Posts Tagged ‘Personal privacy’

Is your sex data vulnerable?

May 22nd, 2015 1 Comment By Mof Gimmers

sex with glass Is your sex data vulnerable?You invariably indulge in safe sex, but is your sex data equally safe?

Well, if you’re a user of Adult FriendFinder, you should know about a hack that has taken place, with millions of accounts potentially breached.

Adult FriendFinder has over 63million users, and had been hit by ne’er-do-wells who have made off with a load of personal information. With that, comes people’s sexual preferences and whether or not you intend to cheat on your partner.

Email addresses, dates of birth and post codes were also taken, even if you deleted your account. This all smells like potential blackmail material, so get your excuses ready now.

For newer couples, just pretend you had the account before you met your current beau. If you’ve been with your partner for 30-odd years, then you might not need to worry too much as they might be on there as well, through being thoroughly disillusioned with your relationship. Hey! It might be just the thing to put some pep into your relationship, eh?

FriendFinder Networks Inc said: “We have already begun working closely with law enforcement and have launched a comprehensive investigation with the help of leading third-party forensics expert. We pledge to take the appropriate steps needed to protect our customers if they are affected.”

Apple Watch not as secure as you’d think

May 15th, 2015 1 Comment By Mof Gimmers

Having secure gadgets is a good thing as it offers you some solace that, should it get nicked, it might be useless to the crim who swiped it. However, the Apple Watch might not be as secure as you’d hope.

The 1.0 version of the smartwatch doesn’t really have anything to protect itself against thieves. Basically, if yours gets stolen, it is pretty easy to reset it and waltz away with it like it is brand new.

iPhone are much less easy when it comes to resetting, but with the Apple Watch, you can easily reset the device and pair it with a new phone, and you’re away.

Look! Here’s a video and everything!

Apple site iDownloadBlog pointed out the lack of an Activation Lock-like feature on Watch OS 1.0. “It’s not a security problem from a user data standpoint, but it is a security issue from a device theft standpoint,” it said.

“At the very least, it would seem that Apple could make it so that the device checks against the Apple ID of the last paired device, and requires the proper credentials before un-pairing with that device.”

BitTorrent launches chat app

May 14th, 2015 No Comments By Mof Gimmers

bleep bittorrent 300x187 BitTorrent launches chat appBitTorrent have launched their private messaging app, Bleep, across all the major platforms. Good news for those of you who don’t trust or like the existing ones.

Farid Fadaie, senior director of product development at BitTorrent, announced this news through the official BitTorrent blog. Farid confirmed that the app is now available to download on Android, iOS, Windows, and Mac from bleep.pm.

This is just the latest messenger app that is focused on privacy and security. Users of Bleep will be able to get a personalised Bleep key with the encryption keys for images stored on your device, rather than in a cloud.

That means there’s no server for hackers to get stuck into.

You’ll also be able to send ‘whisper messages’ with Bleep, which basically allows you to choose whether or not you want to keep parts of the conversation or not. With the whisper setting, all messages and pictures will disappear from devices after they’ve been viewed. Not unlike Snapchat in approach, but without – you’d hope – the privacy issues.

There’ll also be free voice calls, which are connected directly without the need for a cloud. Fancy a bit of this? Or will you wait a bit to see if it is another flash-in-the-pan app that you’ll have to move away from eventually?

android logo 300x225 Google to give privacy back to users Android MGoogle are ushering in a thing called ‘M’, which looks like it’ll be bringing Android in line with Apple’s iOS user privacy. It seems that Google want to give users back the control when it comes to controlling their own data in apps.

Android is going to let users control personal data like phone numbers, names, location, and addresses, and how apps access it.

Users have been irked at the fact that, when installing apps, permission requests give users the choice to either accept all permissions or not install the app at all. This isn’t an ideal scenario for those who want to be more careful with the information they give out.

Only those with third-party customised versions of Android could control their permissions. At developer conferences at Google I/O, it looks like that is all about to change, with a lot of the talk being about user permissions, which look key to Android M. Now, the system will look to protect users from permission-request overload, and to create a culture where users refrain from blindly agreeing to permission requests without reading what they are actually agreeing to.

A nice idea, but will people really start wanting to read the small print?

What’s the catch with HowOld?

May 5th, 2015 2 Comments By Mof Gimmers

You may have been having a fun time with Microsoft’s new viral sensation – How-Old.net – but as ever, there may well be a catch.

While you’re uploading your face to find out how old you look, Microsoft might have been been storing your photos. Now, the front page of the service says: ”We don’t keep the photo [uploaded to the site],” but the terms of service suggest otherwise.

howold 500x320 Whats the catch with HowOld?

After the sentence that says that “Microsoft does not claim ownership of any materials you provide,” a different passage in the site’s terms of service adds:

“However, by posting, uploading, inputting, providing, or submitting your Submission, you are granting Microsoft, its affiliated companies, and necessary sublicensees permission to use your Submission in connection with the operation of their Internet businesses (including, without limitation, all Microsoft services), including, without limitation, the license rights to: copy, distribute, transmit, publicly display, publicly perform, reproduce, edit, translate, and reformat your Submission.”

It is all contradicting each other now. And there’s more. In there, it also says that it includes the right for Microsoft to “publish your name in connection with your Submission; and to sublicense such rights to any supplier of the Website Services.”

Microsoft have said, in relation to all this, that they do not store or share the pictures: “The terms of service are accurate. Developers get to choose how their apps work. The developers of How-old.net chose not to store or share photos for this app. These terms of services are like those of other companies.”

In summary – the application doesn’t store your photos, but Microsoft might handle them another way if they want to. If that’s the kind of thing that bothers you, you’ve been warned.

Facebook to put your horrible face in calls

April 28th, 2015 No Comments By Mof Gimmers

Facebook 300x300 Facebook to put your horrible face in callsFacebook – everyone’s favourite, honest – have added a video-calling feature the Messenger app, so your massive, nasty face can appear when you’re bothering someone who was sat at home, minding their own business.

Of course, this isn’t a new thing as you’ve been able to do this on Skype for ages, and of course, Apple FaceTime is a thing. Anyway, this new-to-Messenger feature, is available immediately on Apple iOS and Android.

“Today, we’re introducing video calling in Messenger. Now you can have face-to-face conversations with your friends and the people you care about, via Messenger,” said Stan Chudnovsky, Head of Product for Messenger and Param Reddy, Engineering Manager.

You’ll be able to use it if one person is on Apple and you’re on Android, or whatever.

This follows a spate of announcements from Facebook, including the social network’s tinkering with our timelines for the millionth time. You’ll also be able to send money through FB too, if you like. They also made Messenger available on desktop too.

All these developments won’t stop people from hating the company though. There’s still a legal case knocking about, with 25,000 people suing Facebook over privacy concerns. Still, for those that use the site and maybe have family living overseas, this video-chat function might be just the thing.

facebook mobile 300x200 Facebook: sorry for tracking you   it was a bug, honestYou may recall that 25,000 people were suing Facebook over personal privacy issues, which were roundly laughed at by the social network.

The Belgian Privacy Commission (BPC) made claims that Facebook were tracking all visitors to their site – even those that didn’t have a Facebook account. It is one thing tracking your own customers, but those that haven’t signed up certainly won’t want to be followed around online by Zuckerberg’s company. There were also allegations that Facebook were tracking those who had explicitly chosen to opt out of being tracked.

Facebook rejected the claims, but it turns out that they were a little hasty in doing so. It turns out that they had a bug, honest.

They said the bug resulted in collection of non-Facebook user’s data via websites embedded with their ‘Like’ button and, with a straight face, said that it was an accident.

“We don’t, and this is not our practice. However, the researchers did find a bug that may have sent cookies to some people when they weren’t on Facebook. This was not our intention – a fix for this is already under way,” said Richard Allan, Facebook’s vice president of policy for Europe.

He continued: “The report gets it wrong multiple times in asserting how Facebook uses information to provide our service to more than a billion people around the world. If someone opts out, we no longer use information about the websites and apps that person uses off Facebook to target ads to them.”

“People can opt out of seeing ads on Facebook that are based on the websites and apps they use off Facebook through the industry-standard Digital Advertising Alliance opt out, the European Interactive Digital Advertising Alliance opt out or the Digital Advertising Alliance of Canada opt out. Here, they can opt out of these ads from Facebook and from more than a hundred other companies. People can also opt out using their phone settings,” he added.

“Facebook honours this choice on any device where you use Facebook, whether it’s your phone, tablet, or desktop. When you opt out, Facebook no longer shows you these types of ads, but it also means Facebook does not add this information to the interest lists we use to decide what ads to show you.”

Are you having that?

25,000 sue Facebook over privacy

April 9th, 2015 1 Comment By Mof Gimmers

Bitterwallet Facebook censorship 25,000 sue Facebook over privacyYou’ll never guess what’s happening with Facebook – they’re being sued over privacy violations! Facebook?! NEVER!

This particular legal action is over in Austria where there’s a class action lawsuit going down thanks to alleged privacy violations and apparent participation in the US National Security Agency’s (NSA) PRISM programme. A law graduate called Max Schrems is heading up the case on behalf of 25,000 or so Facebook users based in Europe and beyond.

Some of the users being represented are from the UK and Ireland.

Schrems, at the hearing, is going to say that the social network took an approach to data protection which was akin to the “Wild West”, adding: ”Basically, we are asking Facebook to stop mass surveillance, to (have) a proper privacy policy that people can understand, but also to stop collecting data of people that are not even Facebook users.”

“There is a wide number of issues in the lawsuit and we hope to kind of win all of them and to get a landmark case against US data-gathering companies.”

Schrems is hoping for compensation of somewhere in the region of £360 for every user.

Chrome snoop-apps banned by Google

April 8th, 2015 3 Comments By Mof Gimmers

spy title cropped Chrome snoop apps banned by GoogleA number of Chrome add-ons have been stealing your sensitive data. Google have noticed this and shredded over 200 of them from the Chrome store.

These small extensions can be helpful additions to Chrome and Firefox when it comes to browsing, but some of them were problematic when you get under the hood of them. Google teamed-up with the University of California to analyse and nix a number of these apps.

They found that 5% of everyone visiting a Google page have at least one malicious extension, and most of those have a number of add-ons which are malicious.

One of the problems, according to researcher Alexandros Kapravelos, is that the dodgy extensions use the same techniques to collect your data as the legit ones.

“Even when we have a complete understanding of what the extension is doing, sometimes it is not clear if that behaviour is malicious or not,” he said. “You would expect that an extension that injects or replaces advertisements is malicious, but then you have AdBlock that creates an ad-free browsing experience and is technically very similar.”

SFW 300x185 Whip your ID out if you want to watch online muckIf the Tories get in, in the next election, you better prepare yourself to whip out your throbbing ID if you want to watch dirty films on the internet.

In a Facebook post, UK culture secretary Sajid Javid said that, if the Conservatives are elected, they will “legislate to put online hardcore pornography behind effective age verification controls”.

Of course, they’ve got kids in mind when they talk about online porn*.

So how would it work? Well, they might use a third-party to verify all the ages or maybe even create a new form of digital ID. Both will invariably be unpopular and the whole thing is likely to be useless too, as these systems would need the dirty sites themselves to sign-up to such a thing. UK ISPs will be asked to block access to websites that don’t comply with the governments weird fascination with smutty films.

It seems the Tories really want to creep up to you and start all that “wink-wink, nudge-nudge” business, by asking you if you want to watch porn in the privacy of your own home.

(*We mean shielding their little eyes from it, we’ve not idea what you inferred from that sentence)

google Google lose appeal and are going to get sued over privacy concernsGoogle have lost their Court of Appeal bid to prevent British consumers having the right to sue them in the UK.

Pardon? Well, a group called Safari Users Against Google’s Secret Tracking (which has the frankly rubbish aconym of SUAGST) want to sue the internet behemoth in the English courts over what they claim are Google bypassing security settings to track them online.

Three appeal judges have dismissed Google’s appeal against a High Court ruling and ruled that claims for damages can be brought over the allegations of Google’s misuse of private information.

The Safari Users say that Google’s “clandestine” tracking and collation of internet usage (between the summer of 2011 and early 2012) led to distress and embarrassment among UK users. You might not remember that, because as a BW reader, you’re in a constant state of embarrassment and distress, so all the years roll into one.

Anyway, the group say that Google collected private info through cookies, without their information.

Dan Tench, a partner at law firm Olswang, who are representing the group, said this case decides “whether British consumers actually have any right to hold Google to account in this country”. Tench added: ”This is the appropriate forum for this case – here in England where the consumers used the internet and where they have a right to privacy.”

Lord Dyson, Master of the Rolls, and Lady Justice Sharp said in their joint judgement, with which Lord Justice McFarlane agreed: “On the face of it, these claims raise serious issues which merit a trial. They concern what is alleged to have been the secret and blanket tracking and collation of information, often of an extremely private nature… about and associated with with the claimants’ internet use, and the subsequent use of that information for about nine months.”

“The case relates to the anxiety and distress this intrusion upon autonomy has caused.”

Google tracking your every move

March 19th, 2015 7 Comments By Mof Gimmers

A lot of people don’t like the power Google have online, and this won’t help the internet giant any further.

If you have an Android phone and a Google account, then you might have been tracked without you knowing. Now, this’ll be old news to some, but it seems like there’s a good number of people out there who still have no idea.

Not to worry though – you can stop being tracked really easily

First off, watch this short video which tells you about how you’re being tracked and how you can see where you’ve been – provided you had your phone in your pocket – via a section on Google Maps.

As you can see, you can go back in time and see where you’ve been on a Google Map, which may well give you the willies, but it is easy enough to fix.

First off, you should switch your location services off on your mobile. You’ll find that in your settings. Some apps ask you to turn your location on, but you don’t have to. Twitter doesn’t need to know where you are and if you’re using something like Tinder which requires your location to show you who wants to hump nearby, then only switch your location on when it is needed.

As the video shows, it is really easy to delete your location history, and you can find out more on that, here.

Twitter bans revenge porn and the like

March 12th, 2015 No Comments By Mof Gimmers

Twitter Logo1 Twitter bans revenge porn and the likeTwitter is banning revenge porn and has vowed to ban people who who post intimate images of people without their consent. Intimate, in this case, means ‘nudes’, rather than someone having a cuddle.

As well as that, Twitter is going after those who like a bit of doxxing. If you’re unfamiliar with the term, that’s when people publish the name and address of people just to get at them.

In Twitter’s brand new rules, they say: ”You may not post intimate photos or videos that were taken or distributed without the subject’s consent. You may not publish or post other people’s private and confidential information, such as credit card numbers, street address or Social Security/National Identity numbers, without their express authorization and permission.”

So, anyone caught doling out dodgily obtained nudes or indulging in some doxxery, they’ll be investigated and banned. Presumably, those people will then set up a new Twitter account and carry on as normal. It’s not like it is difficult to set up a sock-puppet account is it?

That said, Twitter could start handing over details to the police and, in Britain at least, anyone who is found guilty of distributing sexual images of a person without their consent could end up going to prison for two years.

These new laws define revenge porn as photos or films which show people “engaged in sexual activity or depicted in a sexual way or with their genitals exposed, where what is shown would not usually be seen in public”.

the internet 232x300 PMs plans to ban encryption arent a good idea

The internet, yesterday

A plan by David Cameron to block and ban encryption has been found to be a rubbish idea, according to a study by the UK parliament.

This report, carried out by the Parliamentary Office of Science and Technology, had a look at how the darknet (or Tor if you prefer) and online anonymity is being used. There’s little public support for it and the Darknet and Online Anonymity report (.pdf link here) noted that it is used by criminals, but it is also used by journalists and whistleblowers and journalists, so if you’re going to look at the ills, you have to weigh-up the pros too.

“There is widespread agreement that banning online anonymity systems altogether is not seen as an acceptable policy option in the UK. Even if it were, there would be technical challenges,” it said.

One thing the report pointed out, was that one place doing this was China, and their governments attempts to squash communications is not something that would be good for the UK.

The report continued, for those who understand the jargon: ”Some argue for a Tor without hidden services because of the criminal content on some THS. However, THS also benefit non-criminal Tor users because they may add a further layer of security.”

“If a user accesses a THS the communication never leaves the Tor network and the communication is encrypted from origin to destination. Therefore, sites requiring strong security, like whistleblowing platforms, are offered as THS. Also, computer experts argue that any legislative attempt to preclude THS from being available in the UK over Tor would be technologically unfeasible.”

Whether or not David Cameron listens to this report is quite another matter.

Bitterwallet Facebook censorship Facebook are looking at your account, without askingFacebook aren’t too clever when it comes to respecting your privacy. You knew that. 3 hour old babies could even tell you that Facebook aren’t to be trusted when it comes to things like that.

And so, to one Facebook user who paid a visit to the social network’s offices in Los Angeles, who saw something that gave him the willies, and will prompt some of you to pop your tinfoil hats on and start shouting “TOLD YOU SO!”

Making, ironically, a post on Facebook itself, Paavo Siljamäki noted that a Facebook engineer logged straight into his account, but without using a password.

He said: “Popped to Facebook offices in LA, the nice people there were giving us good advice on how to use Facebook better. I was then asked if i’m ok for them to look at my profile, i said ‘sure’. A Facebook engineer can then log in directly as me on Facebook seeing all my private content without asking me for the password.”

“Just made me wonder how many of Facebook’s staff have this kind of ‘master’ access to anyone’s account? What are the rules on who and when they can access our private content and how would we know if someone did? (My facebook did not notify me that someone else accessed my private profile).”

Over at NakedSecurity (not as fun as it sounds), they asked FB about this, and got this reply: “We have rigorous administrative, physical, and technical controls in place to restrict employee access to user data. Our controls have been evaluated by independent third parties and confirmed multiple times by the Irish Data Protection Commissioner’s Office as part of their audit of our practices.”

“Access is tiered and limited by job function, and designated employees may only access the amount of information that’s necessary to carry out their job responsibilities, such as responding to bug reports or account support inquiries. Two separate systems are in place to detect suspicious patterns of behaviour, and these systems produce reports once per week which are reviewed by two independent security teams.”

“We have a zero tolerance approach to abuse, and improper behavior results in termination.”

So there you have it. Some will argue that this is Facebook accessing the innards of your profile like a bank accessing your current account or whatever, while others will see this as a flagrant abuse of power by a company who already has a chequered history.

Should we be asking more questions regarding matters like this, or do we just accept that, posting things online is our deal with the devil and that nothing is private?