Items tagged with: privacy
"Snapchat employees abused data access to spy on users" - https://www.vice.com/en_us/article/xwnva7/snapchat-employees-abused-data-access-spy-on-users-snaplion
Opinion | Your Car Knows When You Gain Weight - The New York Times
Today’s cars are equipped with telematics, in the form of an always-on wireless transmitter that constantly sends vehicle performance and maintenance data to the manufacturer. Modern cars collect as much as 25 gigabytes of data per hour, the consulting firm McKinsey estimates, and it’s about much more than performance and maintenance.
Cars not only know how much we weigh but also track how much weight we gain. They know how fast we drive, where we live, how many children we have — even financial information. Connect a phone to a car, and it knows who we call and who we text.
But who owns and, ultimately, controls that data? And what are carmakers doing with it?
Carmakers use data to alert us when something needs repair or when our cars need to be taken in for service. What they don’t tell us is that by controlling our data, they can limit where we get that repair or service done. For almost a century, car and truck owners have been able to take their vehicles to whichever shop they choose and trust for maintenance and repair. That may be changing.
Google's ad system under EU probe for how it spreads your private data - CNET
The DPC, one of the lead authorities over Google in the European Union, wants to know whether the search giant's "processing of personal data carried out at each stage of an advertising transaction" is in compliance with the EU's General Data Protection Regulation. The GDPR is a sweeping law that gives residents of the European Union more control over their personal data and seeks to clarify rules for online services.
The DPC inquiry follows a complaint filed in Europe in September by privacy-focused browser maker Brave that says Google violates GDPR by broadcasting personal information to companies bidding to show targeted ads. At the time, Google denied any wrongdoing.
Android and iOS devices impacted by new sensor calibration attack | ZDNet
A new device fingerprinting technique can track Android and iOS devices across the Internet by using factory-set sensor calibration details that any app or website can obtain without special permissions.
This new technique -- called a calibration fingerprinting attack, or SensorID -- works by using calibration details from gyroscope and magnetometer sensors on iOS; and calibration details from accelerometer, gyroscope, and magnetometer sensors on Android devices.
According to a team of academics from the University of Cambridge in the UK, SensorID impacts iOS devices more than Android smartphones. The reason is that Apple likes to calibrate iPhone and iPad sensors on its factory line, a process that only a few Android vendors are using to improve the accuracy of their smartphones' sensors.
Gait and activity recognition using commercial phones - ScienceDirect
This paper presents the results of applying gait and activity recognition on a commercially available mobile smartphone, where both data collection and real-time analysis was done on the phone. The collected data was also transferred to a computer for further analysis and comparison of various distance metrics and machine learning techniques. In our experiment 5 users created each 3 templates on the phone, where the templates were related to different walking speeds. The system was tested for correct identification of the user or the walking activity with 20 new users and with the 5 enrolled users. The activities are recognised correctly with an accuracy of over 99%. For gait recognition the phone learned the individual features of the 5 enrolled participants at the various walk speeds, enabling the phone to afterwards identify the current user. The new Cross Dynamic Time Warping (DTW) Metric gives the best performance for gait recognition where users are identified correctly in 89.3% of the cases and the false positive probability is as low as 1.4%.
Amazon shareholders reject facial recognition ban as concern grows in U.S. Congress - Reuters
Amazon.com Inc said shareholders rejected proposals to curb and audit its facial recognition service on Wednesday, just as members of Congress indicated there was bipartisan support to one day regulate the technology.https://www.reuters.com/article/us-amazon-com-facial-recognition/amazon-shareholders-reject-facial-recognition-ban-as-concern-grows-in-u-s-congress-idUSKCN1SS28I
London’s Tube network to switch on Wi-Fi tracking by default in July | TechCrunch
Transport for London will roll out default wi-fi device tracking on the London Underground this summer, following a trial back in 2016.#technology #mobile #WiFi #privacy
In a press release announcing the move, TfL writes that “secure, privacy-protected data collection will begin on July 8” — while touting additional services, such as improved alerts about delays and congestion, which it frames as “customer benefits”, as expected to launch “later in the year”.
For those who don’t have much experience with the open-source browser, Tor is built around privacy and autonomy.
Tor is often cited as an important tool for those with a public online presence, such as journalists or activists, but any privacy-minded user can benefit from Tor. The browser has become popular enough that even Mozilla is interested in making use of Tor’s technology in Firefox.
– iOS before 12.2 and some Android devices leak unique fingerprints via all common web browsers
– iOS 12.2 or higher adds random noise to prevent fingerprinting (CVE-2019-8541)
– Google Pixel 2 and 3 (and maybe more Android devices) are vulnerable and offer no fixes, according to the paper
#android #ios #sensorid #fingerprinting #tracking #privacy
We see more and more project and organisations working on privacy focused apps, services, … great!
But sadly this is more and more just marketing. The most famous line "We value your privacy" is telling almost the exact opposite these days.
So let's do a first step: Everyone who really values privacy, get rid of trackers from your websites. All of them. GA as well as Matomo.
If you want to know how to optimize your websites, analyse your logs or do surveys.
#Facebook entrega a las operadoras datos de los usuarios como localización o solvencia económica, según The Intercept #tech #privacy
Ultra-private Tor browser officially arrives on Android | Engadget
VPNs and incognito modes can help, but if you want to jump to a whole 'nother privacy level, there's the infamous Tor Browser. It has finally come out of beta and arrived on Android in a stable release, the Tor Project announced.#technology #mobile #Android #privacy #security
Сегодня утром один из хороших заказчиков прислал выдержку из только что полученного письма от #Google.
We are writing to inform you that due to legacy functionality that enabled customer Domain Admins to view passwords, some of your users’ passwords were stored in our encrypted systems in an unhashed format. This primarily impacted system generated or admin generated passwords intended for one-time use.Из чего следует, что они, во-первых, хранят пароли в plain text, а, во-вторых, их административный персонал имеет к ним доступ. О причинах такого решения мы можем лишь догадываться, но что-то мне подсказывает что они не столько (только) технологические, сколько юридические. Я расцениваю это как признание факта выдачи пользовательских паролей по запросу государственных органов и спецслужб.
Кстати, напомню, что не так давно был аналогичный скандал с #Facebook, когда выяснилось что их система не только хранит пароли открытым текстом, но и доступ к ним имеют (имели?), как минимум, свыше 1000 сотрудников компании.
#russian #lang ru #security #privacy #law #internet
Thanks To Facebook, Your Cellphone Company Is Watching You More Closely Than Ever
Still using Facebook? Facepalm. Remember you can at least disable the app. And check with @exodus to make sure your other apps don't use the Facebook SDK.
Who to follow on #Mastodon? We are trying to give new users a better start and selected a couple of profiles for #privacy related topics:
Nextcloud 📱☁️💻" target="_blank">@Nextcloud 📱☁️💻
It happened again: Google announced today that it's the latest tech giant to have accidentally stored user passwords unprotected in plaintext. G Suite users, pay attention.#Security #Passwords #Privacy
Google says that the bug affected "a small percentage of G Suite users," meaning it does not impact individual consumer accounts, but does affect some business and corporate accounts, which have their own risks and sensitivities. The company typically stores passwords on its servers in a cryptographically scrambled state known as a hash. But a bug in G Suite's password recovery feature for administrators caused unprotected passwords to be stored in the infrastructure of a control panel, called the admin console. Google has disabled the features that contained the bug.
When you visit a website, your web browser provides a range of information to the website, including the name and version of your browser, screen size, fonts installed, and so on. Website authors can use this information to provide an improved user experience. Unfortunately this same information can also be used to track you. In particular, this information can be used to generate a distinctive signature, or device fingerprint, to identify you.#Security #Privacy #Sensors
We have developed a new type of fingerprinting attack, the calibration fingerprinting attack. Our attack uses data gathered from the accelerometer, gyroscope and magnetometer sensors found in smartphones to construct a globally unique fingerprint. Our attack can be launched by any website you visit or any app you use on a vulnerable device without requiring any explicit confirmation or consent from you. The attack takes less than one second to generate a fingerprint which never changes, even after a factory reset. This attack therefore provides an effective means to track you as you browse across the web and move between apps on your phone.
– updates for Linux kernel (4.19.37), firmware packages, and Tor Browser (8.5)
– includes mitigations for the Microarchitectural Data Sampling CPU vulnerability
– several packages were removed
– bug fixes and minor changes
#tails #tor #torbrowser #privacy #anonymity
– based on FF 60.7.0esr
– updates for Torbutton, HTTPS Everywhere, OpenSSL, Tor Launcher
– fixes dozens of bugs
#tor #torbrowser #webbrowser #anonymity #privacy #android #torbrowser85
a practical guide to steganography & non-electronic, DIY privacy tools, and a publication developed as part of our research program at Willem de Kooning Academy Rotterdam.
#privacy #steganography #graphicdesign #art #activism