Items tagged with Privacy

Remember that 2700-page, $1 trillion dollar infrastructure bill that the US government passed back in August? Well, have you read it? Of course we're joking -- we know you haven't read it. Most of the legislators who voted on it probably haven't either. Some folks have, though, and they're finding some pretty alarming things buried in that bill. One of the most concerning things we've heard so far is the revelation that this "infrastructure" bill includes a measure mandating vehicle backdoor kill-switches in every car by 2026. The clause is intended to increase vehicle safety by "passively monitoring the performance of a driver of a motor vehicle to accurately identify whether that driver may... Read more...
It sometimes (maybe oftentimes) feels like Big Tech plays fast and loose with our privacy and security, as if an apology and a mea culpa after the fact makes everything okay. As much as they'd like that to be the case, it doesn't always suffice. Not in the eyes of the United States Federal Trade Commission, anyway, which might soon push for litigation against Amazon. Nothing is certain at the moment, but it's said the FTC earlier this year had recommended filing a lawsuit against Amazon over privacy and security blunders related to its Ring division. The details are not entirely clear, but a couple of incidents come immediately to mind. One is when a bug in Ring's accompanying Neighbors software... Read more...
When you open an app or website, location or GPS permissions are one of those things people tend not to allow. However, what if the app or site was able to extrapolate where you are without even needing new permissions? This is potentially happening on your Android device as security researchers have shown that motion sensor permissions are enabled by default for some browsers on Android, allowing for some quite concerning data collection. Late last month, researchers at Mysk tweeted a message to Android users explaining that Chrome, by default, shares motion sensor data with all the websites users visit. Moreover, it appears the Microsoft Edge on Android has the same permission set. While this... Read more...
The messaging app landscape is kind of a wasteland of apps with similar feature sets, with a few standouts. Facebook's Messenger is popular, of course, as are services like Discord, WhatsApp and Telegram. Secure messaging app Signal is rapidly growing in popularity, though, largely because of its main differentiating feature: true end-to-end encryption of user data. Because of this, all activity you perform in the app is secure from prying eyes, from the messages you send to the reaction GIFs you search for. It's that same feature that seems to be frustrating US government officials, however. According to a post on the Signal blog, a federal grand jury in the Central District of California... Read more...
Privacy and data security are always major areas of concern for everyone these days. Google Fi users are about to be given another tool for when they are talking on their Android phones. Google has been one of the leaders in providing tools to its users for online safety and security (including its Pixel phones). To that end, it recently announced a new tool for parents and guardians of children under the age of 18 that allows them to remove images of minors from Google search results. In another nod towards user privacy, Google Fi, Google's phone network provider, is introducing end-to-end encryption for phone calls. Messages by Google are already automatically encrypted in text message conversations,... Read more...
Everyone who uses an Android phone has probably had some security-conscious acquaintance ask, "don't you know how much data your phone is harvesting?" Most of us shrug it off as one of the unavoidable circumstances of modern life: you want a smartphone, you deal with data harvesting. Still, some folks aren't so willing to make that sacrifice. A new collaborative study from the University of Edinburgh in Scotland and Trinity College Dublin in Ireland tested Android-based phones from Samsung, Xiaomi, Huawei, and Realme as well as handsets running LineageOS and the open-source, privacy-focused /e/OS. The study found that "even when minimally configured and the handset is idle, the vendor-customized... Read more...
Mozilla’s Firefox is generally considered a safe, privacy-centric browser. However, a change to the default configuration of a relatively new feature may change some users' minds. Firefox is now sending keystrokes, location info, and more back to Mozilla. Thankfully, there is a way to disable some of this, which we will get to shortly. In Firefox version 92, Mozilla enabled its “Firefox Suggest” feature by default, a significant change from the feature's initial launch back in September. According to a Mozilla blog post, “Firefox Suggest” is a “new discovery feature that is built directly into the browser” that provides suggestions based on what... Read more...
Wondering if Mark Zuckerberg and the gang at Facebook are reading your encrypted WhatsApp messages? The social networking site insists it does not, as end-to-end encryption is what keeps everything private. Nevertheless, if you send a message through WhatsApp, it could still end up being read by a Facebook moderator. How so? End-to-end encryption basically means your data (messages, in this instance) gets scrambled in a way that appears as though it just a random mess of characters. There is a logical order, but unlocking the mystery requires a key, which only the sender and receiver possess. It's virtually unreadable to digital snoops, and that is the main appeal of WhatsApp. Earlier today,... Read more...
Hidden cameras in a private space, such as a bedroom or bathroom in an unfamiliar place like an Airbnb or other rental property, are a nightmare for most people. However, hacker and cybersecurity researcher Marcus Hutchins, better known as MalwareTech, posted a short video to TikTok explaining how to detect hidden cameras within an Airbnb or hotel. Using his simple tricks along with some of our own, it is easy to keep your privacy at home and away. Earlier this week, Hutchins posted a short video explaining “How to find hidden cameras in AirBnBs” as part of his TikTok Q&A series. The first tip Hutchins mentions in this video is that you should keep an eye out for devices... Read more...
Apple announced this morning that it would delay a planned rollout of new protections aimed at minimizing the spread of Child Sexual Abuse Material (CSAM). The move comes after the company received high-profile backlash for the initiatives, and Apple executives even admitted that the initial messaging was bungled. "Last month, we announced plans for features intended to help protect children from predators who use communication tools to recruit and exploit them, and limit the spread of Child Sexual Abuse Material," said Apple in a statement. "Based on feedback from customers, advocacy groups, researchers, and others, we have decided to take additional time over the coming months to collect input... Read more...
Artificial Intelligence is a tricky business, as with anything in life, with great power comes great responsibility. On the one hand, AI can power autonomous vehicles or help usher in more secure computing platforms. On the other hand, for example, now it appears it's possible to end up being jailed due to questionable AI-based evidence. This is precisely what happened to 65-year-old Michael Williams when he was arrested last August, after being accused of killing a young man in his neighborhood who asked for a ride during a night of community unrest, due to a reported police brutality incident. In 2018, the city of Chicago entered a $33 million contract with ShotSpotter, a network of surveillance... Read more...
T-Mobile is now investigating a massive customer data breach claim that could affect up to 100 million users. The leak, which appeared on a leak and database selling forums on Saturday, claimed to have 30 million unique social security numbers and driver's license information. In the samples provided, it also appears that birthdates, phone numbers, state, and zip codes are included. The asking price for these records began at a whopping 6 Bitcoin (~$277K), but has since dropped to only $200 for everything. After the data was checked, Vice reached out to the alleged data thief, who explained that the data was "T-Mobile USA. Full customer info." It was also mentioned that the remaining 70... Read more...
Following call center company Teleperformance allegedly forcing employees to undergo AI camera surveillance, Amazon wants to monitor its own customer service employees. Soon, Amazon could use a system that captures all workers' keystrokes to run behavioral analysis and prevent malicious hackers or imposters from stealing data. In a confidential document acquired by Motherboard, Amazon reports that there have been several cases of customer data being accessed around the world. India ranks at the top of the list, with 120 security incidents, followed by the Philippines with just under 70, and the U.S. with approximately 40 security incidents. While each of these incidents are not explained,... Read more...
If you thought Amazon wanting drivers to submit to biometric surveillance was bad, these recent revelations take the cake. Colombia-based call center workers, who perform outsourced customer services for some of the largest companies in the US, are now reportedly being pressured into signing a contract allowing their employer to install cameras in their homes to monitor work performance. Teleperformance is one of the world’s largest call center companies with nearly 400,000 employees and clientele, including Apple, Amazon, and Uber, among others. Now, in a new ground-breaking report from NBC, six workers for the Colombian company, even working on contracts for these companies, have come... Read more...
Yesterday, Apple previewed new child safety features to protect children from predators and limit the spread of Child Sexual Abuse Material (CSAM). While these features, which were developed in conjunction with child safety experts, sound great, they also open the door to future privacy issues. The first major part of the child safety updates regards communication in Messages, Apple's popular messaging app. For example, when there is receipt of sexually explicit photos, "the photo will be blurred and the child will be warned, presented with helpful resources, and reassured it is okay if they do not want to view this photo." If the child decides to view the content, their parents will then be... Read more...
Which do you prefer when browsing the web—raw speed or a combination of security and privacy? Generally speaking, modern browsers deliver the whole kit and caboodle, which is the way it should be. That said, Microsoft is testing a new "Super Duper Secure Mode" for its Edge browser that puts more of an emphasis on the latter. Or to put it another way, an experimental feature in Edge sacrifices a bit of speed to make the browser more secure and to enhance user privacy. It does this by tooling around with the V8 JavaScript engine that motors the Chromium foundation of Edge. Microsoft's reasoning for experimenting in this manner is because "JavaScript engine bugs are a mainstay for attackers."... Read more...
Facebook is reportedly pouring resources into research that would potentially allow it to analyze encrypted messages without actually decrypting the data, so that it can serve up targeted ads based on private communications. The technique is called homomorphic encryption. Should users of WhatsApp, the secure instant messaging service owned by Facebook, be concerned? WhatsApp boss Will Cathcart says no. WhatsApp is popular because its end-to-end encryption scheme renders messages unreadable by anyone outside of the sender and recipient. So even if the data is intercepted, it would just be a bunch of garbled text to the hacker, who would need a decryption key to make sense of it all. Homomorphic... Read more...
Legislators worldwide have had a microscope on Amazon for some time now, and it seems a weakness has been found. The European Union recently slapped the world’s largest e-tailer with the biggest-ever privacy violation fine of a whopping 746-million euro ($888 million). On July 16th, CNPD, or the Luxembourg National Commission for Data Protection, handed down the fine after a decision that blamed Amazon for processing personal data in a way that did not comply with EU General Data Protection Regulation (GDPR). The imposed fine of “€746 million and corresponding practice revision” was subsequently reported in a recent SEC filing from Amazon, where it was also noted that the... Read more...
In the past, there have been some big slip-ups when commentators did not know that they were on-air and began speaking their mind to other people. This seems to have happened again at the Tokyo Olympics when an Italian TV announcer did not realize he was live on-air when he asked for his computer password. Posted to Twitter yesterday by cybersecurity associate professor Stefano Zanero from the Polytechnic University of Milan, the clip has amassed thousands of likes, retweets, and views. In the video during the Turkey-China volleyball game, the announcer asked, in Italian, "Do you know the password for the computer in this commentator booth?" La prossima volta che sentite chiacchierare di sofisticatissime... Read more...
Late last week, it was revealed that a global spyware campaign was targeting politicians, activists, and journalists worldwide. Initially, the company behind the software for spying, NSO Group, was blamed for the data leak and supplying its software to authoritarian regimes. However, NSO Group has since rejected these claims to try and deflect rather than publicly investigate what has happened. Published yesterday, a news article called "Enough Is Enough!" was posted on NSO Group's website. Within this article, the company explained that the spyware concern was a "planned and well-orchestrated media campaign lead by Forbidden Stories" and then "pushed by special interest groups." Subsequently,... Read more...
You’ve got mail! Upon opening and reading an email, it is almost as if someone is looking over your shoulder and making notes about how you are reading, where you are, and what time you saw the email. However, email should be more private than it is, so privacy-focused company DuckDuckGo is introducing “email protection,” a new feature that will sift through your emails and pull-out trackers embedded within. When it comes to receiving an email, the sender or any companies in between can embed trackers into the email that allows ads to be targeted. However, other data could leak through this, such as your email address, which is not great for privacy. Thus, DuckDuckGo’s... Read more...
Just on the heels of Microsoft taking on the cyberweapons market and malware found targeting journalists and politicians, a new cyberweapon has been discovered in a similar fashion. Targeting thousands of activists, journalists, politicians, the piece of malware called Pegasus, from Israeli surveillance company NSO Group, could have been sold to authoritarian governments to monitor anywhere up to 50,000 people. Pegasus is a malware used to infect both iPhones and Androids to, according to NSO Group’s website, “detect and prevent terrorism and crime.” It can be used to steal messages, photos, emails, calls, and secretly record users. However, a recent leak of over 50,000 phone... Read more...
1 2 3 4 5 Next ... Last