Items tagged with Privacy

Everyone who uses an Android phone has probably had some security-conscious acquaintance ask, "don't you know how much data your phone is harvesting?" Most of us shrug it off as one of the unavoidable circumstances of modern life: you want a smartphone, you deal with data harvesting. Still, some folks aren't so willing to make that sacrifice. A new collaborative study from the University of Edinburgh in Scotland and Trinity College Dublin in Ireland tested Android-based phones from Samsung, Xiaomi, Huawei, and Realme as well as handsets running LineageOS and the open-source, privacy-focused /e/OS. The study found that "even when minimally configured and the handset is idle, the vendor-customized... Read more...
Mozilla’s Firefox is generally considered a safe, privacy-centric browser. However, a change to the default configuration of a relatively new feature may change some users' minds. Firefox is now sending keystrokes, location info, and more back to Mozilla. Thankfully, there is a way to disable some of this, which we will get to shortly. In Firefox version 92, Mozilla enabled its “Firefox Suggest” feature by default, a significant change from the feature's initial launch back in September. According to a Mozilla blog post, “Firefox Suggest” is a “new discovery feature that is built directly into the browser” that provides suggestions based on what... Read more...
Wondering if Mark Zuckerberg and the gang at Facebook are reading your encrypted WhatsApp messages? The social networking site insists it does not, as end-to-end encryption is what keeps everything private. Nevertheless, if you send a message through WhatsApp, it could still end up being read by a Facebook moderator. How so? End-to-end encryption basically means your data (messages, in this instance) gets scrambled in a way that appears as though it just a random mess of characters. There is a logical order, but unlocking the mystery requires a key, which only the sender and receiver possess. It's virtually unreadable to digital snoops, and that is the main appeal of WhatsApp. Earlier today,... Read more...
Hidden cameras in a private space, such as a bedroom or bathroom in an unfamiliar place like an Airbnb or other rental property, are a nightmare for most people. However, hacker and cybersecurity researcher Marcus Hutchins, better known as MalwareTech, posted a short video to TikTok explaining how to detect hidden cameras within an Airbnb or hotel. Using his simple tricks along with some of our own, it is easy to keep your privacy at home and away. Earlier this week, Hutchins posted a short video explaining “How to find hidden cameras in AirBnBs” as part of his TikTok Q&A series. The first tip Hutchins mentions in this video is that you should keep an eye out for devices... Read more...
Apple announced this morning that it would delay a planned rollout of new protections aimed at minimizing the spread of Child Sexual Abuse Material (CSAM). The move comes after the company received high-profile backlash for the initiatives, and Apple executives even admitted that the initial messaging was bungled. "Last month, we announced plans for features intended to help protect children from predators who use communication tools to recruit and exploit them, and limit the spread of Child Sexual Abuse Material," said Apple in a statement. "Based on feedback from customers, advocacy groups, researchers, and others, we have decided to take additional time over the coming months to collect input... Read more...
Artificial Intelligence is a tricky business, as with anything in life, with great power comes great responsibility. On the one hand, AI can power autonomous vehicles or help usher in more secure computing platforms. On the other hand, for example, now it appears it's possible to end up being jailed due to questionable AI-based evidence. This is precisely what happened to 65-year-old Michael Williams when he was arrested last August, after being accused of killing a young man in his neighborhood who asked for a ride during a night of community unrest, due to a reported police brutality incident. In 2018, the city of Chicago entered a $33 million contract with ShotSpotter, a network of surveillance... Read more...
T-Mobile is now investigating a massive customer data breach claim that could affect up to 100 million users. The leak, which appeared on a leak and database selling forums on Saturday, claimed to have 30 million unique social security numbers and driver's license information. In the samples provided, it also appears that birthdates, phone numbers, state, and zip codes are included. The asking price for these records began at a whopping 6 Bitcoin (~$277K), but has since dropped to only $200 for everything. After the data was checked, Vice reached out to the alleged data thief, who explained that the data was "T-Mobile USA. Full customer info." It was also mentioned that the remaining 70... Read more...
Following call center company Teleperformance allegedly forcing employees to undergo AI camera surveillance, Amazon wants to monitor its own customer service employees. Soon, Amazon could use a system that captures all workers' keystrokes to run behavioral analysis and prevent malicious hackers or imposters from stealing data. In a confidential document acquired by Motherboard, Amazon reports that there have been several cases of customer data being accessed around the world. India ranks at the top of the list, with 120 security incidents, followed by the Philippines with just under 70, and the U.S. with approximately 40 security incidents. While each of these incidents are not explained,... Read more...
If you thought Amazon wanting drivers to submit to biometric surveillance was bad, these recent revelations take the cake. Colombia-based call center workers, who perform outsourced customer services for some of the largest companies in the US, are now reportedly being pressured into signing a contract allowing their employer to install cameras in their homes to monitor work performance. Teleperformance is one of the world’s largest call center companies with nearly 400,000 employees and clientele, including Apple, Amazon, and Uber, among others. Now, in a new ground-breaking report from NBC, six workers for the Colombian company, even working on contracts for these companies, have come... Read more...
Yesterday, Apple previewed new child safety features to protect children from predators and limit the spread of Child Sexual Abuse Material (CSAM). While these features, which were developed in conjunction with child safety experts, sound great, they also open the door to future privacy issues. The first major part of the child safety updates regards communication in Messages, Apple's popular messaging app. For example, when there is receipt of sexually explicit photos, "the photo will be blurred and the child will be warned, presented with helpful resources, and reassured it is okay if they do not want to view this photo." If the child decides to view the content, their parents will then be... Read more...
Which do you prefer when browsing the web—raw speed or a combination of security and privacy? Generally speaking, modern browsers deliver the whole kit and caboodle, which is the way it should be. That said, Microsoft is testing a new "Super Duper Secure Mode" for its Edge browser that puts more of an emphasis on the latter. Or to put it another way, an experimental feature in Edge sacrifices a bit of speed to make the browser more secure and to enhance user privacy. It does this by tooling around with the V8 JavaScript engine that motors the Chromium foundation of Edge. Microsoft's reasoning for experimenting in this manner is because "JavaScript engine bugs are a mainstay for attackers."... Read more...
Facebook is reportedly pouring resources into research that would potentially allow it to analyze encrypted messages without actually decrypting the data, so that it can serve up targeted ads based on private communications. The technique is called homomorphic encryption. Should users of WhatsApp, the secure instant messaging service owned by Facebook, be concerned? WhatsApp boss Will Cathcart says no. WhatsApp is popular because its end-to-end encryption scheme renders messages unreadable by anyone outside of the sender and recipient. So even if the data is intercepted, it would just be a bunch of garbled text to the hacker, who would need a decryption key to make sense of it all. Homomorphic... Read more...
Legislators worldwide have had a microscope on Amazon for some time now, and it seems a weakness has been found. The European Union recently slapped the world’s largest e-tailer with the biggest-ever privacy violation fine of a whopping 746-million euro ($888 million). On July 16th, CNPD, or the Luxembourg National Commission for Data Protection, handed down the fine after a decision that blamed Amazon for processing personal data in a way that did not comply with EU General Data Protection Regulation (GDPR). The imposed fine of “€746 million and corresponding practice revision” was subsequently reported in a recent SEC filing from Amazon, where it was also noted that the... Read more...
In the past, there have been some big slip-ups when commentators did not know that they were on-air and began speaking their mind to other people. This seems to have happened again at the Tokyo Olympics when an Italian TV announcer did not realize he was live on-air when he asked for his computer password. Posted to Twitter yesterday by cybersecurity associate professor Stefano Zanero from the Polytechnic University of Milan, the clip has amassed thousands of likes, retweets, and views. In the video during the Turkey-China volleyball game, the announcer asked, in Italian, "Do you know the password for the computer in this commentator booth?" La prossima volta che sentite chiacchierare di sofisticatissime... Read more...
Late last week, it was revealed that a global spyware campaign was targeting politicians, activists, and journalists worldwide. Initially, the company behind the software for spying, NSO Group, was blamed for the data leak and supplying its software to authoritarian regimes. However, NSO Group has since rejected these claims to try and deflect rather than publicly investigate what has happened. Published yesterday, a news article called "Enough Is Enough!" was posted on NSO Group's website. Within this article, the company explained that the spyware concern was a "planned and well-orchestrated media campaign lead by Forbidden Stories" and then "pushed by special interest groups." Subsequently,... Read more...
You’ve got mail! Upon opening and reading an email, it is almost as if someone is looking over your shoulder and making notes about how you are reading, where you are, and what time you saw the email. However, email should be more private than it is, so privacy-focused company DuckDuckGo is introducing “email protection,” a new feature that will sift through your emails and pull-out trackers embedded within. When it comes to receiving an email, the sender or any companies in between can embed trackers into the email that allows ads to be targeted. However, other data could leak through this, such as your email address, which is not great for privacy. Thus, DuckDuckGo’s... Read more...
Just on the heels of Microsoft taking on the cyberweapons market and malware found targeting journalists and politicians, a new cyberweapon has been discovered in a similar fashion. Targeting thousands of activists, journalists, politicians, the piece of malware called Pegasus, from Israeli surveillance company NSO Group, could have been sold to authoritarian governments to monitor anywhere up to 50,000 people. Pegasus is a malware used to infect both iPhones and Androids to, according to NSO Group’s website, “detect and prevent terrorism and crime.” It can be used to steal messages, photos, emails, calls, and secretly record users. However, a recent leak of over 50,000 phone... Read more...
Audacity sparked quite the firestorm over the weekend after the scope of changes to its privacy policy were revealed to the broader public. The changes came after Audacity was acquired by Muse Group earlier this year. Some of the key sticking points that alarmed users of the audio editing program were that while customer data is hosted primarily in the European Economic Area (EEA), it could "occasionally" be shared with Audacity's main office in Russia (and the United States). In addition, Muse Group explained that customer data could be shared with "any competent law enforcement body, regulatory, government agency, court, or other third-party." Audacity currently has amassed over 100 million... Read more...
For the past two decades, Audacity has built and maintained a following as a capable and free audio editing program. Being a no-cost solution is a big draw, and so are a coupe of other attributes—it's an open source program, and available on multiple platforms (Windows, macOS, GNU/Linux). Some users are starting to sour on it, however, accusing the new owner of turning it into a spyware vehicle of sorts. Audacity changed hands in April when it was acquired by Muse Group for an undisclosed sum. At the time, Martin Keary, head of design at MuseScore, an open source notation program owned by Muse Group as well, offered up some encouraging comments about the deal. Keary is the one who is now... Read more...
If you have been on the internet for any length of time, there is a pretty good chance that at least some of your personal information is out there in a database. However, if you happen to use LinkedIn, these odds have now gone significantly up. Some malicious people have managed to scrape information like phone numbers and emails for millions of accounts from the business networking site and are now selling it online. On June 22nd, "GOD USER" TomLiner posted to popular hacking and leak trading site RaidForums, explaining that he had collected 700 million LinkedIn records from this year. These records have been verified to include full user names, birthdays, social media handles, email addresses,... Read more...
Ensuring accounts are secure is an important part of being online, as there are always people out to try and get you. This is especially true for app developers who may be targeted for the data they do or could possess. Thus, Google is introducing new security measures for developers to help strengthen accounts and better understand their needs. The first new security measure Google is implementing is new identification requirements when creating a new Google Play dev account. As of now, Google only asks for an email address and phone number; however, this update will add account type, contact name, physical address and will also require users to verify their email and phone number. This information,... Read more...
As the push for privacy ramps up, user data collection is beginning to drop, starving people and organizations of useful information for legitimate purposes like research. To combat this, Mozilla has created Rally, a tool that allows users to selectively “contribute their browsing data to crowdfund projects for a better Internet and a better society.” The primary concern one would have with Mozilla Rally is privacy, but as Mozilla states, it is “Built for the browser with privacy and transparency at its core,” allowing users to control and contribute any browsing data they generate. If this manages to take off, the crowdsourced data will be used to “help understand... Read more...
1 2 3 4 5 Next ... Last