Posts Tagged ‘Personal privacy’

Better online rights for young people?

July 30th, 2015 No Comments By Mof Gimmers

stupid children 214x300 Better online rights for young people?There’s an internet campaign group (no, wait! Come back!) called iRights (they’re not making it easy for us) who want people under the age of 18 to be able to delete things from their social media profiles, that might end up being damaging to them in later in life.

Basically, if you were a gobshite when you were 14 and something you did online stopped you from getting a job, you’d be peeved. Of course, you might be a 37 year old gobshite who shouts at women for spurious reasons, in which case, there’s nothing Bitterwallet can do for you.

The organisation has already gained the support of politicians, corporations and even some young people themselves, who dragged themselves away from looking at their spots in a mirror for 10 minutes.

iRights has come up with five key things that they’d like to see, to provide better protection online for youngsters. They include that social media content should be easy to delete (which it pretty much is already, unless someone screengrabs it) and that young people should have the right to know who is holding information on them and what it is likely to be used for.

Regarding the latter, the campaign group would like to see terms and conditions that would effect young people, written in such a way that “typical minors can understand them.”

“Children and young people are often presented as digital natives – with fast thumbs able to summon up the knowledge of the world in an instant, build a million dollar company from their bedroom, or topple a corrupt regime with a tweet,” iRights said. “Yet the latest research shows that far from being at the forefront of the digital revolution, many young people remain on the lower ‘rungs’ of digital understanding. They lack the skills and knowledge necessary to benefit from the immense opportunities on offer as they move between spaces that are heavily limited and others where ‘anything goes.’”

You can check what they’re all about, here

Can you be on Facebook with a nickname or not?

July 29th, 2015 No Comments By Mof Gimmers

Bitterwallet Facebook censorship Can you be on Facebook with a nickname or not?There’s been a lot of trouble about Facebook and their need to have users using their own names on the social network.

Some people think Facebook are being heavy-handed, while in more extreme cases, users think Facebook are jeopardising people’s safety (such as those who have abusive ex-partners and the like). A lot of people are very, very irritated by the move, locked out of their accounts for using pseudonyms that everyone knows them by.

In Germany, Facebook have been prevented from stopping users creating accounts under nicknames and name’s that aren’t on their passports.

The Hamburg data protection authority said that Facebook could not change people’s chosen usernames or ask them to provide any official ID. You see, Facebook not only ask you to use your real name, but also prove it by sending them copies of your passport, driver’s licence and other photo ID. Obviously, a lot of people aren’t keen on sending a company like Facebook anything like that.

“The use of authentic names on Facebook protects people’s privacy and safety by ensuring people know who they’re sharing and connecting with,” the company said. Zuckerberg recently said that, if everyone knows you by your nickname, then you should be able to use it as your main name on Facebook – however, they’ve not provided any way of users doing that.

The German watchdog said making users sign up under their real names violated an individual’s privacy rights, and on top of that, rejected an argument from Facebook, where the social network said they didn’t have to listen to the Germans because they’re based in Ireland, so should be subject to Irish law.

Hamburg’s commissioner for data protection, Johannes Caspar, said: “Facebook cannot again argue that only Irish data protection law would be applicable. Anyone who stands on our pitch also has to play our game.”

So, for now, it appears that you can’t have a nickname and be on Facebook, and, if you want to change it to your real name, you’ll have to provide the social network with images of your photo ID and the like.

Are Amazon spying on you?

July 27th, 2015 1 Comment By Mof Gimmers

peeping tom spy Are Amazon spying on you?Are you the kind of person who likes to review things on Amazon? Well, you might not want to after a rather serious allegation has been made against the online vendor. They’ve been accused of spying on reviewers’ social media profiles.

The kicker is this: a blogger from New York called Imy Santiago, wrote a book review on Amazon, and it was censored on a number of occasions, saying that she’d violated the rules of the site. Imy questioned Amazon’s decision and found that she had been blocked from reviewing the book in question, because they thought she knew the person who wrote it.

Amazon said: “We cannot post your Customer Review for (book title deleted) by (author name deleted) to the Amazon website because your account activity indicates that you know the author.”

“Customer Reviews are meant to give customers unbiased product feedback from fellow shoppers… we encourage family and friends to share their enthusiasm for the book through our Customer Discussions feature or Editorial Reviews feature.”

The problem was, that Santiago doesn’t know the author at all. So, how did Amazon jump to this conclusion? Well, it has been suggested that Amazon are snooping around reviewers’ social media profiles, looking for connections between those leaving reviews and authors.

On her blog, Imy wrote: ”The Big Brother mentality Amazon is employing is appalling, and crosses an ethical line of unfathomable proportions.”

“What quantifiable and verifiable ways is Amazon using to determine if I know the author of a book, or not? The fact that they refuse to elaborate as to how I ‘know the author personally’ is highly concerning.”

She added: “I applaud Amazon for trying to curb unethical positive/negative reviews from being posted. What I don’t find congruent is them monitoring social media activity as basis to determine associations, because as an indie writer I use social media to network and promote my books, like thousands before me. I never consented to that in their terms and conditions. If Amazon is data mining, we deserve to know, and I stand my ground in saying I do not know this author on a personal level as Amazon claims.”

sex with glass Ashley Madison offers to delete your profile for freeAshley Madison, the site that allows you to have an affair (hey, who are we to judge – get yours and hurt no-one, okay?) was, as you know, hacked.

That meant that ne’er-do-wells made off with loads of sensitive information and threatened to dump the whole load on the internet, if Ashley Madison didn’t erase itself completely.

Well, the extracurricular dating site has again apologised, saying that they are now offering users the chance to fully delete their account, free of charge. This is only a temporary move though, and one that won’t impress The Impact Team, the people behind the hack.

The hackers were cheesed off with the site, thanks to the paid-delete activity. In the UK, it costs you £15 to fully delete yourself from Ashley Madison’s systems, which seems wildly unfair. The Impact Team said that, even after paying for deletion, the site doesn’t actually get rid of all your information.

In a statement, Ashley Madison hit back at this claim, saying: “Contrary to current media reports, and based on accusations posted online by a cyber criminal, the “paid-delete” option offered by AshleyMadison.com does in fact remove all information related to a member’s profile and communications activity.”

“The process involves a hard-delete of a requesting user’s profile, including the removal of posted pictures and all messages sent to other system users’ email boxes. This option was developed due to specific member requests for just such a service, and designed based on their feedback.”

Still. Get that. Having to pay to get your information out of their hands. That could very well put off a lot of people from using the dating site in the future.

And, in a Locking The Stable Door After The Horse Has Bolted move, AM is saying they’ll delete your information, even though The Impact Team already have your information in their possession. Ashley Madison are unwise to be so cavalier in attitude about this, as their customers will have no doubt entrusted them with a lot of VERY sensitive info, such as mucky photos, their sexual wants and all manner of romantic activities.

Affair site, Ashley Madison, hacked with leaks

July 20th, 2015 No Comments By Mof Gimmers

sex with glass Affair site, Ashley Madison, hacked with leaksHackers have got under the covers of Ashley Madison – the site that basically enables you to have an affair, at a cost – stealing a load of personal information and leaking it online.

The extramarital dating site has the tagline: “Life is short – Have an affair” and apparently has around 37 million members. It was hacked by a bunch of people calling themselves the Impact Team, and they also got stuck into another pair of sites owned by the same company – Cougar Life and Established Men.

The hackers say that they’ve got complete access to the databases, including financial records and all manner of stuff. For now, Impact Team have released 40MB of data, including credit card details, and are hanging onto the rest for, you can only assume, a special occasion.

And why is this happening? Well, you might think that these hackers don’t like people having affairs. When they released the initial batch of data, they also put out a manifesto, saying that the rest of the info will be leaked if Ashley Madison and Established Men aren’t permanently closed.

It says: “Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online.”

The thing that sticks in the craw of the hackers, is that Ashley Madison charges users £15 to carry out a “full delete” of information, should they decide to leave the site.

They add: “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”

Avid Life Media think they know who is behind the hack, and Noel Biderman said: “We’re on the doorstep of [confirming] who we believe is the culprit, and unfortunately that may have triggered this mass publication.” He added: “I’ve got their profile right in front of me, all their work credentials. It was definitely a person here that was not an employee but certainly had touched our technical services.”

Is ‘touched our technical services’ a euphemism or something?

Meanwhile, parent company ALM said: “We apologise for this unprovoked and criminal intrusion into our customers’ information. The current business world has proven to be one in which no company’s online assets are safe from cyber-vandalism, with Avid Life Media being only the latest among many companies to have been attacked, despite investing in the latest privacy and security technologies.”

“At this time, we have been able to secure our sites, and close the unauthorised access points. We are working with law enforcement agencies, which are investigating this criminal act. Any and all parties responsible for this act of cyber–terrorism will be held responsible.”

Mastercard to use selfies for payments

July 3rd, 2015 1 Comment By Mof Gimmers

selfie Mastercard to use selfies for paymentsYou might think selfies are the worst thing that ever happened to the world, or indeed, may well think that they’re a marvellous show of self confidence in people. Either way, Mastercard see something different – they want to start using selfies to verify payments.

They’re only testing this at the moment, with 500 pilot users using photos instead of punching in PIN numbers. MasterCard’s chief product security officer Ajay Bhalla says this will be popular with young people. Presumably, young people who aren’t bothered about banks potentially storing photos of their faces.

Bhalla said: ”The new generation, which is into selfies… I think they’ll find it cool. They’ll embrace it. This seamlessly integrates biometrics into the overall payment experience. You can choose to use your fingerprint or your face – you tap it, the transaction is okayed and you’re done.”

So, what you might be able to do in the future, is hold your phones at eye-level and blink once when instructed, and boom boom, the process is complete.

Bhalla says that people’s selfies won’t be stored or transmitted, in its normal construction. However, we’ve all heard that before haven’t we?

Security issues with Windows 10?

July 2nd, 2015 3 Comments By Mof Gimmers

Windows 300x300 Security issues with Windows 10?You’ll know that you can get Windows 10 for free, but there’s some mutterings of discontent about the OS already, regarding the security of your WiFi password.

With a thing called WiFi Sense, anyone who rocks up to your house and gets the password for your WiFi, could let all their friends onto your network. Now, of course, someone could just tell everyone your WiFi password anyway, but this is slightly different.

This feature is designed to make it much easier for people to get access to the internet while they’re on the go, which it does by automatically logging them into wireless hotspots. It logs people into select open networks, and it also allows them to share secured connections with their pals.

So, should someone with a Windows 10 device log on to a new network, they can tick a box which will share that access with all their contacts – that includes  Facebook friends, contacts they’ve got on Outlook and the people they know on Skype.

Craig Mathias, from the Farpoint Group who happen to be specialists when it comes to wireless tech, said that this feature was “a cheap hack,” and continued by saying that ”no-one should ever leave WiFi access wide open.”

The idea behind WiFi Sense is so you can let your guests use your WiFi connection without having to give them the password. In a FAQ, it says that any user who shares network access, sends the password through an encrypted connection to a Microsoft server, where it is then stored (where it is encrypted) before being doled out securely to friends, which are found via location data from their device.

The worry is, is that Microsoft might have a feature that doesn’t work as well as they predict, which means hackers could find one of your friends on Facebook, and then get busy accessing your network via WiFi Sense.

Mercifully, you can opt out of this. To make your WiFi network unavailable to Wi-Fi Sense, you can rename your network to include “_optout” at the end of the SSID. Or, if you prefer, you can make sure the aforementioned checkbox turned off, and you can carry on giving your guests your WiFi password manually.

adobe Update your Flash now, or the hackers will get you!There’s been a really bad security issue around Flash, which hackers were piling in on. Adobe issued a patch to shore up the problem, but if you haven’t sorted yours out, you need to get on it, stat!

As well as being exploited by a Chinese hacker crew, it has now been added to the Magnitude exploit kit, which enables amateur malware authors to build all manner of software which could make your life difficult. There’s already been some attempts to install ransomware on some computers.

Adobe have confirmed that the flaw is being jumped on by hackers, especially those using Internet Explorer on Windows 7 and Firefox on Windows XP. Even if you aren’t using these things, you should still sort your life out and update your Flash.

If you prefer, you can just get rid of Flash. As most computers come with it built-in, even though it isn’t the crucial thing it once was, this means hackers are always tempted to attack it.

If you’re using Chrome, your browser updates it automatically. If not, click here to see if you have the latest version of Flash and, if you don’t, update it now.

Click here to get the latest version of Adobe’s Flash.

google Google launch music streaming service (but might be spying on you)Google art taking shots at Apple by launching a free version of its music streaming service Play Music. Of course, Google Play Music as a subscription service is already a thing, but the internet behemoth has decided to take on Apple’s music service (and of course, Spotify’s).

This free version is going to be made up of curated playlists, which have been designed for different times of the day, which sounds a bit rubbish. Initially, this service is only available in the States and will have adverts like Spotify’s freemium service.

With Apple set to launch their music service on 30th June, they’re no doubt going to be annoyed by this.

In a blog post, Google product manager Elias Roman said: “Even if you’re not already a Google Play Music subscriber, we’ve got you covered. Google Play Music now has a free, ad-supported version in the US, giving you a new way to find just the right music – and giving artists another way to earn revenue.”

“The new free, ad-supported version of Google Play Music is launching first in the US. It’s available on the web today, and is rolling out this week to Android and iOS.”

However, this won’t cover up the fact that a load of people are losing their baps about Google spying on everyone. Open-source developers noticed that Chromium (that’s the open-source version of Chrome) had been installing audio-snooping code that was capable of listening to users.

Now, this code has been put in, so that people can talk to their computers via OK Google thingummy, which is all well and good, but the kicker here, is that the listening technology was activated without anyone’s permission. That, obviously, isn’t cricket.

“Without consent, Google’s code had downloaded a black box of code that – according to itself –  had turned on the microphone and was actively listening to your room”, said Rick Falkvinge, the Pirate party founder. “Which means that your computer had been stealth configured to send what was being said in your room to somebody else, to a private company in another country, without your consent or knowledge, an audio transmission triggered by… an unknown and unverifiable set of conditions”.

Google say that this isn’t activated “unless you opt in to hotwording”, but developers aren’t having that. Developer Ofer Zelig says: “While I was working I thought ‘I’m noticing that an LED goes on and off, on the corner of my eyesight [webcam]‘. And after a few times when it just seemed weird, I sat to watch for it and saw it happening. Every few seconds or so”.

So there you go – you can have free music, but Google might end up listening to you caterwauling along to it as well.

WhatsApp: worst for privacy

June 19th, 2015 No Comments By Mof Gimmers

whatsapp WhatsApp: worst for privacyIf you are the kind of person who worries about their privacy, and you use WhatsApp, then you may want to stop now. That’s because a new report ranks WhatsApp as the worst when it comes to protecting your data.

The excitingly named Electronic Frontier Foundation have done their annual ‘Who Has Your Back?’ report, and was very critical of the messaging app in pretty much every criteria. Of course, the app is owned by Facebook, so all this isn’t really a surprise.

Getting a hearty pat on the back for their efforts to respect your privacy where Dropbox, Apple, Adobe, Wikimedia, WordPress and Yahoo.

The ‘Who Has Your Back?’ report assesses techn companies in five criteria: whether they follow best practices for data security, whether they tell users when the government requests their data, whether they are open about their policies on hanging on to your data, whether or not they’ll tell people when the government demands the removal of content, and whether they publicly oppose backdoors which give the government access to data.

If you’d like to see the EFF report, click here to see the easy-to-read table with giant yellow stars.

600 million Samsung mobiles could be spied on

June 18th, 2015 2 Comments By Mof Gimmers

Samsung Galaxy Note 3 Back 300x168 600 million Samsung mobiles could be spied onIf you have a Samsung Galaxy, of any sort, your device could be spied on, thanks to a vulnerability in the in-built SwiftKey keyboard.

The keyboard comes installed in advance of 600 million of Samsung’s mobile devices, and apparently, it can be very easily hacked, which in turn, can give away a lot of your vital information.

This is according to Ryan Welton, who is a researcher with cyber-security firm NowSecure. He reckons that the flaw could allow hackers to see what you’re up to and can access your GPS, camera and microphone, as well as enabling them to secretly install malicious applications.

NowSecure say they told Samsung about this back in November, but no-one has done anything about it, so they’ve gone public.

In a statement by SwiftKey a while ago, they said, “the way this technology was integrated on Samsung devices introduced the security vulnerability.” However, they soon deleted that. The Guardian ran a quote from Joe Braid, chief marketing officer of SwiftKey, saying, “Unfortunately, we were only made aware of the issue on Tuesday. We are working as hard as possible to support Samsung and help it fix the issue.”

Samsung have since said that they “take emerging security threats very seriously… and [is] committed to providing the latest in mobile security.”

If you’re worried about this, there’s a host of other keyboards you can download from the Google Play store or, if you want to bolster your device’s security, here’s the Bitterwallet guide to the best security and anti-virus programs you can download.

facebook mobile 300x200 Belgium takes Facebook to court over privacy and trackingFacebook are in privacy trouble again, with the Belgian privacy commission taking the social network to court for alleged “trampling” over Belgian and European privacy laws. This legal action will be heard in an EU court on Thursday, after a report published by the Belgian privacy watchdog alleged that Facebook are breaching European privacy law, including the one about the tracking of non-users and logged out users.

The president of the Belgian privacy commission, Willem Debeuckelaere, says that Facebook are treating users’ private lives with no respect, and it needs to be stopped.

“It’s not because we want start a lawsuit over this, but we can not continue to negotiate through other means,” Debeuckelaere told Belgian news DeMorgen. “We want a judge to impose our recommendations. These recommendations are chiefly aimed at protecting internet users who are not Facebook members.”

According to the report, Facebook has been tracking users on a long-term basis who visit any of its pages, even if they don’t have a Facebook account. Of course, there’s a number of privacy cases being thrown at Facebook in Europe, which saw the European commission telling people that, if they want to protect their privacy, they should shut their Facebook accounts.

Naturally, the social network isn’t having it.

A Facebook spokesperson said: “We were surprised and disappointed that, after the [Belgium privacy commission] had already agreed to meet with us on the 19 June to discuss their recommendations, they took the theatrical action of bringing Facebook Belgium to court on the day beforehand.”

“Although we are confident that there is no merit to the case, we remain happy to work with them in an effort to resolve their concerns, through a dialogue with us at Facebook Ireland and with our regulator, the Irish data protection commissioner.”

This is a reference to the decision made by a Dutch court recently, which ruled that Facebook’s operations there were not responsible for data protection issues – that responsibility lies with Facebook in Ireland.

google Give your Google account a check up now, with Accounts pageYou might not trust someone like Google to look after your privacy or, indeed, you might just like tinkering with stuff because it makes you feel like you’re doing something useful with your life – either way, you can now mess around with your privacy controls if you have a Google account.

The internet giant has rejigged the account page, so hopefully, it makes the whole understanding what in the sam hell they’re doing with your data thing a little easier.

If you can’t be bothered reading more words and want to dive straight in, click here and it’ll take you to your account page.

So what’s the deal? Well, Google aren’t exactly offering you anything new with your security options, but what they are doing, is making things easier for you to understand. By making things simpler, you can toggle the options and have things which are more suited to what you want.

If you want a pointer, get yourself to the new Privacy Checkup and Security Check Up. That’s as good a place to start as any. The Privacy Checkup goes through the information that Google are storing and displaying across the variety of services they have. If you turn a lot of the settings off, you will lose the personalised service they offer, but that’s your call.

The Security Checkup meanwhile, goes through all the access settings for your Google account. Here, you can set up two-factor authentication (advised), and  lets you see which devices and apps have access to your account (you might have an old app that you never use anymore that still has access to your account, which you can ditch if you like).

So basically, take care of your account, because it isn’t worth letting someone else do it for you.

Class action for Yahoo! over email snooping

May 28th, 2015 No Comments By Mof Gimmers

yahoo logo 300x266 Class action for Yahoo! over email snoopingThink emails are worthless junk? Think again! A judge in California has ordered Yahoo! to face a nationwide class-action lawsuit, after accusing them of illegally intercepting the content of people’s emails that were sent to Yahoo email-havers from non-Yahoo accounts.

What were they doing with this information? You guessed it! It was all to hoover up information to be used to make money with advertising!

US District Judge Lucy Koh has ruled that anyone who sent emails to, or received emails from someone with Yahoo email since 2 October 2011 can sue as a group under the federal Stored Communications Act for alleged privacy violations. That’s going to be a terrifying amount of money, if the suit is successful.

Apparently, non-Yahoo Mail accounts were analysed by Yahoo!, who copied and snooped around in correspondence, including attachments and keywords and the class-action wants to see an injunction barring the alleged interceptions, plus damages.

What’s the excuses and reasoning from Yahoo! execs? Well, they reckon that, because some of the plaintiffs emailed Yahoo accounts despite concerns over the ways their information was processed, that pretty much amounts to consent. And, as well as that, we should feel sorry for Yahoo! because, it this goes through, the suit could set email services back by a decade.

The judge rejected both arguments. We’ll keep up with this and see who is allowed to claim for damages.

Bitterwallet Facebook censorship Sinister Facebook app lets you spy on pals whereaboutsEver thought to yourself that you’d like people to know where you are all the time? Ever wished you could leave the house, and people on the internet can track where you are to within 3 feet?

Well, you’re in luck – and so are stalkers – as there’s a new app called the Marauder Map which hooks up with Facebook, which allows people to instantly see where you are and where you’ve been. And yes, it is named after the map from Harry Potter, which only adds to how irritating this all is.

Mercifully, this only works if you leave your location services on (and only a fool would do that). If you have, then through this Chrome extension, a bubble pops up showing where you’ve been in a map screen, every time you open up Facebook’s Messenger.

“Bubbles on the map represent the most recent location for each user, and clicking on a user’s bubble brings up all past location points recorded for that user,” say the people behind it.

“This extension was developed as a demonstration not an actual tool to creep on your Facebook acquaintances. This is not meant to be used as a tool to creep on your friends, rather a demonstration of the scary amount of information you can gather on someone just by aggregating the data they provide through messenger.”

So there you have it. This app is a bit creepy, but it is meant to be, in a bid to try and make people aware of how much of their location they’re giving away.

If you want to look at the app, click here.

marauder map 500x359 Sinister Facebook app lets you spy on pals whereabouts