from The Atlantic In Michigan, a small liberal-arts college is requiring students to install an app called Aura, which tracks their location in real time, before they come to campus. Oakland University, also in Michigan, announced a mandatory wearable that would track symptoms, but, facing a student-led petition, then said it would be optional. The University of Missouri, too, has an app that tracks when students enter and exit classrooms. This practice is spreading: In an attempt to open during the pandemic, many universities and colleges around the country are forcing students to download location-tracking apps, sometimes as a condition […]
Continue readingRevolutionary Quantum Breakthrough Paves Way For Safer Online Communication
from PHYS.ORG The world is one step closer to having a totally secure internet and an answer to the growing threat of cyber-attacks, thanks to a team of international scientists who have created a unique prototype which could transform how we communicate online. The invention led by the University of Bristol, revealed today in the journal Science Advances, has the potential to serve millions of users, is understood to be the largest-ever quantum network of its kind, and could be used to secure people’s online communication, particularly in these internet-led times accelerated by the COVID-19 pandemic. By deploying a new […]
Continue readingSome Shirts Hide You From Cameras—But Will Anyone Wear Them?
from ars technica Right now, you’re more than likely spending the vast majority of your time at home. Someday, however, we will all be able to leave the house once again and emerge, blinking, into society to work, travel, eat, play, and congregate in all of humanity’s many bustling crowds. The world, when we eventually enter it again, is waiting for us with millions of digital eyes—cameras, everywhere, owned by governments and private entities alike. Pretty much every state out there has some entity collecting license plate data from millions of cars—parked or on the road—every day. Meanwhile all kinds […]
Continue readingZoombombing Is A Crime, Not A Prank, Prosecutors Warn
from ars technica Coronavirus-related social distancing measures have given a big popularity boost to Zoom, a video conferencing platform that’s known for its ease of use but not necessarily strong security or privacy protections. Internet trolls and other troublemakers have responded with “Zoombombing”: joining Zoom meetings uninvited and disrupting them. Zoombombers have exposed themselves to schoolchildren and shouted racial slurs. In a Friday statement, federal prosecutors in Michigan warned the public that Zoombombing isn’t a harmless prank; it’s a crime. “Hackers are disrupting conferences and online classrooms with pornographic and/or hate images and threatening language,” wrote the US Attorney’s Office […]
Continue readingThink You Can’t Escape Google? You Haven’t Seen Anything Yet
from Fast Company More than any designer this side of Cupertino, Matias Duarte has made phones easy to use. During his tenure at Google — first overseeing the design of Android — the vice president of design watched Google’s operating system capture more than 85% of the global smartphone market. Duarte has likened his own work in mainstreaming these addictive devices to that of an arms dealer — “I just make the guns! I didn’t make you guys shoot each other!” — but he’s also not slowing down. After pioneering Material Design — a user interface metaphor that’s helped de-uglify […]
Continue readingHacker Eva Galperin Has a Plan to Eradicate Stalkerware
from Wired Over the last year, Eva Galperin says she’s learned the signs: the survivors of domestic abuse who come to her describing how their tormentors seem to know everyone they’ve called, texted, and even what they discussed in their most private conversations. How their abusers seem to know where they’ve been and sometimes even turn up at those locations to menace them. How they flaunt photos mysteriously obtained from the victim’s phone, sometimes using them for harassment or blackmail. And how none of the usual remedies to suspected hacking—changing passwords, setting up two-factor authentication—seem to help. The reason those […]
Continue reading