Items tagged with Privacy

The data collection business is a problem that affects anyone who uses a smartphone. Previously, we have seen data purchased that can track users to their doorstep, which is quite concerning in and of itself. Now, it is rumored that government agencies have been buying similar data in place of getting warrants through the proper channels. Both the Department of Homeland Security (DHS) Inspector General and ALCU are investigating these claims to validate and prosecute if true. Over the past several months, a team of U.S. Senators headed by Ron Wyden (D-Ore) have been investigating claims that federal agencies have been tracking American citizens without warrants. Among the team was former Presidential... Read more...
Controlling where your data goes is vital in online safety and security. Unwanted data leakage and breaches are the bane of an online person’s existence, and Google is looking to make the privacy more manageable. In the next few weeks, Google will be rolling out toggle controls for Gmail's smart features and personalization. Smart features, such as smart compose, smart reply, or reminders in Google Assistant for things are part of the incredibly useful toolkit Google provides. Being able to toggle them on and off is not new either, but it used to be more complicated. Following user privacy and user data control trends, Google is now making the choices and toggles easier to understand and... Read more...
One of the most popular features of apps like Snapchat is messages that disappear after a set period of time. Whether you are sending lewd messages or sensitive information, self-destructing messages can protect against images and information leaking out. Recently, WhatsApp released information about "Disappearing Messages"; its own take on self-destructing messages. This functionality has some odd caveats but could be helpful for people using the Facebook-owned messaging service. Disappearing Messages would work how you would generally expect once the feature is enabled. When a chat with a group or an individual has the feature turned on, messages will automatically disappear after a certain... Read more...
Most smart device users are accustomed to needing to activate their smart assistant through a “wake” word. How would users feel if this inconvenience could be eliminated? Google is reportedly working on allowing users to merely approach their Nest Hub to activate the device. The feature is codenamed “Blue Steel” and appears under “Dogfood Features” in the Nest Hub Max settings. It is unclear how exactly Blue Steel functions, but some have argued that it takes advantage of the Google Nest Hub’s ultrasound sensing technology. This technology uses ultrasonic pulses to sense activity. Others theorize that Blue Steel is utilizing the Nest Hub’s camera... Read more...
When you are arrested for an alleged crime, police are supposed to issue a Miranda warning (often referred to as Miranda rights), letting suspects know they have the right to remain silent and anything they say can be used against them in a court of law. Well, guess what? Your search history can damning as well, and Google finds itself in another privacy controversy after assisting law enforcement with the identifies of people who searched for a specific keyword phrase. Let's back up a moment. Two months ago, police issued warrants for and ultimately arrested three associates of singer and accused sex offender R. Kelly, for "crimes relating to their efforts to harass, intimidate, threaten, or... Read more...
When it comes to troublesome data breaches, this one is pretty significant, and it comes from a surprising company. The company in question is Microsoft, which left one of its backend servers that runs the Bing mobile app wide open. As a result, over 6.5TB of log files were leaked into the internet that contained a treasure trove of user search data. Inexplicably, Microsoft staffers left the Elasticsearch server online without any kind of password protection from September 10th through September 16th. This lapse in security by Microsoft was discovered by Ata Hakcil, who is a white hat hacker from the WizCase online security team. The data that was exposed comes primarily from Microsoft's... Read more...
Private threat analysis and mitigation company, HYAS, is buying user data from phone apps to try to track hackers. A major side-effect of this, though, is that regular users are possibly being ensnared and HYAS claims they can track people to their “doorstep.” The collection of user data has long been a problem for everyone. Only recently was TikTok discovered collecting user data, which put their parent company, Bytedance, under scrutiny. By and large, the data collected is anonymous. However, when it is not collected anonymously, it can be used to track specific people accurately. HYAS, the threat intelligence company, is now offering tools to track people for threat intelligence... Read more...
In 2013, Edward Snowden released information on the U.S. Government regarding the mass surveillance and aggregation of data in America. Now, a U.S. Appellate Court has deemed the mass surveillance unconstitutional and thus illegal. As Reuters reported, “the U.S. Court of Appeals for the Ninth Circuit said the warrantless telephone dragnet that secretly collected millions of Americans’ telephone records violated the Foreign Intelligence Surveillance Act and may well have been unconstitutional.” This is a win for both Snowden and people and groups against government surveillance. After fleeing persecution and ending up in Russia, Snowden is still following the situation. Yesterday,... Read more...
In 2020 we are all too familiar with incidents in which private companies sell user data. Many of us are less familiar with the ways that public entities can also sell and circulate data. It was recently revealed that the California Department of Motor Vehicles (DMV) frequently sells drivers’ data to private investigators, bail bondsmen, and other companies. Motherboard recently obtained a document through the California Public Records Act that lists 98,000 businesses and institutions that have accessed DMV data. This information can include driver's name, home address, email address, ZIP code, date of birth, phone number, etc. These entities ranged from trucking companies to private investigators... Read more...
The debate over whether smartphone owners should be legally compelled to involuntary unlock their handsets for law enforcement rages on, and advocates that they should just scored a key victory in New Jersey. In a 4-3 vote, the New Jersey Supreme Court ruled that a former police office accused of tipping off a gang member via text messaging is not protected by the Fifth Amendment, and must unlock his phone. Robert Andrews was at one time an Essex County sheriff's officer. Prosecutors allege he had ties with a street gang member named Quincy Lowery, a suspected drug dealer who was ultimately arrested in 2015. Lowery told prosecutors that he had communicated with Andrews about the investigation... Read more...
Serving as yet another reminder that whatever you put out there in the online world should be assumed to exist forever, it was discovered that Instagram (owned by Facebook) was not wiping deleted content from its servers like it was supposed to be doing. The discovery led to a $6,000 payday for the security researcher who discovered the flaw and submitted it to Instagram's bug bounty program. Normally when you delete something from an online service, like a video or a post, it still remains on the service's servers for a period of time. According to Instagram, it takes around 90 days for deletions to be wiped from its systems for good. Or at least that is how it applies to wholesale account deletions,... Read more...
Security researchers recently discovered multiple vulnerabilities within certain Amazon domains that could have allowed an attacker to access sensitive Alexa data, including voice histories and personal data, before they were fixed. A hacker would have also been able to install and remove skills from a targeted Alexa-enabled device, of which over 200 million have been sold globally. As if that is not concerning enough, the attack only required a single click by a user on a malicious link crafted by the hacker, and voice interaction by the victim, according to security researchers at Check Point. At that point, the hacker(s) would be able to access the target's personal information, including... Read more...
App makers are going to have to rethink things when iOS 14 arrives, because the next version of Apple's mobile operating system has a privacy feature that likes to tattle on certain behaviors. We have seen this a few times already, with the iOS 14 beta—notably, the beta revealed TikTok and a few other apps were sneakily accessing clipboard data on iPhone devices. Now Instagram is finding itself under the spotlight for a supposed bug that is causing the camera to stay on even when users are simply scrolling through their feeds. Instagram (owned by Facebook) obviously needs to access to the camera at certain times, because it's a photo and video sharing service. But some users of the iOS... Read more...
For many people around the world, a common way to protect their privacy and prevent anyone from watching them when they're not aware is to cover the camera lens on their notebook or desktop. People cover lenses of their webcams with all sorts of materials, including tape and other coverings. However, Apple has warned users not to close their MacBook, MacBook Air, or MacBook Pro with certain types of camera covers installed. Apple reminds users that it designed Mac computers to protect their privacy with an indicator light tell users when the camera is on. If the Mac is closed with a camera cover installed, there is a chance that the display could be damaged because the clearance between the screen... Read more...
App stores are imperfect places, and serving as a reminder of this, a cybersecurity firm based in France alerted Google to the discovery of over two dozen malicious Android apps hanging out in the Play Store. Fortunately, Google was quick to banish the apps. However, if you already have any of them installed, you should wipe them from your phone or tablet right away. In this case, the apps are prone to stealing your Facebook login credentials. "When an application is launched on your phone, the malware queries the application name. If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you... Read more...
Earlier this week, TikTok found itself in hot water for snooping clipboard data on iPhone handsets, which it tried to justify as a fraud detection feature. Following the backlash, TikTok said it would patch out the behavior. Fantastic, but are there other mobile apps that do the same sort of thing? There is at least one, and that app is LinkedIn. This kind of unwanted behavior has come to light because of a change Apple made to its upcoming iOS 14 update. While not yet being pushed out to the public at large, iOS 14 is available as a beta release, and it sports a new privacy function that tattles on apps that poke their heads into clipboard data. That is how TikTok was caught, and now LinkedIn.... Read more...
Ever find yourself wondering how many times Facebook will drop the ball when it comes to data privacy? The answer is at least one more time, apparently. In a blog post, Facebook admitted it uncovered a flaw that allowed thousands of third-party app developers to access data that they should not have been able to. You may recall that Facebook co-founder Mark Zuckerberg sat before Congress and answered a bevy of questions about data collection practices, privacy practices, and so forth, after the whole Cambridge Analytica scandal. Zuckerberg has gone on record multiple times saying government regulation of these things is not necessarily a bad idea. One of the criticisms he faced when answering... Read more...
Yesterday, we brought you news that the TikTok app has been doing some shady things behind the scenes with devices running iOS. Following the release of the first iOS 14 beta, it was discovered that TikTok was pinging the system clipboard constantly and pasting that data for its own use. Without the steady stream of pop-up notifications about clipboard access being presented to endusers -- which is a new feature in iOS 14 to help spot any potential privacy violations -- most people wouldn't have even known about TikTok's nefarious behavior, which developer ByteDance said was in place to "identify repetitive, spammy behavior." However, this isn't the first time that the TikTok app has... Read more...
TikTok has taken the world by storm as people of all ages uses the social networking platform to share videos. People use the platform to lip-sync to their favorite songs, perform short skits, or any number of humorous hijinks that the platform has been recognized for over the past year. It’s become a blockbuster app that is especially popular with the young adults. However, users have raised privacy concerns about the app ever since it launched in the United States, with many questioning whether the Chinese government was somehow using the app to spy on Americans. Today, TikTok isn’t doing itself any favors in assuaging those fears after it was found that the app has been accessing... Read more...
The main draw of using WhatsApp is enhanced privacy through end-to-end encryption, followed by its popularity—more than 2 billion people in over 180 countries use the instant messaging service. This also makes privacy and security lapses all the more glaring, when they are found. And according to a security who unsuccessfully tried to collect a bug bounty, there is a "privacy issue" that needs addressed. At the center of the issue is the application's 'click to chat' feature. "WhatsApp's click to chat feature allows you to begin a chat with someone without having their phone number saved in your phone's address book. As long as you know this person’s phone number and they have an... Read more...
Google faces a proposed class action lawsuit seeking at least $5 billion in damages over its data collection policies tied with its Chrome browser, and specifically the browser's Incognito mode. According to the lawsuit, Google engages in "surreptitious tracking" by collecting browser histories and other web activity "no matter what safeguards consumers undertake to protect their data privacy." Part of what makes the lawsuit interesting is it alleges Google is running afoul of federal and California state laws on wiretapping. "Google must be held accountable for the harm it has caused to its users in order to ensure it cannot continue to engage in the covert and unauthorized data collection from... Read more...
Is your smartphone’s lock screen protected by the 4th Amendment of the United States Constitution? A recent court case in Washington state argued that activating a person’s lock screen could potentially count as a “search”. Lock screens are therefore protected from “unreasonable searches and seizures” and law enforcement must have a search warrant. The court case focused on the constitutional rights of Joseph Sam. Sam was arrested by officers from the Tulalip Police Department in May 2019. One of the officers powered on Sam’s Motorola smartphone. The officer did not attempt to unlock the device or force Sam to do so. The Federal Bureau of Investigation... Read more...
1 2 3 4 5 Next ... Last