Items tagged with Privacy
At this point in time it is no secret that the United States National Security Agency (NSA) is able to access citizen’s phone calls and text messages. But has the NSA’s various surveillance programs yielded any results? It was recently revealed that the USA Freedom Act of 2015 has cost taxpayers over $100 million USD but has only led to one noteworthy investigation. The USA Freedom Act of 2015 was originally passed to modify the controversial Patriot Act. One of the purposes of the act was to limit the amount of data that the NSA received from telecommunication companies like AT&T and Verizon. However, these telecommunication companies continued to share mass amounts of data,...
Read more...
A few days ago, some Samsung device owners reported receiving a mysterious "1/1" push notification on their smartphones, from the company's Find my Mobile app. Initially, Samsung explained it as a "message sent unintentionally during internet test[ing]" and said there was "no effect" on user's devices. However, Samsung now admits the notification compromised personal data belonging to a "small number" of users. The notification itself was rather benign, and the result of a "technical error." That should have been the end of it. Unfortunately, some users discovered that when they went into their Samsung accounts to change their passwords (erring on the side of caution), they could see other people's...
Read more...
WhatsApp is popular because its end-to-end encryption gives users warm fuzzies over the privacy and security of their chats. However, the chat messaging application might not be quite as secure or private as you thought (or at least that was the case). That's because Google had been indexing links to group chats, which in turn allowed any Joe or Jane to join and see potentially private information. Apparently this had been going on for several years. As a result, there were hundreds of thousands of indexed chat group links on the web, all of which were a simple Google search away. Your WhatsApp groups may not be as secure as you think they are. The "Invite to Group via Link" feature allows groups...
Read more...
Another day, another data privacy flub, and this time it's from Google. Google Takeout is a service that allows users to download their data from Google apps as a backup or to use it with another service. That sounds good on the surface until, somehow, Google managed to send backed up videos to unrelated users. Google began warning users of impacted accounts this week. Google is calling sending videos to the wrong person a "technical issue," and the letter sent to users notes that between November 21-25, 2019, anyone who requested a backup could have had videos in Google Photos "incorrectly exported to unrelated users' archives." A letter sent out to some users didn't specify how many videos...
Read more...
Earlier this week, we reported that Avast was under fire for its data privacy policies (or lack thereof) for its free antivirus software. Through its subsidiary Jumpshot, Avast sold vast amounts of user data to big name customers like Google and Microsoft (among others). Although Avast claimed that the data that it obtained and transmitted to these companies via Jumpshot was "fully de-identified and aggregated", it was rather easy to piece the data together including a user's device ID, time stamps, and other pertinent details to track a person across the web. "Maybe the (Jumpshot) data itself is not identifying people," said privacy researcher Gunes Acar earlier this week in reference...
Read more...
The University of Missouri (MU) is deploying a new student tracking application that runs on a smartphone. The app, SpotterEdu, is designed to measure and enforce class attendance. Reports indicate that the tracking app is required for all student-athletes, but is optional for all other students. MU says that participation was offered to fewer than 2% of MU students during the pilot phase and is completely optional. For students who don't want to check-in using the app, they can use an alternate method, like signing an attendance sheet. SpotterEDU is an app that was developed by a former basketball coach, and can monitor attendance by pinpointing students in the classroom and...
Read more...
Facebook founder and CEO Mark Zuckerberg published an article today that says one of the main goals of the social network in 2020 is to build "much stronger privacy protections for everyone on Facebook." Zuckerberg says that Facebook knows it has a lot of work to do in that realm, which is why it's making it a priority not only for the teams at Facebook but for Zuckerberg personally. Since today is Data Privacy Day, Zuckerberg says that he wanted to share some of the work his company is doing to give users more control over privacy both on and off Facebook. Over the next few weeks, Facebook will start showing nearly 2 billion people around the world a prompt encouraging them to review privacy...
Read more...
Tinder does not have the most stellar reputation when it comes to their users’ physical safety. Although there have been many people who have safely used the app, there have also been several users that have been physically harmed by their Tinder dates. Tinder recently implemented a panic button and artificial intelligence technology to help keep their users safe. However, it was also discovered that these security measures may be sharing your information with third-parties. Tinder has teamed up with Noonlight, a safety platform and mobile app, to offer a panic button and catfish detection AI. The panic button allows users to quietly contact an emergency dispatcher. Users will be able to...
Read more...
Up until last month, an anti-tracking featured introduced to Apple's Safari browser in 2017 actually left users potentially more susceptible to being tracked by hackers due to multiple vulnerabilities discovered by Google's engineers. Fortunately, Apple patched the security holes in December, though it's a bit of an unsettling situation. The feature in question is called Intelligent Tracking Prevention. It leverages a machine learning model to classify which top privately-controlled domains are able to track users from one site to another, based on a set of collected statistics. If the site is one the user frequently visits, it is allowed to perform cross-site tracking. But if it's a site the...
Read more...
Microsoft is coming under fire for a breach in customer privacy after it was revealed that the records of 250 million customers were exposed late last year. The data leak was initially reported on by security firm Comparitech, which found the information spread across five Elasticsearch servers. According to Comparitech, all five servers contained identical information from the 250 million customer records. The scope of the data unearthed was vast, covering a time period spanning from 2005 through December 2019. And what's even more unsettling is that this information was publicly indexed, meaning that anyone could access the information. Information that was exposed included customer email addresses,...
Read more...
Apple and the FBI have clashed over encryption policies on numerous occasions, with the latter pressuring the former to build a backdoor into iOS to make it easier for authorities to crack into locked iPhone handsets. To this point, Apple has not wavered, or so we thought. New information suggests Apple had planned to support fully encrypted iCloud backups, but relented after objections from the FBI. In case you have not been following this saga, Apple and FBI butted heads publicly following the deadly San Bernardino shooting in late 2015. The FBI recovered an iPhone 5C that belonged to one of the terrorists involved in the shooting, who was killed in a showdown with police. It then sought Apple's...
Read more...
Apple has found itself in trouble more times than we could count over privacy issues with its iPhones and other products. Apple recently issued an iOS 13.3.1 beta that is aimed in part at patching a flaw in location tracking on the iPhone 11 and iPhone 11 Pro. Apple had promised to bring a toggle switch to allow customers to turn off this tracking feature specifically. The toggle can be found in Privacy > Location Services > System Services, and it is labeled "Networking & Wireless." Apple warns that turning off location services for Networking & Wireless could affect Bluetooth, Wi-Fi, and ultra wideband performance. Those particularly concerned about having their location tracked...
Read more...
In a recent post to Twitter, President Donald Trump offered up harsh criticism on Apple's policy of refusing to "unlock phones used by killers, drug dealers, and other violent criminals," which boils down to a fundamental argument over privacy and encryption, and the iPhone maker's resistance to building a backdoor into iOS. Apple's stance drew widespread attention following the shooting by a pair of San Bernardino terrorists a few years ago. Authorities had recovered an iPhone 5C that belonged to one of the shooters, but he perished in the gunfire during a confrontation with police. Initial attempts to bypass the iPhone's security to unlock the handset were unsuccessful, leading to a legal showdown...
Read more...
Starting next month, Google will tighten the controls on its Chrome browser by limiting cross-site tracking, and within the next two years, it plans on eliminating third-party cookies from the equation. These and other steps are part of a larger initiative Google is calling "Privacy Sandbox," which entails open standards to enhance user privacy when surfing the web. "Our goal for this open source initiative is to make the web more private and secure for users, while also supporting publishers," Google said. On the surface, getting rid of third-party cookies may seem to go against the latter part of that statement, but Google believes there is a better way of satisfying both users and publishers....
Read more...
