Items tagged with Privacy

It does not seem Facebook will be able to catch a break this week after an accidental email revealed the company’s dismissive view of data leakage. The Silicon Valley social media company is facing a possible new leak after a researcher found he could link up to 5 million Facebook accounts to private email addresses daily. On Tuesday, a video made the rounds that showed a researcher, who remains anonymous, demonstrating a tool called “Facebook Email search v1.0.” This person explained to Ars Technica that as many as 5 million emails could be linked to Facebook accounts in a day, even if said emails were private on an account. Interestingly, the only reason we know of this leak... Read more...
Earlier this month, Facebook worked to downplay a data scraping operation that impacted nearly 533 million users on its social media platform. At that time, we viewed it as Facebook's attempt to simultaneously be evasive and attempt to save face. It seems this is legitimately Facebook's modus operandi; however, after an internal email explaining Facebook's long-term strategy involving the incident was accidentally leaked to a journalist.  Dating back to 2019, users' information, including names, birth date, gender, location, phone number, and email addresses, were available to be scraped off Facebook using a tool created by the social media company. While not all these pieces of data were... Read more...
Google is on a mission to crumble the third-party cookie infrastructure that the web is largely based on, as it relates to lucrative targeted advertising efforts, and rebuild things with an initiative called FLoC, or Federated Learning of Cohorts. Not without controversy, Google's FLoC ad-tracking has drawn an antitrust probe. In addition, WordPress has proposed treating FLoC as a security threat. Let's back up a moment, shall we? We covered what you need to know about FLoC, but to recap, it is part of an effort at Google to develop open-source "privacy-preserving technologies that make third-party cookies obsolete and enable publishers to keep growing their businesses and keep the web sustainable."... Read more...
Information scraping campaigns are becoming more prevalent, it seems, with LinkedIn recently losing data for 500m million users. Facebook also faced a similar issue with its phone contact search feature, which allowed malicious parties to collect over 500 million users' information. Another company, called Q Link Wireless, could be facing the same issue due to a misconfigured or poorly designed mobile app that could have leaked sensitive data. Perhaps it is time to take a hard look at what data is public and how users can access it. Q Link Wireless is a low-cost mobile provider that also works with the FCC on the Lifeline program to provide free cell phone service to low-income households. They... Read more...
Over the last week, we have reported on a Facebook data leak that released phone numbers, emails, date of birth, names, and more, impacting nearly 533 million users. This leak occurred in 2019 but recently came to light as it was being spread online for free, and Facebook did not handle the situation well. The social media company has now released a blog post explaining what happened, but is that enough, or is Facebook trying to shift the blame? Mike Clark, Product Management Director, penned a blog yesterday on Facebook's Newsroom explaining what was occurring with the leaked data. He stated that the data was not obtained through hacking but by "scraping it from [the] platform." Scraping... Read more...
It was recently revealed that the personal information of roughly 533 million Facebook users was leaked in August 2019. Unfortunately, Facebook has not provided a way to check if your personal information was compromised and has not stated whether it intends to do so in the future. However, there are a few third-party sources that can possibly confirm whether or not your information was part of the massive Facebook data leak. The information featured users' names, dates of birth, gender, location, listed places of work, phone numbers, and email addresses. Not all of the above information was leaked for each of the impacted users. Nevertheless, it is suspected that at least the phone number, Facebook... Read more...
As an iPhone user for the past several years, there have been times when I wished there was a way to side-load apps, without resorting to a process known as jailbreaking, which typically involves exploiting a vulnerability to to remove software restrictions. Well, guess what? It is not going to happen any time soon, or perhaps ever, considering Apple CEO Tim Cook's recent comments on the matter. It is an interesting topic, because side-loading gives way to third-party app stores. That would have all sorts of implications, not the least of which is potentially cutting into a major source of revenue for Apple, which collects a royalty charged to app developers (both for apps sold on the App Store,... Read more...
Personal data belonging to 533 million Facebook users has once again found itself leaked online, this time for free, which potentially opens it up to a lot more malicious eyeballs. That's not a good thing, obviously. In response, Facebook finds itself in damage control, posting the same tone-deaf response to multiple Twitter posts pointing to the leak. "This is old data that was previously reported on in 2019. We found and fixed this issue in 2019," Liz Bourgeois, Facebook's Director of Strategic Communications, posted several times in response to tweets linking to articles on the situation. We count at least five tweets with the same cringe-worthy response. It is true that it has been around... Read more...
Did you realize, or ever put much thought into the fact, that mobile applications can sneak a peek at what other programs you have installed on your smartphone or tablet? They can, leading to some privacy implications. To avoid those privacy implications, Google is implementing a new policy that will make it tougher for developers to bake that functionality into their apps. It may seem like no big deal on the surface, but there are reasons why you might not want a mobile app being able to see what other apps you have installed. Simple privacy is one. Beyond that, this sort of behavior can be extracted and sold for targeted advertising purposes. That kind of information could, in theory, also... Read more...
Earlier this year, Google announced the Federated Learning of Cohorts, or FLoC, which would improve user privacy around the web. While this has led to some scrutiny, such as a Department of Justice antitrust probe, it will hopefully bring a safe and responsible end to third-party cookies. The technology is now rolling out as part of a developer origin trial in Chrome. First and foremost, the uninitiated among us may be asking, “What is a cookie and what does it have to do with a flock?” Cookies are the means by which a website can track user sessions or data, such that you stay logged when you leave a website and come back to it later. Third-party cookies are a subset of cookies in... Read more...
We know both Android and iOS collect certain user data and beam it back to each one's respective mothe ship, some of which is necessary for the continued operation of a smartphone, and other a result of privacy opt-ins. But does one or the other go overboard? A new study would have you believe "Google collects around 20 times more handset data than Apple." Google's reply? Get out of here with that nonsense (we're paraphrasing—more on that in a moment). Like it or not, some level of data collection is simply required for today's high tech handsets, in order for features like GPS, receiving calls and text messages, and other core functionality to work. The question, however, is how much data... Read more...
Cell phones are a necessity in day-to-day life, allowing communications and access to numerous websites and accounts. Thus, losing access to a phone or text messages could be as bad, if not worse, than losing a credit card. Even more concerning would be if a hacker could intercept texts without the phone's owner even knowing, and it was entirely possible with $16 and some knowledge of a target. Now, cell carriers must shake things up to prevent this problematic issue from happening again. Earlier this month, Vice's Joseph Cox reported that a hacker had "swiftly, stealthily, and largely effortlessly redirected [Cox's] text messages to themselves," gaining access to apps such as Bumble, Postmates,... Read more...
Zoom has become one of the most popular video conferencing solutions for working and learning from home since the start of the COVID-19 pandemic. Given that the platform is so popular, it is not surprising that security flaws pop up from time to time. Subsequently, researchers from Germany have discovered a glitch in Zoom's screen-sharing feature, which could leak all sorts of data if captured. The glitch denoted as CVE-2021-28133, "sometimes allows attackers to read private information on a participant's screen, even though the participant never attempted to share the private part of their screen." This can happen when a specific window is being screen-shared, and a background application is... Read more...
Facebook boss Mark Zuckerberg is not a fan of Apple's upcoming privacy changes headed to iOS 14, which will give users more granular control over what personally identifiable information apps can collect and use. Er, correction—he was not a fan of them, but now apparently thinks they could put the largest social network on the planet in an even "stronger position." What changed? Nothing, really, other than his outlook, or at least what he is portraying as his outlook on the situation. If we back up several weeks, Zuckerberg tried to get out in front of Apple's privacy change by pinging Facebook users with pop-up messages saying the ability to track their activity will "provide a better... Read more...
Google could potentially face an antitrust lawsuit if the United States Depart of Justice ultimately determines its pivot away from supporting third-party tracking cookies gives it an unfair advantage in the lucrative online advertising space. Nothing has been determined either way, but there is apparently a probe into the situation. The issue at hand is Google's move away from allowing third-party cookies in its Chrome browser and replacing them with what it is calling the "Federated Learning of Cohorts," or FLoC for short. What exactly is FLoC? It is a way of tracking people via their cohort, or put more plainly, it is an algorithm that sorts people into groups of thousands of other people... Read more...
Today, Intel signed an agreement with the Defense Advanced Research Projects Agency (DARPA) to "perform in its Data Protection in Virtual Environments (DPRIVE) program." This means that the company will now be working on fully homomorphic encryption, dubbed the "holy grail" of cybersecurity or "the final frontier' in data privacy." Furthermore, Intel has announced a partnership with Microsoft to complete testing in the cloud and help drive the technology's commercial adoption. Fully homomorphic encryption (FHE) is a means by which data and privacy can be protected, but a computer can still use information. In essence, FHE allows encrypted data to be used in computing, and the decrypted output... Read more...
Recently, Facebook-owned WhatsApp has been on the hook for privacy and data tracking concerns. While the company is not backing down on the new policy, it is implementing new features which help with other concerns, such as cloud backups. At present, users can backup their conversations to the cloud, but they are not encrypted. This may be changing soon. Though we do not yet have an official announcement from WhatsApp, app beta-tester @WABetaInfo on Twitter has posted screenshots of the possible new feature for both Android and iOS. In both mobile OSs, a phone number and password are required to encrypt the data sent to the cloud. Moreover, the password will not be sent to WhatsApp and will remain... Read more...
Its widely understood that Google will collect data about people to customize and better-target ads for each person with a Google account. What you may not have realized is that the data gathered about you for tailoring ads is also only a Google search away, and you too can see what Google thinks it knows about you. A few days ago, TikTok user @yorgoandlea posted a video that has since amassed thousands of comments and hundreds of thousands of views. In the short video, she showed that all you need to do, to see what Google knows about your internet-connected travels and search activity, is perform a simple Google search for the text string “ads settings google.” The search will... Read more...
Remembering a bunch of different passwords for multiple websites can be difficult, and that is especially true if you are using hard-to-guess ones that mix letters, numbers, symbols, and capitalization, as is good practice. Password managers offer to handle the remembering part for you, and a for a long time, LastPass has been one of the most popular options. However, a security researcher says you should look elsewhere after discovering LastPass engages in "extremely questionable" tracking habits. The recommendation comes on the heels of LastPass announcing last week that it plans to hobble its free tier by making users choose between either "computers" or "mobile devices," rather than continuing... Read more...
When sending an email or message to someone, it is nice to know that the receiver got the message and read it. This is why we have read receipts in text messaging that gives senders a checkmark to say the receiver got the message. However, email clients for the most part do not have that functionality, at least not unless the recipient chooses to acknowledge a receipt request. This is the reason some email senders, especially in marketing organizations, add a "spy pixel," which raises some obvious privacy concerns. Spy pixels, email pixels, or tracking pixels are typically 1-pixel images hidden among email elements. They can be impossible to see by the average user, and even email security... Read more...
One would think that a company would learn from its mistakes after causing mass public outcry and departure from its platform. However, it seems that is simply not the case for WhatsApp, which has decided to plunge forward with its new privacy policy though it has since bled millions of users. According to a blog post that was uploaded yesterday, WhatsApp wants to put its privacy policy updates in the rearview mirror and push forward. In the coming weeks, the company will show an updated privacy policy to people that they can “read at their own pace.” WhatsApp then explained that people might go shopping around for other messaging apps, and some of the competitors may not be all they... Read more...
Billions of people worldwide use Android daily to learn, work, and play. As such, people have come to expect upgrades and improvements to the operating system over time. To make this happen, Google has started work on Android 12 and released a developer preview of the OS to get it polished before launch. With the developer preview launch, privacy and security are taking center stage alongside improved user experiences and compatibility features. Privacy And Security Privacy and security have become incredibly important to end-users in recent years, and Google seems to be listening. First in the list of new features is something called “Modern SameSite cookie behaviors in WebView,”... Read more...
1 2 3 4 5 Next ... Last