One of the greatest of these threats to privacy is in the form of
Supermarket Discount Cards. But
in the past, big companies have been known to toss privacy out the window when there is
money to be made. Historically:
A certain delivery company stated that it would never sell the database
of digitized signatures collected when it started using electronic pads — and
then, some years later, did exactly that.
Companies with very rigorous privacy policies, having collected
significant amounts of personal customer data, have gone bankrupt, and the
files have been offered for sale.
Intruders have broken into companies and stolen personal information from computerized
files — or even planted backdoors and logging/reporting software in their
systems.*
Note: The material
about RFID chips has
been moved to another page.
Marketing
firm admits using your own phone to listen in on your conversations. Your long-held
suspicions are confirmed, according to a report: Your phone really is listening to you.
A marketing firm whose clients include Facebook and Google has privately admitted that it listens
to users' smartphone microphones and then places ads based on the information that is picked up,
according to 404 Media. Cox Media Group, the television and radio news conglomerate, admitted
in a pitch deck to investors that its "Active Listening" software uses artificial intelligence to
"capture real-time intent data by listening to our conversations," according to the report.
"Advertisers can pair this voice-data with behavioral data to target in-market consumers," the
company wrote in the pitch deck.
Microsoft
Announces Feature That Saves a Screenshot of Your Computer Every Few Seconds. What Could Go
Wrong? Attempts to normalise ever more intrusive 'SMART' technologies have taken a
concerning turn with Microsoft's recent announcement of the Recall feature planned for its Copilot+
Windows 11 PC range. Whilst not marketed as a surveillance capability, a system which
automatically takes a screenshot of the user's activity every few seconds, and saves it as a
permanent record, opens up worrying possibilities. Microsoft's argument for this capability
is that it avoids people having to remember where they put a file, or which webpages they were
viewing, and by scanning these stored images with machine learning algorithms, and by utilising the
capabilities of Large Language Models, Recall can help users to 'recall' those things which most
people can remember whilst relying solely on that hardware which resides inside their own skulls.
The Editor says...
This new feature will never be made available to the police or the FBI. Unless they ask.
Target
Illegally Collects Customers' Biometric Data, Class Action Lawsuit Alleges. Retail
giant Target illegally collected and stored customers' biometric data, including face and
fingerprint scans, according to an Illinois woman who filed a class action lawsuit against the
Minnesota-based company on behalf of herself and other customers. Arnetta Dean alleges Target
violated Illinois' Biometric Information Privacy Act (BIPA) by collecting customers' data without
obtaining written consent or sharing data retention and destruction policies. The lawsuit,
filed on March 11 in the Circuit Court of Cook County, Illinois, also claims the company did
not provide the necessary disclosures or allow customers to opt out of the data collection practices.
Yes,
Your Car Is Spying on You and the Data Is Being Sold. I drive an older car —
a Lexus LS430 from 2005, so I can rest assured of two things: an amazingly comfortable ride and
that the tech in my vehicle is way too old to collect data to be sold online. You, however, may
not be so lucky. Some late-model cars are secretly collecting data on your driving habits, and
selling the results for profit. [Tweet] Not only is this practice super creepy, but it
could be costing you money and, if what I suspect is the case, giving the government a window into
your behavior. [...] Of course, I am kidding myself when I think I am safe from this sort of
spying. I have a smartphone. It is probably listening to my every word and saying it
to Google. If OnStar can generate a 258-page report on some guy's driving habits, who knows
what Google has on me.
The Editor says...
Unless the data is harvested during my car's annual state inspection, I don't know of any way
the manufacturer could get access to it, because my car hasn't been back to the dealership but one time
since the year I bought it. (And that was the time the dealership lied about the state of the car
in order to avoid replacing an expensive part that was still under warranty.)
Canadian
vending machines were secretly using facial recognition software; nobody would have known except
for a display error. A vending machine at the University of Waterloo malfunctioned
and displayed a rather worrisome error to the users. No one was aware that the vending
machines, which sold snacks like chocolate bars and chips, were using facial recognition software.
'We wouldn't have known if it weren't for the application error. There's no warning here,'
said River Stanley, a fourth-year student, who investigated the machines for an article in the
university publication, mathNEWS. As news of the facial recognition software error spread
around campus, students started covering a small hole on the machines where it was suspected that
the camera was housed. Stanley said.
Your
washing machine could be sending 3.7 GB of data a day. An LG washing machine owner
and self-confessed fintech geek has asked the Twitterverse why his smart home appliance ate an
average of 3.66 GB of data daily. Concerned about the washer's internet addiction, Johnie
forced the device to go cold turkey and blocked it using his router UI. Had the LG washer been
hacked, hijacked, or otherwise tampered with over the net — or is this the average data
consumption for a modern smart appliance? [Tweet]
Your
smart speaker data is used in ways you might not expect. Smart speakers offer amazing
convenience — from playing your favorite tunes to re-ordering toilet paper —
with only a simple voice command. But that convenience can come with a steep cost in privacy
that many consumers aren't even aware they're paying. We've all had the uncanny experience of
searching for something on the internet and then suddenly ads for that very thing are popping up
everywhere we look online. It's no coincidence, said Umar Iqbal, an assistant professor of
computer science and engineering at the McKelvey School of Engineering at Washington University in
St. Louis. "My collaborators and I uncovered that Amazon uses smart speaker interaction
data to infer user interests and then uses those interests to target personalized ads to the user,"
Iqbal said. "That's something that Amazon was not upfront about before our research."
How
to tell if your boss is spying on you. Did you know that your boss can watch what
you're up to when you're working, especially if you're using the company's equipment or
networks. That's their legal right, but they also have to play by some rules, be transparent,
and tell you about it. [...] You should be aware that some software invades your privacy as an
employee by capturing screenshots, logging keystrokes, and taking webcam pictures without your consent.
Three
major tax preparation companies [are] accused of sharing information with Google and
Meta. Three of America's largest tax preparation companies have been accused of
sharing tens of millions of taxpayers' sensitive financial data with tech giants Google and Meta
without their consent. A seven-month congressional probe, led by Massachusetts Senator
Elizabeth Warren, alleges H&R Block, TaxAct and TaxSlayer used visitor tracking technology embedded
in websites to share the information. In a potential violation of federal law, the investigation
found data was in some cases misused by Facebook parent company Meta for targeted advertising.
Is
Your Homeowner's Association Playing Big Brother Without Your Knowledge? Apparently,
it is not only local governments that will engage in tyranny. Homeowner's associations (HOAs)
have also been found to participate in some questionable practices. In some cases, they have
essentially formed their own mini surveillance states, monitoring residents — sometimes
without their knowledge. [...] Communities across the United States are experiencing increased
surveillance without the knowledge or consent of many residents, thanks to a partnership between
police departments and private surveillance company Flock Safety, a startup founded in Atlanta in
2017 and currently valued at around $3.5 billion. The company has strategically focused
on homeowners associations (HOAs) to become one of the largest surveillance vendors in the United
States. HOAs are a prime target for Flock due to their large budgets and potential access to
private gated areas that are normally out of reach for law enforcement.
Home
Surveillance Cameras Pose Privacy Risks, Data Leakage by Hacking. The Hong Kong
Consumer Council tested the cyber security of ten home surveillance cameras on the market and found
that only one model complied with the European cyber security standard. At the same time, the
other nine posed various cyber security concerns, including the transmission of videos and data
without encryption and failure to defend against "brute-force attacks" by hackers to crack
passwords. In addition, the security of user data storage could have been improved in many
apps, with half of the tested models able to access the user files stored in intelligent devices
through Android apps. Some apps even requested excessive permission.
While
you are watching your TV, your TV is watching you. In February 2018, an analysis by
the reputed magazine Consumer Reports announced that their testing revealed that the increasingly
ubiquitous "smart TV" was capable of "watching" the viewer and keeping a detailed record of the
viewer's TV watching patterns and related behaviour. As more of smart devices find a place in
the average home, there are other gadgets that can work in tandem with smart TVs to perform the
task of "watching." Consider, for instance, the Alexa device that responds to voice commands
to perform simple tasks, including connecting with a smart TV to control the smart TV. All such
devices and functions rely on the fact that these devices always "surveil" their environment —
watching with built-in cameras, listening with built-in microphones, and capturing data with built-in
sensors. Real people occupy the space that is under the surveillance of these devices.
Blackstone
to acquire Ancestry.com for $4.7 billion, giving investment firm total ownership of all DNA from
every person who's ever used the service. The world's largest provider of DNA
services has been gobbled up by Wall Street investment giant Blackstone. For $4.7 billion,
Blackstone purchased Ancestry.com from private equity rivals Silver Lake, Spectrum Equity, and
Permira, placing a "big bet," as Reuters describes it, "on family-tree chasing as well as
personalized medicine." In case you are unfamiliar with the services it offers, Ancestry.com
allows customers to not only trace their genealogy but also identify specific genetic health risks
using testing kits. Blackstone's hope is that because of the Wuhan coronavirus (Covid-19),
more customers will stay home and use Ancestry.com's services, generating more profits for the
investment firm.
Zuckerberg's
Meta Hit with €390 Million Fine for Ignoring Privacy Rules. In the age of social media, almost
everyone who possesses a profile on any one of the major online platforms (Twitter, Facebook, TikTok) can tell you a
story about how they conducted a web search for a specific service or product, only to immediately see an ad for said
service or product upon logging into their favorite social media app. It's enough to stir up paranoia for many as
the brutal reality of the information age is that we are, in fact, being closely monitored by the applications,
websites, and devices that we remain tethered to as if they were an extension of our physical beings. So the
question becomes, where is the line drawn between what information is necessary for app makers and websites to collect
to improve the user experience, and what constitutes negligent abuse?
Windows
11 Sends Tremendous Amount of User Data to Third Parties, YouTuber Claims. Many programs collect user data
and send it back to their developers to improve software or provide more targeted services. But according to the
PC Security Channel (via TechSpot), Microsoft's Windows 11 sends data not only to the Redmond, Washington-based software
giant, but also to multiple third parties. To analyze DNS traffic generated by a freshly installed copy of Windows 11
on a brand-new notebook, the PC Security Channel used the Wireshark network protocol analyzer that reveals precisely what is
happening on a network. The results were astounding enough for the YouTube channel to call Microsoft's Windows 11
"spyware." As it turned out, an all-new Windows 11 PC that was never used to browse the Internet contacted
not only Windows Update, MSN and Bing servers, but also Steam, McAfee, geo.prod.do, and Comscore ScorecardResearch.com.
Apparently, the latest operating system from Microsoft collected and sent telemetry data to various market research companies,
advertising services, and the like.
Some
Information Is More Equal Than Others. Individual data ownership is a major, underappreciated issue in the
21st century. [...] Information about where we have been, what we have bought, etc., may today be found not only on our
phones but throughout the information environment we inhabit: emails, social media, and location data all bear
witness to our innermost actions. Much of this data is used to benefit private companies and government, who have
an interest in harvesting ever more of it. Attempts to keep individual information from being commercialized by
"data monarchs" has been criticized as "injecting enormous friction into free flow of information ... a significant
amount of data sharing serves important public interests and values. The friction and disruption from any system
of payments for data would undermine these interests and values ... with little benefit for individual privacy."
Hackers
leak email addresses of 235 million Twitter users: report. Hackers obtained the email addresses of more
than 235 million Twitter users and published them on an internet forum, according to a cybersecurity expert.
The breach "will unfortunately lead to a lot of hacking, targeted phishing and doxxing," Alon Gal, co-founder of Israeli
cybersecurity-monitoring firm Hudson Rock, wrote on LinkedIn. On his LinkedIn page, Gal — who called
the breach "one of the most significant leaks I've seen" — posted screenshots of the hacked email addresses
that he found on the dark web.
Security
Loophole in Google Home Speakers Let Hackers Snoop on Private Conversations. It was recently revealed that
a security loophole within Google Home speakers allowed hackers to snoop on conversations. A bug allowed hackers
to install a backdoor account on a Google Home smart speaker device and use it via remote control to eavesdrop on
unsuspecting owners by accessing its microphone feed, reported Bleeping Computer. Security researcher Matt Kunze
was recently rewarded a total of $107,500 by Google for discovering the security issue in January 2021, while
experimenting with his own Google Home mini-speaker. Kunze notified Google in March 2021 and later published the
technical details about his findings, along with a potential attack scenario, which explained how the flaw could be
exploited by an outside actor.
The most creepy
iPhone setting needs to be adjusted. Every app on your iPhone comes with a certain set of permissions
depending on what the app is used for. For example, Instagram will ask permission to access your camera and photos
app so you can take and post pictures, while WhatsApp will ask for access to your microphone to send voice notes.
Some apps take it further asking for your "precise" location. It's imperative to know what exactly they're asking you for.
A Twitter data tracker inhabits tens of
thousands of websites. Tens of thousands of websites belonging to government agencies, Fortune 500
companies and other organizations host Twitter computer code that sends visitor information to the social media giant,
according to research first reported by The Cybersecurity 202. And virtually none of them have used a Twitter feature
to put restrictions on what the company can do with that data, said digital ad analysis firm Adalytics, which conducted
the study. The presence of Twitter's code — known as the Twitter advertising pixel — has
grown more troublesome since Elon Musk purchased the platform.
Tax
Filing Websites Have Been Sending Users' Financial Information to Facebook. Major tax filing services such
as H&R Block, TaxAct, and TaxSlayer have been quietly transmitting sensitive financial information to Facebook when
Americans file their taxes online, The Markup has learned. The data, sent through widely used code called the Meta
Pixel, includes not only information like names and email addresses but often even more detailed information, including
data on users' income, filing status, refund amounts, and dependents' college scholarship amounts. The information
sent to Facebook can be used by the company to power its advertising algorithms and is gathered regardless of whether
the person using the tax filing service has an account on Facebook or other platforms operated by its owner, Meta.
Each year, the Internal Revenue Service processes about 150 million individual returns filed electronically, and
some of the most widely used e-filing services employ the pixel, The Markup found.
Your
New Mazda Knows if You Are Naughty or Nice and Doesn't Keep It a Secret. In the digital age, it has become
increasingly important for many people around the world to protect their identity online. Considering there are a
lot of dangers online and many risks associated with surfing the web, this comes as no surprise. Even though there
is no physical interaction, we still want to remain safe and make sure our data is handled responsibly. However,
many unfortunate cyber incidents that have happened in the last couple of years proved it is important to have a good
understanding of what the internet is and how we can all safely access it. But the digital era does not stop at
PCs, laptops, phones, or tablets. The connectivity has reached cars for quite some time, and the introduction of
advanced software in vehicles means concerns about how personal data is being collected and used are starting to pop up
more often.
TikTok's
Chinese parent company planned to monitor the location of specific Americans without their knowledge. I'm
not the least bit surprised this is where this story is ending up. Starting last summer there were reports that,
despite corporate denials, data on American TikTok users was essentially available to engineers at the parent company
ByteDance in China. [...] Under Chinese law, anything that is available to corporations in China is automatically
subject to seizure by the Chinese government. Again, this has all been denied repeatedly by ByteDance and by
TikTok in the US, but this summer Buzzfeed published a story confirming the CNBC report from last year based on leaked
audio from inside the company. [...] The problem is that China could, in theory, single out certain individuals it is
interested in and watch their online behavior very closely. In fact, the story today from Forbes suggests they
planned to do more than that. They planned to monitor the locations of certain Americans without their knowledge
or consent.
Google
Employees Are Laughing at You for Thinking 'Incognito Mode' Is Private. According to a series of internal
communications discovered in court, Google employees joked about Chrome's "Incognito mode" and criticized the company
for failing to meet users' expectations of privacy. Google is currently the target of a class action lawsuit in
California over its misleading claims of privacy. Court documents obtained by Bloomberg reveal that a Google
engineer suggested in 2018 that the Incognito mode icon be changed to "Guy Incognito," a Simpsons character who looks
exactly like Homer Simpson except for his mustache. According to the Google employee, the character "accurately
conveys the level of privacy [Incognito mode] provides" compared to Chrome's standard browsing mode. In a 2021
email, Google marketing chief Lorraine Twohill urged the implementation of a more secure Incognito mode as a means of
gaining users' trust.
American
Airlines breach was gold mine for identity thieves. A recent data breach at American Airlines was
relatively small, but the customer information stolen appears to be a jackpot for criminals engaged in identity theft.
The breach, announced on Sept. 20, affected a "very small number" of customers and employees, the airline said in a
statement, with reports of about 1,700 people affected. However, the breach reportedly included Social Security
and driver's license numbers, data that can be used to steal victims' identities. American Airlines is among
several airlines and travel-related companies that have been the victims of such breaches in recent years.
India-based Akasa Air reported one in August, and Philippine Airlines reported its own in mid-September. However,
these recent thefts may say more about the security of the individual companies than about the industry at large, some
cybersecurity experts said.
China's
TikTok spies on user keystrokes; can track passwords, personal data: report. A software researcher found
code on the Chinese TikTok app that appears to be spying on user keystrokes and could be used to steal credit card
information, passwords and other sensitive information. Last week, Austria-based software researcher Felix Krause
published a report documenting how different apps inject malicious JavaScript code into third-party websites that allow
them to log keystrokes. Krause found that the popular video-sharing app TikTok, which is owned by the Chinese
company ByteDance, uses this malicious code. The script reportedly runs on TikTok's in-app browser, allowing it to
see what users are typing in when they open up links shared through the app.
Study:
99% Of COVID-19 Data Websites Secretly Track Users. The study analyzed three types of websites: official
governmental websites of "G20" countries around the world; websites of international organizations such as the United Nations
and popular websites used for COVID-19 tracking and information. It measured these sites' use of "cookies" —
personal data related to your browsing history that websites can retrieve at a later time. "Web cookies have been
exploited to collect information about users' online activities and interests," notes the paper. "Our results show
that, unfortunately, tracking is a serious concern, as in some countries up to 90% of these websites create cookies of
third-party trackers without any consent from users," explains a summary of the findings.
Instagram
testing facial scanning tech for kids to verify ages, lawmakers cry foul. Instagram has a new idea for how to
determine kids' ages online — direct the children to videotape themselves, upload the content, and then the
company will deploy facial scanning technology. The Meta-owned social platform is partnering with tech company Yoti to
test how the scanning tech can be used to verify children. "After you take a video selfie, we share the image with
Yoti, and nothing else," Instagram said on its blog. "Yoti's technology estimates your age based on your facial
features and shares that estimate with us. Meta and Yoti then delete the image."
The Editor says...
Ri-i-i-ight. We promise to delete your pictures as soon as we get a good look. And we won't ever share them with
anybody. If you believe that, you're too young to agree to anybody's "terms of service."
Microsoft
Office 365 has ability to 'spy' on workers. Businesses can use risk management tools in Microsoft Office to
covertly monitor the activities of employees on work-issued computers. The software company provides tools in its
Office 365 suite that can be used by employers to read staff emails and monitor how long they spend on calls and how many
meetings they attend. The surveillance capabilities of Microsoft's Office suite, which is widely used by businesses
across the world, were disclosed in a dissertation by a researcher at University College London (UCL). The research shows
that companies continue to exploit capabilities built into Office 365 to monitor staff computers some 18 months after
Microsoft took steps to protect employees' privacy.
TikTok
Lied to Senate, China Controls the Data, Americans Don't. This is why smart travelers take burner phones to
China that don't log into any of their existing accounts and one of the worst user data hacks in America happened when an
employee accessed root out of China. But this is evidence from the inside that TikTok is just another data trap. [...]
Why would anyone expect anything else? This is how Chinese companies work. The locus of control is always going
to be with their own people and the idea that Americans would be allowed to act as gatekeepers over Chinese execs was always
implausibly absurd. Americans working for TikTok are there to take orders from China. Not the other way around.
Twitter
to pay $150M to settle federal suit over data collection practices. The federal government announced Wednesday
that Twitter has agreed to pay $150 million in civil penalties and change its data privacy measures after the platform
profited off of deceptively collecting user data for six years. The Department of Justice and the Federal Trade
Commission announced a settlement and complaint with Twitter that, if approved by a federal court, would result in a
$150 million penalty. That covers admission by the social media giant that between May 2013 and September 2019,
the company told users it was collecting their telephone numbers and email addresses for account security purposes. But
Twitter failed to disclose that it also would use that information to help companies send targeted advertisements to users.
Some Top 100,000 Websites Collect Everything
You Type — Before You Hit Submit. Researchers at Belgium's Katholieke Universiteit Leuven, Radboud
University in the Netherlands, and Switzerland's University of Lausanne analyzed the top 100,000 websites and found a
significant number record some or all of visitors' typewritten data. The researchers estimated 1,844 sites gathered a
European Union user's email address without consent, while 2,950 logged a U.S. user's email. Many sites incorporate
third-party marketing and analytics services that perform data-logging. After crawling sites for password leaks last
May, the researchers found 52 sites in which third parties, including Russian technology company Yandex, were incidentally
collecting password data prior to submission.
Researchers Find Potential Way to Run Malware
on iPhone Even When it's OFF. A first-of-its-kind security analysis of iOS Find My function has identified a
novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that's
executed while an iPhone is "off." The mechanism takes advantage of the fact that wireless chips related to Bluetooth,
Near-field communication (NFC), and ultra-wideband (UWB) continue to operate while iOS is shut down when entering a "power
reserve" Low Power Mode (LPM). While this is done so as to enable features like Find My and facilitate Express Card
transactions, all the three wireless chips have direct access to the secure element, academics from the Secure Mobile
Networking Lab (SEEMOO) at the Technical University of Darmstadt said in a paper entitled "Evil Never Sleeps."
Russia
is after your personal data. A new phone app which offers users a free digital avatar is taking
facial-recognition quality photographs and sending them to Moscow, prompting major concerns within the cyber security
community. Tens of thousands of people have already uploaded their photographs to the servers of the New Profile Pic
app in return to the free avatar. However, many will be unaware that the company behind the app, Linerock Investments,
is based in an apartment complex overlooking the Moscow River, beside Russia's Ministry of Defence and just three miles from
Red Square. Jake Moore, Global Cybersecurity Advisor, ESET Internet Security told MailOnline that people have to be
incredibly careful when uploading photographs or personal data to a brand new website.
Tenn
family say AirTag was used to track them during Disney World visit. A Columbia, Tennessee family claims they
were stalked via an Apple AirTag while walking through Disney World theme park. An Apple AirTag is a coin-shaped device
designed to help users keep track of their belongings' location. For instance, one might put an AirTag in their
backpack, so that in case they misplace their backpack, they can look up its location on their phone. But something
entirely different happened to the family of Jennifer Gaston. As the family was reportedly headed back to their vehicle
after a day of walking through the theme park, Gaston's 17-year-old daughter, Madison, received a notification on her
phone — presumably an iPhone — that there was an Apple AirTag moving with her.
Muting
your mic reportedly doesn't stop big tech from recording your audio. Anytime you use a video teleconferencing
app, you're sending your audio data to the company hosting the services. And, according to a new study, that means all
of your audio data. This includes voice and background noise whether you're broadcasting or muted. Researchers at
the University of Wisconsin-Madison investigated "many popular apps" to determine the extent that video conferencing apps
capture data while users employ the in-software 'mute' button.
Big
Brother Is Watching: Amazon Worker Chat App to Ban Naughty Words Like 'Union,' 'Restrooms,' 'Pay Raise'.
An automatic word monitor in a new Amazon worker chat app will ban a variety of words and phrases, such as "union,"
"fairness," "pay raise," "slave labor," and "master," among other terms, according to internal documents obtained by the
Intercept. Amazon will block and flag employee posts on an internal messaging app that the company deems problematic,
according to internal company documents obtained by the Intercept. The app is still in the planning phase and has not
yet been launched.
Eyeball-tracking
MoviePass app will make a captive audience out of you — literally. To sum up its history, MoviePass,
co-founded by a man named Stacy Spikes, began as a flat fee cinema subscription service. Originally, a member would pay
$30 a month to get tickets to see a movie in theater up to once a day. However, after Spikes had been pushed out of his
own company, the new regime lowered the price to $9.95 a month. Unsurprisingly, the company folded. Spikes then
bought the name back and has just relaunched the company as a movie coupon app, to be run on block-chain technology.
The idea is that you can earn or buy credits over the app, and then redeem them at participating cinemas. It's the
earning the credits part that makes MoviePass sound creepy. Spikes has developed a feature called "PreShow." PreShow
would essentially be a package of ads that a MoviePass user could watch to earn credits, perhaps enough credits to redeem at
a cinema for the entire price of a film. To make sure the user really does watch the ads, though, PreShow will rely on
the user's eye movements being tracked by the camera on his smartphone. If the user looks away, the PreShow will
stop. In short, to get your movie coupon credits, you'd have to agree to allow PreShow to watch you watching it.
How to Tell Which Emails
Quietly Track You. Everyone sends emails now: political parties, your book club, freelance journalists, the
social networks you're signed up to, your parents, that online store that you only bought one item from a decade ago, and
many, many more. What do a lot of those email senders have in common? They want to know whether the messages they
send you are being opened, and there are a variety of tools available to help them do just that — tools that
aren't all that hard to use. A tracking pixel, embedded somewhere in the email, is how most people monitor whether an
email gets opened. Once the tiny, hidden single-pixel image is loaded, it reports back to base. Their use across
emails is now up to "endemic" levels according to some experts. Tracking pixels can report the times and dates their
associated email was opened, as well as the location of the device used, and the email client involved.
TikTok
shares your data more than any other social media app — and it's unclear where it goes, study says.
Two of your social media apps could be collecting a lot of data on you — and you might not like what one of them
is doing with it. That's according to a recent study, published last month by mobile marketing company URL Genius,
which found that YouTube and TikTok track users' personal data more than any other social media apps. The study found
that YouTube, which is owned by Google, mostly collects your personal data for its own purposes — like tracking
your online search history, or even your location, to serve you relevant ads. But TikTok, which is owned by Chinese
tech giant ByteDance, mostly allows third-party trackers to collect your data — and from there, it's hard to say
what happens with it. With third-party trackers, it's essentially impossible to know who's tracking your data or what
information they're collecting, from which posts you interact with — and how long you spend on each
one — to your physical location and any other personal information you share with the app.
Facebook
keeps collecting people's data and building their profiles even when their accounts are deactivated. Brains
hooked up to machines by mad scientists. Tortured spirits stuck between this world and the next. Limp bodies
force-fed to stay alive. Any of these creepy horror flick scenarios might be fitting to describe how Facebook treats
deactivated accounts. Not only does the company keep these otherwise dormant digital beings on life-support
indefinitely, it continues to latch new data shared by advertisers to deactivated accounts, fortifying identifiable profiles
just in case their masters return to electrify them back to life. Despite Facebook's recent virtue-signaling on
privacy, the company does not make it clear to people that when they deactivate their accounts, its vampiric data connections
continue to suck new information from advertisers, revealing people's personal interests, recent purchases and other interactions.
Fight the
American Stasi with Mockery. In a 2019 article for The Atlantic, "The Lingering Trauma of Stasi
Surveillance," Charlotte Bailey explores how many of the thousands of Germans who were victims of the The Ministry for State
Security — commonly known as the Stasi — still suffer from psychological trauma. [...] The Stasi,
Bailey writes, "wiretapped, bugged, and tracked citizens. It steamed open letters and drilled holes in walls. It
had nearly 200,000 unofficial informers and hundreds of thousands more occasional sources providing information on their
friends, neighbors, relatives, and colleagues. [...] The record of your permanent digital footprint and the growing power of
tech companies such as Facebook, Google, and YouTube mean that just a few companies have more information about you, and
power over you, in 2022 than the Stasi could ever have imagined. With an entire spy apparatus available on their
phones, students snitch on each other.
Why 'Metaverse' Is Big
Brother In Disguise. [Scroll down] Look around you. Everywhere you turn, people are so addicted to
their internet-connected screen devices — smart phones, tablets, computers, televisions — that they can
go for hours at a time submerged in a virtual world where human interaction is filtered through the medium of
technology. This is not freedom. This is not even progress. This is technological tyranny and iron-fisted
control delivered by way of the surveillance state, corporate giants such as Google and Facebook, and government spy agencies
such as the National Security Agency. So consumed are we with availing ourselves of all the latest technologies that we
have spared barely a thought for the ramifications of our heedless, headlong stumble towards a world in which our abject
reliance on internet-connected gadgets and gizmos is grooming us for a future in which freedom is an illusion.
Big Tech
Unleashes a Sophisticated New Weapon in Their War on Online Anonymity. After years of steadily accumulating
power, 2021 is the year that Big Tech well and truly flexed its muscle. Gone are the days of banning mere Twitter
pundits and demonetizing YouTube channels. In 2021, Big Tech silenced the sitting US president. They stopped the
elected chief executive of the world's largest economy and most powerful military from communicating with the American
people. He lost the ability to tweet, post videos, or even send out a mass email. The past year has shown that no
celebrity or official is so powerful they are beyond the reach of the tech ban hammer. Yet with all the focus on
censorship of big names, conservatives risk forgetting about an all-important right in today's tech-dominated age: The
right to anonymous speech. Revolver readers don't need to be told that it's more dangerous than ever in America and the
West more broadly to voice an opinion at odds with the official, regime-sanctioned one mandated in Washington. A wrong
word, or any word mentioned to the wrong person or in the wrong venue can destroy a career, a reputation, a livelihood.
The
Greenburg files: Is there a file on you? Scottsdale moms stumble upon political Google Drive trove.
A group of mothers in the Scottsdale Unified School District community are questioning an online dossier that has digital
connections to school board President Jann-Michael Greenburg and his father, Mark. The Greenburgs deny any involvement
or knowledge of the Google Drive in question, however the active link to the site was made private around 11 a.m. Nov. 9,
after Independent Newsmedia called the family. The digital dossier is housed on Google Drive and contains content, including
photos of district parents and at least one minor, personal financial documents, including professional certifications, and
mortgage statements.
The
Telescreens in Your Home Are Watching Your Every Move. A woman who uses the apt TikTok handle
@my.data.not.yours has posted a video detailing the truly shocking extent of Amazon's surveillance of her daily life.
She requested "all the data Amazon has on me," explaining, "I have two Dots and one Echo." Between them, these devices
have collected an astonishing amount of data. She goes through the folders Amazon sent her and says of one audio
folder,: "There are 3,534 short audio clips in this file alone." This is, she says, "so scary." [...] This is an age of
massive federal overreach and restriction of freedom; Amazon's data collection of trivia may appear to be completely
innocuous now, but nothing much needs to change for it to be used against Americans in all sorts of ways.
I
found an Amazon folder with thousands of audio recordings from my home gadgets. A woman was shocked to discover
just how much data Amazon has collected about her. She posted a viral TikTok video explaining how she requested to see
the data but wasn't expecting to receive so much. TikToker my.data.not.yours explained: "I requested all the data
Amazon has on me and here's what I found." She revealed that she has three Amazon smart speakers. Two are Amazon
Dot speakers and one is an Echo device. Her home also contains smart bulbs. She said: "When I downloaded
the ZIP file these are all the folders it came with." The TikToker then clicked on the audio file and revealed
thousands of short voice clips that she claims Amazon has collected from her smart speakers.
The Editor says...
If Amazon does this, you can safely presume that the government does, too.
Hacked:
Firm that routes all major U.S. carriers' text messages reveals 5-year breach. A telecommunications firm that
helps popular carriers like Verizon, AT&T and T-Mobile route text messages between one another and carriers abroad,
Syniverse, recently disclosed that it was the victim of a five-year-long breach. In a Securities and Exchange
Commission filing that was published last week, Syniverse disclosed that it learned in May about "unauthorized access to its
operational and information technology systems by an unknown individual or organization." Syniverse routes billions of
text messages each year. Although the firm says it notified law enforcement and carried out an internal investigation,
they did not publicize the hacking, which they determined started in May of 2016. Therefore, hackers may have had
unlimited access to people's text messages for the last five years.
The
Rise of One-Time Password Interception Bots. In February, KrebsOnSecurity wrote about a novel cybercrime
service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication
factor in addition to passwords. That service quickly went offline, but new research reveals a number of competitors
have since launched bot-based services that make it relatively easy for crooks to phish OTPs from targets.
Apple
is working on technology to help diagnose mental health conditions by spotting key signs in how you use your
smartphone. Apple is working on new technology that could be used to help diagnose mental health conditions
such as depression and cognitive decline, insiders claim. Working with the University of California in Los Angeles and
biotech firm Biogen, Apple is hoping to get more out of the health-related sensors in its devices. The firm already has
a wide health-related technology offerings, including heart, sleep and activity monitoring through the Apple Watch and iPhone.
Massive
Microsoft Power Apps data breach exposes personal details of 38 million people. Personal data of 38 million
people has been exposed following a breach of Microsoft's Power Apps. The data includes social security and phone
numbers, COVID vaccination status and home addresses. Companies affected by the breach include American Airlines, New
York City public schools, Ford, the Maryland Department of Health, and the New York City Municipal Transportation Authority.
Apple's
Plan to "Think Different" About Encryption Opens a Backdoor to Your Private Life. Apple has announced impending
changes to its operating systems that include new "protections for children" features in iCloud and iMessage. If you've
spent any time following the Crypto Wars, you know what this means: Apple is planning to build a backdoor into its data
storage system and its messaging system. Child exploitation is a serious problem, and Apple isn't the first tech
company to bend its privacy-protective stance in an attempt to combat it. But that choice will come at a high price for
overall user privacy. Apple can explain at length how its technical implementation will preserve privacy and security
in its proposed backdoor, but at the end of the day, even a thoroughly documented, carefully thought-out, and narrowly-scoped
backdoor is still a backdoor.
The Editor says...
Apple's excuse — that they're only looking for child pornography — is a thin wrapper to make us think their
intentions are honorable. If the mechanism is in place to sift through your words and pictures, it will soon be used to find
"deadbeat dads," tax evaders, gang members, and anybody who's wanted by the FBI. At that point, if Apple still hears no objections,
there can be no doubt that they will start using this wholesale surveillance technology for left-wing political purposes.
'Privacy
Company' Apple Plans To Monitor All US iPhones For Evidence Of Child Porn. As the old saying goes: If you
aren't doing anything illegal, then you have nothing to fear from surveillance. Smartphones already act like tracking
devices broadcasting the whereabouts of their owners, but Apple is about to open the door to far more advanced forms of
smartphone-based voluntary surveillance by launching a new program designed to detect and report iPhone users who are found
to have child pornography — known by the academic-speak acronym CSAM — which stands for Child Sexual
Abuse Materials. According to a handful of academics who were offered a sneak preview of the company's plans —
then promptly spilled the beans on Twitter, and in interviews with the press.
Natick
couple harassed by eBay tell their story for the first time. Natick resident David Steiner was puttering in his
garage on a sunny Sunday morning when a neighbor walking a dog called out to him: "Hey, your fence has been tagged."
Steiner, who with his wife, Ina, publishes a news website about the e-commerce industry from their home, thought his neighbor
must be joking — who would be graffitiing his new white vinyl fence on their quiet, tree-lined street? It was
June of 2019, and he had no clue that the vandalism was just the start of a bizarre harassment campaign directed by senior
executives at one of the country's leading Internet companies, eBay. Ultimately, the events would shatter the Steiners'
peaceful suburban life, result in criminal charges against six eBay employees and a contractor, five of whom have pleaded
guilty, and contribute to the departure of eBay's chief executive.
QR
Menu Codes Are Everywhere, and Tracking You More Than You Think. If you've returned to the restaurants and bars
that have reopened in your neighborhood lately, you might have noticed a new addition to the post-quarantine decor: QR
codes. Everywhere. And as they've become more ubiquitous on the dining scene, so has the quiet tracking and
targeting that they do. That's according to a new analysis by the New York Times, that found these QR codes have the
ability to collect customer data — enough to create what Jay Stanley, a senior policy analyst at the American
Civil Liberties Union, called an "entire apparatus of online tracking," that remembers who you are every time you sit down
for a meal. While the data itself contains pretty uninteresting information, like your order history or contact
information, it turns out there's nothing stopping that data from being passed to whomever the establishment wants. [...]
Because they're a touchless way to transmit information, restaurants, and retailers have adopted them en masse. And
despite the fact that they're divisive for all sorts of very good reasons, most businesses seem to agree that they're here to
stay, even once the COVID-19 crisis is finally over.
Amazon's
mission: Getting a 'key' to your apartment building. Amazon is tired of ringing doorbells. The
online shopping giant is pushing landlords around the country — sometimes with financial incentives —
to give its drivers the ability to unlock apartment building doors themselves with a mobile device. The service, dubbed
Key for Business, is pitched as a way to cut down on stolen packages by making it easy to leave them in lobbies and not
outside. Amazon benefits because it enables delivery workers to make their rounds faster. And fewer stolen
packages reduces costs and could give Amazon an edge over competitors. Those who have installed the device say it
reduces the constant buzzing by delivery people and is a safer alternative to giving out codes to scores of delivery people.
Revealed:
leak uncovers global abuse of cyber-surveillance weapon. Human rights activists, journalists and lawyers across
the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO
Group, according to an investigation into a massive data leak. The investigation by the Guardian and 16 other media
organisations suggests widespread and continuing abuse of NSO's hacking spyware, Pegasus, which the company insists is only
intended for use against criminals and terrorists. Pegasus is a malware that infects iPhones and Android devices to
enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.
The leak contains a list of more than 50,000 phone numbers that, it is believed, have been identified as those of people of
interest by clients of NSO since 2016.
Facebook
reportedly fired 52 employees who were caught spying on users. Facebook fired 52 employees for abusing their
access to the social network's user data — including creepy men who obtained location data on women they were
romantically interested in, according to a new report. Using their access to troves of user data through Facebook's
internal systems, male engineers were able to view women's locations, private messages, deleted photos and more, according to
a bombshell report in the Telegraph. In one instance described in the report, a Facebook engineer was on vacation with
a woman in Europe when the two got into a fight and the woman wanted time alone. Using Facebook data, the engineer
reportedly tracked her down at her new hotel and confronted her.
FCC
lifts rules so Amazon can build radar devices to track users' sleep. The Federal Communications Commission
waived its rules so Amazon can build radar sensors that the company says would be used to track people's sleep. The
federal government's exemption for Amazon paves the way for the tech giant to monitor users' movements in the bedroom with
extreme precision — all without users having to press a button. The FCC accepted Amazon's claim that the
tech would be used to improve users' health and wellness.
The Editor says...
Ri-i-i-ight. And the radar technology will never be used for any other application, and there's no threat at all to anyone's privacy.
Why does Amazon care when you sleep? If you let Amazon into your house this far, you might as well put a sign in your front window that
says, WE ARE ALL ASLEEP.
Big Tech's threat to democracy.
The convenience of the smart home may be worth the price; that's for each of us to decide. But to do so with open eyes,
one has to understand what the price is. After all, you don't pay a monthly fee for Alexa, or Google Home. The
cost, then, is a subtle one: a slight psychological adjustment in which we are tipped a bit further into passivity and
dependence. The Sleep Number Bed is typical of smart home devices, as Harvard business school Professor Shoshana Zuboff
describes in The Age of Surveillance Capitalism. It comes with an app, of course, which you'll need to install to get
the full benefits. Benefits for whom? Well, to know that you would need to spend some time with the 16-page
privacy policy that comes with the bed. There you'll read about third-party sharing, analytics partners, targeted
advertising, and much else. Meanwhile, the User Agreement specifies that the company can share or exploit your personal
information even "after you deactivate or cancel ... your Sleep Number account." You are unilaterally informed that the
firm does not honor "Do Not Track" notifications. By the way, the bed also transmits the audio signals in your bedroom.
(I am not making this up.)
How
the Global World Is Losing Control. Smart software agents are ubiquitous: on our phones, computers, even on
that doodad you bought for grandma that plays music and reads out the weather report in response to voice commands.
"Siri, Alexa, Cortana and the unstoppable rise of the digital assistant ... The brain implants are not ready yet, but
artificial intelligence of a different kind is being let loose on some of these creeping problems of modern life." Are
they really working for us? To reassure yourself, why not ask: "Google are you spying on me?" The answer
ought to set your mind at ease.
Read
this and you won't click 'I agree' ever again: We're being spied on by phones, computers, TVs, cars — even
the doorbells. Most of us know that our personal data is being collected, stored and analysed thanks to our
relationship with our mobile phones, computers and the internet. But are we really aware of the full extent of the
privacy invasions into our daily lives? Let's start at dawn. What is the first thing you do when you wake
up? You probably check your phone. By doing that, you are informing a whole host of busybodies — your
smartphone manufacturer, app developers and your mobile company, as well as intelligence agencies (if they happen to be
watching you) — what time you wake up, where you've been sleeping and who you share a bed with, providing they
keep their phone with them too.
Big
Brother, Inc: Amazon devices share your network connection without your consent? Starting today
[6/8/2021], your Amazon Echo and Ring systems will default to opening a "small slice" of your wireless networks as part of
their new Sidewalk program to neighbors, and, er... anyone else within range of your house. What could go wrong?
Not much, says the New York Times: ["]Depending on your perspective, Sidewalk is either terrific news about some
potentially cool capabilities for your smart-home devices or a ham-fisted and terminally awful privacy and security gamble
that offers little benefit to device owners while further expanding Amazon's already sizable reach into American
households. We think it's actually a little of both. ...["]
Amazon
to turn on Sidewalk Wi-Fi sharing service next week. Amazon is launching a new service called Sidewalk with the
goal of improving signal strength and reliability. It works by connecting your Alexa devices with your neighbors'
devices. The concept raises red flags for some people. But should it?
'Location
Off Should Mean Location Off': Google Hit With Lawsuit Over Data Collection 'Schemes'. Arizona Attorney General
Mark Brnovich says that Google continues to collect location data even after users turn off tracking on their smartphones and
other devices, citing concerns from company employees about its data-collection practices, in the latest update of a lawsuit
against the tech giant. According to documents that were submitted in court by Brnovich's office last week, emails that
were sent among Google engineers expressed concerns about the company's location data collection efforts after an Associated
Press report in 2018; the engineers suggested that they believed the AP article was correct. "So there is no way to
give a third-party app your location and not Google? This doesn't sound like something we would want on the front page
of the [New York Times]," one employee allegedly stated in a newly unredacted section.
Your Car Is Spying
On You, and a CBP Contract Shows the Risks. U.S. Customs and Border Protection purchased technology that
vacuums up reams of personal information stored inside cars, according to a federal contract reviewed by The Intercept,
illustrating the serious risks in connecting your vehicle and your smartphone. The contract, shared with The Intercept
by Latinx advocacy organization Mijente, shows that CBP paid Swedish data extraction firm MSAB $456,073 for a bundle of
hardware including five iVe "vehicle forensics kits" manufactured by Berla, an American company. A related document
indicates that CBP believed the kit would be "critical in CBP investigations as it can provide evidence [not only] regarding
the vehicle's use, but also information obtained through mobile devices paired with the infotainment system." The
document went on to say that iVe was the only tool available for purchase that could tap into such systems.
China's
digital currency could bring surveillance state to wallets at expense of US dollar. China's emerging digital
currency could enhance the yuan's importance in the international financial system at the expense of the U.S. dollar and
extend the Chinese surveillance state into wallets around the world. A combination of visibility of currency users and
technical control is a monetary dream for Chinese communist officials, who have staked their regime on their ability to
monitor and curtail private activity within China. The digital yuan's acceptance beyond mainland China could give the
regime a significant geo-economic tool, one that bypasses the network of banks and financial institutions that are subject to
U.S. laws and binds client states more directly to Beijing. Beijing's moves come amid tensions with the Biden
administration as the new government in Washington continues calibrating its China policy after the Asian giant's tactics led
former President Donald Trump to sour on its president, Xi Jinping, after spending years touting their alleged friendship.
Freedom Fading. [Scroll down] Many of us,
particularly the young, live out our social lives online — through Instagram, Facebook, Twitter — and manage our
lives at the behest of its aggressive stepsisters, Amazon, Apple, and Google. We post, we purchase, we tweet, we opine,
we share vital information and also gather vital information using their platforms. These enterprises provide the bulk
of our access to the outside world. It has become obvious to careful observers, though, that these digital giants are
not neutral players in this game. We are being watched, and we are being tracked. Corporate Goliaths are
assiduously collecting every piece of information they can on our purchasing habits, our preferences, our private
lives — even our travel patterns. Rod Dreher reports that this "surveillance capitalism hoovers up detailed
personal data about individuals and analyzes it with sophisticated algorithms to predict people's behavior." The
initial goal of this online data harvesting is, of course, monetization of information — profit, for short.
But there is a darker side. Sophisticated algorithms have another consequence. "The rapidly growing power of
information technology and its ubiquitous presence in daily life," Dreher warns, "immensely magnifies the ability of those
who control institutions to shape society according to their ideals" (emphasis added).
Chinese
smart TVs are snooping on their owners. Hundreds of millions of Chinese consumers had a surprise discovery last
week: Their TV sets know a lot more about them than they'd ever thought, or ever agreed to. It turns out
Beijing-based Gozen Data, a leading Chinese TV viewership analytics firm, has been collecting personal data in real time
using smart TVs — without users' consent. The practice was first exposed when a user on V2EX, an online
forum for tech enthusiasts, noticed their Skyworth-brand smart TV had become slow and analyzed the code of back-end programs
to figure out why. What they found was a program that scans the user's Wi-Fi every 10 minutes and uploads a wide range
of information to Gozen Data's website.
Shedding
light on fairness in AI with a new data set. Facebook AI has built and open-sourced a new, unique data set
called Casual Conversations, consisting of 45,186 videos of participants having nonscripted conversations. It serves as
a tool for AI researchers to surface useful signals that may help them evaluate the fairness of their computer vision and
audio models across subgroups of age, gender, apparent skin tone, and ambient lighting. To our knowledge, it's the
first publicly available data set featuring paid individuals who explicitly provided their age and gender
themselves — as opposed to information labeled by third parties or estimated using ML models.
P&G
Is Looking for Ways Around Apple's New Privacy Rules. Consumer goods giant Procter & Gamble is testing an
advertising technique developed in China that gathers iPhone data for targeted advertisements as companies look for ways to
bypass Apple's new privacy measures. P&G is preparing for an era in which new tools and customer preferences limit the
amount of data available to marketers, Dow Jones reported, citing sources. The Cincinnati company is partnering with
dozens of Chinese trade groups and tech firms working with the state-backed China Advertising Association to develop the new
technique, which would use a technology called device fingerprinting.
Today's
blacklisted Americans: Conservatives on the email provider MailChimp. They're coming for you next:
The email provider MailChimp has since the November election made it a clear policy to routinely cancel the accounts of
conservatives if they dare send out any emails it deems politically incorrect. In November MailChimp instantly disabled
the email account of two tea party organizations, one in Virginia and the other in South Carolina, when they each tried to
send out email notices to their members about post-election pro-Trump rallies. In January MailChimp did the same to a
conservative organization in California that was running a conference calling for the end of the overbearing lockdown rules
imposed by the Democrat governor Gavin Newsom.
The Editor says...
For helpful tips, please see "If you think somebody is reading your email..."
on this page
or this page.
T-Mobile to Step Up Ad Targeting of Cellphone
Customers. Wireless carrier tells subscribers it could share their masked browsing, app data and online
activity with advertisers unless they opt out[.] A T-Mobile spokeswoman said the changes give subscribers advertising that
aligns with their interests. "We've heard many say they prefer more relevant ads so we're defaulting to this setting,"
Four hidden
ways Big Tech platforms suck up your data. Big Tech companies such as Facebook, Google, and Amazon collect
personal user data from many different sources to create "secret identities" of people in order to understand users'
personality traits, predict purchasing behavior, and ultimately sell these profiles to advertisers and sometimes the
government. Most often, users don't even realize that their data is being collected and exploited by tech
companies. Besides advertisers, millions of people's personal user data has also been sold to U.S. federal agencies for
border control purposes as well as to the military for counterterrorism purposes. User data can also be used by machine
learning or artificial intelligence tools that are being used by entities in the criminal justice system to help the
government make decisions, including who should be imprisoned to a person's ability to enter a country.
Student
Surveillance Vendor Proctorio Files SLAPP Lawsuit to Silence A Critic. During the pandemic, a dangerous
business has prospered: invading students' privacy with proctoring software and apps. In the last year, we've seen
universities compel students to download apps that collect their face images, driver's license data, and network
information. Students who want to move forward with their education are sometimes forced to accept being recorded in
their own homes and having the footage reviewed for "suspicious" behavior. Given these invasions, it's no surprise that
students and educators are fighting back against these apps. Last fall, Ian Linkletter, a remote learning specialist at
the University of British Columbia, became part of a chorus of critics concerned with this industry. Now, he's been
sued for speaking out. The outrageous lawsuit — which relies on a bizarre legal theory that linking to
publicly viewable videos is copyright infringement — will become an important test of a 2019 British Columbia law
passed to defend free speech, the Protection of Public Participation Act, or PPPA.
Amazon's new
rotating, follow-you camera is useful — and invasive. The covid-19 Zoom boom has turned us into
camera operators. Making sure everyone's face can be seen in the videoconference is a daily struggle. Along comes
Amazon's new Echo Show 10, a countertop camera and computer that tries to follow you. Spinning in a motorized circle,
it does its best to track your body so you're always in the shot — and in view of its 10.1-inch screen. I
spend so much time on video calls, I was tempted to splurge on one of these $250 robot Alexas. But I won't be buying
one after testing a review unit for a few days. While it was useful for in-motion video chats, the Echo Show
under-delivered in functions I'd want from a gadget taking valuable counter space. And since it's both passively
listening and watching, the Echo Show needs a more thoughtful approach to privacy. One of its new commands is,
literally, "Alexa, stop following me." And Amazon added an opt-in surveillance function to the device that,
at least for me, crosses the line from innovative to invasive.
The Editor says...
I've never been on a Zoom call ... as far as I know.
Microsoft
and Friends Want to Destroy Online Privacy. Microsoft has teamed up with a number of tech and media companies
to create a system of tracing content around the internet that could destroy online privacy and anonymity, radically
transforming the nature of the web. Against stiff competition, the alliance of tech and media giants has devised a plan
that may constitute Big Tech's most brazen power-grab yet.
Will
Small Businesses Burn through Americans' Goodwill by Snitching on Their Customers? [Scroll down] It was
my first visit to the establishment, and when I stepped inside, a pink-haired receptionist with rhinestone-studded cheekbones
took my temperature and handed me the questionnaire. I dutifully answered the 15 questions on page one pertaining to
any physical symptoms I may be experiencing. Then I turned to page two, stopping abruptly when I read the first
questions: "Did you take part in a social gathering of more than 10 people in the last week in which you were within
6 feet of others?" followed by "If yes, was everyone wearing a mask/face covering, you included?" I puzzled over the
questions. Had I mistakenly stepped into a doctor's office rather than a hair salon? Was a small business truly
probing into my recent involvement with other people just so I could get my hair trimmed and styled? Perhaps page three
would require my blood type and Social Security number. I also wondered what the salon's policy would be if I answered
"yes" to either question. Would they deny me service? More importantly, would they send my private information to
the Oregon Health Authority to follow up?
Instagram
Will Now Monitor Your Private Messages To Watch For 'Hate Speech'. Instagram announced in the past week that
they will begin policing private direct messages in their latest crackdown on so-called "hate speech" on their platform, a
report says. In line with the recent racial abusive comments that are "targeted at footballers in the U.K." after
losing a match, the social media platform Instagram announced Wednesday that they will be imposing stricter measures in order
"to help prevent" the further spread of abuse and hate speech in direct messages, Daily Wire reported.
Crossing
the Digital Rubicon. Generally, people know how their lives are invasively monitored, their most intimate
details packaged and sold as a commodity on markets they have little to no control over. Fatalistic shrugs of 'what can
you do' and declarations of 'I can't live without my phone' ensue. Perhaps it is a fair trade. Detailed personal
profiles are exchanged for handheld convenience along with dogged artificial intelligence analyzing what product or service
will successfully secure our money — or even our loyalty. Brand loyalty is a highly-prized substance as
franchise owners around the world attest. Other forms of allegiance are also highly-prized. Consider if your
private personal details, even intimate psychological profiles, are instead exploited for coercion to an ideology.
Ex-ADT
employee admits hacking into 200+ live cameras, spying on naked women and couples having sex. A former ADT
employee admitted Thursday [1/21/2021] that he hacked into the video feeds of more than 200 Texas customers to spy on naked
women and couples having sex inside their homes. Telesforo Aviles, 35, logged into customers' accounts more than 9,600
times over a four-year period "in order to view their footage for sexual gratification," he admitted in federal court.
"This defendant, entrusted with safeguarding customers' homes, instead intruded on their most intimate moments," Acting U.S.
Attorney Prerak Shah said in a statement. The creep, who worked as a home security technician before being fired last
year, pleaded guilty to computer fraud and now faces up to five years in federal prison.
ZOOM
is a Chinese Communist Party company spying on you. China is making us dependent on them for pharmaceuticals,
basketball, movies, news, iPhones, and other technology, even Zoom calls. Yet, the Chinese Communists (CCP) are allowed
to spy on us through their technology, including TicToc and even ZOOM. Americans think ZOOM is an American company.
It is not. It is a Chinese Communist Party company and they are using it to spy on us. The DOJ filed charges
against an executive this past week, who appears to be in China. He was censoring ZOOM conversations in the United
States and giving IP addresses to his Maoist rulers of people who criticized the CCP. The DOJ is allowing ZOOM
to continue operating.
Never
click on this kind of Zoom invite. You'll thank us forever. Your inbox is chock full of Zoom invitations,
as everyone from your boss to your Aunt Elaine to your book club keeps your work and social calendars packed. But amid
the sales meeting slots and the family holiday reunions lurk Zoom invites that want to do the opposite of welcome you.
They want to steal your personal information and ruin you. Zoom phishing scams are the latest conduit for planting malware,
designed to leave victims with stolen identities, destroyed credit histories, compromised passwords, and empty bank accounts.
FCC
orders US telecom companies to rip out Huawei equipment. US carriers and telecommunications companies receiving
Universal Service funding are now required to remove all Huawei technology, by order of the federal government. The US
Federal Communications Commission has ordered certain carriers to "rip and replace" all equipment produced by Huawei.
It follows continuing investigations into claims that Huawei represents a threat to national security, and Huawei's
application for a review of a similar ruling by the Public Safety and Homeland Security Bureau in June. "A laundry list
of evidence before us compels this result," said FCC chairman Ajit Pal in a statement. "But to summarize some of the
main points, Huawei has a long and well-documented history of close ties to the Chinese military and intelligence
communities, as well as the Chinese Communist Party, at every level of the company — all the way up to its founder."
Playstation
Says it Will Enable Voice Chats to be Recorded So Players Can be Snitched on for Mean Words. Sony has announced
that it will allow Playstation users to record in-game voice chats so players can snitch on each other for mean words said
during private conversations. Yes, really. The game console's latest update forces users to waive their privacy
rights, allowing others to report them and get their accounts banned for speech violations. "Following this update,
users are seeing a notification about Party Safety and that voice chats in parties may be recorded," Sony announced.
"Voice chat recording for moderation is a feature that will be available on PS5 when it launches, and will enable users to
record their voice chats on PS5 and submit them for moderation review. The pop up you're seeing on PS4 right now is to
let you know that when you participate in a chat with a PS5 user (post-launch), they may submit those recordings from their
PS5 console to SIE."
It's
2020, so why am I still able to read your pager traffic? On this blog we have posted numerous times about
privacy breaches stemming from insecure wireless pager traffic. Anyone with a radio or SDR can receive and decode pager
messages, and this has been known and done since the 1980's. Cameron's talk explains how paging systems work, who are
the modern users of pagers, how to capture and decode pager messages and how to best log and filter through messages.
He goes on to describe a number of major pager security breaches that he's personally seen. [Video clip]
60
Percent of Police Drones Are Chinese Made. Chinese manufacturers produced more than three in five drones used
by local and state law enforcement, potentially exposing sensitive geographic and personal data to the Chinese
government. Chinese tech companies have sold or gifted drones to more than 970 law enforcement and first responder
agencies across the country, presenting a massive national security risk, according to a new report by John Venable and Lora
Ries, senior research fellows at the conservative Heritage Foundation. The authors of the report warn that the Chinese
government can compel these companies to cough up sensitive data collected in the United States. The technology could
help Beijing identify vulnerabilities in U.S. critical infrastructure and track down the location of American civic leaders.
What
TikTok Hides Beneath Its Addicting Little Videos Should Scare You. Like almost all social media companies,
TikTok collects an enormous amount of data on its users, including IP addresses and browsing history. Researchers have
raised serious privacy and data security concerns about the app for years. In early 2019, TikTok paid a $5.7 million
fine to the U.S. Federal Trade Commission for illegally "collecting and exposing locations of young children, as well as
failing to delete information on underage children when instructed to do so." TikTok was under similar investigations in the
United Kingdom and India for allegations over its collection and misuse of data gathered from children. In January
2020, internet research company Check Point Research reported several vulnerabilities within the TikTok application, which
researchers said could easily allow malicious attackers to hurt a TikTok user by making private videos public or revealing
information saved on the account, such as personal emails.
California
Police, Amazon Ring Partnerships Raise Concerns. As nationwide protests force a deep examination of police
tactics and funding, technology companies say they are re-evaluating their relationship with law enforcement as well.
Amazon has halted police use of its facial recognition technology for one year and the website Nextdoor has stopped
forwarding tips to police. Now, privacy groups and activists are scrutinizing the relationships between Amazon and
local police departments that allow law enforcement to request access to video recordings from doorbell cameras installed in
private homes. Amazon's expanding network of law enforcement "partners" for its Neighbors app remains intact, an
arrangement that critics say is designed to boost sales of its Ring cameras and capitalize on fears of property crime.
Social media and news channels are filled with stories of package thieves and other incidents captured on Ring cameras, which
acts as a form of marketing for the products.
New
TikTok Ban Suddenly Hits Millions Of Users As Serious Problems Get Worse. Security concerns are nothing new to
TikTok — the Chinese viral sensation that has grown fast enough to compete with the likes of WhatsApp, YouTube and
Instagram for downloads. Few if any apps better reflect our time in coronavirus lockdowns than this bitesize video
sharing platform, but with great power comes great responsibility, and, so the arguments run, TikTok has totally failed the
test. While TikTok's headline security warnings have been mainly in the U.S., with cybersecurity alerts and reports of
military bans, the platform has actually seen more ruthless treatment at the hands of governments elsewhere —
particularly India. Some fourteen months ago, I reported on the country banning TikTok over concerns for child welfare,
following modest U.S. fines for data misuse.
Did
Your iPhone Secretly Install a COVID-19 Tracker? Users are reporting that the latest update for iOS (the
iPhone's operating system) automatically installed coronavirus contact-tracing software onto their phones. The change
appears to have come with update iOS 13.5 back in May and all subsequent updates. The tracking option was installed
discreetly on users' phones without announcement. It can be toggled on and off by going to settings > privacy > health.
Apple
Suddenly Catches TikTok Secretly Spying On Millions Of iPhone Users. As I reported on June 23, Apple has fixed
a serious problem in iOS 14, due in the fall, where apps can secretly access the clipboard on users' devices. Once the
new OS is released, users will be warned whenever an app reads the last thing copied to the clipboard. As I warned
earlier this year, this is more than a theoretical risk for users, with countless apps already caught abusing their privacy
in this way. Worryingly, one of the apps caught snooping by security researchers Talal Haj Bakry and Tommy Mysk was
China's TikTok. Given other security concerns raised about the app, as well as broader worries given its Chinese
origins, this became a headline issue.
Big
Tech is Strangling Us. In 2017 Roger McNamee highlighted the fact that "the big Internet companies know more
about you than you know about yourself, which gives them huge power to influence you, to persuade you to do things that serve
their economic interests." Thus, in 2013 "a study found that average consumers check their smartphones 150 times a
day. And that number has probably grown. People spend 50 minutes a day on Facebook. Other social apps
such as Snapchat, Instagram, and Twitter combine to take up still more time. Those companies maintain a profile on every
user, which grows every time you like, share, search, shop or post a photo. Google also is analyzing credit card records
of millions of people."
Zoom
Teleconferencing App 'Mistakenly' Exposed Data To China. The Zoom teleconferencing app has been "mistakenly"
routing user data through China, the Silicon Valley company admitted Friday evening [4/3/2020]. The app has surged in
popularity as workers and students the world over are stuck in their homes amid the coronavirus pandemic. Schools have
been using the app for online classes while companies and even governments have been using it to hold meetings, and much of
that data may have been exposed to China, the Financial Times reported. Certain calls were "allowed to connect to
systems in China, where they should not have been able to connect," the company said in a statement.
Billionaire
founder of Zoom has offloaded more than $38 million in company stock. The CEO and founder of Zoom Video
Communications has offloaded more than $38 million worth of stock in the company now facing intense scrutiny over alleged
privacy breaches, DailyMail.com can reveal. Zoom's profile and stock skyrocketed as millions of users turned to it to keep
in touch with colleagues, friends and family during the COVID-19 crisis lockdowns. But it has been hit by a string of privacy
concerns and allegations that the company failed to live up to its claim that communications were 'end to end encrypted.'
Instead, code in the original App allowed users' personal data to be disclosed to third parties, including Facebook.
Zoom
accused in lawsuit of improperly sharing user data with Facebook. Zoom Video Communications, the popular online
video conferencing platform, is facing a class-action lawsuit for allegedly sharing users' data with companies like Facebook
without those individuals' consent. The suit, filed in federal court in California by a Zoom user, accuses the company
of failing to "properly safeguard the personal information of the increasing millions of users" of its platform and
disclosing that information without adequate notice or authorization to Facebook and possibly other third parties. It
alleges that the behavior invades the privacy of users and violates California's Unfair Competition Law, Consumers Legal
Remedies Act and the Consumer Privacy Act.
We
polled Americans about which big tech companies they trust with their personal information. Americans generally
believe the biggest tech companies have too much power and ought to be split up. Among survey respondents:
• 56 percent said the government should break up tech companies if they control too much of the economy
• 72 percent said that Facebook has too much power • 51 percent said Google and
YouTube should be split into separate companies With multiple investigations now underway against the tech giants at both
the state and federal levels — and with the threat of even more regulation should a Democrat win the
presidency — there's good cause for companies to pay attention to the rise of anti-tech sentiment.
Federally
Subsidized Smartphones Contain Chinese Spyware. Smartphones being given by the federal government to low-income
people have Chinese spyware installed, spyware that can't be removed and that gives agents of Beijing considerable control
over those subsidized phones. According to researchers quoted in various media reports of the discovery of the malware,
the Android OS devices given to people participating in the federally funded and FCC-managed Lifeline Assistance program are
pre-loaded with applications that give the Chinese access to private data, including contacts and texts, and that allow the
company that developed one of the apps to remotely download additional apps to the phone without user participation. [...]
Another app pre-installed on the UMX phones is the Settings app. The Settings app is critical to the function of the
phone and as such cannot be removed without rendering the phone useless. Unlike other phones' native settings apps, the
UMX Settings app — developed by the Chinese — grants the developer the ability to remotely install
hidden ads onto the phone without user permission.
Hackers
Can Hijack Your House Through Your Light Bulb, Researchers Discover. Homes and businesses that use smart light
bulbs are at risk of being hacked and even spied on, new research has revealed. The vulnerability, which affects the
market-leading Philip Hue smart bulb, was discovered by researchers at security firm Check Point, who claim cyber criminals
could use it to plant spyware or ransomware on home networks. It works by exploiting a flaw with the popular ZigBee
protocol, which is commonly used within wireless networks.
Facebook
has finally launched its "clear history" button, but it doesn't delete anything. It's worth going and seeing
for yourself just how much data about you is being shared with Facebook. [...] I counted a grand total of 812 apps and
websites sending data about me back to Facebook, from national newspapers to my local coffee shop. At this point, it
feels safe to assume that most of the websites I'm visiting or apps I'm signing up to are probably sharing data on me with Facebook.
Smart
doorbell company Ring may be surveilling users through its app. Amazon's smart doorbell company Ring may be
using its app to surveil users, a report from the Electronic Frontier Foundation revealed on Wednesday [1/29/2020]. The
"Ring for Android" app shares user data including names, private IP addresses, mobile network carriers and sensor data with a
number of third-party trackers, the investigation found. At least four analytics and marketing companies receive such
information from customer devices. "Ring claims to prioritize the security and privacy of its customers, yet time and
again we've seen these claims not only fall short, but harm the customers and community members who engage with Ring's
surveillance system," Bill Budington, senior staff technologist at the EFF and author of the report, said.
What
does your car know about you? We hacked a Chevy to find out. Behind the wheel, it's nothing but you, the
open road — and your car quietly recording your every move. On a recent drive, a 2017 Chevrolet collected my
precise location. It stored my phone's ID and the people I called. It judged my acceleration and braking style,
beaming back reports to its maker General Motors over an always-on Internet connection. Cars have become the most
sophisticated computers many of us own, filled with hundreds of sensors. Even older models know an awful lot about
you. Many copy over personal data as soon as you plug in a smartphone. But for the thousands you spend to buy a
car, the data it produces doesn't belong to you. My Chevy's dashboard didn't say what the car was recording. It
wasn't in the owner's manual. There was no way to download it.
Why is a 22GB
database containing 56 million US folks' personal details sitting on the open internet using a Chinese IP address?
A database containing the personal details of 56.25 m[illion] US residents — from names and home addresses to
phone numbers and ages — has been found on the public internet, served from a computer with a Chinese IP address,
bizarrely enough. The information silo appears to have been obtained somehow from Florida-based CheckPeople.com, which
is a typical people-finder website: for a fee, you can enter someone's name, and it will look up their current and past
addresses, phone numbers, email addresses, names of relatives, and even criminal records in some cases, all presumably gathered
from public records. However, all of this information is not only sitting in one place for spammers, miscreants, and
other netizens to download in bulk, it's being served from an IP address associated with Alibaba's web hosting wing in
Hangzhou, east China, for reasons unknown. It is a perfect illustration that not only is this sort of personal
information in circulation, it's also in the hands of foreign adversaries.
Google-Connected
Cameras Show Images Inside Strangers' Homes. Owners of smart cameras linked to Google accounts have reported
seeing images from inside strangers' homes. One user shared still images online that were taken by other people's
cameras, including pictures of people sleeping, children playing with toys and even a baby asleep in a crib. "When I
load the Xiaomi camera in my Google Home Hub I get stills from other people's homes," a Reddit user by the name Dio-V
wrote. The images were shared on 1 January and appear to be taken on the same day. Google acknowledged
the issue and claimed it only affected cameras made by Xiaomi.
Blind
man's bluff: The curse of secret investigation. As Adam Mill dramatically put it: "It's the
greatest scandal in U.S. legal history. Most chilling of all is that the current FBI chief, Christopher Wray, recently
shrugged-off FBI agents lying to the FISA court." Maybe Wray was not surprised. But Mill may have been wrong in
applying the phrase "greatest scandal" to the FISA affair. The New York Times editorial board argues that a
much bigger abuse is being inflicted upon an unsuspecting public. Every moment of every day you are under
surveillance by your phone and providers don't even apply for a warrant. NYT reporters were given a workaday data set
collected by application providers.
Total
Surveillance Is Not What America Signed Up For. It is a federal crime to open a piece of junk mail that's
addressed to someone else. Listening to someone else's phone call without a court order can also be a federal
crime. The Supreme Court has ruled that the location data served up by mobile phones is also covered by constitutional
protections. The government can't request it without a warrant. But the private sector doesn't need a warrant to
get hold of your data. There's little to prevent companies from tracking the precise movements of hundreds of millions
of Americans and selling copies of that dataset to anyone who can pay the price. [...] Your smartphone can broadcast your
exact location thousands of times per day, through hundreds of apps, instantaneously to dozens of different companies.
Each of those companies has the power to follow individual mobile phones wherever they go, in near-real time. That's
not a glitch in the system. It is the system.
One
of the most popular chat apps in the US is actually a foreign spy tool. The United Arab Emirates is using one
of the most popular messaging apps in the United States to track the conversations, locations, and interactions of all of the
app's users. The app ToTok became one of the most downloaded messaging apps in the U.S. last week on both Apple and
Google's app store. The app, sold as a safe and secure way to communicate, is being used by the U.A.E. to spy on its
own people and others around the world, according to the New York Times. ToTok is most popular in the U.A.E.,
but also serves millions of users in Africa, Asia, Europe, the Middle East, and North America. The company that created
ToTok, Breej Holding, is believed to be a front group for an Abu Dhabi-based hacking firm called DarkMatter.
Don't
Buy Ring Or Other Home Surveillance Devices For Anyone, Ever. Looking for last-minute presents? Don't buy
Amazon's Ring home camera system. Easily hackable, super creepy, and massively Orwellian, Ring and other home
surveillance tech give you the illusion of protection while stealing your privacy and autonomy. Ring isn't the only
device to have been hacked. Nest, Alexa, and baby monitors are just a few of the home devices that have bad actors have
hacked and manipulated. A perv recently used a Ring camera to gain access to an eight-year-old girl's bedroom.
Her parents had installed the device to keep tabs on her. Through the camera, a truly disgusting man can be heard to
say: "I'm your best friend, I'm Santa Claus." The girl calls out for her mother, and the voice repeats: "I'm
Santa Claus, don't you wanna be my best friend?"
Your
car could be at risk of cyberattacks. Smart cars may make our lives easier on the road, but they are also
easily hacked by cyber criminals. Scientists have found 'holes' in these systems that lets digital deviants access your
data or worse, take over the vehicle. The first hole is when users plug their smartphone into their smart car, which is
an open door for hackers to breach vehicle systems.
Amazon,
Apple and Google join forces to make their home products 'speak to each other' to make smart homes a reality.
Amazon, Apple and Google will work together to create a new common standard that will make it easier for smart devices to
speak to each other. It is a move the technology giants hope will make it easier for consumers as they will be able to
use different devices from a variety of companies on the same network. 'We believe that the protocol has the potential to
be widely adopted across home systems and assistants', the new group said in a statement.
The Editor says...
There is no reason to make these devices talk to each other, except to exchange information about you.
Staten
Island creep hacks into Ring security camera to spy on teenager. A creep hacked into Ring security cameras
installed in a Staten Island home to spy on a teenage boy and chat with him — and now his mother is mulling a
lawsuit against the company. Gina Sgarlato's 13-year-old son, Blake, was in the kitchen area of the family's Sunnyside
home Wednesday when he heard a creepy voice coming from one of the half-dozen security cameras mounted in the house.
"Hello. I see you," the male voice says, prompting the startled teen to respond, "What?" according to security camera
footage obtained by The [New York] Post.
Tennessee
family says hackers accessed Ring camera in 8-year-old girl's room, taunted her. A family wants to warn others
after an alarming video was discovered from inside their 8-year-old daughter's room. Ashley LeMay shared the video with
FOX 17 News and says hackers gained access to a Ring video camera that had only been in her daughter's room for a few
days. The story is a horrifying one for families, as what was supposed to add more protection for a child turned into a
scary situation.
FTC
warns Christmas buyers that smart toys are a security risk. Thinking of giving a young person an
internet-connected smart toy this Christmas? If so, the US Federal Trade Commission (FTC) wants you to think very
carefully about the hidden and serious security risks you might be handing over with it. It would be easy to dismiss
such advice as glaringly obvious, but the FTC puts its finger on three capabilities that often spell trouble.
Your Smart TV could be spying on you,
FBI warns. Consumers need to think seriously about the security of their Internet-connect Smart TVs, according
to the FBI. "A number of the newer TV's also have built-in cameras," the FBI's Portland field office said, in a
statement. "In some cases, the cameras are used for facial recognition so the TV knows who is watching and can suggest
programming appropriately. There are also devices coming to market that allow you to video chat with grandma in 42' [sic]
glory." "Beyond the risk that your TV manufacturer and app developers may be listening and watching you, that television
can also be a gateway for hackers to come into your home," the FBI added.
The Surveillance Century:
Who Should Own Your Data? The best way to prevent spying on people is to spy on the spies and spot them
first. Ever since Microsoft won the national defense cloud computing contract they've had an implicit brief to watch
all the major hacking threats to that system. The "Big Four" are apparently China, Russia, Iran, and North Korea.
Though most of the media attention has been focused on Russia, even the smaller players pose a threat. "A hacking group
that appears to be linked to the Iranian government attempted to break into U.S. President Donald Trump's re-election
campaign but were unsuccessful," sources familiar with the operation told Reuters. To stop them, Microsoft has to spot
them first.
Facebook
rolls out update to patch iOS camera bug. Facebook's latest iOS update out Wednesday addresses a bug that has
been inadvertently activating the cameras of some users of the social network's popular Apple iPhone app. A version of
Facebook's iOS app released Friday contains a software flaw that abruptly opens the app's camera feature, according to the
social networking company. Facebook acknowledged the glitch after social media users began sharing videos over the
weekend showing their smartphone cameras suddenly becoming operational while using the app's other features.
The
Facebook app has been quietly turning on people's cameras and freaking them out. So paranoid 21st-century folk
may not be entirely happy to hear about a 'bug' which turns on their phone's camera whilst they're using the Facebook
app. The glitch affects iPhone owners, who said their camera suddenly switched itself on while they were scrolling
through their feed, watching videos or looking at photos. When people turned the video to full-screen mode and then
switched back to Facebook's normal view, they could see a little open space on the left and the camera app in the
background. Several people have tweeted about the bug and it has been replicated by tech journalists.
Facebook is secretly
using your iPhone's camera as you scroll your feed. iPhone owners, beware. It appears Facebook might be
actively using your camera without your knowledge while you're scrolling your feed. The issue has come to light after a
user going by the name Joshua Maddux took to Twitter to report the unusual behavior, which occurs in the Facebook app for
iOS. In footage he shared, you can see his camera actively working in the background as he scrolls through his feed.
Police
interrogate Alexa for clues in fatal spear-stabbing. Police in South Florida plan to interrogate a potential
witness to a fatal stabbing: Amazon's Alexa smart speaker app. Last week, the South Florida SunSentinel reported
that police in Hallandale Beach issued a search warrant for anything recorded by two devices — an Echo and Echo
Dot — found in the apartment where a woman who was arguing with her boyfriend was killed in July. Police
have accused Adam Reechard Crespo of murdering his girlfriend, Silvia Galva.
Advice:
unload your Fitbits. News: Google to acquire Fitbit, valuing the smartwatch maker at about $2.1B. How
does this acquisition make your life better? What can possibly go wrong? "Nothing," based on this reassurance from
Fitbit's CEO: [...] Uh huh, just "trust me." All that history of personally identifiable information going into
Google's Big Data? "Can't wait" until we inevitably get fully-government-controlled healthcare (Elizabeth Warren must be
salivating over this acquisition). The federal bureaucrats will love this level of invasive information and will "find a
way" to get their hands on this data.
Spotify
is giving free Google Home Minis to all Spotify Premium users. If you're a Spotify Premium user (whether you've
had it for years or are just signing up today), you can get a free Google Home Mini. Yes, you read that correctly and
we read the fine print for you — Spotify is giving away Google Home Minis to all Spotify Premium users.
The Editor says...
I'm not sure what Spotify is, but whatever its value may be, I wouldn't put a microphone in my house so Google could listen
24/7, no matter what incentives were offered. Why do you suppose Google and Amazon (see below) are offering incentives
to get these devices into more residences?
Get an Amazon
Echo Dot for Just $9 Today. If you're an Amazon Prime member — and we haven't scared you off from
smart speakers altogether just yet — now might be your chance to finally pull the trigger. Right now, Amazon
Prime members can buy an Echo Dot, which normally sells for $49.99 on the site, for just $8.98. You can use your Echo to
read the news, listen to audiobooks or just use it as a fancy alarm clock (as I do); you'll also get a free month of Amazon
Music Unlimited out of the deal, which you can cancel at any time.
The Editor says...
Exactly as above, I wouldn't put one of these
things in my house, either, no matter what the incentives. The only difference here is that Amazon can listen 24/7
rather than Google. It's one thing to have your privacy invaded by a big company without your permission, but you
can't complain when you have invited them to do so.
Sinister
prankster hacks Nest camera, threatens to kidnap baby. A California father said this week that a hacker
infiltrated his Nest camera, commandeered the voice function and threatened to steal his baby — the latest in a
string of disturbing security breaches of the devices. [...] Other Nest users across the country have reported hackers
infiltrating their devices, yelling curses at owners and even using the device to raise the temperature on their
thermostats. In January, an Illinois couple said a voice spoke to their child through their Nest camera and later
spewed obscenities at them.
Google
Executive: You Should Warn Guests About Smart Speakers in Your Home. BBC News reports that during a
recent interview, Google's devices chief Rick Osterloh was asked if homeowners should warn guests that smart devices such as
Google Home or Amazon Echo were in use. The Google executive seemed surprised by the question but eventually agreed
that they should indeed be informed.
Here's
how Alexa learned to speak Spanish without your help. Now that Alexa knows how to speak Spanish in the US,
there's a common question: how did it learn the language when it didn't have the benefit of legions of users issuing
commands? Through new tools, it seems. Amazon has revealed a pair of system that helped Alexa hone its
español (and Hindi, and Brazilian Portugese) using just a tiny amount of reference material. Effectively, they
gave the natural language machine learning model a jumpstart. The first tool studies a handful of "golden utterances"
(that is, reference commands suggested by the developers) to learn general syntax and semantics patterns. After that,
it produces "rewrite expressions" that themselves create thousands of new yet similar sentences to work from. The
system works quickly — you could move from 50 utterances to a fully operational linguistic set in
less than two days.
Apple
under scrutiny for sending Safari browsing data to China's Tencent. Apple is attracting scrutiny for its
practice of checking if the websites you're visiting visiting are fraudulent and malware-infested after Chinese internet
conglomerate Tencent was found listed as a Safe Browsing provider. The Safari feature — dubbed "Fraudulent
Website Warning" in iOS and macOS — is meant to enhance online security by cross-referencing URLs against a
blacklist service provided by safe browsing providers such as Google and Tencent. "This feature appears to be 'on' by
default in iOS Safari, meaning that millions of users could potentially be affected," said John Hopkins cryptography
professor Matthew Green.
Amazon
Workers May Be Watching Your Cloud Cam Home Footage. In a promotional video, Amazon.com Inc. says its Cloud Cam
home security camera provides "everything you need to monitor your home, day or night." In fact, the artificially intelligent
device requires help from a squad of invisible employees. Dozens of Amazon workers based in India and Romania review select
clips captured by Cloud Cam, according to five people who have worked on the program or have direct knowledge of it. Those
video snippets are then used to train the AI algorithms to do a better job distinguishing between a real threat (a home invader)
and a false alarm (the cat jumping on the sofa). An Amazon team also transcribes and annotates commands recorded in
customers' homes by the company's Alexa digital assistant, Bloomberg reported in April.
Smart
TVs Caught Sending Sensitive User Data To Facebook And Netflix. A study by researchers from Northeastern
University and Imperial College London found that many popular smart TV models, including models by Samsung and LG, as well
as streaming dongles Roku and Amazon FireTV, are leaking sensitive user data to advertisers. The models listed above
would share data like location and IP address with Netflix, Facebook and third-party advertisers, according to the FT.
Home
Depot And Lowe's Accused Of Scanning Millions Of Customers Faces. Home improvement stores like Home Depot and
Lowe's have become partners in Big Brother's ever expanding public surveillance program. Home Depot's "You Can Do
It. We Can Help" slogan should really say, "We Can Do It. We Can Help Big Brother." And Lowe's "Do It Right For
Less. Start At Lowe's" slogan should say, "Doing It Right And Identifying Every Customer, Starts At Lowe's."
According to the Cook County Record, two recent class action lawsuits accuse Home Depot and Lowe's of secretly using facial
recognition to identify customers as soon as they enter their stores.
The Editor says...
Good. Send an email to my wife telling her that I just walked in to Home Depot, and I'm headed toward the
cable ties and wire nuts. Wait, now I'm just walking up and down the lumber aisle, because the smell reminds me
of the Saturday mornings in 1963 when my dad would take me to the lumber yard. Okay, maybe they don't have access
to those details -- yet.
Amazon's
Alexa to accept donations for 2020 presidential candidates. Starting in October, users of Amazon's
voice-controlled home assistant, Alexa, will be able to verbally make a political contribution between $5 and $200 to a
participating 2020 presidential candidate, the company announced Wednesday [9/18/2019]. In order to use the new Alexa
Political Contributions feature, users must have voice purchasing enabled in their Alexa settings, as well as valid default
payment method in their Amazon accounts. "Alexa, donate [amount] to [candidate name]" is another phrase users can say
to support a preferred political hopeful.
The Editor says...
Do you really want Amazon to know all about your political contributions?
This
Company Built a Private Surveillance Network. We Tracked Someone With It. In just a few taps and clicks,
the tool showed where a car had been seen throughout the U.S. A private investigator source had access to a powerful system
used by their industry, repossession agents, and insurance companies. Armed with just a car's plate number, the
tool — fed by a network of private cameras spread across the country — provides users a list of all the
times that car has been spotted. I gave the private investigator, who offered to demonstrate the capability, a plate of
someone who consented to be tracked.
The
Surveillance State: Have Americans Unwittingly Opted In? When was the last time you sat down and read
through the entirety of an app or hardware devices terms of use? The usually thousands of words long legalese omelet is
easily bypassed by scrolling to the bottom of the page and clicking on the "I agree" box and unfortunately, that's what most
Americans in the modern world of instant gratification tend to do. I mean, all of these apps that we use on a regular
basis to order food, listen to music, and even find a mate, require that we "opt in," and whether we have a conscious
understanding or what that truly means or not, doing so has allowed for everything from the contents of your inbox and
contact list to control of your phones camera and microphone to be manipulated by the application.
Google's
newest smart home device is always listening and watching. Google's latest smart product has some users wary,
as concerns grow over the 'spying' abilities of internet-connected home devices. The firm launched the successor to its
Nest Hub (formerly called the Home Hub) on Tuesday, offering its Smart Display with Google Assistant and a bigger, 10-inch
screen. And, unlike those before it, the $229 Nest Hub Max has a built in camera that can recognize different faces.
Are
Google, Amazon, Apple Smart Speakers Carrying On Secret Surveillance? The founder of a major venture capital
firm in Silicon Valley and former executive at Time Warner and AOL believes surveillance is the main objective of voice-commanded
"smart speakers" such as Amazon's Alexa, Google's Home, and others. "I would say that there's two or three layers, sort of
problematic layers, with these new smart speakers, smart earphones that are in market now," said John Borthwick during an
interview with Yahoo Finance Editor-in-Chief Andy Serwer. "And so the first is, from a consumer standpoint, user
standpoint, is that these, these devices are being used for what's — it's hard to call it anything but surveillance,"
Borthwick added. Borthwick's privileged position on the inside of these major tech firms and the firms that fund them
give his opinion weight and that weight should make owners of these devices worry.
Big
Tech Investor: Google and Amazon use Smart Speakers as Surveillance Systems. Tech investor John Borthwick
says that smart speakers from the like of Amazon and Google are being used for mass surveillance. Borthwick is
forthcoming with his assertion that the information gathering performed by such devices is the same thing as surveillance.
Borthwick is the founder of venture capital firm Betaworks and former Time Warner and AOL executive. "I would say that
there's two or three layers sort of problematic layers with these new smart speakers, smart earphones that are in the market
now," Borthwick told Yahoo Finance Editor-in-Chief Andy Serwer during an interview for his series Influencers.
"And so the first is, from a consumer standpoint, user standpoint, is that these, these devices are being used for what's —
it's hard to call it anything but surveillance," Borthwick said.
Google
reveals major iPhone security flaws that let websites hack phones. Security researchers working in Google's
Project Zero team say they have discovered a number of hacked websites which used previously undisclosed security flaws to
indiscriminately attack any iPhone that visited them. Motherboard reports that the attack could be one of the
largest ever conducted against iPhone users. If a user visited one of the malicious websites using a vulnerable device,
then their personal files, messages, and real time location data could be compromised. After reporting their findings
to Apple, the iPhone manufacturer patched the vulnerabilities earlier this year.
Apple
apologizes for letting contractors eavesdrop on Siri's sex recordings. Sorry we've been eavesdropping on your
sex life. Apple on Wednesday [8/28/2019] apologized to its users for employing third-party contractors to listen to
audio recordings picked up by its Siri voice assistant, including when the voice assistant program was accidentally triggered
by muffled background noise. The practice — in which Apple had contractors listened to recordings to grade
Siri's performance — made waves after a whistleblower said the voice assistant routinely recorded people having
sex, as well as making drug deals and discussing confidential medical information. "We realize we haven't been fully
living up to our high ideals, and for that we apologize," Apple said Wednesday.
Doorbell-camera
firm Ring has partnered with 400 police forces, extending surveillance reach. The doorbell-camera company Ring
has quietly forged video-sharing partnerships with more than 400 police forces across the United States, granting them access
to homeowners' camera footage and a powerful role in what the company calls the nation's "new neighborhood watch." The
partnerships let police automatically request the video recorded by homeowners' cameras within a specific time and area,
helping officers see footage from the company's millions of Internet-connected cameras installed nationwide, the company
said. Officers don't receive ongoing or live-video access, and homeowners can decline the requests, which Ring sends
via email, thanking them for "making your neighborhood a safer place."
Apple
Just Gave 1.4 Billion iPad, iPhone Users A Reason To Leave. Last month The Guardian revealed Apple was
employing contractors to listen to and "grade" Siri recordings and they "regularly" heard confidential information from
iPhone and iPad users, including medical information, drug deals and recordings of couples having sex. And now a new
report from the Irish Examiner has given a sense of scale to what was happening. "Contractors in Cork [Ireland] were
expected to each listen to more than 1,000 recordings from Siri every shift, before Apple suspended the practice last month,"
explains the Examiner, who got its information from "an employee who had their contract abruptly terminated this week."
Did
Mark Zuckerberg Lie Under Oath About Facebook Eavesdropping Through Your Phone? Last April, in front of the
U.S. House Committee on Energy and Commerce, Facebook CEO Mark Zuckerberg told Congress that the social media giant was "not
collecting any information verbally on the microphone," and "does not have contracts with anyone else who is." On
Tuesday [8/13/2019] this week, Bloomberg reported that Facebook has indeed been paying outside contractors to
transcribe clips of audio from users.
Facebook
Has Been Paying Outside Contractors to Listen to and Transcribe Users' Audio Messages. Facebook has been using
outside contractors to listen to and transcribe users' audio clips, again raising questions about the transparency of the
company's terms of service and its handling of sometimes-sensitive personal data. The latest disclosure came via a
Bloomberg report that found the company has been using hundreds of outside contractors to provide text versions of audio
messages sent through Facebook Messenger. The social media company confirmed to Bloomberg that it had been transcribing
audio messages, saying that the transcription was limited to those who opted in to the text transcription service option on
Facebook's Messenger app. Facebook said the purpose of hiring human transcribers was to provide a check on the
company's artificial intelligence translations of anonymized messages and improve their accuracy.
Ninth
Circuit Advances $35 Billion Privacy Suit Against Facebook. Rejecting arguments that Facebook users suffered no
"concrete harm" by having their facial data mapped and stored, the Ninth Circuit advanced a $35 billion class action against
the social media giant Thursday [8/8/2019]. Facebook sought to swat down the lawsuit last year after U.S. District Judge
James Donato ordered it to alert users about an upcoming trial on claims that it harvested facial data in violation of an
Illinois privacy law.
What
Hillary, Seth, and Paige Have in Common. Recently we learned that over 100 million Americans' sensitive personal
information — names, dates of birth, Social Security numbers, credit histories, income information — was
stolen from a major U.S. financial institution from what is often touted as a new, "highly secure," cloud-based data storage
system. But here's the reality: No one's information is safe in the modern world, because all systems rely on
human beings, who are inherently untrustworthy.
Siri
records fights, doctor's appointments, and sex (and contractors hear it). Voice assistants are growing in
popularity, but the technology has been experiencing a parallel rise in concerns about privacy and accuracy. Apple's
Siri is the latest to enter this gray space of tech. This week, The Guardian reported that contractors who review Siri
recordings for accuracy and to help make improvements may be hearing personal conversations. One of the contract
workers told The Guardian that Siri did sometimes record audio after mistaken activations. The wake word is the phrase
"hey Siri," but the anonymous source said that it could be activated by similar-sounding words or with the noise of a
zipper. They also said that when an Apple Watch is raised and speech is detected, Siri will automatically activate.
Google
finds cheap way out of multibillion-dollar 'wi-spy' suit. Google is poised to pay a modest $13 million to end a
2010 privacy lawsuit that was once called the biggest U.S. wiretap case ever and threatened the internet giant with billions
of dollars in damages. The settlement would close the books on a scandal that was touched off by vehicles used by
Google for its Street View mapping project. Cars and trucks scooped up emails, passwords and other personal information
from unencrypted household Wi-Fi networks belonging to tens of millions of people all over the world. The debacle
became known as "Wi-Spy," and it caused almost as much of an uproar as Facebooks's more recent Cambridge Analytica scandal.
Equifax
agrees to pay $700M after massive data breach. The Wall Street Journal says Equifax will pay around $700 million
to settle with the Federal Trade Commission over a 2017 data breach that exposed Social Security numbers and other private
information of nearly 150 million people.
Zuckerberg's
new cryptocurrency is absolutely terrifying. Does this strike anyone else as terrifying? A company that
has operated with impunity, under zero federal regulations, whose CEO, Mark Zuckerberg, has been called — in a
hapless act of political theater — to explain his shadowy practices before Congress, yet has never offered
specific correctives to any of his outfit's failings or overreaches or unintended consequences, makes its next big move
this? As declarations go, it's astonishing. Zuckerberg is out for nothing less than dominion over us all. If
you're one of the site's 2.6 billion users, Facebook's operators know where you are all the time, whether you're logged on
or not. They know what you're buying, even if you're in a brick-and-mortar shop. They scan photos you upload for
biometrics. They mine your data and sell it to advertisers, but they won't say how much of it, only that it's a small
amount, promise. Facebook's not the product. We are.
FaceApp
security concerns: Russians now own all your old photos. The eerie FaceApp photo filter, which uses AI to
digitally age your face, has gone viral, with millions on social media sharing their sagging simulacrum, including celebs
such as Drake, the Jonas Brothers and Kevin Hart. However, experts warn that the free "old age filter," created in 2017
by developers at Wireless Lab in St. Petersburg, Russia, poses security concerns that may give them access to your
personal information and identity.
How
Much Do We Trust Alexa, Siri, Nest, and Ring — and Their Makers? The electronic "smart home"
promises endless convenience and security. People will control the temperature of their home from their office.
This fall, Walmart will launch a service that will let a delivery worker unlock a house with an app and then stock its
refrigerator with food, all monitored by a live camera on the worker's chest. It all sounds too good to be true.
And maybe it is. Before we plunge headlong into the Brave New World of smart homes, let's pause and consider potential
bugs in the system.
In Stores, Secret Surveillance Tracks Your
Every Move. I worked as a senior software engineer for a year for one of these companies, on the core product.
[...] This really is the bigger story, but the article has missed it. Apps really are random bits of software strangers
run on your phone. Users have no idea which sketchy friend-of-a-friend-of-a-friend has just managed to get his API
running on their phone. Simple solution to this: do not install apps on your phone. I'm not kidding.
People have the expectation they are buying a phone — paying a lot of money for a phone — to put
apps on it and use them, and that it must be possible to do this, because they've spent a bunch of money on it. This is
not the case. The time when apps could be used on phones has passed. You cannot now buy a phone to run apps,
because it is not safe to do so. This means phones no longer make sense. It is in fact I would say a tragedy of
the commons. If you are going to do this [...] silly thing, don't do it in this [...] silly way. Root your
phone first and get a firewall installed — and don't log into Google on your phone, not ever.
Report:
FTC Fines Facebook $5 Billion for Privacy Violations. The Federal Trade Commission (FTC) reportedly approved a
$5 billion settlement with Facebook on Friday following the social media giant's handling of the Cambridge Analytica
scandal. This serves as the largest fine the FTC has given out for privacy violations; however, politicians and
activists have said that this fine serves as a "bargain" for Facebook. The Wall Street Journal cited a person
familiar with the matter, suggesting that the FTC voted 3-2, along party lines, to approve a $5 billion settlement with
Facebook.
Amazon
Alexa Calls Police On Man Who Was Allegedly Beating His Girlfriend. A New Mexico man was arrested after police
received a 911 call from an Amazon Alexa smart speaker. Police say that 28-year-old Eduardo Barros was house-sitting
with his girlfriend when they started to argue. Barros reportedly pulled out a gun and threatened to kill the woman,
who authorities have not identified. At one point, he asked her: "Did you call the sheriffs?" The smart
speaker and the voice-powered virtual assistant heard his question and believed it was a command, so it dialed 911 on the
home's landline.
Report:
Google Android Lets Apps Track You Regardless of Permissions. According to a recent study, Google's Android
operating system is allowing more than 1,300 apps to bypass system permissions controlling access to user data to track users
without their knowledge. ZDNet reports that a recent study by the International Computer Science Institute (ICSI)
claims that as many as 1,325 Android apps installed across 500 million Android devices have found methods to bypass the
Android operating systems permissions system to continue to track users without their knowledge or consent.
Beware of the Cloud. As obvious
as it sounds, the following needs to be said: Any time you store data on the internet, you open yourself up to a
cyberattack. Cybersecurity issues are becoming a daily struggle for businesses around the globe. Recent research
suggests that most companies have unprotected data and poor cybersecurity practices, making them vulnerable to data
loss. This is particularly problematic in the cloud, where colossal amounts of data are stored by millions of users on
the same system. In May of this year, hackers accessed emails and file-sharing systems of some customers of cloud
provider PCM, Inc. Hackers stole administrative credentials that granted them access to customer accounts in Microsoft
Office 365.
Facebook
usage falling after privacy scandals, data suggests. Facebook usage has plummeted over the last year, according
to data seen by the Guardian, though the company says usage by other measures continues to grow. Since April 2018, the
first full month after news of the Cambridge Analytica scandal broke in the Observer, actions on Facebook such as likes,
shares and posts have dropped by almost 20%, according to the business analytics firm Mixpanel.
They
are Watching Us — All the Time. During the Obama presidency, Americans discovered that his
administration's intelligence agencies were spying on us. In fact, Director of National Intelligence James Clapper lied
to Congress about it, for which he was never charged — but then, he's a Democrat, the laws don't apply to
them. Eventually, he came clean, admitting that all Americans were being spied on, all the time, with spy agencies
keeping a record of all phone conversations, texts, and emails made by every American. This was merely a precaution in
case they ever needed to prosecute any of those who disagreed with Barry. Yet, I believe that the tech industry not
only does the same thing (spying) but does it better.
The
future will be recorded, on your smart speaker. Amazon's patent application for an always-on feature for Alexa,
its popular voice-activated personal assistant, has raised a lot of concern. "If you're already freaked out by the
privacy implications of smart speakers like Amazon's Echo," says Gizmodo, "we have some bad news." A headline in
ScienceAlert is even more direct: "Newly Released Amazon Patent Shows Just How Much Creepier Alexa Can Get." You
get the idea. But the anxiety is much ado about nothing. An Alexa that's always listening will likely prove more
useful than an Alexa that isn't; and, in any case, always-on devices are certainly our future.
Amazon
sued for recording children's voices via Alexa. Amazon was slapped with a pair of class-action lawsuits this
week over its Alexa voice assistant, which is getting accused of recording and storing the voices of children without their
or their parents' consent. Both cases portray kids as vulnerable to Alexa's voice recording and transcription
technology, which allows Amazon to amass "a vast level of detail about the child's life, ranging from private questions they
have asked Alexa to the products they have used in their home." The suits also claim the technology violates laws in
eight states that prohibit the recording of oral communications without the consent of all participating parties.
Facebook
attorneys admit in court there's NO privacy on its platform. Although it has only been around for 15 years,
Facebook has certainly made its mark on the world and how it functions. For many of its 2.27 billion users, life before
Facebook is nothing but a distant memory. An entire generation of people looks to the social media giant to find friends and
connect with family, and millions of people rely on its news feed to remain up to date in an ever-changing world. When more
than a quarter of the world's population is entrusting you with their information there is a huge level of responsibility to
protect their privacy. But, while Facebook has been happy to rack up billions in profits, its CEO Mark Zuckerberg has been
oblivious to this massive responsibility.
Amazon's
Plan to Move In to Your Next Apartment Before You Do. When tenants first walk into their new apartment at the
Brandon Place complex in Oklahoma City, they aren't likely to notice anything out of the ordinary for 2019 — there
are smart locks on the door with keycode entry, and contemporary thermostats with LCD touch screens. [...]
Newly
Released Amazon Patent Shows Just How Much Creepier Alexa Can Get. A newly revealed patent application filed by
Amazon is raising privacy concerns over an envisaged upgrade to the company's smart speaker systems. This change would
mean that, by default, the devices end up listening to and recording everything you say in their presence.
UN
report: Female AI voices like 'Alexa' perpetuate harmful gender stereotypes. Female default voices for
artificial intelligence personal assistants may inadvertently reinforce gender stereotypes, according to a study published by
United Nations Educational, Scientific, and Cultural Organization (UNESCO). Default female voices for the devices, as
well as names like Alexa and Siri, may precondition users toward antiquated views of women, according to the study.
UNESCO also found assistants rarely have safeguards against abuse and gendered language. For example, Siri will respond
to being told to make the user a sandwich with "I can't. I don't have any condiments," according to the study.
Insulting Siri prompts only the response "I'd blush if I could," which is the title of the report.
The Editor says...
I wouldn't have one of those voice-activated "assistants" in my house if you gave it to me. If you have one,
it's obviously listening to everything you say, waiting for the trigger word that supposedly wakes it up. If you personify
such a gadget and start saying nasty things to it, you've got a few screws loose; however, you can bet that somewhere at Amazon or
Google, they're keeping track of every vulgar thing you've said, just in case you run for office someday.
"Therefore whatsoever ye have spoken in darkness shall be heard in the light; and that which ye have spoken in the ear in closets
shall be proclaimed upon the housetops."
WhatsApp
was hacked and attackers installed spyware on people's phones. WhatsApp was hacked, and attackers installed
sophisticated spyware on an unknown number of people's smartphones. The Facebook subsidiary, which has 1.5 billion
users, said it discovered in early May that "an advanced cyber actor" infected an unknown number of devices with the malware.
The Financial Times, which first reported on the issue on Monday [5/13/2019], said bad actors exploited a vulnerability to install
the surveillance technology by calling the target through WhatsApp, giving them access to information including location data
and private messages. Even if the target didn't pick up, the malware was able to infect the phone.
Alexa
has been eavesdropping on you this whole time. Would you let a stranger eavesdrop in your home and keep the
recordings? For most people, the answer is, "Are you crazy?" Yet that's essentially what Amazon has been doing to
millions of us with its assistant Alexa in microphone-equipped Echo speakers. And it's hardly alone: Bugging our
homes is Silicon Valley's next frontier.
23 reasons
not to reveal your DNA. DNA testing is a booming global business enabled by the internet. Millions of
people have sent samples of their saliva to commercial labs in hopes of learning something new about their personal health or
heritage, primarily in the United States and Europe. In some places, commercial tests are banned. In France, you
could face a fine of around $4,000 USD for taking one. Industry giants Ancestry.com, 23andMe, MyHeritage and
FamilyTreeDNA market their services online, share test results on websites, and even offer tutorials on how to search for
relatives in phone directories, or share results in social media. They often also claim rights to your genetic data and
sell access to their databases to big pharmaceutical and medtech companies.
Facebook Anticipates Fine
of Up To $5 Billion. Facebook is anticipating a multi-billion dollar fine from the Federal Trade Commission (FTC)
over their handling of the Cambridge Analytica scandal, according to The Hill. The company disclosed to investors in its
quarterly earnings report that they have already put $3 billion aside for this on Wednesday [4/24/2019], adding that they
haven't reached a settlement with the FTC, and are unsure when this will be resolved. The fine could be as high as
$5 billion, according to The New York Times.
Alexa
Is Listening All The Time: Here's How To Stop It. Recent news reports in the last week revealed that
Amazon has thousands of workers listening to Amazon Echo aka Alexa voice assistant recordings. That is a bit unnerving,
however, this post will share several ways, including a serious DIY project, to increase your privacy.
Your car is watching you. Who
owns the data. If you're driving a late model car or truck, chances are that the vehicle is mostly computers on
wheels, collecting and wirelessly transmitting vast quantities of data to the car manufacturer not just on vehicle
performance but personal information, too, such as your weight, the restaurants you visit, your music tastes and places you
go. A car can generate about 25 gigabytes of data every hour and as much as 4,000 gigabytes a day, according
to some estimates.
Amazon
Workers Are Listening to What You Tell Alexa. Tens of millions of people use smart speakers and their voice
software to play games, find music or trawl for trivia. Millions more are reluctant to invite the devices and their
powerful microphones into their homes out of concern that someone might be listening. Sometimes, someone is.
Amazon.com Inc. employs thousands of people around the world to help improve the Alexa digital assistant powering its line of
Echo speakers. The team listens to voice recordings captured in Echo owners' homes and offices. The recordings
are transcribed, annotated and then fed back into the software as part of an effort to eliminate gaps in Alexa's
understanding of human speech and help it better respond to commands.
The Editor says... What you tell Alexa is not the problem. The problem is that Alexa listens to everything in the house (or office),
long after you have forgotten that Alexa is around. I wouldn't have one of those devices in my house if you gave it
to me, and every time I'm around one of them, I say so.
How
to Check Your Hotel Room for Hidden Cameras. [Scroll down] As for physical inspections, hotel guests
should look for anything in the room that appears abnormal. Small holes in the walls or other objects; random wires in
unexpected places; and any blinking or flashing lights are all good indicators a camera might be hidden somewhere in your
room. However, [Mike] O'Rourke said there are no "typical" spots in which people hide illegal recorders. "Light
fixtures, smoke detectors, clock radios, coffee pots and electric sockets have all been used to hide cameras. I've seen
cameras in the air conditioner vents in hotel rooms.
WhatsApp
co-founder accuses Mark Zuckerberg of trading privacy for revenue after allowing ads on the platform. WhatsApp
co-founder Brian Acton urged people to 'delete' their Facebook accounts now, during an address made to students. Mr Acton,
now the head of non-profit WhatsApp rival Signal, blasted Facebook CEO Mark Zuckerberg for trading privacy for revenue by allowing
ads on his platform. He has now called for people to 'reject' Facebook by deleting its family of apps from their smartphones
and other devices. It comes after the world's largest social network has been beset by a string of privacy scandals.
Zuckerberg
wants Facebook to build a mind-reading machine. If you're concerned about Facebook's privacy scandals or worried that
it's listening in on your phone calls, you'll likely be disturbed by CEO Mark Zuckerberg's recent comments at Harvard. Despite
the fact that Facebook is under fire from Sen. Elizabeth Warren (D-Mass.) and facing more skepticism from the public about its
business practices, the tech giant's chief executive officer discussed the company's research into a brain-computer interface that
would allow people to use their mind to navigate through augmented reality. Even though this might sound creepy, don't worry,
Zuckerberg said they have no current plans to develop surgically implanted chips. The idea would be to produce some type of
external device, perhaps glasses, that allows users to control digital additions to the landscape without speaking or typing anything.
Cryptocurrency
wallet caught sending user passwords to Google's spellchecker. The Coinomi wallet app sends user passwords to
Google's spellchecking service in clear text, exposing users' accounts and their funds to man-in-the-middle (MitM) attacks
during which attackers can log passwords and later empty accounts. The issue came to light yesterday after an angry
write-up by Oman-based programmer Warith Al Maawali who discovered it while investigating the mysterious theft of 90 percent
of his funds.
Who's
making money from your DNA? If you've ever sent off your DNA to an ancestry or health-screening company for
analysis, chances are your DNA data will be shared with third parties for medical research or even for solving crime, unless
you've specifically asked the company not to do so.
Your
iPhone Has a Hidden List of Every Location You've Been. Sure, many of us know that our iPhone generally tracks
us when we use certain apps to enable it to share personalized information like the local weather, coffee shop
recommendations, and more. But in a quick survey I ran with some friends, not one person (out of dozens of people that
I surveyed) knew where or how to navigate to this specific screen that I'm talking about here. It's called the
Significant Locations list.
Alternative viewpoint: iOS's Significant Locations list tracks every
location visited. This is very old news. Apple has explained why they collate this data, how it is used
and the tight security surrounding it. And they make it simple to switch off. The article stupidly implied that
the setting is buried — no, not having any interface at all is burying it. Apple was under no obligation to surface
this data in the UI, let alone with the clarity and detail in which they did. If you're a privacy paranoid — well you
shouldn't have a smartphone at all — but if you have an iPhone, at the very least I'd expect you to comprehensively
circumnavigate the privacy section in Settings.
Google
says the built-in microphone it never told Nest users about was 'never supposed to be a secret'. In early
February, Google announced that its home security and alarm system Nest Secure would be getting an update. Users, the
company said, could now enable its virtual-assistant technology, Google Assistant. The problem: Nest users didn't
know a microphone existed on their security device to begin with. The existence of a microphone on the Nest Guard,
which is the alarm, keypad, and motion-sensor component in the Nest Secure offering, was never disclosed in any of the
product material for the device.
Airlines found
to have cameras in entertainment sets. Newer seat-back entertainment systems on some airplanes operated by
American Airlines and Singapore Airlines have cameras and it is likely they are also on planes used by other carriers.
American and Singapore both said on Friday [2/22/2019] that they have never activated the cameras and have no plans to use them.
The Editor says...
Ri-i-i-i-ight. The cameras were designed into the seats. Somebody had to write a contract for seats that included
cameras, and somebody else had to justify the additional expense. It is therefore very difficult to believe that the
airlines had "no plans to use them."
You Give Apps Sensitive Personal Information. Then They Tell
Facebook. Millions of smartphone users confess their most intimate secrets to apps, including when they want to
work on their belly fat or the price of the house they checked out last weekend. Other apps know users' body weight,
blood pressure, menstrual cycles or pregnancy status. Unbeknown to most people, in many cases that data is being shared
with someone else: Facebook Inc. The social-media giant collects intensely personal information from many popular
smartphone apps just seconds after users enter it, even if the user has no connection to Facebook, according to testing done by
The Wall Street Journal. The apps often send the data without any prominent or specific disclosure, the testing showed.
From
Echo to Ring doorbell and Fire TV, are you comfortable Amazon controlling your smart home? [Scroll down]
Amazon and Eero downplayed the privacy issues, saying the mesh router doesn't share Wi-Fi information. But Amazon, as
Eero does now, will soon know how you use your Wi-Fi, whether that's on computer or a mobile, just by being in your home
network. Techies loved Eero because it solved an important problem: helping to wipe out spotty Wi-Fi service across the
home. In his 2016 review, USA TODAY's Edward Baig said, "my dead zones appear to be a dead issue." The Eero was
the first such product in a category soon emulated by Google, Netgear, Linksys and others. A three-pack of the Eero
(for multiple rooms) sells for $500; Google undercut it in its version to $250. Now, with Amazon taking on Eero, "you
can't really escape Amazon in the home," said Carolina Milanesi, an analyst with Creative Strategies. "One big company
is delivering too many devices."
Customer
loyalty rewards programs used to convince the public to accept 9,000 private license plate readers. The die has
been cast, whether it is digital drivers licenses, digital license plates, license plate readers or facial recognition
cameras. Everyone from private corporations to law enforcement follows the same script; offer Americans customer
loyalty rewards programs in exchange for the loss of their privacy. Surveillance politics and law enforcement regularly
tout license plate readers as a necessary extension of public safety at the expense of our privacy. But now things have
gotten out of control as a recent Quartz headline warned "In just two years, 9,000 of these cameras (ALPR) were installed to
spy on your car." A Massachusetts company called Novume which recently acquired Open ALPR Technology Inc. boasts that their
free software is being used by private corporations and governments in more than 9,000 private license plate readers worldwide.
If you don't own a mirror or a scale... Google
may be developing 'smart shoes' that warn when you're getting fat. Google is reportedly taking another giant
step in its mission to take over people's lives — by developing "smart" shoes that can warn the wearer if they are
getting fat. The search engine's health division Verily is said to be designing footwear embedded with sensors that can
tell how much the user weighs and monitor their activity. Parent company Alphabet has been showing off prototypes of
the "lace-age" shoes as developers search for a partner to build and market them, according to CNBC.
Jeff
Bezos Protests the Invasion of His Privacy, as Amazon Builds a Sprawling Surveillance State for Everyone Else.
The National Enquirer has engaged in behavior so lowly and unscrupulous that it created a seemingly impossible storyline: the
world's richest billionaire and a notorious labor abuser, Amazon CEO Jeff Bezos, as a sympathetic victim. On Thursday,
Bezos published emails in which the Enquirer's parent company explicitly threatened to publish intimate photographs of Bezos
and his mistress, which were apparently exchanged between the two through their iPhones, unless Bezos agreed to a series of
demands involving silence about the company's conduct.
Are
You a Woman Traveling Alone? Marriott Might Be Watching You. When a tweet accused Marriott Hotels of
"working with the feds and keeping [an] eye on any women who are traveling alone," training staff to "spot an escort," and
"not allowing some women [to] drink at the bar alone," Marriott's official account proudly confirmed the observation:
"You are correct. Marriott employees all over the world are being trained to help spot sex trafficking at our hotels."
The brief Twitter exchange, which occurred in January, revealed some of the hidden presumptions behind Marriott's efforts
to stop sexual exploitation. Not only did it suggest that the company conflates all sex work with forced or underage
prostitution, but it also hinted the world's largest hotel chain considers all unaccompanied women to be worth monitoring —
or, at the very least, that there's confusion about this among staff.
One of the largest at-home DNA
testing companies is giving the FBI access to its records. DNA home testing kits that can trace ancestry and
find missing relatives are a dream come true for genealogists. But as conspiracy theorists have long suspected, the
tests are being used for other purposes, too. BuzzFeed News reported that Family Tree DNA, one of the largest home DNA
testing companies, is allowing FBI agents to search its databases in their quest to "solve violent crime cases." The
company's database has about 1,021,774 records, Jezebel.com reported. Public genealogy databases are often used by
police to solve cold cases. One of the most notable ones that used DNA from a public database was the Golden State
Killer case.
Perfect for the hypochondriac on your gift list. Not so great if you value your privacy. Toilet
seat sensor tracks blood pressure, stroke volume, blood oxygenation. Newly published data from a team of
Rochester, New York researchers give credence to a cardiovascular health monitoring system built into a home toilet seat.
Examined over an eight-week period, the system demonstrated clinical grade accuracy for measurements of blood pressure,
stroke volume and blood oxygenation when compared with their respective gold standards.
Apple busts Facebook for distributing
data-sucking app. Apple says Facebook can no longer distribute an app that paid users, including teenagers, to
extensively track their phone and web use. In doing so, Apple closed off Facebook's efforts to sidestep Apple's app store
and its tighter rules on privacy. The tech blog TechCrunch reported late Tuesday [1/29/2019] that Facebook paid people about
$20 a month to install and use the Facebook Research app. While Facebook says this was done with permission, the company has
a history of defining "permission" loosely and obscuring what data it collects.
Facebook
COO Sheryl Sandberg tries to claim teens 'consented' to creepy app that snooped on their phones. Facebook COO
Sheryl Sandberg has been slammed for 'lying' after she defended the social media giant's controversial research app that was
'preying' on teenagers as young as 13 by paying them to supply data and have all their phone activity monitored. In an
interview Sandberg said the teens who took part in the 'research project' had 'consented' to share the information and
therefore knew what they were getting into. Facebook has come under fire from all sides for the latest in a series of
privacy disasters, with pundits describing their actions as 'shameful' and comparing the firm to a 'criminal enterprise' in
light of the latest revelations.
Apple's
FaceTime could be spying on you. Here's how to turn it off. Apple is scrambling to fix a significant
privacy bug in FaceTime that allows callers to hear — and sometimes see — the other person, even before
they've accepted or rejected the incoming call. As of Tuesday [1/29/2019], the iPhone maker disabled group FaceTime until it can
offer a more permanent fix to the glitch, which was first revealed on Monday by 9to5Mac after going viral on social media.
Disable FaceTime Right Now.
A jaw-dropping flaw in Apple's FaceTime software allows for users to eavesdrop on others while a call is still ringing,
according to 9to5Mac. The bug works by simply dialing another user, then swiping up and inserting the originating
number via the "Add Person" screen before it is answered. FaceTime apparently is thus tricked into believing that a
Group FaceTime conference call is occurring, transmitting audio from the recipient's device whether or not they have accepted
or rejected the call.
This
Is The Reason Smart TVs Are So Cheap. A significant reason why a smart TV, or perhaps a new 65-inch 4K smart TV
with HDR capability, can be purchased for about $500, is because some manufacturers are harvesting data from users. [...]
Vizio TVs, have the ability, with user opt-in, track anything that is on the TV, what the company calls "automatic content
recognition." That data used to be sold off to third-party data aggregators, but after the Federal Trade Commission and New
Jersey slapped the company with a multi-million dollar fine in 2017. Legal documents from the case reportedly show that
Vizio installed software on 11 million smart TVs to track viewing habits without consumers' knowledge. Now, Vizio
keeps the data but sells targeted advertising in a platform model like Google and Facebook.
Amazon sent
Alexa recordings of man and girlfriend to stranger. A German man was very confused when he received, at his
request, all the information that Amazon possessed on him. He had requested the data dump through Europe's GDPR privacy
law, and among the records of his Amazon searches and purchases, he was surprised to find no less than 1,700 recordings of
him using Amazon's Alexa-powered Echo digital assistant. Surprised because he doesn't own an Echo. And the voice
on the recordings wasn't his. That's right: Amazon had sent him the entire recording set of a complete stranger.
Stealth Cell Tower: Rogue Cellular
Infrastructure Disguised as Office Printer. Stealth Cell Tower is an antagonistic GSM base station in
the form of an innocuous office printer. It brings the covert design practice of disguising cellular infrastructure as
other things — like trees and lamp-posts — indoors, while mimicking technology used by police and
intelligence agencies to surveil mobile phone users.
Weather
Channel App Sued, Accused of Selling Users' Data. People relied on the most popular mobile weather app to track
forecasts that determined whether they chose jeans over shorts and packed a parka or umbrella, but its owners used it to
track their every step and profit off that information, Los Angeles prosecutors said Friday [1/4/2019]. The operator of
The Weather Channel mobile app misled users who agreed to share their location information in exchange for personalized
forecasts and alerts, and they instead unwittingly surrendered personal privacy when the company sold their data to third
parties, City Attorney Michael Feuer said.
Amazon
busted for 'immoral, almost voyeuristic' Alexa eavesdropping 'error'. An Amazon user in Germany was just able
to gain access to an estimated 1,700 voice recordings of an Alexa user — because, get this, of a glitch at the
Amazon company. That's some glitch. It came by way of a "human error," Amazon reported. But here's the
bigger glitch. In the end, these erroneously shared files gave eavesdroppers the access to enough snippets of private
in-home conversations that they were soon able to piece together the Alexa user's identity. Wonder how many more human
errors of this type have been made?
Facebook's
Deepest, Dirtiest Secret. Facebook is a for-profit surveillance company disguised as a social media
company. Once you invite it into your life, it will suck as much data as it can from you. If you're on
Facebook — or if you use Facebook-owned WhatsApp or Instagram — you're sharing the most intimate
details of your private life with advertisers and political campaign strategists. If that doesn't alarm you, consider
that Facebook is also an unofficial arm of the Deep State's surveillance apparatus. Leaked documents from the National
Security Agency (NSA) revealed this back in 2013. As the result of secret court orders, Facebook — along
with Google, Microsoft, and Yahoo — routinely hands over users' account details to the U.S. government spooks.
Facebook
tries to explain why it gave Netflix and Spotify access to users' private messages. Facebook has published a blog post
explaining the exact ways other companies have used customers' data, after it was revealed 150 firms had accessed user's
information. In its blog, Facebook said it gave companies like Amazon, Spotify and Netflix the ability to read, write and
delete access to private messages. But the blog post also claimed that: 'No third party was reading your private
messages, or writing messages to your friends without your permission.' 'Many news stories imply we were shipping over
private messages to partners, which is not correct,' the Facebook blog added.
Your
Apps Know Where You Were Last Night, and They're Not Keeping It Secret. The millions of dots on the map trace
highways, side streets and bike trails — each one following the path of an anonymous cellphone user. One
path tracks someone from a home outside Newark to a nearby Planned Parenthood, remaining there for more than an hour.
Another represents a person who travels with the mayor of New York during the day and returns to Long Island at night.
Yet another leaves a house in upstate New York at 7 a.m. and travels to a middle school 14 miles away, staying
until late afternoon each school day. Only one person makes that trip: Lisa Magrin, a 46-year-old math
teacher. Her smartphone goes with her. An app on the device gathered her location information, which was then
sold without her knowledge. It recorded her whereabouts as often as every two seconds, according to a database of more
than a million phones in the New York area that was reviewed by The New York Times. While Ms. Magrin's identity
was not disclosed in those records, The Times was able to easily connect her to that dot.
Is
Alexa Listening? Amazon Echo Sent Out Recording of Couple's Conversation. They're always listening.
They're on the internet. But what happens when digital assistants like Alexa go rogue? Could they share our
private conversations without our consent? Privacy advocates have long warned this could happen, and now it has.
A woman in Portland, Ore., told KIRO7, a television news station in Washington, that her Amazon Echo device had recorded a
conversation then shared it with one of her husband's employees in Seattle. Skeptics were quick to say we told you so,
as the news rocketed through the connected world.
Amazon
Alexa shares man's recordings with stranger. Amazon's voice assistant, Alexa, is under fire once again for
failing to protect user privacy. About 1,700 voice recordings from one person were shared with another user in Germany
after the company made a "human error," Reuters reported on Thursday [12/20/2018]. The second user asked to access his
own recordings from his voice assistant, but was also granted access to thousands of files from a stranger — which
included a man and woman talking in their home.
Facebook
has filed patents to predict our future locations. Facebook filed a patent, titled "Offline Trajectories," last
week in which it proposes predicting users' "location trajectories" — in other words, where we're likely
headed. Knowing when we're about to hurtle into a no-WiFi-connection limbo means Facebook can "prefill" our phones with
content and ads. As Facebook described in the patent application, it would use machine learning to analyze metadata
associated with users who already found themselves in whatever geographic location that you're heading toward. Of
course, Facebook's mobile app is one of hundreds that constantly track our location, so it's already got a good basis to
predict all those little circuits that we circle in our daily lives.
How
Taylor Swift Really Knew You Were Trouble When You Walked In. Taylor Swift, one of the more-stalked celebrities
in the world, recently used advanced facial recognition technology on fans who spent their hard-earned money on tickets to
attend her show. The Verge reports that it was done in the name of keeping the star safe: [...] There was no notice or
warning that such technology would be used, let alone concealed in such a way. But it's hard to blame Swift, who has
been subjected to unstable stalkers for years.
Your
Phone Is Tracking Your Every Movement. Here's What You Can Do About It. In a revealing New York
Times expose, an investigation revealed that hundreds of apps are tracking our every move, many without asking permission
or explaining what they are doing with the information. They know exactly where we are and where we have been at almost
any moment in time. It's a broad surveillance effort, affecting over 200 million Americans, designed to gather more
personal data and sell it to corporations, including advertisers, banks, insurance companies, health providers, and retailers.
IBM, for example, is one of the key players in this industry. Examples in the article include apps tracking people into
hospital operating rooms, school classrooms, and doctor's offices, with each individual being tracked thousands of times per
day. While many in the industry claim the information is anonymous, it doesn't take much effort to connect a residence
or office to its occupants.
Drop Dead.
I've had a Dropcam for the last six months or so, mostly to keep an eye on my house and pets when we're gone. It has a
couple monitoring features where it records video loops when it detects motion and takes photos when it detects motion as
well. You have to pay a monthly fee to get access to both, but you still get periodic emails when the camera senses
activity and it'll send a medium sized low-res picture several times a day embedded in the message. I never thought
much of this until I opened an email to see a photo of me completely naked walking by the camera, on my way to grab from a
pile of recently folded clean clothes after I took a shower. Obviously, that's a bit of a shock, but I was home alone
and I'm the only one that opens my email, so I wasn't too disturbed by it. But then I realized that image is on
Dropcam's system. And Google bought Dropcam so my photo is somewhere in Google's cloud.
The House That Spied on me.
After Congress voted last year to allow ISPs to spy on and sell their customers' internet usage data, we were all warned that
the ISPs could now sell our browsing activity, or records of what we do on our computers and smartphones. But in fact,
they have access to more than that. If you have any smart devices in your home — a TV that connects to the
internet, an Echo, a Withings scale — your ISP can see and sell information about that activity too. With my
"iotea" router I was seeing the information about Kashmir and her family that Comcast, her ISP, could monitor and sell.
Google
Reveals Plans to Monitor Our Moods, Our Movements, and Our Children's Behavior at Home. Patents recently issued
to Google provide a window into their development activities. While it's no guarantee of a future product, it is a sure
indication of what's of interest to them. What we've given up in privacy to Google, Facebook, and others thus far is
minuscule compared to what is coming if these companies get their way. These patents tell us that Google is developing
smart-home products that are capable of eavesdropping on us throughout our home in order to learn more about us and better
target us with advertising. It goes much further than the current Google Home speaker that's promoted to answer our
questions and provide useful information, and the Google-owned Nest thermostat that measures environmental conditions in our
home. What the patents describe are sensors and cameras mounted in every room to follow us and analyze what we're doing
throughout our home.
Google
Wants To Data Mine Your Home And Kids' Bedroom. New patents show Google is quietly developing a smart-home
automated system that will routinely eavesdrop on your daily life. The patents describe how cameras and sensors will be
mounted in almost every room of the house, scanning and analyzing every movement a human makes. According to the patent
description, the smart cameras could recognize Will Smith's face on a T-shirt. After cross-referencing this data
against the human's browser history, the smart-home might announce or send them a message, "You seem to like Will Smith.
His new movie is playing in a theater near you."
What
You're Giving Away With Those Home DNA Tests. "Obviously, there is a lot of fine print," said Mary Freivogel,
president of the National Society of Genetic Counselors. "Any time you do anything and you have a big, long agreement
in front of you, I think so many of us are accustomed to just clicking 'agree'." Even if you do read the whole
agreement, which can go on for pages, you may not understand what you're giving the company permission to do, said Hank
Greely, director of the Center for Law and the Biosciences at Stanford School of Medicine. "There is no legal limit on
what they could do other than the agreement that you enter into with them which they may or may not choose to follow," Greely
added. "If they don't follow it, the chance you would ever find out is very, very low."
They record everything you say? Amazon
must give up Echo recordings in double murder case, judge rules. On Friday [11/9/2018], a local judge in New
Hampshire ordered Amazon to hand over Echo recordings made the day a Farmington couple was murdered at its home.
According to local media accounts, Strafford County Superior Court Presiding Justice Steven M. Houran compelled Amazon
to disclose not only the audio files but any associated data — such as what phones were paired to the smart
speaker — that may be connected to the January 2017 murder of Christine Sullivan and Jenna Pellegrini.
Almost
all Android apps send personal data to other companies like Facebook, Google and Amazon, study reveals. Data
from the vast majority of apps is harvested and shared with Google, a comprehensive study of the Android ecosystem has
revealed. Researchers from Oxford university analysed 959,000 apps from the UK and US Google Play stores, finding that
almost 90 per cent of Android apps share data with Google. The study also revealed that around half of the apps
transfer data to at least 10 third parties, such as Facebook and Twitter. The study's authors attribute the
mass-data harvesting to the rise of "freemium" apps that rely on advertising and data sharing for revenue.
Now
Apps Can Track You Even After You Uninstall Them. If it seems as though the app you deleted last week is suddenly popping up
everywhere, it may not be mere coincidence. Companies that cater to app makers have found ways to game both iOS and Android, enabling
them to figure out which users have uninstalled a given piece of software lately — and making it easy to pelt the departed with
ads aimed at winning them back. Adjust, AppsFlyer, MoEngage, Localytics, and CleverTap are among the companies that offer uninstall
trackers, usually as part of a broader set of developer tools. Their customers include T-Mobile US, Spotify Technology, and Yelp.
Critics say they're a fresh reason to reassess online privacy rights and limit what companies can do with user data.
Google
sued for tracking you, even when 'location history' is off. Google now faces a potential class action lawsuit
over the revelation that it continues to store users' location data even if they turn off Location History. The lawsuit
was filed on Friday [8/17/2018], the day Google updated its help page to clarify that with Location History off it still
stores some location data in other services such as Google Search and Maps. Until then, Google's help page on Location
History stated that "with Location History off, the places you go are no longer stored". However a report by the
Associated Press found this statement wasn't true.
When it's hotel staff,
not the hackers, invading folks' privacy. [Scroll down] It appears DEF CON had run slap bang into a
policy change by Caesars hotel properties. Worried about the prospect of someone stockpiling weapons in their suites
just like the Mandalay Bay killer, and thus using their hotels for another bout of senseless slayings, the hotel giant
decided that if someone has a do-not-disturb tag on their door for more than a couple of days, a search has to be made.
In other words, if the maids can't be allowed in to clean up and clock any assault rifles and grenades, security guards will
do the latter for them — whether guests are present or not. There were a number of problems with this.
Firstly, the hotel promotes skipping maid service as an eco-friendly option during check-in: people are thus encouraged to
limit housekeeping to save on resources, and earn credits. Secondly, many people — myself included —
prefer privacy, and frequently turn down maid service. Thirdly, hacker event attendees are among the most security-minded
on the planet, and thus try to minimize opportunities for strangers to be in rooms with belongings unattended. And
finally, bursting into rooms with no identification is not how this policy should be executed.
What Your Car Knows About You. Car makers are
collecting massive amounts of data from the latest cars on the road. Now, they're figuring out how to make money off
it. With millions of cars rolling off dealer lots with built-in connectivity, auto companies are gaining access to
unprecedented amounts of real-time data that allow them to track everything from where a car is located to how hard it is
braking and whether or not the windshield wipers are on. The data is generated by the car's onboard sensors and
computers, and then stored by the auto maker in cloud-based servers. Some new cars have as many as 100 built-in
processors that generate data.
St. Louis
University Is Installing Amazon Alexa-Enabled Echo Dots Campus-Wide. The first college or university in the
nation is installing Alexa-enabled Amazon Echo Dots in every single dorm room across campus. St. Louis
University, a private four-year university in Missouri, unveiled a plan to install 2,300 intelligent assistant-enabled Echo
Dots in residence halls and student apartments before classes begin later this month. The Alexa-enabled Echo Dots will
be programmed to answer over 100 specific questions about the campus and student activities, such as the hours for the
library or a list of upcoming public lectures.
Alphabet,
Amazon, IBM, and Microsoft Want Hospitals' Data. Google parent Alphabet, Amazon, IBM, Microsoft, and Salesforce.com have
launched a campaign for restrictions on data sharing between hospitals to be dropped. At the Blue Button 2.0 Developer Conference
in Washington, D.C., the companies issued a joint statement against patient data sharing restrictions.
Google
might be tracking your location. Here's how you can turn it off. Google may be tracking your location,
even if have some location tracking turned off on your account. An investigation by the Associated Press found that
simply turning off location history on an account does not completely prevent the tech giant from tracking your movements.
Google accounts also have a "Web & App Activity" section which also tracks a user's location when Google apps and other
services are used. That option is turned on by default and must be manually paused by the user.
Pentagon
restricts use of fitness trackers, other electronic devices that reveal locations. U.S. military troops and
other defense personnel at sensitive bases or certain high-risk war zone areas won't be allowed to use features on fitness
trackers or cellphone applications that can reveal their location, according to a new Pentagon order. The memo stops
short of banning the devices, which are often linked to cellphone apps or smart watches and can share users' GPS locations
and exercise details to social media. But it says the "geolocation capabilities" can present a "significant risk" to
military personnel, so those functions must be turned off in certain operational areas.
Facebook
quietly lobbying big banks to share customer data. Mark Zuckerberg wants to know how much is in your bank
account. The tech mogul's Facebook has been quietly lobbying some of the biggest US banks to sign partnerships that
would have the financial institutions share customer data — including account balances and recent purchases.
The request, which has also been made by other tech giants, is part of a larger race to keep users on their platform.
For Zuckerberg, it is an attempt to have users increase the time they spend on Facebook Messenger.
Uber
driver is livestreaming riders without their knowledge or consent. The driver, a bearded man in his 30s, was
friendly. The women asked where he went to high school. They joked about friends they were going to meet at a bar
across town. But there was something the women didn't know: Their driver was streaming a live video of them to
the internet, and comments from viewers were pouring in. The blonde is a 7, the brunette a 5, someone with the username
"DrunkenEric" commented. "She doesn't sit like a lady though," another viewer added.
Venmo's terrible idea.
I'm a regular Venmo user. I used the service a month ago to receive $30 from my sister-in-law. I used it again
two weeks ago to reimburse my brother after we threw our father a surprise birthday party. It's a perfectly useful
service. But unlike most Venmo users, I have my transactions set to "private" — and I've never understood
why the default setting was "public." Why would I want the world, even my Internet friends, to know when I settle bar
bills? I know of no mainstream payment system that makes its transactions public.
How Smart
TVs in Millions of U.S. Homes Track More Than What's On Tonight. The growing concern over online data and user
privacy has been focused on tech giants like Facebook and devices like smartphones. But people's data is also
increasingly being vacuumed right out of their living rooms via their televisions, sometimes without their knowledge.
In recent years, data companies have harnessed new technology to immediately identify what people are watching on
internet-connected TVs, then using that information to send targeted advertisements to other devices in their homes.
Marketers, forever hungry to get their products in front of the people most likely to buy them, have eagerly embraced such
practices. But the companies watching what people watch have also faced scrutiny from regulators and privacy advocates
over how transparent they are being with users.
Tesla Powerwall2 home battery hacking?
I'm not the only one who's noticed that the Tesla "Powerwall2" home battery system uses the same ubiquitous "CAN bus" found
in automobiles. (Duh! It appears that the Powerwall2 is basically 1/4 of a standard base Tesla Model 3
battery.) Many home battery systems utilize several Powerwall2's, and hence approximate 1/4-3/4 of the energy storage
capacity of a Tesla base Model 3. After a number of notorious car hacks using this same CAN bus over the past
several years, what could possibly go wrong with a Powerwall2 system — having the equivalent of several gallons of
gasoline stored within its batteries — in/on your home? [...] Unlike the Tesla automobile, which is connected only
sporadically with the Internet, your home Powerwall2 is presumably capable of being attacked 24x7.
Facebook
As The Ultimate Government Surveillance Tool? Earlier this month it came out that among Facebook's myriad
algorithmically induced advertising categories was an entry for users whom the platform's data mining systems believed might
be interested in treason against their government. The label had been applied to more than 65,000 Russian citizens,
placing them at grave risk should their government discover the label. Similarly, the platform's algorithms silently
observe its two billion users' actions and words, estimating which users it believes may be homosexual and quietly placing a
label on their account recording that estimate. What happens when governments begin using these labels to surveil,
harass, detain and even execute their citizens based on the labels produced by an American company's black box
algorithms? One of the challenges with the vast automated machine that is Facebook's advertising engine is that its
sheer scale and scope means it could never possibly be completely subject to human oversight. Instead, it hums along in
silence, quietly watching the platform's two billion users as Big Brother, silently assigning labels to them indicating its
estimates of everything from their routine commercial interests to the most sensitive and intimate elements of their personality,
beliefs and medical conditions that could be used by their governments to manipulate, arrest or execute them.
No
more tickets? MLB fans will soon use fingerprints, facial recognition instead. A tap of the finger will
soon replace traditional tickets at baseball stadiums across the country. Major League Baseball and CLEAR are teaming
up to launch biometric ticketing, allowing fans to use their fingerprints — and eventually facial
recognition — to enter the ballpark. A pilot program will arrive at select venues later this season.
In 2019, MLB and CLEAR plan to roll out biometric ticketing to ballparks that utilize CLEAR and Tickets.com technology.
"We'll be able to immediately link [fans'] CLEAR accounts to their MLB.com account. Your biometrics — your
face and fingerprint — become your ticket," CLEAR co-founder and CEO Caryn Seidman-Becker told FOX Business.
Privacy
conversation turns to enabling smart TV tracking services. Remember when tech topics had such happy focal
points as bendable displays and a new stylus for tablets? Unfortunately, the accent in this year's headlines is on how
much we might be getting tracked. Facebook, move over. This time the glare is on smart TVs.
When
your TV starts watching you, it's time to demand greater privacy. As reported in the New York Times on Thursday
[7/5/2018], new companies have sprung up to keep tabs on what people watch on their smart TVs and connected devices,
including whether they watch conservative or liberal programming and which political party debates they view.
Advertisers then can pay to place ads on those TVs and devices. One company, Samba, says it has collected viewing
records from 13.5 million smart TVs in America. When people are first setting up their TVs, Samba offers to recommend
programs and provide special offers, the Times reported. Only those people who go online or click through to another
message screen — if they read more than 10,000 words of privacy policy and terms of service — learn
that Samba will track nearly everything on that TV, second by second.
Samsung
Galaxy texting bug sends random pics. The upshot is, random messages are reportedly being sent via Samsung's
default texting app. "If you've got a Samsung phone and use the default Samsung Messages app for all your texting
needs, you may want to check your gallery to make sure you don't have any embarrassing photos in it," Android Central
reports. Users have been complaining about the problem on Reddit and Samsung user forums, among other places.
The issue was first reported by Android Central.
Thermostats,
Locks and Lights: Digital Tools of Domestic Abuse. The people who called into the help hotlines and
domestic violence shelters said they felt as if they were going crazy. One woman had turned on her air-conditioner, but
said it then switched off without her touching it. Another said the code numbers of the digital lock at her front door
changed every day and she could not figure out why. Still another told an abuse help line that she kept hearing the
doorbell ring, but no one was there. Their stories are part of a new pattern of behavior in domestic abuse cases tied
to the rise of smart home technology. Internet-connected locks, speakers, thermostats, lights and cameras that have
been marketed as the newest conveniences are now also being used as a means for harassment, monitoring, revenge and control.
Hacks
turn Amazon Alexa, Google Home into secret eavesdroppers. Oh, goody, Amazon Alexa and/or Google Home could be
hit with remote, large-scale "voice squatting" and "voice masquerading" attacks to steal sensitive user information or
eavesdrop on conversations. Third-party skills are what make virtual personal assistants like Alexa so handy; by
enabling skills, your interactions with Alexa can be more relevant to your life and what you like. Skills are also what
the group of researchers exploited to come up with voice squatting attacks. It's doubtful that you'd even notice if you
were hit with such an attack; unlike the researchers, adversaries are unlikely to have the skill tell you about the hack.
US
cell carriers are selling access to your real-time phone location data. Four of the largest cell giants in the
US are selling your real-time location data to a company that you've probably never heard about before. In case you
missed it, a senator last week sent a letter demanding the Federal Communications Commission (FCC) investigate why Securus, a
prison technology company, can track any phone "within seconds" by using data obtained from the country's largest cell
giants, including AT&T, Verizon, T-Mobile, and Sprint, through an intermediary, LocationSmart. The story blew up
because a former police sheriff snooped on phone location data without a warrant, according The New York Times.
The sheriff has pleaded not guilty to charges of unlawful surveillance.
The Spanish Liga uses the phone microphone of millions of fans to spy on bars. La Liga de Fútbol usa el micrófono
del teléfono de millones de aficionados para espiar a los bares. [Automated translation] The Liga de
Fútbol Profesional, the body that runs the most important sports competition in Spain, is using mobile phones of football fans
to spy on bars and other public establishments that put matches for their clients. Millions of people in Spain have this
application on their phone, which accumulates more than 10 million downloads, according to data from Google and Apple.
Stop
Using Common Email Encryption Tools Immediately, Researchers Warn. Throughout the many arguments over encrypted
communications, there has been at least one constant: the venerable tools for strong email encryption are trustworthy.
That may no longer be true. On Tuesday [5/15/2018], well-credentialed cybersecurity researchers will detail what they
call critical vulnerabilities in widely-used tools for applying PGP/GPG and S/MIME encryption. According to Sebastian
Schinzel, a professor at the Münster University of Applied Sciences in Germany, the flaws could reveal the "plaintext"
that email encryption is supposed to cover up — in both current and old emails.
The Best
and Worst Encrypted Messaging Apps. There's never been a better time to start encrypting your texts and phone
calls. Hackers are breaking into more personal devices than ever before, and massive government surveillance dragnets
are indiscriminately sweeping up people's digital communications. Encryption can protect you. By encrypting your
messages, you can make sure only you and the intended recipient are able to read any messages you send. More
specifically, end-to-end encryption uses complex mathematical algorithms to scramble your data so only your intended
recipient can unscramble your message. Your service provider can't access them, and the developer of the app you're
using can't see them. This prevents would-be hackers or government surveillance tools from collecting your
communications. So, with that in mind, here are the best mobile apps for sending encrypted messages.
Facebook bug
made up to 14 million users' posts public for days. Facebook has found itself the subject of another privacy
scandal, this time involving users' privacy settings. A glitch caused up to 14 million Facebook users to have their new
posts inadvertently set to public, the company revealed Thursday [6/7/2018]. The bug, which reportedly occurred while
Facebook was testing a new feature, went live on May 18. Facebook told CNN, which first reported the issue, that it began
rolling out a fix on May 22. The bug was fully corrected by May 27. If some of your posts have been
affected by the bug, Facebook says they should now have been reverted back to your normal sharing settings.
Hotels
are installing Amazon listening devices in every room. Hotels like the Wynn Las Vegas and the Marriott are
installing Amazon listening devices in every room. Two years ago, Geek Wire revealed that the Wynn Las Vegas hotel
installed Amazon Echo devices in all their rooms. [...] According to Amazon, hotel customers love being spied on.
Facebook
gave firms broad access to data on users, friends: report. Facebook reportedly formed data-sharing partnerships
with dozens of device makers, including Apple and Samsung, giving them access to information on users, as well as on users'
friends. The New York Times revealed the extent of the partnerships on Sunday, shedding new light on the social media
giant's behavior related to customer data in the wake of a scandal involving the political consulting firm Cambridge
Analytica. The Times found that the company had at least 60 such deals over the past decade, many of which are
still in effect, allowing the other companies access to personal data of Facebook users and their friends.
Will
Amazon's facial-recognition tech enable mass surveillance? Amazon has been selling a facial-recognition system
to police, sparking fears that the technology will one day power mass surveillance. On Tuesday [5/22/2018], the
American Civil Liberties Union and 35 other advocacy group sent a letter to the company's CEO Jeff Bezos, demanding that he
stop providing the technology to law enforcement. The technology, called Amazon Rekognition, can identify people's
faces in digital images and video. Police in Oregon and Florida have been using the system to help them solve crimes,
but the ACLU argues that it's ripe for abuse.
Woman
says her Amazon device recorded private conversation, sent it out to random contact. A Portland family contacted
Amazon to investigate after they say a private conversation in their home was recorded by Amazon's Alexa — the
voice-controlled smart speaker — and that the recorded audio was sent to the phone of a random person in Seattle,
who was in the family's contact list.
Police
use spying doorbells to create digital neighborhood watch networks. It seems like all I have been writing about
lately, is how police are using cam-share programs to create city-wide surveillance networks. When I first heard about
'Ring' a smart doorbell with a video camera, I didn't think much of it. I mean how could the police state turn what
appeared to be an innocuous smart device into another surveillance tool? Enter Amazon, who recently purchased Ring for
$1 billion dollars. Fast forward a few months and Amazon announces that Ring is on a mission to work with law
enforcement across the country.
Cambridge
Analytica files for bankruptcy following Facebook data scandal. Cambridge Analytica LLC, the American branch of
the embattled British-based data broker and political consultancy firm hired by President Trump's 2016 election campaign, has
filed for bankruptcy in the United States after coming under fire for collecting the personal information of millions of Facebook
users without their knowledge. Along with a related company, SCL USA, Cambridge Analytica filed for Chapter 7 bankruptcy
in federal court late Thursday [5/17/2018], two months after news reports first revealed that the firm had quietly obtained the
personal data of about 87 million Facebook users through a purported online personality quiz.
Alexa
and Siri Can Hear This Hidden Command. You Can't. A group of students from University of California,
Berkeley, and Georgetown University showed in 2016 that they could hide commands in white noise played over loudspeakers and
through YouTube videos to get smart devices to turn on airplane mode or open a website. This month, some of those
Berkeley researchers published a research paper that went further, saying they could embed commands directly into recordings
of music or spoken text. So while a human listener hears someone talking or an orchestra playing, Amazon's Echo speaker
might hear an instruction to add something to your shopping list.
DNA of every
baby born in California is stored. Who has access to it? You probably know where your Social Security
card, birth certificate and other sensitive information is being stored, but what about your genetic material? If you
or your child was born in California after 1983, your DNA is likely being stored by the government, may be available to law
enforcement and may even be in the hands of outside researchers, CBS San Francisco's Julie Watts reports. Like many
states, California collects bio-samples from every child born in the state. The material is then stored indefinitely in
a state-run biobank, where it may be purchased for outside research.
A One-Minute
Attack Let Hackers Spoof Hotel Master Keys. In 2003, Finnish security researcher Tomi Tuominen was attending a
security conference in Berlin when a friend's laptop, containing sensitive data, was stolen from his hotel room. The
theft was a mystery: The staff of the upscale Alexanderplatz Radisson had no clues to offer, the door showed no signs
of forced entry, and the electronic log of the door's keycard lock — a common RFID card reader sold by
Vingcard — had recorded no entries other than the hotel staff. The disappearing laptop was never
explained. But Tuominen and his colleague at F-Secure, Timo Hirvonen, couldn't let go of the possibility that
Vingcard's locks contained a vulnerability that would let someone slip past a hotel room's electronically secured bolt.
And they'd spend roughly the next decade and a half proving it.
Malicious
Amazon Alexa Skills Can Record Everything a User Says. On April 25, security firm Checkmarx publicly disclosed
that it has found that a malicious developer can trick Amazon's Alexa voice assistant technology to record everything a user
says. At this time, it's not clear if any hackers have ever exploited the flaw, which is not in the Amazon Echo
hardware, but rather is an abuse of functionality in the Alexa Skills feature set. Developers can extend Alexa's
technology by building skills that provide new functionality for end users. Checkmarx found that there were several
unbounded parameters that were available to Alexa skills developers that could have enabled a malicious developer to record
and even transcribe what a user says, even after the user had finished communicating with the device.
Don't
blame academics like me for Facebook's privacy crisis. Mark Zuckerberg has tried to deflect blame for
Facebook's privacy crisis by pointing the finger at my university. "We do need to understand whether there was
something bad going on in Cambridge University overall, that will require a stronger action from us," he told the US Senate
this week. There is a short answer to that, and a deeper one. The short answer is that when Aleksandr Kogan, the
researcher whose "This Is Your Digital Life" app is at the heart of the current row, applied to use the data collected by his
company in university research, our ethics committees turned him down flat. The reason? While the people who
installed his app had consented to their data being used in research, their Facebook "friends" had not.
Nobody
is a victim of Facebook. All of the media need to finally understand one thing: Facebook and its founder
Mark Zuckerberg don't owe them anything. Both Zuckerberg and his data-mining company drew scrutiny in recent weeks
after it was reported that it had sold information on users to Cambridge Analytica, which in turn used it to aid the Trump
campaign. It was an apparent shock to some that when Facebook asks, "Would you like to share your location?" it's not
so that they can send the user a bag of money.
Facebook
to put 1.5 billion users beyond the reach of new EU privacy law, report says. Reuters reports that Facebook is looking
to limit its exposure to the EU's new General Data Protection Regulation (GDPR). Passed in 2016, the law regulates how firms
protect the data of EU citizens. On May 25, the EU will start enforcing the new regulation, which explicitly applies to
any company that uses the data of EU residents, no matter where it is based. Organizations in breach of GDPR can be fined
up to 4 percent of their annual global turnover or 20 million Euros ($24.6 million), whichever is greater.
For Facebook, which reported over $40 billion in revenue during its fiscal year 2017, the implications of the new regulation
is significant.
Facebook
Calls Out Google And Twitter By Name: They Take Your Private Info Too. Facebook specifically named fellow
tech giants Twitter, Google and Amazon in a blog post discussing how and why it uses people's personal information —
an apparent attempt to pull the ostensible competitors into the arena of cacophonous public backlash.
Facebook facial recognition faces class-action
suit. Facebook must face a class action lawsuit over its use of facial recognition technology, a California
judge has ruled. The lawsuit alleges that Facebook gathered biometric information without users' explicit consent.
It involves the "tag suggestions" technology, which spots users' friends in uploaded photos. The lawsuit says this
breaches Illinois state law. Facebook said the case had no merit and it would fight it vigorously.
Zuckerberg
admits Facebook collects data on non-users. We've already learned quite a bit from Mark Zuckerberg's grilling
by a joint session of the Senate Commerce and Judiciary Committees. But Zuckerberg has now revealed another fact that
is sure to worry anyone who doesn't use Facebook. As many already suspected, Facebook collects data about non-users,
too. As Bloomberg reports, Representative Ben Lujan asked Zuckerberg whether or not Facebook collected data on users
who did not have an account. Zuckerberg admitted they do, stating "In general we collect data on people who are not
signed up for Facebook for security purposes." He doesn't recognize the term "shadow profiles," though.
Obama
Harvested Data from Facebook and Bragged About It. Why Are We Only Freaking Out About This Now?
Facebook's idiosyncratic approach toward safeguarding the personal information of its users has attracted more political
outrage than the company has ever experienced. The American and British legislatures have invited Mark Zuckerberg to
visit and be complained at in person, the Federal Trade Commission has let leak an investigation, and German officials are
officially vexed. What irks them is the revelation that a third-party Facebook app masquerading as a personality quiz
extracted information that was sold to the political consulting firm Cambridge Analytica, which in turn provided services to
Republicans.
Amazon's
Alexa could soon be eavesdropping on your conversations. Soon, your Amazon Echo device could be listening in on
your conversations in a bid to personalise advertising to your needs. Amazon are currently chasing a patent that will
allow them to bank the things you say even when you're not speaking directly to your device. These so-called "sniffer algorithms"
could learn all of your likes and dislikes, and use them to target adverts with products Amazon thinks you would like.
The Editor says...
If I had a conversation this afternoon with someone who knows everything about Amazon, I would be very surprised to hear him or her
deny that such algorithms are not in use already.
Facebook has
always been one big swindle. Once again, Mark Zuckerberg is sorry. The founder of Facebook, who has
apologized for privacy breaches throughout much of his company's existence, is back at it, on a much larger stage than ever
before. The proximate cause is the Cambridge Analytica controversy. In violation of Facebook's rules, the
Trump-linked political consultancy schemed to get access to the data of 87 million users. This has made Facebook a
scapegoat for Trump's victory on par with the Russians and James Comey (at least before the FBI director got fired and became
a Trump adversary). In 2012, Barack Obama's re-election campaign did a less-underhanded version of the same thing as
Cambridge. The great chronicler of the Obama digital operation, Sasha Issenberg, wrote of how its "'targeted sharing'
protocols mined an Obama backer's Facebook network in search of friends the campaign wanted to register, mobilize, or persuade."
No scandal ensued — rather, the Obama digital mavens were hailed as geniuses who changed campaigning forever.
Facebook
Still Hasn't Owned Up To One Huge Privacy Breach. Every day, it seems, Facebook faces new troubles on the
privacy front. But there's one breach that Facebook executives still have not accounted for. Namely, the
wholesale transfer of user data to the Obama campaign in 2012.
Facebook
suspends another data analytics firm after CNBC discovers it was using tactics like Cambridge Analytica.
Facebook is suspending a data analytics firm called CubeYou from the platform after CNBC notified the company that CubeYou
was collecting information about users through quizzes. CubeYou misleadingly labeled its quizzes "for non-profit
academic research," then shared user information with marketers. The scenario is eerily similar to how Cambridge Analytica
received unauthorized access to data from as many as 87 million Facebook user accounts to target political marketing.
Your Data
May Be Safer on Facebook Than With the Feds. Rep. Joseph Kennedy III has announced that he plans to
exploit the Facebook privacy scandal in a thinly veiled attempt to establish government control over the internet:
"When you see lapses like that, it opens the door for Congress to get involved... and make sure people's information is
safeguarded." You can bet that, once Kennedy and his Democratic accomplices are permitted to "get involved," they won't
limit their meddling to social media. So, before putting federal apparatchiks in charge of protecting our internet
information, it's worth taking a look at their own cybersecurity record. It is predictably abysmal.
This
Is So Much Bigger Than Facebook. [Scroll down] The Cambridge Analytica breach is a known bug in two
senses. Aleksandr Kogan, the Cambridge University researcher who built a quiz to collect data on tens of millions of
people, didn't break into Facebook's servers and steal data. He used the Facebook Graph API, which until April 2015
allowed people to build apps that harvested data both from people who chose to use the app, and from their Facebook
friends. As the media scholar Jonathan Albright put it, "The ability to obtain unusually rich info about users'
friends — is due to the design and functionality of Facebook's Graph API. Importantly, the vast majority of
problems that have arisen as a result of this integration were meant to be 'features, not bugs.'"
Facebook
Is Tracking You Even If You're Not on Facebook. Facebook's problems just keep accumulating, drip by drip —
or more like splash by splash. It's now been discovered that Facebook not only collects and uses the personal data of its
members but also collects the data of those who never signed up for Facebook. So if you're one of those who blames
Facebook users for allowing their personal data to be compromised, don't be so smug. Facebook may be sharing your
personal data as well. Daniel Kahn Gillmor, senior staff technologist at the ACLU, discovered that, although he
never joined Facebook or any other social network, Facebook has a detailed profile on him.
10
things Congress should do, but won't. [#7] Facebook/Twitter hearings: Facebook's Mark Zuckerberg and Twitter's
Jack Dorsey should be called to testify in person before Congress about their speech suppression practices. Having made the
American people their product rather than their customer, they should be required to answer for the commercial and political use of
personally identifiable information.
Facebook
now mining patient info from hospitals? Personal data regarding patient illnesses and prescription information
is being pursued by Facebook. "Facebook sent a doctor on a secret mission to ask hospitals to share patient data,"
CNBC.com reported. "Facebook was in talks with top hospitals and other medical groups as recently as last month about a
proposal to share data about the social networks of their most vulnerable patients." The medical data-mining project was
devised to work in unison with information Facebook had already extracted from its users.
Facebook
sent a doctor on a secret mission to ask hospitals to share patient data. Facebook has asked several major U.S.
hospitals to share anonymized data about their patients, such as illnesses and prescription info, for a proposed research
project. Facebook was intending to match it up with user data it had collected, and help the hospitals figure out which
patients might need special care or treatment. The proposal never went past the planning phases and has been put on
pause after the Cambridge Analytica data leak scandal raised public concerns over how Facebook and others collect and use
detailed information about Facebook users. "This work has not progressed past the planning phase, and we have not
received, shared, or analyzed anyone's data," a Facebook spokesperson told CNBC.
Report: Facebook
And 'Top-Secret' Doctor Were Working With Hospitals To Collect Patient Information. Facebook reportedly asked
multiple hospitals around the country somewhat recently if they wanted to share patient information in an apparent attempt to
help the healthcare institutions with certain processes. While the initiative, which CNBC first reported, hasn't made
it past the initial planning stage, it will likely intensify already clamorous concerns over how the tech giant values
people's data privacy. After all, Facebook allegedly tabled the proposed project when public backlash ensued, stemming
from the disclosure it was suspending a data analytics firm for misusing information related to users' traits and online
tendencies. Facebook has "not received, shared, or analyzed anyone's data," the company clarified, according to CNBC.
What
is Mark Zuckerberg hiding? Facebook uses secret tool to delete founder's private messages from other people's
inboxes. Facebook has deleted some of Mark Zuckerberg's private messages over fears sensitive data could be
leaked. Three sources claim old Facebook messages from Zuckerberg have disappeared from their inbox. The
recipients were not notified — raising concerns about what the Facebook CEO could be hiding. Facebook claims
the change was made after the 2014 Sony Pictures hack, when a mass data breach at the movie studio resulted in embarrassing email
histories being leaked. However, the lack of disclosure has angered some users, along with the absence of a similar
tool to recall messages for normal users.
Facebook
drops a bombshell and says most of its 2 billion users may have had their personal data scraped. Facebook made
a bombshell admission about the security of its users' personal information on Wednesday, in a startling revelation that's
almost certain to worsen the privacy crisis currently hanging over the world's largest social network. "Most" of
Facebook's 2 billion users may have had their personal data skimmed from the site by "malicious actors," the company said in
a blog post by Chief Technology Officer Mike Schroepfer. Facebook said it has disabled the feature in its site's search
function that enabled the data scraping, but the fact that so much user data may have been vulnerable was another setback to
the company's efforts to restore confidence with users. "It is reasonable to expect that if you've had that setting on
in the last several years that someone has accessed your information," company CEO Mark Zuckerberg said on a conference call
with journalists.
Will Social Media
Be the Death of Us — Literally? These days many are justifiably alarmed at the overwhelming data-mining
capabilities of our internet behemoths. It was one thing that the NSA and other intelligence agencies knew everything
about us — they had a national security excuse, misplaced as that apparently has become — but private concerns
from Alphabet to Facebook and back to Amazon now have more information about us than we even know ourselves.
Instagram
clamps down on apps amid Facebook data scandal. Instagram is cracking down on third-party apps by restricting
their access to user data amid the fallout following claims that Cambridge Analytica inappropriately gained access to the
Facebook data of 50 million users. The popular photo-sharing platform, which boasts over 800 million monthly users
and was purchased by Facebook in 2012 for $1 billion, is limiting access to user data in a surprise change to its API, according
to TechCrunch.
Facebook
Crisis Deepens As Public Turns Against Social Network: IBD/TIPP Poll. People can't agree on much in these
highly charged partisan times. But one thing they do agree on in the wake of Facebook's privacy scandal: The
social network is having a negative impact on society. That startling finding comes from the latest IBD/TIPP poll, which
asked about Facebook in light of the scandal involving improper use of data on millions of the social network's users.
Leaked
memo from Facebook boss Andrew Bosworth justifies the firm's growth at all costs. A leaked memo by a top
Facebook executive justifying the firm's controversial data practices has caused outrage at the company's headquarters.
More than 3,000 Facebook employees have reacted to an internal post about the memo by vice president of consumer hardware,
Andrew Bosworth. In the memo, Bosworth gives a candid look into how far the technology giant is willing to go in order
to become the world's most popular social media platform. He admits that the firm engages in 'questionable contact
importing practices' but claims it is worth it even if it 'costs someone a life.'
Facebook
traffics in personal data: Scott McNealy. A co-founder of Sun Microsystems has advice for Facebook users
who are unhappy with the social media giant in light of the privacy scandal that exposed the personal data of more than 50
million people: Stop using free products if you want to protect your personal information. "The important thing
about Facebook to remember is that if the product is free, and there's a lot of free services out there on the network,
you're not the customer, you're the product," Scott McNealy told FOX Business' Charles Payne during an interview on
Thursday [3/29/2018]. "Your data, your information, your profile is the product."
Facebook
privacy: Easy must-do changes to protect your data. Mark Zuckerberg, Facebook's founder and CEO, is
trying to make good with the company's users following the Cambridge Analytica data privacy scandal. But what the
social media giant really needs is an adult, according to technology expert Kurt Knutsson. [...] The company on Thursday
[3/29/2018] announced changes to its data and privacy posture, saying that it would no longer allow third-party data for
targeting ads and made it easier for users to find privacy tools.
Clinton
campaign app may have harvested Facebook data of millions. Hillary Clinton's 2016 presidential campaign may
have harvested the Facebook data of millions of people using an app that asked them to pair their Facebook friends list with
their smartphone's contacts list — in a bid to reach those people and persuade them to vote for Clinton. In
the midst of the election, the Clinton campaign launched a mobile application called "Hillary 2016" that worked its way
around the banned practice of gathering information from users' friends without their consent.
Hillary
Clinton Campaign App Harvested Facebook Data Of Millions. You've undoubtedly heard none-stop cover about Cambridge Analytica.
But what about Hillary Clinton. Seems Clinton's mobile campaign apps harvested the Facebook data of millions of people. That's ok,
move along, nothing to see here.
Your Facebook
data is creepy [...] and why you should really have a look at it. Since 2010, Facebook allows you to download
an archive file of all your interactions with the network. It's a 5-click easy process that your grandmother can
do. Inside the .zip, lies an 'index.html' page that acts as a portal to your personal data. Visually, it looks
like an ad-free stripped down version of Facebook that's actually quite relaxing. As I'm trying to reduce my exposure
to social networks, I decided to take a look at this info. By extrapolating the data of a single individual (me), I
might be able to better apprehend the capabilities of the beast. In the end, it all comes down to what is tracked and
what can be deduced from that.
Facebook
thinks it knows whether you're liberal or conservative: Here's how to find out. Facebook is facing a
backlash on two continents from users, advertisers and lawmakers for having allowed Cambridge Analytica to allegedly amass
information on 50 million of its users. The company's core business that powers around $4 billion in monthly
revenue is monetizing everything you do on Facebook to serve its advertisers. However, users may not know that the
powerful social network already has an opinion about your political leanings — and it's fairly easy to find out
what Mark Zuckerberg's company thinks of your political preferences.
Facebook has lost $80 billion
in market value since its data scandal. Facebook shares fell 5% Tuesday [3/27/2018] on reports that CEO Mark Zuckerberg agreed
to testify in front of Congress about the company's data scandal. The crisis began on March 16 after Facebook said it was
suspending data analysis company Cambridge Analytica for allegedly harvesting data from more than 50 million Facebook users.
Cambridge Analytica worked on Donald Trump's presidential campaign. Since then, Facebook's stock has plunged 18%, wiping out nearly
$80 billion from the social networking giant's market value in the process. Zuckerberg's net worth has fallen by about
$14 billion. (He is still worth $61 billion, though).
Did
Facebook Break The Law To Help Obama Win In 2012? Facebook now faces myriad legal actions for its apparent
misuse of private data on its members. But one possible legal problem that isn't getting any attention involves whether
Facebook made, and the Obama campaign accepted, illegal "in-kind" contributions to Obama's 2012 re-election effort.
Cambridge
Analytica Whistleblower: Facebook Able to Listen to You at Home and Work. Cambridge Analytica whistleblower Christoper
Wylie, appearing before a committee of British MPs on Tuesday [3/27/2018], said that Facebook has the ability to spy on users in their homes
and offices. The British parliament is investigating Cambridge Analytica's involvement in the Brexit election. MP Damian Collins,
who chaired the committee, asked Wylie whether Facebook has the ability to listen to what people are talking about in order to better target
them with ads. "There's been various speculation about the fact that Facebook can, through the Facebook app on your smartphone,
listen in to what people are talking about and discussing and using that to prioritize the advertising as well," Collins said.
Just Log Off. Facebook's
latest public-relations nightmare increasingly looks likely (and finally) to be the proximate cause of regulation or, at
least, interrogation of the company for its business practices. Already, the Federal Trade Commission has signaled that
it plans to investigate the company over the Cambridge Analytica scandal, and Congress appears to be growing restive.
Even if nothing else happens, the company's stock has tanked and Facebook CEO Mark Zuckerberg personally has lost billions of
dollars. On the one hand, this is good news. Facebook has become a dangerous Panopticon, easily exploited by
advertisers, intelligence services, and Facebook staff themselves. It richly deserves the scrutiny it is receiving, and
likely will receive for some time to come.
How
to download the mountains of data Facebook has on you. Facebook knows a lot about you. But it's only
recently that its two billion-plus users have become interested in knowing just exactly how much data Facebook has collected
on them. It's difficult to uncover every piece of piece of your personal data that's trickled out to the internet and
into the hands of advertisers. However, the good news is that Facebook gives users the option to see most of the
information that's been collected so far.
Did
Facebook's 'favors' for the Obama campaign constitute a violation of federal law? Controversy continues to
swirl around how the consulting firm Cambridge Analytica obtained personal data from over 50 million Facebook users without
their knowledge and used it to target ads to individuals in an effort to help Donald Trump be elected president in 2016.
But a more serious case of apparent misconduct involves Facebook data going to a different presidential campaign —
this time in 2012. In this case, which is getting far less attention, Facebook reportedly voluntarily provided data on
millions of its users to the re-election campaign of President Obama.
Facebook
Privacy Scandal: Why Regulation Is Not The Answer. Let's leave aside for a moment the government's
spectacularly bad track record when it comes to regulations, which include most recently the financial crisis in the heavily
regulated banking industry. The first question to ask is why should a company like Facebook be regulated? Here's
Tim Cook's answer: "The ability of anyone to know what you've been browsing about for years, who your contacts are, who
their contacts are, things you like and dislike and every intimate detail of your life — from my own point of view
it shouldn't exist." But what Cook leaves out is that every bit of information Facebook has on its users —
just as every bit of information Apple has on its own customers — has been volunteered by them, after they've
agreed to the company's privacy provisions.
Facebook
scrutinized for pulling Android data. On the same day Facebook bought ads in U.S. and British newspapers to
apologize for the Cambridge Analytica scandal, the social media site faced new questions about collecting phone numbers and
text messages from Android devices. The website Ars Technica reported that users who checked data gathered by Facebook
on them found that it had years of contact names, telephone numbers, call lengths and text messages. Facebook said
Sunday the information is uploaded to secure servers and comes only from Android users who opt-in to allow it.
Spokeswomen say the data is not sold or shared with users' friends or outside apps. They say the data is used "to
improve people's experience across Facebook" by helping to connect with others.
Poll:
Majority of Facebook Users 'Likely to Quit' Over Privacy Concerns. A Rasmussen poll shows that 51 percent of
Facebook users are "very" or "somewhat" likely to quit Facebook over privacy concerns. Rasmussen, one of the most
accurate pollsters in the 2016 presidential election, polled 639 Facebook users and found that the recent scandal currently
embroiling the social media giant appears to be taking a toll on users' trust.
Friends. Fifty million Facebook
users, after having been assured that "their data" was safe, found it had been siphoned away and used by the British firm
Cambridge Analytica presumably for American political purposes. The unauthorized data retention was revealed by a
Canadian whistleblower, Christopher Wylie, who worked for "a company called Strategic Communication Laboratories Group (SCL),
one of whose subsidiaries, SCL Elections, would go on to create data analytics firm Cambridge Analytica". [...] The feat was
accomplished by paying users to take a personality test through an app whose real purpose was to trick participants into
granting permission to access their Facebook accounts and through it, the data of their friends. Facebook CEO Mark
Zuckerberg, who may be called to testify before legislative committees, portrayed himself as a victim of deceit. What
Cambridge Analytica had done was a violation of policy and an abuse of the firm's trusting nature.
The
Existential Case for Ditching Alexa. Alexa's creepy laugh is far from the most worrying thing about her.
This is despite the fact that Amazon's digital assistant — which allows users to access the internet and control
personal organisation tools simply by speaking to the device — has been reported to spontaneously chuckle to
herself. We shouldn't be too concerned about her going rogue and turning on us either — a Terminator-style
takeover by artificial intelligence doesn't seem imminent. But Alexa does pose one immediate threat. Rather than
worrying about AI becoming more human, we should fear ourselves becoming more artificial by outsourcing important actions and
decisions to devices like her.
Sorry: Facebook was never
'free'. Did you really not know that your agreement with Facebook was that Mark Zuckerberg would provide you
with hours a day of enjoyment in exchange for your personal information? There isn't an adult in this country who
shouldn't know better than to screech in anguish at the supposed horrifying discovery that his or her "personal data" have
been gathered by social media networks and others to earn the dough necessary to run these networks and make massive profits
besides. Guess how long we've lived in a world in which media have been provided to us without charge because networks
earned their keep selling the fact of our presence to advertisers?
Ex-Obama
Campaign Official: Here's How We Were Able To Mine So Much Facebook Data. Amid the media blitz over an
exposé by The Guardian revealing that Cambridge Analytica hired an analytics team back in 2014 to provide profile data
on around 50 million Facebook users that the Guardian suggests was used to benefit the Trump campaign (which Cambridge
maintains is simply untrue), past reports and new revelations about the Obama campaign similarly mining social media data
have come to light. On Monday [3/19/2018], the Independent Journal Review, one of the websites hardest hit by Facebook's
recent newsfeed algorithm changes, highlighted a series of tweets by Carol Davidsen, former director of integration and media
analytics for Obama for America, in which she explained how the campaign was able to mine Facebook's data in a way that
employees for the company suggested they "wouldn't have allowed someone else to do because they were on our side."
Former
Obama Staffer: Facebook Allowed Us To Break User Data Rules Because They Were On Our Side. Yesterday
[3/19/2018], Facebook's stock tanked after it was revealed that they gave user data to a firm, Global Science Research (GSR),
via an app. This data was then given to Cambridge Analytica, a firm that was working for Donald J. Trump's 2016
presidential campaign. The app not only gave GSR the data of the user who filled out the survey, but also that of all
of the user's friends without them knowing it. Some have noted a similar mining tool used by the Obama team, but they
gathered information through their website (with permission from those who engaged) and the armies of volunteers, which was
then matched with voter profiles. Yes, still a bit creepy, especially since the campaign boasted that they probably
knew every single one of the 67+ million voters who supported President Obama in 2012. [...] Facebook certainly knew that
something was up concerning user data given the sheer volume GSR was mining from the app MyPersonality. But we're not
going to discuss Cambridge. We're discussing what many of you have noted on various social media platforms about the
inherent left wing bias ingrained in the services.
The
Media Praised or Ignored Obama's Harvesting of Facebook Data. The political and media establishment have
whipped themselves into an almighty frenzy over allegations — yet to be confirmed — that Cambridge
Analytica may have used improperly-obtained Facebook data during the 2016 election campaign, a charge they strenuously
deny. Online political advertising is now a "dark art," according to The Guardian. "Data And The Threat
to Democracy" is the blunt headline at the BBC. Facebook likes helped Trump "steal the election," according to a columnist
at the Philadelphia Inquirer. In the U.S., lawmakers are calling for an investigation into Facebook, and in the
U.K., the authorities are seeking a warrant to raid the offices of Cambridge Analytica.
Mark
Zuckerberg Has No Way Out of Facebook's Quagmire. I think I understand why Facebook Chief Executive Officer
Mark Zuckerberg hasn't publicly responded to the Cambridge Analytica scandal. He's stuck in a catch-22. Any fix for
Facebook's previous big problem — fake news — would make the current big problem with data harvesting
worse. As a media company and one of Americans' top sources of information, Facebook's de facto anonymity and general
lack of responsibility for user-generated content make it easy for propagandists to exploit. Making matters worse, it
isn't willing to impose tighter identification rules for fear of losing too many users, and it doesn't want to be held
responsible in any way for content, preferring to present itself as a neutral platform. So Zuckerberg has been trying
to fix the problem by showing people more material from friends and family and by prioritizing "trusted publishers" and local
news sources over purveyors of fake news.
The
disturbing acceptance of Google's new 'smart' camera. The pitch for the Google Clips is it's a camera that sits
off to the side in a room and automatically captures the kinds of candid shots that one never really plans for —
the most common examples cited being some random happening involving one's kids or pets. Instead of mere serendipity,
however, the camera uses artificial intelligence and machine learning to try and guess when to best take a shot.
Amazon
drivers are now taking photos of your front door when delivering packages. Drivers for Amazon have started
taking pictures of people's front doors as part of a creepy new delivery service. The service, which is quietly being
rolled out in the UK and US, is designed to help people find packages left by Amazon employees. But it also raises
privacy concerns as many customers may be not be aware that pictures of their home are being stored on company servers.
The unnerving project extends Amazon's already substantial reach into customer homes.
The
Car of the Future Will Sell Your Data. Picture this: You're driving home from work, contemplating what to
make for dinner, and as you idle at a red light near your neighborhood pizzeria, an ad offering $5 off a pepperoni pie pops up
on your dashboard screen. Are you annoyed that your car's trying to sell you something, or pleasantly persuaded? Telenav
Inc., a company developing in-car advertising software, is betting you won't mind much. Car companies — looking to
earn some extra money — hope so, too.
Amazon
Employee Wristband Patents Light Fire Under Privacy Advocates. Amazon was granted two patents in January for
the wristbands that are intended to show an employee how to use his hands most efficiently. The company never mentioned
any intention to use the wristbands to keep track of its workers on bathroom breaks, for instance, on or off the job.
But that didn't stop some privacy advocates and industry observers from warning of the creation of a dystopian time-management
tool. According to the Amazon patents, the idea is the wristbands would buzz and vibrate to nudge workers' arms into a
better position or even stop the worker from, let's say, putting something in the wrong place or grabbing the wrong wrench.
Silicon
Valley's surveillance capitalism has resulted in Big Tech killing off human privacy. The case against Big Tech
seems to be building by the week. And interestingly, some of the most powerful evidence is being provided by those who
really know what they're talking about: tech insiders. Full disclosure: I am a tech insider myself. I
run a tech company in Silicon Valley. My wife is a senior executive at Facebook and many of our closest friends have
senior roles in companies like Google. Chamath Palihapitiya, a former Facebook executive responsible for growing the
social network's user base, recently argued that Silicon Valley had "created tools that are ripping apart the social fabric
of how society works."
Tucker Reveals How Google
Spies On You Constantly Through Your Phone. Fox News' Tucker Carlson revealed another exclusive report on Google's
surveillance Wednesday [2/7/2018], and the new details are seriously creepy. In the investigation, Fox News' Brett Larson
travels around Washington, D.C., with two cellphones in his pocket, one of them on airplane mode. Neither of the phones
have SIM cards or Wifi connections. The phones tracked Larson's locations as he traveled, getting such information as
when he got out of the car thanks to a time log that records your movements down to the second.
Facebook's
Expanding Insanity. I am used to technically obtuse platforms. However, Facebook's recent behavior has
taken it from the merely difficult to the arena of totalitarian and irrational. A few years ago, one could set up
a Facebook account rather easily: just provide an email. Later on, Facebook wanted phone verification. That
was easily handled, and if one wanted to use a third-party phone number, to protect one's anonymity, there were ways to get
around that phone requirement. After that, Facebook sometimes asked for a photograph of the account-user's face.
The official explanation was that Facebook wanted to be sure that the user was really who he claimed to be. Supposedly,
the picture would be analyzed by a computer or a human inspector and then erased. Yeah, right!
Facebook
can track who you know using the DUST on your camera. Facebook has designed a way to track you and your friends
using the dust and scratches on your camera lens. The social networking giant outlines how it would connect users by
matching similarities in their uploaded photos in a newly found patent. If two people have used the same digital
camera, Facebook could link them by detecting similar dust or scratch marks in their uploaded photos. The company says
it has 'never implemented' the technology described in the patent, but has not ruled out using it in future.
Facebook wants to look around your
home. Social media giant Facebook is making its first venture into consumer electronics with a device straight out
of George Orwell's 1984. The device, called Portal, will serve basically as a $500 self wiretap for millions of
Americans, potentially providing corporate, government and hacking snoops a direct audio visual feed into their homes.
That Game
on Your Phone May Be Tracking What You're Watching on TV. At first glance, the gaming apps — with
names like "Pool 3D," "Beer Pong: Trickshot" and "Real Bowling Strike 10 Pin" — seem innocuous. One
called "Honey Quest" features Jumbo, an animated bear. Yet these apps, once downloaded onto a smartphone, have the
ability to keep tabs on the viewing habits of their users — some of whom may be children — even when
the games aren't being played. It is yet another example of how companies, using devices that many people feel they can't
do without, are documenting how audiences in a rapidly changing entertainment landscape are viewing television and commercials.
The Bright-Eyed
Talking Doll That Just Might Be a Spy. Cayla is a blond, bright-eyed doll that chatters about horses and
hobbies. She plays games and accurately answers questions about the world at large. She could also be
eavesdropping on your child. That's the stark warning parents in Germany received on Friday from the country's
telecommunications watchdog, the Federal Network Agency, which said hackers could use the doll to steal personal data by
recording private conversations over an insecure Bluetooth connection. The watchdog said it was pulling the doll off
store shelves and banning them in Germany.
A Cute Toy
Just Brought a Hacker Into Your Home. As the holiday shopping season enters its frantic last days, many
manufacturers are promoting "connected" toys to keep children engaged. There's also a smart watch for kids, a droid
from the recent "Star Wars" movies and a furry little Furby. These gadgets can all connect with the internet to
interact — a Cayla doll can whisper to children in several languages that she's great at keeping secrets, while a
plush Furby Connect doll can smile back and laugh when tickled. But once anything is online, it is potentially exposed
to hackers, who look for weaknesses to gain access to digitally connected devices. Then once hackers are in, they can
use the toys' cameras and microphones to potentially see and hear whatever the toy sees and hears. As a result,
according to cybersecurity experts, the toys can be turned to spy on little ones or to track their location.
Watch
What Happens When Amazon's 'Alexa' Is Asked Political Questions. We are being tracked in everything we do now,
from browsing the web, to your cellphone, to FitBit, to your tablet... your every move is being recorded. Mostly to
market to you, but there are always those other reasons that involve intelligence agencies and Big Brother. And it will
get ever more invasive.
No,
you're not being paranoid. Sites really are watching your every move. If you have the uncomfortable sense someone
is looking over your shoulder as you surf the Web, you're not being paranoid. A new study finds hundreds of sites — including
microsoft.com, adobe.com, and godaddy.com — employ scripts that record visitors' keystrokes, mouse movements, and scrolling behavior
in real time, even before the input is submitted or is later deleted. Session replay scripts are provided by third-party analytics services
that are designed to help site operators better understand how visitors interact with their Web properties and identify specific pages that are
confusing or broken. As their name implies, the scripts allow the operators to re-enact individual browsing sessions. Each click,
input, and scroll can be recorded and later played back.
Regulators
question Google over location data. Google is facing scrutiny for reportedly collecting data about the location
of smartphone users without their knowledge. Regulators in South Korea summoned Google representatives this week to
question them about a report that claimed the company was collecting data from Android devices even when location services
were disabled.
iPhone
Apps Can Secretly Turn On Your Camera And Take Pictures At Any Time. A new warning has been issued to iPhone
users. Apps downloaded to the smartphones can turn on the phone's camera and take pictures at any time, and it's doing
it secretly. Felix Krause, an Austrian developer who works for Google, built an app that was able to take pictures of
its user every second and upload them, without the app or the phone ever notifying the user.
Amazon wants the keys to your front
door. Amazon has plans to drop off packages directly into shoppers' homes. The world's largest online retailer on Wednesday
[10/25/2017] announced Amazon Key, a lock and camera system that users control remotely to let delivery associates slip goods into their
houses. Customers can create temporary passcodes for friends and other service professionals to enter as well. The move, in the
works for more than a year, may help Amazon capture sales from shoppers who can't make it home to receive an order in person, and do not want
the package stolen from their doorstep. It also signals Amazon's ambitions in the growing market for home security devices, where
Alphabet Inc.'s Nest Labs competes.
Alexa,
what are you doing in my room? Alexa is always there waiting to "help." She's an unobtrusive addition to any
setting, available in a variety of designer fabric coverings. With a soothing, maternal voice, she is Big Brother reimagined
as a benevolent family member. [...] These devices are a modern-day version of illegal search and seizure. Combined with the
leftist-driven breakdown of societal values, we face a future where we all become cattle to powerful elites. The only
question is how willingly we do so.
6 Dangerous Electronics
& Apps Secretly Spying On You In Your Home. [#2] Smart TVs: While smart TVs allow you to connect to the
Internet directly, they can also be used to collect your data. For example, a new technology called TVision Insights
allows companies to monitor TV watchers' viewing habits. This means that they can literally watch you as you watch TV.
They even record data on where your eyes are looking, when you're distracted, and what emotions you're conveying. In
early 2015, Samsung warned its customers: "Please be aware that if your spoken words include personal or other
sensitive information, that information will be among the data captured and transmitted to a third party."
To see your gestures, the TV will have to watch you continuously.
Do you really want that? End
of the TV remote could be nigh as scientists invent technology to change channel using gestures. The television
remote could become a thing of the past according to scientists who have developed a new technology that allows the device to
be controlled through gestures instead. Computer scientists at Lancaster University have come up with a system that
makes it possible interact with screens simply by using body movements, or waving objects. Requiring only a simple
webcam, the "Matchpoint" works by displaying moving targets that orbit a small circular "widget" in the corner of the screen.
Facial
recognition being used at conferences and events. Zenus a startup company based in Texas, claims their facial
recognition software can speed up check-ins at conferences and events. [...] Zenus CEO Panos Moutafis, claims people love
their product and claims that they don't identify anyone. "People loved the system," Moutafis says. "The
organizer told us that it was five times faster than typical scanning methods." "There is no personal information
transferred from the platform, just the 'face geometry' that distinguishes individuals Moutafis said." But is he
telling the truth?
Houston's
Zenus Brings Facial Recognition Software to Event Check-Ins. For all the technological innovation on display at
the annual South By Southwest Interactive festival, registration and check-in is still largely done the old-fashioned
way. Similar to other large conventions, an attendee waits in line, hands over an ID to a registrar, gets a picture
taken for a badge, and then receives the usual conference swag bag. Now, a Houston startup called Zenus says it can use
imaging technology to automate steps in the process, reducing the time and effort required to check in. "The check-in
process is the first thing attendees experience at the venue; it's very important to get it right," says Panos Moutafis,
co-founder and CEO of Zenus.
Hackers can spy on you through
Amazon Echo. Smart home speakers equipped with microphones programmed to listen for everything you say may be turned into
devices that would spy on everything you say. Gadgets like Amazon Echo and Google Home are programmed to record your commands, but
they're also programmed to ignore everything you say unless you use a hot word to activate the assistants. But as it turns out,
someone with physical access to an Amazon Echo device could hack it to send everything it hears to a remote server.
AT&T
is reinstating their plan to spy on you unless you pay extra. AT&T plans to reinstate their GigaPower pay-for-privacy
scheme, as revealed by AT&T VP Robert Quinn in a recent interview with C-SPAN. In 2014, AT&T started offering GigaPower
300 Mbps fiber internet in cities around the United States. Users signing up had the option of paying $29 more per
month to guarantee that AT&T doesn't snoop on your internet traffic and serve you advertisements and offers from their MITM
position on your internet.
These Forms Collect Your Data Even
If You Don't Hit "Submit". If you fill in a web form and hit "submit," you expect your data to get whisked off into the great ether, and probably from
there to be shared with third parties. But you probably don't expect your keystrokes — and form auto-fill fields — to be captured and
sent away as-entered, before you hit submit. And yet, a new report claims, that may be exactly what's happening. Gizmodo recently delved into a startup
you've never heard of that may be sharing data — even sensitive medical data — that you never even knew you were giving up, just based on how
you fill in fields on the web.
You
Already Bugged Your Own House Years Ago. Yesterday, Apple announced the HomePod, a smart speaker in the style
of the Google Home and Amazon Echo. Like those competing devices, it is voice-activated. Shout out "Hey Siri" and
it will respond. This is a cool bit of modern convenience. But, unavoidably, it also means that these machines
are listening. All the time. Apple insists its device is not transmitting any data unless you've said those magic
words. Google and Amazon promise pre-wake-word privacy as well. Even so, there's a certain reaction that bubbles
up every time a new one of these listening machines appears — you'd have to be crazy to put one in your home.
Facial recognition
tech makes it official: There is no privacy anymore. Recent weeks have brought controversy over
electronic billboards in restaurants and shopping precincts that utilize advanced facial recognition techniques to not only
provide personalized advertisements but also measure and record the consumer and their response, ostensibly to enable
retailers to provide more targeted marketing and services. In Oslo, the restaurant Peppe's Pizza had its usage of such
billboards exposed due to a crashed digital advertisement that revealed the coding behind its facial recognition
system. The billboard includes a camera and facial recognition software that can register gender, whether the watcher
is young or an adult, facial expression, whether they wear glasses[,] and duration of time spent at the billboard.
The Editor says...
Hey, that's great news! This may be slightly off-topic, but if someone has "facial recognition software that can register gender," that would
settle a lot of "gender confusion" issues. Chromosomes can also help sort confused individuals into male or female — for
indeed those are the only two categories reflected in one's chromosomes. There is no such thing as "gender confusion" at that level.
Google,
Facebook angry they may no longer be able to sell your internet data without permission. Social media giants
Google and Facebook are actively trying to stop a proposed law that would force them to acquire consent from users before
collecting their personal information. The "Browser Act," introduced May 18 by Republican Rep. Marsha Blackburn of
Tennessee, mandates that people must explicitly give permission to internet service providers (ISPs) and websites wanting to
use their browsing history and other data for business purposes.
Salim
Virani: Top 9 Reasons to Stop Using Facebook... Now. [Scroll down] It sounds nuts when you put it
all together! [#1] Facebooks [sic] creates false endorsements for products from you to your friends — and they never reveal
this to you. [#2] When you see a like button on the web, Facebook is tracking that you're reading that page. It scans
the keywords on that page and associates them to you. It knows much time you spend on different sites and topics. [#3] They
read your private messages and the contents of the links you send privately. [#4] They've introduced features that turn your
phone's mic on without telling you. Based on their track-record changing privacy settings back without telling you, audio
surveillance is likely to start happening without your knowledge. [... #9] Facebook is demanding to track what you buy, and
your financial information like bank account and credit card numbers. You've already agreed to it in the new Terms Of
Service. It's already started sharing data with Mastercard.
The
Cloud Panopticon: Google, Cloud Computing and the Surveillance-Industrial-Complex. In June 2007, Privacy
International, a U.K.-based privacy rights watchdog, cited Google as the worst privacy offender among 23 online companies,
ranking the "Don't Be Evil" people below Microsoft, Apple, Amazon, eBay, LinkedIn, Facebook and AOL. According to the report,
no other company was "coming close to achieving [Google's] status as an endemic threat to privacy." What most disturbed the
authors was Google's "increasing ability to deep-drill into the minutiae of a user's life and lifestyle choices." The result:
"the most onerous privacy environment on the Internet." Indeed, Google now controls an estimated 70 percent of the online
search engine market, but its deep-drilling of user information — where we surf, whom we e-mail, what blogs we post, what
pictures we share, what maps we look at, what news we read — extends far beyond the search feature to encompass the kind
of "total information awareness" that privacy activists feared at the hands of the Bush Jr. administration's much-maligned
Total Information Awareness program.
You're All Idiots. Amazon has introduced
a "new" Echo device. Having convinced a number of people to allow them to stick an always on speaker and microphone in
their house with the data going to Amazon and whoever else they wish they have now upped the game with both a camera and
screen. [...] If I see one of these in your house I know for a fact that you're stupid — and I'm immediately
leaving, never to return.
Workplace
Surveillance Is the New Office "Perk". Whether through "voluntary" corporate wellness programs, smart badges
that record voices and GPS locations, or surveillance apps in their mobile phones and personal computers, Americans are
offering up more and more personal data at work. Most of them don't have much idea of where that data goes, or how it
will be used — and there aren't that many limits on what employers can find out about their employees, or what
they can do with the data. The more people who opt in now, the harder it will be to opt out in the future. And
it's about to get much worse.
A
Microwave Can't Spy on You — But Plenty of Other Appliances Can. We are all constantly surrounded by
stuff that can spy on us. Microwaves are not on the list (yet), but televisions, as Conway mentions, certainly
are. As detailed in CIA documents recently released by Wikileaks, certain Samsung televisions were compromised by the
CIA such that they could remain on while appearing off, eavesdropping all the while. Smart TVs may need to be hacked
before they can listen to you, but other models have been known to spy on your watching habits right out of the box.
The Editor says...
If someone is bent on detecting activity in your house, the microwave oven would yield clues: The operation of your
microwave oven shows that you are awake and you're most likely in the kitchen, which someone outside the house may not have known.
Vizio
Caught Spying on Customers Through Their TVs. We've been warned about bringing devices into our home that have
cameras, microphones or WiFi that are connected to the outside world. Why? Because any one of the devices has the
capability to collect data about us. And with advertisers and other organizations willing to pay for personal
information, it's tempting for device makers to try to earn extra profits. The consumer electronics hardware business
has become highly competitive with so many similar products that do much the same, so the manufacturers are trying to find
ways to increase their revenue through software subscriptions or by collecting data that they can sell to others.
These
Toys Don't Just Listen To Your Kid; They Send What They Hear To A Defense Contractor. Kids say a lot of random,
unsolicited, or just plain personal things to their toys while playing. When that toy is stuffed with just fluff and
beans, it doesn't matter what the kid says: their toy is a safe sounding board. When their playtime companion is an
internet-connected recording device that ships off audio files to a remote server without even notifying parents —
that's a whole other kind of problem. According to a coalition of consumer-interest organizations, the makers of two
"smart" kids toys — the My Friend Cayla doll and the i-Que Intelligent Robot — are allegedly violating
laws in the U.S. and overseas by collecting this sort of voice data without obtaining consent.
Facebook's
New "Fun & Creative" Filter: a Frighteningly Powerful Facial Recognition Tool. Facebook recently purchased a facial recognition software company that
promises to "bring more fun effects to photos and videos" posted on the social media behemoth. The origins of the technology — named "FacioMetrics" — is
much more sinister, however, and is likely to be used in much less lighthearted ways. In its announcement of the acquisition, Facebook highlights FacioMetrics'
ability to "allow people to express themselves in fun and creative ways" and to "build even more engaging sharing experiences on Facebook." There isn't, however,
any mention of how, and more importantly why, FacioMetrics was created.
How
to block the ultrasonic signals you didn't know were tracking you. Dystopian corporate surveillance threats
today come at us from all directions. Companies offer always-on devices that listen for our voice commands, and
marketers follow us around the web to create personalized user profiles so they can (maybe) show us ads we'll actually
click. Now marketers have been experimenting with combining those web-based and audio approaches to track consumers in
another disturbingly science fictional way: with audio signals your phone can hear, but you can't. And though you
probably have no idea that dog whistle marketing is going on, researchers are already offering ways to protect yourself.
The technology, called ultrasonic cross-device tracking, embeds high-frequency tones that are inaudible to humans in
advertisements, web pages, and even physical locations like retail stores.
Yahoo
admits it knew about huge data breach in 2014, two years before it became public. After months of speculation,
Yahoo has finally admitted it knew about a massive data breach as far back as 2014. The tech company had previously
claimed it only "recently" found out about the leak of 500 million users accounts. Independent experts are now
investigating exactly how much was known and by whom, Yahoo said. They are looking at evidence that indicates a
"state-sponsored actor" breached Yahoo's system and could have gained user data by creating "cookies" that bypassed password
protection, the company said in a regulatory filing. Yahoo said it doesn't believe it is currently possible for the
attackers to forge valid Yahoo Mail cookies.
The Editor says...
One can create artificial, deceptive, functional cookies, but if they are forgeries, they are not valid.
Was
"Google Home" designed to spy inside our homes? Google Home (GH) is always listening to everything that goes on
inside your home. It's like paying the NSA, sorry I meant Google, $129.00 to bug your home. Click [elsewhere] to
find out about Google's close relationship with the NSA. GH does more than listen to music, it can control your lights,
thermostats, radios, TV's, refrigerators, smart plugs and more. GH has partnered with Nest, Phillips, IFTTT and Samsung
who also make the 'family hub refrigerator'.
This
employee badge knows not only where you are, who you are talking to. Do you hog office conversations? Or
not talk enough? Does your voice squeal? Do you sit very still at your desk all day? Or do you fidget under
stress? Where do you go in the office? How much time do you spend there? To whom do you talk? An
employee badge can now measure all this and more all with the goal of giving employers better information to evaluate
performance. Think of it as biometrics meets the boss.
Bryant Park mines data about you from your
phone. While hundreds of aspiring yogis strike their best tree-poses on the Bryant Park grass Thursday evening,
the Bryant Park Corporation employs new technology to raid their cell phones for information about this crowd that travels to
the park for a group stretch. "It's just like what we do every day in the park," park brand relations manager Matt
Castellan said. "We take visitor counts every day with clickers." Except instead of the informal numbers and maybe
truthful answers to casual questions that Castellan and other employees gather from guests, the PlaceIQ system provides a far
more detailed snapshot of the 8 million annual visitors to the park.
98
personal data points that Facebook uses to target ads to you. The social network just revamped its ad
preference settings to make them significantly easier for users to understand. They've also launched a new ad education
portal, which explains, in general terms, how Facebook targets ads. "We want the ads people see on Facebook to be
interesting, useful and relevant," a Facebook spokesperson said. But it remains to be seen whether users are pleased or
frightened by the new information they suddenly have.
Windows
10 upgrade: Don't use Express settings if you value your privacy. When you're setting up a new or
existing PC with Windows 10, Microsoft will offer to install the operating system with "Express settings." Although
Windows 10 Express settings will get you up and running quickly, that convenience comes at a cost: By skipping over
custom settings, you're agreeing to all kinds of data collection and behavior tracking, much of which didn't apply in earlier
versions of Windows. Here's our advice: Instead of blindly enabling Express settings in Windows 10, take some
time to understand what you're agreeing to.
Somewhat related: More
forced advertising creeps into Windows 10 Pro. If you were wondering whether Microsoft could inflict even more
damage to Windows' reputation, the answer is yes. When the Anniversary Update rolls out on Aug. 2, Windows 10 Pro
users will no longer be able to turn off certain kinds of advertising. That presents a real concern for admins, who will not
be able to keep Microsoft from pushing the likes of Candy Crush Soda Saga onto their domain-joined Pro machines. It's also a
frightening concern for anyone who paid for Pro's GPEdit feature.
Comcast
Wants To Charge You Less For Broadband At The Expense Of Your Privacy. Would you be willing to pay less for
broadband if it means giving up more of your personal data? [...] Comcast wants to present lower tiered broadband options to
customers who have no problem with their data being mined and exposed to advertisers. This would create a luxury level
of broadband with more privacy options. At least, that's how Comcast is spinning it to the FCC. The FCC doesn't
appear to be having any of this nonsense.
This
Company Has Built a Profile on Every American Adult. For more than a decade, professional snoops have been able
to search troves of public and nonpublic records — known addresses, DMV records, photographs of a person's
car — and condense them into comprehensive reports costing as little as $10. [...] IDI, a year-old company in the
so-called data-fusion business, is the first to centralize and weaponize all that information for its customers. The Boca
Raton, Fla., company's database service, idiCORE, combines public records with purchasing, demographic, and behavioral data.
Tale of the tape: Why Mark
Zuckerberg is smart to cover his webcam. Webcam security was thrust into the spotlight this week when a photo of Mark Zuckerberg
appeared to show the camera and microphone on his MacBook covered with tape. The photo, which was posted on Facebook to celebrate Instagram
hitting 500 million followers, sparked plenty of interest. While some worried about the broader effectiveness of Facebook's security,
many see the tape as a shrewd defense against potential hackers.
Facebook
is using smartphones to listen to what people say, professor suggests. Facebook could be listening in on
people's conversations all of the time, an expert has claimed. The app might be using people's phones to gather data on
what they are talking about, it has been claimed. Facebook says that its app does listen to what's happening around it,
but only as a way of seeing what people are listening to or watching and suggesting that they post about it. The
feature has been available for a couple of years, but recent warnings from Kelli Burns, mass communication professor at the
University of South Florida, have drawn attention to it.
Did
you know that your Facebook mobile app has complete access to your phone's microphone? Recently, an expert has
come out to claim that Facebook may be listening in on your conversations. Kelli Burns, a mass communication professor
at the University of South Florida, believes the app might be using people's microphones to gather data on the content of
people's conversations. Facebook admits that the app is capable of listening to what's happening around it —
but claims the feature simply identifies what people are listening to or watching as means of conveniently posting about
it. Currently, the feature is only available in the U.S. and has been available for a couple of years according to
Facebook, although recent warnings from Burns have drawn renewed interest.
Facebook
will now track you even if you're not a Facebook user. Facebook announced on Thursday evening [5/26/2016] that
it is changing the way its advertising works across the web. Facebook doesn't just serve ads on facebook.com and in its
mobile apps, the company also has a network of third-party websites and apps that it partners with to display ads. It's
called the Audience Network, and there has always been one big difference between the way Facebook's off-site ads work as
compared to Google: They were only shown to Facebook users. Now, that will no longer be the case. As The
Wall Street Journal noted on Friday morning, Facebook's off-site ads will now be shown to people who are not registered
Facebook users.
Here's Why You Shouldn't Use
Facebook's Reactions Buttons. Belgian police are warning users not to use the Facebook Reactions feature to
respond to posts if they want to protect their privacy. In February, the series of six emoticons, allowing users to
express a range of emotions from anger to love, were added to the original thumbs-up option. They came in response to
calls for a 'Dislike' button. However, the new expressions are another big 'like' for Facebook and a 'dislike' for its
users — according to Belgian police who claim the site is using them as a way to collect information on people to
target advertising toward them.
Report:
Apple Music Now Finding and Removing Your Personal MP3s. Seriously, that really happens today, and there's
nothing you'll do about it. You signed away your right to sue, and what's worse you still buy products and services
from firm that do this sort of thing. Apple Music is a new "subscription" music service. But it has a
twist — when you sign up it will root around your hard drive (and, presumably, any network-attached drives) and
any music it "thinks" it has in the "cloud" that it deems to be the "same" was what you own it will remove from your
computer entirely. This [...] literally destroys your personal, private property.
Your
Local Energy Companies Now Engaged in "Power-Shaming". How much you wanna bet that the following is the result
of a federally-funded program initiated by the rogue, lawless, and completely out-of-control Obama EPA? To wit:
here is a snip from my latest online energy bill.
The Market For Secrets. Alex Preston, writing
in The Guardian, rhetorically asked if privacy was dead. "Google knows what you're looking for. Facebook knows what you like," he writes. The NSA
may know what you've written too, which could be very important in a world where value increasingly consists of human intellect integrated over time. The 21st
century is a time when people are rewarded for what they know or, alternatively, punished for what they allow to be known, as General Petraeus and Hillary Clinton
have found. Yet in a "world without curtains" a person may not even have much custody over these things and find it all leaking away no sooner than set down.
A modern individual's life history may be digitally preserved more imperishably than the pyramids, but the paradox is that this history is not really his, and is not
even in his beneficial possession.
Your
Phone Is Listening — Literally Listening — to Your TV. The TV is on in the background,
and you're replying to a quick email on your phone nearby. You don't know it, but the devices are communicating.
During a commercial, the TV emits an inaudible tone and your phone, which was listening for it, picks it up. Somewhere
far away, a server makes a note: Both devices probably belong to you. This information about which devices belong
to whom is immensely valuable to advertisers hoping to target ads specifically to you.
Feds
rule in favor of snooping by tech giants. Google, Facebook and other tech giants should remain free to spy on you,
regulators ruled on Friday [11/6/2015]. A petition filed with the Federal Communications Commission by the privacy group
Consumer Watchdog asked that such websites be forced to respect consumer requests not to have their online activity tracked.
The FCC dismissed the petition, stating that it has been "unequivocal in declaring that it has no intent to regulate edge providers."
3 gadgets that are
always listening and how to stop them. Personal digital assistants, such as Apple's Siri, Amazon's Alexa, Google's
Google Now and Microsoft's Cortana, are like something out of science fiction. A comparison is often made to the
helpful-turned-homicidal computer Hal 9000 from the movie "2001: A Space Odyssey." Of course, while today's personal digital
assistants aren't going to try to kill you (hopefully), they do have this in common with Hal: They're always listening.
Fortunately, also unlike Hal, stopping them from listening is simple.
AT&T
Helped N.S.A. Spy on an Array of Internet Traffic. The National Security Agency's ability to spy on vast
quantities of Internet traffic passing through the United States has relied on its extraordinary, decades-long partnership
with a single company: the telecom giant AT&T. While it has been long known that American telecommunications companies
worked closely with the spy agency, newly disclosed N.S.A. documents show that the relationship with AT&T has been considered
unique and especially productive. One document described it as "highly collaborative," while another lauded the company's
"extreme willingness to help."
VW
Has Spent Two Years Trying to Hide a Big Security Flaw. Thousands of cars from a host of manufacturers have
spent years at risk of electronic car-hacking, according to expert research that Volkswagen has spent two years trying to
suppress in the courts. "Keyless" car theft, which sees hackers target vulnerabilities in electronic locks and
immobilizers, now accounts for 42 percent of stolen vehicles in London. BMWs and Range Rovers are particularly
at-risk, police say, and can be in the hands of a technically minded criminal within 60 seconds. Security
researchers have now discovered a similar vulnerability in keyless vehicles made by several carmakers.
Hacker's
RollJam device can steal your car keys, open your garage. [Scroll down] It's a
proven system that's secured tens of millions of cars and remote garage door openers for
years. And now it may be useless. White-hat hacker Samy Kamkar, who last week cracked
GM's OnStar smartphone app security and demonstrated his ability to illicitly unlock and start a car
over a cellular network, has developed a device made from $20 worth of parts that he calls the
RollJam, which does exactly what its name implies.
Facebook
Monitors Your Private Messages and Photos For Criminal Activity, Reports them to Police. Facebook has a new
little known software that monitors your profile chat and pictures for criminal activity. The software will proceed
to alert an employee at the company who will then decide whether to call authorities or not. The software will monitor
individuals who have a 'loose' relationship on social media networks, according to an interview with Facebook Chief Security
Officer Joe Sullivan.
'Tape
Your Webcam': Horrifying Malware Broadcasts You to the World. The Internet is flush
with webcam videos of people who clicked unwittingly on a malware link and opened their computer to
anonymous miscreants intent on mocking, blackmailing or simply spying on them, according to a report
being published Thursday [7/30/2015]. There's not enough being done about such little-known but
alarming invasions of privacy, the Digital Citizens Alliance says in its report on computer "slaving"
by programs known as Remote Access Trojans, or RATs. However, the organization says both
corporations and individuals can take steps to address the problem. "Tape your webcam," advises
Adam Benson, deputy executive director of the Digital Citizens Alliance. "I have tape on both my
work computer and home computer." He also suggests not clicking on links with uncertain destinations,
and keeping anti-virus software and device operating systems up to date.
Will
the Internet Listen to Your Private Conversations? The Echo, a $180 cylindrical device
that began general shipping in July after months of public testing, is the latest advance in
voice-recognition technology that's enabling machines to record snippets of conversation that
are analyzed and stored by companies promising to make their customers' lives better.
Hillview
man arrested for shooting down drone; cites right to privacy. Hillview Police say they
were called [7/26/2015] to the home of 47-year-old William H. Merideth after someone complained
about a firearm. When they arrived, police say Merideth told them he had shot down a drone that
was flying over his house. The drone was hit in mid-air and crashed in a field near Merideth's
home. Police say the owner of the drone claimed he was flying it to get pictures of a friend's
house — and that the cost of the drone was over $1,800.
$300
gadget steals encryption keys out of the air, and it's nearly unstoppable. Just when
you thought you were safe, a new hacking toy comes along and rocks your world. Imagine a tool exists
that lets hackers pluck encryption keys from your laptop right out of the air. You can't stop it by
connecting to protected Wi-Fi networks or even disabling Wi-Fi completely. Turning off Bluetooth
also won't help you protect yourself. Why? Because the tiny device that can easily be hidden in
an object or taped to the underside of a table doesn't use conventional communications to pull off capers.
Instead it reads radio waves emitted by your computer's processor, and there's really nothing you can do to
stop it.
Is
facial recognition a threat on Facebook and Google? Facebook is one of the leading
organizations in the world developing facial-recognition algorithms. Facebook software can now
identify people in photographs as well as people can. Facebook's DeepFace (no, I'm not
kidding — it's called DeepFace) can tell whether the subjects in two different
photographs are the same person with 97% accuracy. That's even better than the FBI's own Next
Generation Identification system. DeepFace achieves this amazing feat by analyzing faces, turning
them into 3D models, then making it possible to recognize the faces from angles and under lighting
conditions that are different from those in other photos of the same person. The technology uses
more than 120 million parameters, and a page on Facebook's research website explains that the company
"trained it on the largest facial dataset to-date, an identity labeled dataset of four million facial
images belonging to more than 4,000 identities."
Google
eavesdropping tool installed on computers without permission. Privacy campaigners and
open source developers are up in arms over the secret installing of Google software which is capable
of listening in on conversations held in front of a computer. First spotted by open source
developers, the Chromium browser — the open source basis for Google's Chrome —
began remotely installing audio-snooping code that was capable of listening to users.
Fired
worker sues company over 24-7 tracking app. Myrna Arias didn't like the GPS app on her phone that
constantly tracked her, so she uninstalled it. The problem: Arias' iPhone was issued by her employer,
which required her to run the app constantly, and after she removed it, the California woman was fired.
Now she's suing her former employer, money transfer service Intermex, for invasion of privacy, unfair business
practices, and retaliation, among other things, Ars Technica reports.
Worker
fired for disabling GPS app that tracked her 24 hours a day. A Central California woman claims she was fired after
uninstalling an app that her employer required her to run constantly on her company issued iPhone — an app that tracked
her every move 24 hours a day, seven days a week. Plaintiff Myrna Arias, a former Bakersfield sales executive for money
transfer service Intermex, claims in a state court lawsuit that her boss, John Stubits, fired her shortly after she uninstalled the
job-management Xora app that she and her colleagues were required to use.
The Editor says...
The way I understand it, if the company owns the phone, you have to leave it configured the way the company set it up.
The big question in this case is whether the company can compel you to lug the phone with you wherever you go.
If you don't want the company tracking your movements, all you have to do is wrap the phone in aluminum foil.
The GPS won't work, the cell phone sites won't see the phone, and the tracking apps will immediately stop working.
The phone won't be able to receive calls (of course) until you unwrap it, but if you're not "on call" 24/7, that's
not an issue.
Lost
in the clouds: 7 examples of compromised personal information. Each day millions of
people across the globe create backups of their files. These backups are supposed to offer
a measure of assurance that their files are safe, but that's not entirely true. In fact,
depending on how you've configured the device, your backups are freely available online to anyone
who knows what they're looking for.
What the Progressive Snapshot is to your car, this device is to your body.
Insurance
co. wants to track you 24/7 for a discount. It's increasingly popular to wear a fitness
tracker that measures your footsteps, heart rate or body movements. Now, the life insurance company
John Hancock is offering deal if you'll wear one: 15% off in some cases. The company
unveiled its optional, new program Wednesday morning [4/8/2015]. John Hancock is partnering
with Vitality, which many people probably know as one of those work-related wellness programs.
The program is available in 30 states.
The Editor says...
The problem with this sort of idea is that if a high enough percentage of adults voluntarily
participate, the program will become mandatory for everyone else, because obviously the holdouts
don't know what's good for them.
Ask.com can hijack
your computer using Java updates. We learned this week that more than 317 million
computer viruses or other malicious programs were unleashed by hackers last year, according to the
Internet security firm Symantec. That's nearly a million new cyberthreats daily. But not all
attempts at messing with your computer are from sneaky, illegitimate sources. Some are from big-name
tech companies that don't seem to care what you think of them. Anyone whose computer has been
hijacked by the Ask.com toolbar knows exactly what I mean.
Twitter
puts trillions of tweets up for sale to data miners. You are travelling by plane to
see your newborn grandchild. As you board the aircraft, the cabin crew address you by name and
congratulate you on the arrival of a bouncing baby boy. On your seat, you find a gift-wrapped blue
rattle with a note from the airline. In Twitter data strategy chief Chris Moody's vision of the
future, companies surprising their customers like this could become an everyday occurrence —
made possible because Twitter is listening.
The Editor says...
If someone read your mail and then congratulated you on an unpublicized event, you'd call them a busybody.
Companies who pretend to be helpful by reading your social media pages are really just nosy.
Visa
wants to track your smartphone to combat fraud. Visa will introduce a feature this
spring that will allow its cardholders to inform their banks where they are automatically, using the
location function found in nearly every smartphone. Having your bank and Visa know where you are
at all times may sound a little like Big Brother. But privacy experts are applauding the feature,
saying that, if used correctly, it could protect cardholders and cut down on credit card fraud.
Hang on, this Wi-Fi doll records
your child's voice? What could possibly go wrong? Mattel has unveiled a high-tech
Barbie that will listen to your child, record its words, send them over the internet for processing,
and talk back to your kid. It will email you, as a parent, highlights of your youngster's
conversations with the toy. If Samsung's spying smart TVs creeped you out, this doll may be
setting off alarm bells too — so we drilled into what's going on.
Microsoft, Lenovo
scramble to protect users from Superfish security flaw. Superfish, a little-known
Silicon Valley startup, is defending itself amid a firestorm of criticism for making software that
exposed Lenovo laptop users to hackers bent on stealing personal information. Researchers
revealed Thursday that a vulnerability in Superfish software, which came pre-loaded on many Lenovo
laptops, could let hackers impersonate shopping, banking and other websites and steal users' credit
card numbers and other personal data.
How Lenovo's
Superfish 'Malware' Works And What You Can Do To Kill It. Lenovo might have made one
of the biggest mistakes in its history. By pre-installing software called 'Superfish' to get ads on
screens it's peeved the entire privacy community, which has been aghast this morning on Twitter.
There are serious security concerns about Lenovo's move too as attackers could take Superfish and use it
to ensnare some unwitting web users. Here's what you need to know about Superfish and what you
can do to stop it chucking irksome ads on your browser and leaving you open to hackers.
Lenovo
caught installing adware on new computers. It looks like Lenovo has been installing
adware onto new consumer computers from the company that activates when taken out of the box for the
first time. The adware, named Superfish, is reportedly installed on a number of Lenovo's consumer
laptops out of the box. The software injects third-party ads on Google searches and websites without
the user's permission.
Your Samsung
TV Is Snooping on You. Your Samsung smart TV is capturing your conversations.
Samsung's privacy policy for an internet-connected smart tv with voice commands reads, "Please be
aware that if your spoken words include personal or other sensitive information, that information
will be among the data captured and transmitted to a third party."
Samsung's
Smart TVs Are Collecting And Storing Your Private Conversations. Compare Samsung's
wording... ["]Please be aware that if your spoken words include personal or other sensitive
information, that information will be among the data captured and transmitted to a third party
through your use of Voice Recognition.["] with Orwell's: ["]The telescreen received and
transmitted simultaneously. Any sound that Winston made, above the level of a very low
whisper, would be picked up by it, moreover, so long as he remained within the field of vision
which the metal plaque commanded, he could be seen as well as heard. There was of course no
way of knowing whether you were being watched at any given moment...["]
[Emphasis in original.]
Facebook
Will Tag You in Photos with Creepy Recognition Software. Facebook is getting "aggressive" about
tagging people in photos posted on the social networking site. Its facial-recognition software, with the
creepy name DeepFace, is going through the massive archive of photos and identifying people. And the software
is good at it.
Not in front of the telly: Warning over
'listening' TV. Samsung is warning customers about discussing personal information in
front of their smart television set. The warning applies to TV viewers who control their Samsung
Smart TV using its voice activation feature. Such TV sets "listen" to some of what is said in
front of them and may share details they hear with Samsung or third parties, it said. Privacy
campaigners said the technology smacked of the telescreens, in George Orwell's 1984, which spied on
citizens.
Is
your TV eavesdropping on private conversations? Samsung reveals its smart sets can capture every
word. Smart TVs and high-end games consoles that 'listen' to voice commands are
becoming increasingly popular. But Samsung is today under fire for what it does with this audio
information after it is collected. In its privacy policy, the South Korean firm has revealed that
if their conversations contain 'personal or other sensitive information', this will be captured and
transmitted to an unidentified third party.
Report
Sees Weak Security in Cars' Wireless Systems. Serious gaps in security and customer
privacy affect nearly every vehicle that uses wireless technology, according to a report set to be
released on Monday [2/9/2015] by a senator's office. [...] The report found that large amounts of
data on driving histories are harvested, frequently without consumers being explicitly aware that
the information is being collected or how it will be used. At least nine automakers use third-party
companies to collect vehicle data, which can make consumers even more vulnerable, and some transmit
that data to third-party data centers too.
Mass.
Retailers Ask For ZIP Code, And Lawsuits Follow. In the past two years, at least 25
retailers have been sued for more than $100 million for requesting ZIP code information from
Massachusetts customers. Most of the lawsuits have been settled or withdrawn, but the practice of
asking customers for their postal codes — bits of information with a marketing value of
perhaps 5 cents each — has cost retailers millions of dollars in settlements and attorneys' fees.
Report:
Uber Tracks Users' Sexual Liaisons. An Uber executive's suggestion that the company
should investigate the private lives of journalists has sparked a backlash against the popular car
service, offering a potent reminder that tech companies are amassing detailed — and
potentially embarrassing — records of users' communications, Internet traffic and even
physical movements.
Everything
Google knows about you (and how it knows it). According to Google, I am a woman
between the ages of 25 and 34 who speaks English as her primary language and has accumulated an
unwieldy 74,486 e-mails in her life. I like cooking, dictionaries and Washington, D.C. I own a Mac
computer that I last accessed at 10:04 p.m. last night, at which time I had 46 open Chrome tabs.
And of the thousands and thousands of YouTube videos I have watched in my lifetime, a truly embarrassing
number of them concern (a) funny pets or (b) Taylor Swift. I didn't tell Google any of these
things intentionally, of course — I didn't fill out a profile or enter a form. But
even as you search Google, it turns out, Google is also searching you.
Critics
chafe as Macs send sensitive docs to iCloud without warning. [Scroll down] But
it nonetheless came as a surprise to researcher Jeffrey Paul, who said he was alarmed to recently
discover a cache of in-progress files he intended to serve as "temporary Post-It notes" that had
been silently uploaded to his iCloud account even though he never intended or wished them to be.
"Apple has taken local files on my computer not stored in iCloud and silently and without my
permission uploaded them to their servers," Paul wrote in a recent blog post.
Verizon,
AT&T tracking their users with 'super-cookies'. Verizon and AT&T have been quietly
tracking the Internet activity of more than 100 million cellular customers with what critics have
dubbed "supercookies" — markers so powerful that it's difficult for even savvy users to
escape them. The technology has allowed the companies to monitor which sites their customers
visit, cataloging their tastes and interests. Consumers cannot erase these supercookies or evade
them by using browser settings, such as the "private" or "incognito" modes that are popular among
users wary of corporate or government surveillance.
They can probably see a lot more than your face right now,
but the pictures are intentionally fuzzied up. Google's
Satellites Could Soon See Your Face from Space. Skybox's satellites cannot capture
details as small as license plate numbers or someone's face — yet. But DigitalGlobe's
might. At 25 centimeters, the images will be detailed enough to classify the make of a car.
If the restrictions relax further, the plate number or owner's face could come into clear view.
Growing
Backlash to Facebook's Ambient Sound Recording Feature. Seems not everybody is happy
with Facebook's gift of a built-in ambient sound recorder. An Australian news site reports that
"the feature has sparked an online backlash, with users mobilising [sic] in an effort to get the
social media giant to kill off the development." The petition has over half a million
signatures as of press time.
Why
the young need to read 1984. Young people too willingly surrender their privacy to
Google and Facebook, a leading scientist warned yesterday [6/5/2014]. Noel Sharkey, a professor
of artificial intelligence and robotics at Sheffield University, said that older people were more
cautious with their personal data.
'Do
not track'? : The browser privacy system is in tatters. In 2009, a few Internet
privacy advocates developed an idea that was supposed to give people a way to tell websites they
don't want to be monitored as they move from website to website. The mechanism, which would
eventually be built into all the major browsers, was called Do Not Track. With a single browser
setting, these advocates thought, users would be able to communicate a preference for their
privacy. It would be easier than downloading add-on software or creating a blacklist of specific
companies to block. Do Not Track, or DNT, would be the Web's version of the telemarketer Do Not
Call list. But today, DNT hangs by a thread, neutered by a failure among stakeholders to reach
agreement.
Researchers
develop formula that reveals home location based on tweets. IBM researches announced Friday [3/21/2014]
they successfully developed an algorithm to track down any Twitter user's home city based on metadata contained in
their last 200 tweets. The formula, which researchers said could benefit targeted advertising for marketers
or locating major news events for journalists, has an almost 70 percent rate of accuracy according to MIT
Technology Review, and is the latest research finding to highlight the possible danger to privacy and security
presented by metadata collection and analysis.
Capital One says it can show up at cardholders' homes,
workplaces. Credit card issuer Capital One isn't shy about getting into customers' faces. The company recently sent a contract
update to cardholders that makes clear it can drop by any time it pleases. The update specifies that "we may contact you in any manner we
choose" and that such contacts can include calls, emails, texts, faxes or a "personal visit." As if that weren't creepy enough, Cap One
says these visits can be "at your home and at your place of employment." The police need a court order to pull off something like that.
It will soon be technically
impossible to be anonymous. Whether we like it or not (and often we do), we are getting ever more astonishingly accurate authentication links between
people and machines. It soon will be technically impossible to stay "anonymous". Data we emit as people as we do anything other than sit alone starving
in a cave will be collected and stored and processed as part of things working normally. That data will throw up patterns of behaviour that can be used for
both good and malign purposes, by both government agencies and private organisations.
Somewhat related: Ford: 'We have GPS in your car, so
we know what you're doing'. A top Ford executive made a startling admission about the amount of data the auto maker tracks from
its customers at the 2014 Consumer Electronics Show this week. "We know everyone who breaks the law, we know when you're doing it," Ford
Vice-President Jim Farley told a crowd in Las Vegas during the show. "We have GPS in your car, so we know what you're doing."
The global marketing and sales division chief was trying to make a larger point about the amount of real-time data Ford has on drivers that
could be used in the future to alleviate problems like traffic congestion.
Update:
Exec Backpedals
After Saying Ford Tracks Drivers. A Ford Motor executive who said the company tracks and collects data on how Ford customers drive
their vehicles said Thursday [1/9/2014] that he regrets making the comments. Jim Farley, executive vice president of marketing and sales
at Ford, said that he was wrong to suggest to customers that the automaker uses GPS devices in vehicles to collect data on how people drive.
Google
wants to move into your Home: Giant plans to fit microphones in ceilings. Google is already heavily criticised for trying to
know almost everything about us, and now the firm wants to get inside our homes, literally. Engineering director Scott Huffman told
The Independent that in his vision of the future Google users would have microphones fitted inside their homes.
2 million Facebook, Gmail and Twitter passwords stolen in massive
hack. Hackers have stolen usernames and passwords for nearly two million accounts at Facebook, Google, Twitter, Yahoo and others, according
to a report released this week. The massive data breach was a result of keylogging software maliciously installed on an untold number of computers
around the world, researchers at cybersecurity firm Trustwave said.
Memo to Workers: The Boss Is Watching. Blue-collar
workers have always been kept on a tight leash, but there is a new level of surveillance available to bosses these days. Thanks to mobile devices and
inexpensive monitoring software, managers can now know where workers are, eavesdrop on their phone calls, tell if a truck driver is wearing his seat belt and
intervene if he is tailgating.
Big brother is watching you in Vegas, except in hotel hallways.
Closed circuit cameras hidden behind plastic ceiling domes are omnipresent in pop culture portrayals of Sin City. [...] Yet the Associated Press found that 23 of the
27 major Strip casinos have no surveillance in hotel hallways or elevator landings.
Phone companies remain silent over legality of NSA data
collection. America's top telecommunications companies are refusing to say whether they accept that the bulk collection of their customers' phone
records by the National Security Agency is lawful. The phone companies are continuing to guard their silence over the controversial gathering of metadata
by the NSA, despite the increasingly open approach by those at the center of the bulk surveillance programme. On Tuesday [9/17/2013] the secretive foreign
intelligence surveillance (Fisa) court declassified its legal reasoning for approving the NSA telephone metadata program periodically over the past six years.
Google knows nearly every Wi-Fi password
in the world. If an Android device (phone or tablet) has ever logged on to a particular Wi-Fi network, then Google probably knows the
Wi-Fi password. Considering how many Android devices there are, it is likely that Google can access most Wi-Fi passwords worldwide.
CFPB's
data-mining on consumer credit cards challenged in heated House hearing. Consumer Financial Protection Bureau officials are seeking
to monitor four out of every five U.S. consumer credit card transactions this year — up to 42 billion transactions —
through a controversial data-mining program, according to documents obtained by the Washington Examiner.
Attention, Shoppers: Store Is Tracking
Your Cell. Like dozens of other brick-and-mortar retailers, Nordstrom wanted to learn more about its customers — how many
came through the doors, how many were repeat visitors — the kind of information that e-commerce sites like Amazon have in spades.
So last fall the company started testing new technology that allowed it to track customers' movements by following the Wi-Fi signals from their
smartphones.
The Web
Cookie Is Dying. Here's The Creepier Technology That Comes Next. Many Internet advertisers rely on cookies, digital code stored on
your browser. [...] The problem for marketers is that some users set their browsers to reject cookies or quickly extinguish them. And
mobile phones, which are taking an increasing chunk of the Web usage, do not use cookies. To combat the cookie's flaws, advertisers
and publishers are increasingly turning to something called fingerprinting.
Big Brother alert: Cameras in the cable box to
monitor TV viewers. New technology would allow cable companies to peer directly into television watchers' homes and monitor viewing habits and
reactions to product advertisements. The technology would come via the cable box, and at least one lawmaker on Capitol Hill is standing in opposition.
Massachusetts Democratic Rep. Michael Capuano has introduced a bill, the We Are Watching You Act, to prohibit the technology on boxes and collection of
information absent consumer permission.
You
Thought You Had Privacy Before the NSA Leak? What About Facebook? Your privacy has already been invaded by Facebook and
the other tech giants that collected the data in the first place. If the government is turning to Big Brother in an effort to
safeguard the homeland, then the tech companies are Rich Uncles, intent on getting ever richer.
NSA
Built Back Door In All Windows Software by 1999. In researching the stunning pervasiveness of spying by the government
(it's much more wide spread than you've heard even now), we ran across the fact that the FBI wants software programmers to install a
backdoor in all software. Digging a little further, we found a 1999 article by leading European computer publication
Heise which noted that the NSA had already built a backdoor into all Windows software.
New Xbox by NSA partner Microsoft
will watch you 24/7. One of the console's key features is the full integration of the Kinect, a motion sensing camera that
allows users to play games, scroll through menus, and generally operate the Xbox just using hand gestures. Microsoft has touted the
camera as the hallmark of a new era of interactivity in gaming. What Microsoft has not promoted, however, is the fact that you will
not be able to power on the console without first enabling the Kinect, designed to detect both heartbeats and eye movement[,] and
positioning yourself in front of it.
Is
Big Data Turning Government Into 'Big Brother'? With every phone call they make and every Web excursion they take, people are leaving
a digital trail of revealing data that can be tracked by profit-seeking companies and terrorist-hunting government officials.
Your Computer is Bugging Your House.
The computer you are sitting at right now probably has a microphone. It probably also has a camera looking at you this moment.
Is it sending sound and pictures from inside your house to the PRISM program at NSA? Who knows? But one thing is for
sure — the technology is sitting there, on your desk. Welcome to Winston's world.
Bloomberg Admits Terminal Snooping.
Reporters at Bloomberg News were trained to use a function on the company's financial data terminals that allowed them to view
subscribers' contact information and, in some cases, monitor login activity in order to advance news coverage, more than half
a dozen former employees said.
The Internet is a surveillance state.
Whether we admit it to ourselves or not, and whether we like it or not, we're being tracked all the time. Google tracks us, both on
its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks us on
our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies tracked his
Internet use during one 36-hour period. Increasingly, what we do on the Internet is being combined with other data about us.
Online
ad firm agrees to stop 'history sniffing' in Web browsers. A digital advertising company agreed Wednesday [12/5/2012] to end its
practice of "history sniffing," the practice of secretly tracking Internet users' activity through their Web browsers. Epic Marketplace Inc. and a
subsidiary were able to place a code in user's Web browsers allowing them to instantly see whether the unwitting users had visited any of the more than
50,000 websites that they were monitoring, including pages related to impotence, fertility issues and personal bankruptcy.
Facebook
accused of massive 'data grab' with new service that automatically uploads your phone pictures. Facebook has been accused
of a massive 'data grab' after encouraging users to allow it to automatically synchronise photos from their mobile devices to the social
networks servers. The social network from Friday began asking users of its mobile apps to activate its new Photo Sync, which will
automatically upload each picture to a private album. Whether or not users decide share the photos on their public newsfeed,
Facebook itself will still have access.
Bionic Mannequins Spy on
Shoppers to Boost Luxury Sales. The EyeSee looks ordinary enough on the outside, with its slender polystyrene frame, blank face and
improbable pose. Inside, it's no dummy. A camera embedded in one eye feeds data into facial-recognition software like that used by
police. It logs the age, gender, and race of passers-by.
Microsoft
wants to know how many friends you've got in your living room. One of Microsoft's latest patent applications is a humdinger.
It proposes to turn the Kinect camera into a snitch for movie studios, reporting back just how many friends you've got in your living room and
what they're watching. Think that sounds alarmist? Here's what it actually says: "The users consuming the content on a display
device are monitored so that if the number of user-views licensed is exceeded, remedial action may be taken." It's that blatant — a
system to spy on private viewing habits.
Vast F.D.A. Effort Tracked E-Mails
of Its Scientists. [Scroll down] The software used to track the F.D.A. scientists, sold by SpectorSoft of Vero Beach, Fla.,
costs as little as $99.95 for individual use, or $2,875 to place the program on 25 computers. It is marketed mainly to employers to
monitor their workers and to parents to keep tabs on their children's computer activities. "Monitor everything they do," says SpectorSoft's
Web site. "Catch them red-handed by receiving instant alerts when keywords or phrases are typed or are contained in an e-mail, chat, instant
message or Web site."
Is
your TV watching you? Latest models raise concerns. Samsung's 2012 top-of-the-line plasmas and LED HDTVs offer new
features never before available within a television including a built-in, internally wired HD camera, twin microphones, face
tracking and speech recognition. While these features give you unprecedented control over an HDTV, the devices themselves,
more similar than ever to a personal computer, may allow hackers or even Samsung to see and hear you and your family, and
collect extremely personal data.
Street
View cars grabbed locations of phones, PCs. Google's Street View cars collected the
locations of millions of laptops, cell phones, and other Wi-Fi devices around the world, a practice
that raises novel privacy concerns, CNET has confirmed. The cars were supposed to collect the
locations of Wi-Fi access points. But Google also recorded the street addresses and unique
identifiers of computers and other devices using those wireless networks and then made the data
publicly available through Google.com until a few weeks ago.
Why is Sprint installing junk apps on my
Android phone? A few days ago I noticed a strange app on my HTC Evo Android smartphone.
It's a demo version of a sci-fi shooter game called N.O.V.A. It wasn't preinstalled, I didn't download
it, and I can't uninstall it. I checked to see what it does on my phone and was shocked to see the
long list of permissions it has.
On the Web, Children
Face Intensive Tracking. A Wall Street Journal investigation into online privacy has found that
popular children's websites install more tracking technologies on personal computers than do the top websites
aimed at adults. The Journal examined 50 sites popular with U.S. teens and children to see what
tracking tools they installed on a test computer. As a group, the sites placed 4,123 "cookies," "beacons"
and other pieces of tracking technology.
Is Your Detergent Stalking You?
Unilever's Omo detergent is adding an unusual ingredient to its two-pound detergent box in Brazil: a
GPS device that allows its promotions agency Bullet to track shoppers and follow them to their front doors.
Backdoor found in Energizer Duo USB battery
charger. Software that can be downloaded for use with the Energizer Duo USB battery charger
contains a backdoor that could allow an attacker to remotely take control of a Windows-based PC, Energizer
and US-CERT is warning.
GM
backs mandatory vehicle 'black boxes'. General Motors Co. supports legislation to require
so-called "black boxes" in vehicles, to collect crash data, and it is willing to support additional
"reasonable" auto safety legislation. In a roundtable interview with reporters today, GM's new
vice president for government relations, Robert E. Ferguson, said the company backs legislation
in the works from Rep. Gene Green, D-Texas, to mandate event data recorders.
Software Turns Your Cell Phone
Against You. Malicious software for cell phones could pose a greater risk for consumer's personal and
financial well-being than computer viruses, say scientists from Rutgers University. The scientists have made a
particularly resilient malware, known as a rootkit, that can turn a cell phone's microphone, GPS and battery against
the phone's owner.
The Editor says...
That's odd. Up until now, anyone who developed a rootkit was called a hacker by the mainstream
news media. Why, in this case, are they being called scientists?
Windows 7 Update "Phones Home" to Microsoft
Every 90 Days. The release of Windows 7 "Update for Microsoft Windows (KB971033)" will
change the current activation and anti-piracy behavior of Windows 7 by triggering automatic "phone
home" operations over the Internet to Microsoft servers, typically for now at intervals of around
90 days. The purpose? To verify that you're not running a pirated copy of Windows...
What the
data miners are digging up about you: Databases know more about you than you realise. A
Carnegie Mellon University study recently showed that simply by knowing gender, birth date and postal zip code,
87% of people in the United States could be pinpointed by name. Websites can collect huge amounts of data from
users. Retailers, for example, can track our every click, what we buy, how much we spend, which advertisements
we see — even which ones we linger over with our mouse.
The Coolest (or
Creepiest) Thing on Facebook. Facebook likes to talk about privacy, but, let's be honest:
If you've spent any time on the social networking behemoth, you know the site is all about revealing yourself.
A new app, however, may take Facebook's hey-look-at-me culture one step too far.
Photocopiers
with disk drives could be used for ID theft. Consumers are bombarded with warnings
about identity theft. Publicized threats range from mailbox thieves and lost laptops to the
higher-tech methods of e-mail scams and corporate data invasions. Now, experts are warning
that photocopiers could be a culprit as well.
Neighbor's data shows up in my browser.
There seems to be some way that my next-door-neighbor's information got into my PC. They always have their
wireless internet on, but my wireless reception is usually disabled. I really don't know how this could
have happened. Of course, since the problem showed up while I was doing my taxes, I am even more paranoid
about what information of mine might have been swapped between households.
Personal
data found hidden in iTunes tracks. Fresh privacy fears have been sparked after it emerged that
Apple has embedded personal information into music files bought from its iTunes online music store.
Technology websites examining iTunes products discovered that personal data, including the name and e-mail
addresses of purchasers, are embedded into the AAC files that Apple uses to distribute music tracks.
Adi Shamir's bug attack: One
(possibly hidden and intentional) bug in any high-level microprocessor as used in any modern configuration can
possibly leak secret keys used by Public-Key Infrastructures. How easy is it to verify that such a single
multiplication bug does not exist in a modern microprocessor, when its exact design is kept as a trade secret?
McCain loan could violate donor privacy.
When John McCain's presidential campaign all but went broke, it borrowed money from its bank using its fundraising
list as collateral. Problem: McCain's own privacy policy promises donors he won't sell their
information. That seems to put the Republican senator's campaign in a pickle; either it pledged to its
bank proceeds from something it can't sell, or it offered to violate its own promise to donors.
AT&T's Internet Monitoring Plans: News
stories are now appearing widely about an AT&T plan to try block pirated content at the network
level. To actually pick out particular content from those streams would imply the need to actually
examine and characterize the payload of files to locate and block potentially offending music and/or video
content.
AT&T
rewrites the rules: Your data isn't yours. AT&T has issued an updated privacy policy that
takes effect Friday [6/23/2006]. The changes are significant because they appear to give the telecom
giant more latitude when it comes to sharing customers' personal data with government officials. The
new policy says that AT&T — not customers — owns customers' confidential info and can
use it "to protect its legitimate business interests, safeguard others, or respond to legal process."
RIAA Still Feels Entitled To Scour Everyone's
Hard Drives. Ever since the RIAA started taking on file sharing, it's always acted as if it were
entitled to all sorts of things it isn't: access to the names associated with IP addresses without filing
lawsuits, private info on the people they're suing and even the aid of the FBI in what's clearly a civil, not
criminal, dispute.
Lawsuits mounting over massive customer data
breach at TJX. The TJX Cos. Inc. faces federal lawsuits in five additional states over a data theft
that exposed at least 45 million credit and debit cards to potential fraud, according to a regulatory
filing Thursday [6/7/2007] by the owner of stores including T.J. Maxx and Marshalls.
Printer steganography: Many
color printers (Xerox, HP, etc.) add barely visible yellow dots that encode printer serial numbers and
time stamps, down to the minute. Intended primarily to combat counterfeiters, the purportedly
"secret" steganographic code in color printer copies has now
been decoded by
four people at the Electronic Frontier Foundation. There are of course various
slippery-slope privacy issues.
Sleuths
Crack Tracking Code Discovered in Color Printers. It sounds like a conspiracy theory, but
it isn't. The pages coming out of your color printer may contain hidden information that could be
used to track you down if you ever cross the U.S. government.
Printer dots raise privacy
concerns. The affordability and growing popularity of color laser printers is raising concerns among civil
liberties advocates that your privacy may not be worth the paper you're printing on. More manufacturers are
outfitting greater numbers of laser printers with technology that leaves microscopic yellow dots on each printed page to
identify the printer's serial number — and ultimately, you, says the San Francisco-based Electronic Frontier Foundation,
one of the leading watchdogs of electronic privacy.
EFF's "Yellow Dots of
Mystery" on Instructables. Since late 2004, EFF has been warning the public about "printer
dots" — tiny yellow dots that appear on documents produced by many color laser printers and copiers.
These yellow dots form a coded pattern on every page the printer produces and can be used to identify
specific details about a document; for example, the brand, model, and serial number of the device that
printed it and when it was printed. In short, the printer dots are a surveillance tool that can
link each printed page to the printer that printed it.
Keep Your Grubby Mitts Off My Hard
Drive. Amazon's new UnBox video service turns out to have some traits that are even
more annoying than the impenetrable cellophane stickers they put on DVD cases. … To be allowed
the privilege of purchasing a video that I can't burn to DVD and can't watch on my iPod, I have to
allow a program to hijack my start-up and force me to login to uninstall it? No way."
Big
Brother Is Tracking You. Many new cell phones come equipped with tracking devices that
can pinpoint the location of the phone to within 30 feet. The feature offers lots of
possibilities both to users and law enforcement. Even the simplest phones now have enhanced
911 capability mandated by federal law, which can detect a caller's location within a broad area
through triangulated radio signals sent to cell towers.
20
inspectors suspended over GPS. The Massachusetts public safety commissioner
yesterday [7/10/2006] suspended 20 state building and engineering inspectors for refusing to accept
cellphones equipped with global positioning systems.
Camera With Pitt-Jolie Photos Is
Seized. Local police, accompanied by state police and Secret Service officers, went to the
Westfield home of William Keys on Tuesday to recover a digital camera's memory stick after three photos that
appeared on the Internet were tracked to Keys.
The Editor says...
[How did they track the photos to a specific camera? Sounds like I need to do some research.]
Cell Service Lets Parents Track
Kids by GPS. Up until now, parents had to deal with a separate company or buy special equipment
to track their children through their cell phones. Sprint Nextel Corp. becomes the first U.S. wireless
provider to sell its own product when the Family Locator Service rolls out Thursday [4/13/2006].
The Editor says...
The expression "Track Kids by GPS" is misleading. GPS is a one-way (receive only) service using weak signals that are unreliable inside
houses and cars, and completely useless in tunnels and underground parking garages. Nextel is most likely comparing the arrival time of PCS signals
at several different sites, and using simple calculations to figure out where the phone is. (That would be possible without GPS technology, but you'd need an
atomic clock at every cell phone site, so it wouldn't be economically feasible.) What it boils down to is simply this: Cell phone signals
travel about one foot in one nanosecond. If every cell phone site has a clock that is accurate to 10 nanoseconds, you can figure out where a
PCS phone is within 10 feet by comparing the arrival time of its signals at various (precisely known) locations around town.
The Choice Point
Syndrome. An extensive list of breaches of sensitive personal
information, disclosed just since January 2005.
A bank
you might not want to have Wachovia. More than
48,000 customers of Wachovia Corp. and 600,000 of Bank of America
Corp. have been notified that their financial records may have been stolen
by bank employees and sold to collection agencies.
Texas
loan company's personal data 'lost'. Texas Guaranteed Student Loan Corp. has announced the loss
of the names and Social Security numbers of 1.3 million customers.
Security
Breach Could Expose 40 Million to Fraud. A computer hacker may have
accessed more than 40 million credit card accounts in what could be the largest
in a series of recent security breaches involving consumer data, officials said.
MasterCard
says 68,000 Customers are at High Risk. Credit card users, don't fret. Only
a small fraction of the 13.9 million credit cards accounts at MasterCard exposed to
possible fraud were considered at high risk, the company said Saturday [6/18/2005].
LexisNexis
May Have Had Earlier Breach. A LexisNexis executive said
Wednesday [4/13/2005] there may have been an earlier breach of consumers' personal
data that was never reported to the public. The disclosure at a Senate hearing
came a day after London-based Reed Elsevier, which owns LexisNexis, revealed that
criminals may have breached computer files containing the personal information
of 310,000 people since January 2003.
Evidence From Black
Boxes in Cars Turns Up in Courts. An estimated 25 million automobiles
in the United States now have so-called event data recorders, a scaled-down version
of the devices that monitor cockpit activity in airplanes. Like aviation recorders,
automobile black boxes mainly receive attention after an accident. What the devices
record increasingly finds its way into courtrooms as evidence in criminal and civil
cases, leading some privacy advocates to question how the recorders came to be
installed so widely with so little public notice or debate.
Privacy
Experts Shun Black Boxes. Some safety and privacy experts
are reacting with apprehension, others with all out condemnation over
a recent ruling by the National Transportation Safety Board to require
electronic data recorders or "black boxes" in all new cars manufactured
in the United States. "I take offense that this personal property of
individuals is now being designed by the federal government," said Jim
Harper, privacy attorney and editor
of Privacilla.org.
Big
Brother rides shotgun: Rental-car company
uses GPS to track customer, fines him $450 for speeding.
Drivers
let Big Brother in to get a break. In two new tests, car owners will be able to
let insurance companies monitor their driving via new technology in exchange for lower
rates. The technology will track some combination of when, where, how far and how
fast they drive, giving insurers a way to reward low-risk driving. Now just
experiments, the technology might be a glimpse of the future of car insurance. [Or
the future of law enforcement. Or tax collection.]
How
to Build Privacy Into Customer Authentication. Reports of worsening identity
theft are pressuring companies to adopt stronger methods of making sure they know the identity
of their customers. Most customers will find this additional layer of security
comforting. But the more invasive authentication methods — biometrics,
especially — have people worried that they'll lose their privacy in the process. How
can businesses authenticate their customers without scaring them away? By putting
the consumer in control throughout the authentication process.
Residential
Internet Security: Two types of bad things can happen to an
Internet-connected home computer: The first involves a miscreant duping a user
into running harmful software-a worm, virus, Trojan Horse, or some form of spyware
that reports back some aspect of the user's activities or configuration. The
second bad thing involves a miscreant taking direct control of the computer
and running arbitrary software-either the user's own or the miscreant's. Of
course, many type-1 Trojan Horses give attackers type-2 control, but
the type-1 exploit isn't the only path to type-2 control.
Car-tracking
system: Promises and potholes. General Motors plans to
begin installing new sensors and communications systems into vehicles
next year in a move that could save lives but that also raises
privacy concerns.
It's
Raining Privacy Notices: American consumers
are being leafleted this spring with privacy notices from financial institutions
that invite them to say "no thanks" to having their personal information shared
with third parties. But some privacy advocates say the notices fail to
communicate to consumers, in clear English, their right under federal law to
opt out of data sharing.
TiVo
Technology Erodes Privacy: A group that is
an advocate for our right to
privacy, The Privacy Foundation, has
discovered that TiVo, a system that allows us to record TV shows onto a hard drive, has
been routinely selling information about viewers' habits to advertisers and
the television networks. In other words, TiVo has been sharing its customers'
viewing practices via the phone lines hooked to their recording devices
without viewers' consent or even knowledge.
Netscape
Navigator Browser Snoops On Web Searches: AOL Time
Warner's Netscape unit is snooping on searches
performed by users of its latest Navigator browser at Google
and other search sites. According to a network traffic analysis
performed by Newsbytes, Netscape is capturing Navigator 6 users' search
terms, along with their Internet protocol (IP) address, the date Navigator
was installed and a unique identification number.
The World's Most Privacy-Conscious
Browser. Most browsers offer the option of removing potentially privacy-shattering content saved
on the user's PC, such as searches performed and visited websites. Enter Browzar — the browser which
specialises in doing so to the extent that all of the user's browsing activity is automatically removed once
the application has been closed.
Anonymous
No More On AOL: Warning to anonymous critics on Internet chat
boards trying to sink stocks: We may soon know who you are.
A Setback
for Online Privacy: The ruling against the world's largest
ISP goes to the heart of the question of anonymity on the Internet, and marks
a new stage in the evolution of privacy laws as they pertain to the Internet and
identities of Web surfers, privacy experts said.
One-Third
of U.S. Online Workforce under Internet/E-Mail Surveillance: This
study is the first attempt to estimate the extent of workplace monitoring
based on self-reported user-base ("seats") and revenue figures from publicly-traded
companies that sell e-mail and Internet monitoring software. The report focuses
strictly on continuous, systematic monitoring of employees, rather than
random spot-checks.
Privacy
groups take aim at Microsoft Passport: Thirteen organizations, headed
by the Electronic Privacy Information Center, supported an updated complaint with
the Federal Trade Commission, alleging that Microsoft is in violation of
Section 5 of the FTC Act because of its data collection, sharing and security
practices with Passport.
Who's
Watching You in Your Hotel Room?: Next
time you check into a hotel, you may want to
consider asking if there are any hidden cameras in
your assigned room. There could be cameras hidden in
mirrors, television sets, lamps and even the radio
alarm clock on your nightstand.
Privacy
Laws: Not Gonna Happen. Privacy
legislation may not be going public anytime soon. Conventional
wisdom in the nation's capital says that the prospect of Congress
enacting Internet privacy laws is extraordinarily likely, and
perhaps even inevitable.
Privacy
at Work? Be Serious. If you feel
your privacy at work has been eroding lately, it's probably more
than just your imagination. Experts say companies are under
increasing pressure to monitor employees electronically, and
workers should assume they are being watched.
Email
Privacy: If you want privacy, don't count on email. Here's why.