Posts Tagged ‘Personal privacy’

Lenovo: Superfish killers and support

February 20th, 2015 1 Comment By Mof Gimmers

Lenovo ThinkPad driver 300x300 300x300 Lenovo: Superfish killers and supportYou heard about Lenovo installing something that was annoying at best and intrusive at worst, with a thing called Superfish. One of our readers impishly pointed out it should’ve been called ‘SuperPhish’, arf!

Well, the company got in touch and wanted to clear some things up, so you can stop chewing your nails in worry.

They say that Superfish was “previously included on some consumer notebook products shipped in a short window between September and December to help customers potentially discover interesting products while shopping. However, user feedback was not positive, and we responded quickly and decisively.”

And so, this is where we’re at, according to Lenovo:

“1) Superfish has completely disabled server side interactions (since January) on all Lenovo products so that the product is no longer active. This disables Superfish for all products in market.
2) Lenovo stopped preloading the software in January.
3) We will not preload this software in the future.”

So there. The company assure customers that there’s no need to fret about the security of your computer.

They continue: “We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns. But we know that users reacted to this issue with concern, and so we have taken direct action to stop shipping any products with this software. We will continue to review what we do and how we do it in order to ensure we put our user needs, experience and priorities first.”

“To be clear, Superfish technology is purely based on contextual/image and not behavioural. It does not profile nor monitor user behaviour. It does not record user information. It does not know who the user is. Users are not tracked nor re-targeted. Every session is independent. Users are given a choice whether or not to use the product. The relationship with Superfish is not financially significant; our goal was to enhance the experience for users. We recognize that the software did not meet that goal and have acted quickly and decisively.”

If you have any problems, you can uninstall it with our directions, or Lenovo themselves are offering support to users, with detailed information available at the Lenovo forum.

UK & US intelligence illegally hack SIM cards

February 20th, 2015 No Comments By Mof Gimmers

sim cards petr kratochvil pd 300x168 UK & US intelligence illegally hack SIM cardsAmerican and British intelligence agencies have been up to no good. They’ve been hacking, illegally, into SIM cards to steal codes so they can try to listen in on people’s calls, according to reports.

This, like all scary spy and surveillance news, has trickled out from the infamous former American intelligence contractor, Edward Snowden.

Spies hacked the SIMs of a company called Gemalto who, as you can imagine, are pretty furious about all this as they operate in 85 different countries and they’d rather not be thought of as complicit in all of this.

The Intercept are calling this “the great Sim heist” and that surveillance agencies were given “the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data”. Some of the mobile networks that are clients of Gemalto include T-Mobile, AT&T, Verizon and “some 450 wireless network providers around the world”.

The source also claims that this hack was organised by Britain’s GCHQ and America’s NSA and that, the hack resulted in the ability to unscramble calls, texts and emails from the decode data that is flung through the air between phones and cell towers. It has also been claimed that Gemalto employees were cyber-stalked and their emails were tapped into so agencies could steal encryption keys.

A Gemalto spokeswoman said: “We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated techniques to try to obtain Sim card data.”

Bitterwallet Facebook censorship Facebook hack says you might want to back up your cherished photosIf you have a Facebook account, chances are, you’ve got a load of important photos on there. Your graduation day might be on there. That night out you had with pals you haven’t seen for a decade. That time your mate shot themselves through the foot when you went clay pigeon shooting. Cherish memories.

Well, you might want to back those photos up because a security researcher has just discovered that he can delete all your Facebook memories with four lines of code.

Someone called Laxman Muthiyah was mucking around with Facebook’s Graph API. On their blog, after musing about whether or not they could delete other people’s photos, they wrote: “I decided to try it with Facebook for mobile access token because we can see delete option for all photo albums in Facebook mobile application isn’t it? Yeah and also it uses the same Graph API. so took a album id & Facebook for android access token of mine and tried it.”

Of course, a good chunk of that is impenetrable techspeak to most people, but basically, what this means that, Facebook access tokens is the line of characters that allows an app to gain access to your profile. Laxman used such a token for the Android app and a random photo album ID and, lo and behold, it transpired you could get in and start mucking around with people’s stuff.

For those who like to get under the hood of things, click here to see Laxman’s workings-out. Or, if you prefer, you can watch a video of it instead of reading all that pesky text.

Now, Laxman has reported this to Facebook and they promptly fixed the bug. However, that’s not to say that they’re aren’t other flaws in the security of social networks.

So, with that, it is advised that you back your photos up if you don’t want them vanishing off the internet. There’s a number of cloud services like Google Drive and the iCloud to store your photos, but as we know, they’re not guaranteeing your stuff is locked-down either, what with the recent Fappening occurrence.

The best bet, if you have a load of photos, is to store them on your hard-drive or buy an external drive to keep them in. A bit of a faff, sure, but if you’re determined to keep hold of those photos from when you ran through a field covered in brightly coloured powder for charity, then you’ll need to do something about it.

Samsung TV puts ads in videos you own

February 11th, 2015 No Comments By Mof Gimmers

Samsung Samsung TV puts ads in videos you ownAdverts on TV and online videos are nothing new, but how would you feel about a television that puts advertisements into videos you own? You’d be weirded out at the least and furious at the most.

Well, after the Big Brother TV Sets debacle with Samsung, we now hear of one of their smart TVs inserting commercials into a video that were stored locally on a Plex media server. The Reddit user in question complained that a Pepsi ad played while they were watching shows and movies on his Samsung television.

Of course, this could well be a look into the future as advertisers try and get their wares into as many platforms as possible. However, in this case, it looks like it was an error Samsung’s part, with a bit of faulty programming.

It seems a few people have had this problem and it isn’t happening on sets made by anyone else. A recent software update seems to be the cause of this particular irritant.

The way to stop this happening, if you’re the owner of a Samsung TV set, is to click “disagree with the Yahoo Privacy Notice” in the options in your Samsung’s Smart Hub options.

However, this does appear to be something Samsung are interested in, as in 2014, the company said that they were looking at “interactive experiences” which will be offered to people on an ‘opt-in’ basis.

Both issues are have a similarity though – it appears that Samsung are treating your data with a reasonable amount of recklessness and, if they don’t get these problems sorted, they might find that customers are going to lose all confidence in them.

Samsung try to calm you over voice-stealing TVs

February 10th, 2015 No Comments By Mof Gimmers

samsung logo Samsung try to calm you over voice stealing TVsEveryone was shrieking in horror yesterday when it turned out that Samsung’s new TVs were voice-activated and it would listen to your voice and store it in some evil word-server at Samsung HQ.

Today, Samsung are trying to calm everyone down and downplay the idea that they’re Big Brother, putting eavesdropping televisions in your house and listening to you while you do dirty phone calls or shout obscenities while playing video games online.

As a reminder, the policy said: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to the third party.”

Naturally, Samsung aren’t the only people doing this. Most voice activated stuff is problematic when it comes to personal privacy. In fact, back in 2013, LG had a similar problem with their smart TVs, regarding the data they gathered while people were watching telly.

In a statement, Samsung said with the utmost gravity, that they take privacy issues “very seriously” and have put in place a number of safeguards to stop unauthorised use of your data.

The statement pointed out that the voice recognition feature on their smart TVs was an option and could simply be switched off and that: “Should consumers enable the voice recognition capability, the voice data consists of TV commands, or search sentences, only.”

Feel better now? While you might be able to forgive them for these snooping television sets, no-one should ever forget the time they did that awful, awful rap song.

Samsung will steal your voice with new app

February 9th, 2015 9 Comments By Mof Gimmers

samsung logo Samsung will steal your voice with new appVoice-recognition has been a big deal in the techworld, as companies try to get us using words, rather than fingers, to make your gadgets perform tasks.

Amazon, Google and Apple have all employed voice activated assistants and, Samsung are in on the act too – but there’s one big problem with theirs: they are going to eavesdrop on you and store what you’re saying while you’re sat in your house.

Cue Big Brother and Thought Police style thinkpieces from various columnists.

So what’s the skinny? Well, Samsung have made some TVs which connect to the internet and they’ve got a supplementary privacy policy which covers them and, seeing as you can activate certain things with your voice, they’ve had to tell you what they’ll be storing if you’re going to utilise the functions.

In their policy, it says: “To provide you the Voice Recognition feature, some voice commands may be transmitted (along with information about your device, including device identifiers) to a third-party service that converts speech to text or to the extent necessary to provide the Voice Recognition features to you. In addition, Samsung may collect and your device may capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features.”

It also says that: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.” See for yourself.

samsung personal privacy 500x231 Samsung will steal your voice with new app

So get that! Your TV will record your conversations and then send them to Samsung! Worries aside, you have to be impressed with how honest Samsung are being about it. They’ve not tried to bury it under jargon at all.

Further into the policy, Samsung also state that wholly opting out of being tracked isn’t part of the deal, which is an absolute crock.

It says: “If you do not enable Voice Recognition, you will not be able to use interactive voice recognition features, although you may be able to control your TV using certain predefined voice commands. While Samsung will not collect your spoken word, Samsung may still collect associated texts and other usage data so that we can evaluate the performance of the feature and improve it.”

“You may disable Voice Recognition data collection at any time by visiting the “settings” menu. However, this may prevent you from using all of the Voice Recognition features.”

Samsung have made a statement about all this, saying: ”In all of our Smart TVs we employ industry-standard security safeguards and practices, including data encryption, to secure consumers’ personal information and prevent unauthorized collection or use.”

“Voice recognition, which allows the user to control the TV using voice commands, is a Samsung Smart TV feature, which can be activated or deactivated by the user. The TV owner can also disconnect the TV from the Wi-Fi network. Should consumers enable the voice recognition capability, the voice data consists of TV commands, or search sentences, only. Users can easily recognize if the voice recognition feature is activated because a microphone icon appears on the screen.”

“Samsung does not retain voice data or sell it to third parties. If a consumer consents and uses the voice recognition feature, voice data is provided to a third party during a requested voice command search. At that time, the voice data is sent to a server, which searches for the requested content then returns the desired content to the TV.”

Facebook 300x300 How to stop Facebook tracking you after privacy changeOnce again, Facebook have updated their privacy policy, which means that they can track your movements, even when you’re not using the app. In the past, Facebook have said that they don’t want to track you, but now, they’ve said they’re doing it for your benefit.

‘Your benefit’ means ‘the benefit of advertisers, so we can now send you adverts that you want, because everyone loves adverts don’t they?’

These Minority Report styled Facebook adverts will basically be tailored to you, based on where you are and what you’re doing. As usual, this is all passed off with the line of ‘enhancing your user experience’.

There are ways of trying to stop Facebook from tracking your activity. The obvious one is to stop using Facebook, but even then, some phones make it rather difficult for you to delete the app from your device at all, which is a fantastic pain in the hole.

One thing you can do, is to go through a third-party service, which again, is problematic, but worth a punt if you’re determined to make Facebook’s life a little bit more difficult.

In Europe, you can control how you’re tracked online by signing up to where you’ll “find information about how behavioural advertising works, further information about cookies and the steps you can take to protect your privacy on the internet.” If you’re in the United States of America, then you’ll need to look at a similar thing called AboutAds.

In addition to this, go to your Facebook desktop site, and on the Home Page, click the arrow for the drop-down menu at the top-right corner of the page. In that menu, hit Settings and then, when the General Account Settings window shows up, click Ads from the left pane. From the right pane, you’ll see the Ads Based On Your Use Of Websites Or Apps Off Facebook section – click the Opt Out link there. You’ll be redirected to a web page, where you’ll click the Opt out button.

Then, when the Confirm Opt out box pops up, hit the Submit button to confirm what you’ve done. You’ll still see adverts on your Facebook page, but they’ll be generic ads, rather than targeted ones, which is something at least.

We give Facebook 3 months before they work out a way around it and make us go through this faff again.

whatsapp Your WhatsApp photos   not as private as you think?Recently, there was a host of problems with WhatsApp Plus, an unaffiliated app to the popular messaging service. Now, there’s issues with the real deal, as security tinkerers have found that anyone can see a WhatsApp users’ profile photos, no matter if they’ve locked their accounts down.

WhatApp launched a web version of their app, syncing the two up, but sadly, there seems to be security flaws which means that, even if you’ve messed with your settings, so that only your friends can see your photos, a bug allows people to get ’round that, and check out your images.

Even if the photos have been deleted, the flaw allows anyone to see those photos too. They might be blurred out on your phone, but online, they’re crystal clear. Not much use if you think you’ve been sending sensitive images to people in presumed safety.

“Sure, it’s not the most serious privacy breach that has ever occurred, but that’s missing the point,” says security expert Graham Cluley in a post about the WhatsApp weakness. “The fact of the matter is that WhatsApp users chose to keep their profile photos private, and their expectation is that WhatsApp will honour their choices and only allow their photos to be viewable by those who the user has approved.”

There’s even a video you can watch, detailing this weakness, which you can watch below.

WhatsApp will invariably be patching this up in the coming weeks, but until you hear something official, it’d be a good idea to only sent images you don’t mind the world seeing through the service.

Is your iPhone spying on you for governments?

January 22nd, 2015 3 Comments By Mof Gimmers

sad apple logo Is your iPhone spying on you for governments?Edward Snowden – the NSA whistleblower – is making some bold claims again, this time, saying that Apple’s iPhones have built-in spy software that can be used to track you. That’s some bad PR for Apple if it turns out to be true, eh?

Snowden’s lawyer says that this software can be activated without the user knowing, and remotely.

“Edward never uses an iPhone, he’s got a simple phone,” says Anatoly Kucherena. “The iPhone has special software that can activate itself without the owner having to press a button and gather information about him, that’s why on security grounds he refused to have this phone.”

Of course, this is at odds with Apple’s recent campaigns to improve privacy for users. You may recall Apple saying that it would be nigh-on impossible for government officials to get personal data from those using iOS 8. Apple have also pushed for stronger privacy protection policies, along with a number of other big tech firms.

According to the Independent, the NSA have published documents that reveal how GCHQ (the British intelligent agency) used this software in the iPhone – known as its UDID – to keep tabs on some people. These documents don’t refer to specific spyware, but there might be more documents on the way.

Kucherena did note that, while Edward Snowden doesn’t use an iPhone, if you want to, no-one is stopping you. Very kind of him that.

instagram Instagram fix flaw that made your private photos, publicPeople who have private Instagram accounts are weirdos. They’re clearly hiding something at worst. At best, they’re paranoid tin-foil hat types that haven’t realised that the service is owned by Facebook, so your personal privacy is out of the window anyway.

To add to the peculiar notion of locked-down accounts, some of these people automatically send their photos to other services like Tumblr and Facebook, meaning everyone can see what they’re snapping regardless of the settings on the app.

Instagram, when questioned about it, said that this loophole was completely intentional, and not a cock-up on their part.

With that in mind, it interesting that they’ve now issued a patch which means that, unless you’ve had a friend request accepted by the private photographer, you won’t be able to see their photos anywhere.

“If you choose to share a specific piece of content from your account publicly, that link remains public but the account itself is still private,” said an Instagram spokesperson. Another IG bod added: “In response to feedback, we made an update so that if people change their profile from public to private, web links that are not shared on other services are only viewable to their followers on Instagram.”

So there you go. You can’t creep on hotties/cats/pictures of rainbows unless you befriend them through the app now.

Cameron wants increased spying powers on you!

January 13th, 2015 2 Comments By Mof Gimmers

david cameron government Cameron wants increased spying powers on you!Predictably and tediously, after the murders in Paris at the Charlie Hebdo HQ, David Cameron has announced that he’d like to spy on everyone, in a bid to make us all safer.

So what does that mean on a day-to-day basis? Cameron doesn’t like the fact that certain messaging apps are encrypted, which means your messages are private and the PM wants to be able to see inside them, y’know, just in case you’re a terrorist. So if you use Snapchat or WhatsApp, they could end up being blocked, nationwide.

Apple’s iMessage and FaceTime also have encrypted data, which is no good for a man who wants to increase surveillance and revive the Snoopers Charter, which helps the government to peer into your internet goings-on.

Cameron said: “In our country, do we want to allow a means of communication between people which we cannot read?” The answer for most sensible people is ‘Yes, actually.’ Of course, there’s going to be some people saying ‘I don’t care – I’m not doing anything wrong so why should I be bothered that someone’s looking at my boring messages?’ To those, we admire your belief that government officials won’t end up losing all your private messages and them ending up online or, indeed, misreading some joke you made which sees you getting called in for questioning.

The short version is this: Are you happy with a Prime Minister who says that there should be no “means of communication” which “we cannot read”?

Of course, companies like WhatsApp are committed to keeping their services encrypted and unreadable by authorities, which is something that has become a real point of principle in the aftermath of Edward Snowden’s claims about NSA surveillance.

Privacy groups are, as expected, angry at the idea of governments being able to snoop around your private correspondence, so this is a row that’s only going to get louder in the coming weeks. There’s an election afoot, so we’ll have to see how Cameron plays it.

Kim Dotcom is back!

December 31st, 2014 3 Comments By Mof Gimmers

Kim Dotcom 300x224 Kim Dotcom is back! After a troubling year, Kim Dotcom is back! What’s he up to this time? Well, he’s said that he’s preparing to release a fully-encrypted video calling and chat service. It’ll be able to protect your communications from snooping governments and surveillance.

“Mega will soon release a fully encrypted and browser-based video call and chat service including high-speed file transfers. Bye Bye Skype.” tweeted Dotcom.

“No U.S.-based online service provider can be trusted with your data,” added Kim Dotcom. “They must provide the U.S. government with backdoors.”

Of course, this is in reference to all the leaks surrounding Edward Snowden. After he finished whistleblowing, a good number of people decided that 2014 would be the year they almost wholly wore tinfoil hats.

Dotcom hasn’t given a release date for this new service, but it does look like it’ll be called MegaChat. French speaking countries will no doubt have a laugh at that.

“I will tweet about beta invites to #MegaChat in the coming weeks. This is going to be THE END of NSA mass surveillance & YOU WILL LOVE IT!” tweeted Kim Dotcom.

marriott Marriot Hotels to protect you by blocking your WiFiMarriott, the hotel group, want to block your internet connection when you stay with them and they’ll block your personal or mobile WiFi hotspots to do so.

Why? They reckon that this is all for your own protection.

Marriott have signed a petition (which you can see here) before the FCC so they can clarify or tinker with the rules that cover interference for unlicensed spectrum bands. In plain language, they want to be able to jam the network on their premises.

You can assume that this means they’ll introduce their own hotspot, which they’ll charge customers for and, if you don’t want in, your devices won’t be able to pick up any signal. Of course, Marriott have previous, as they’ve already been fined for jamming those on their premises in Nashville.

Marriott have said in response: “We understand there have been concerns regarding our position on the FCC petition filing, perhaps due to a lack of clarity about the issue. To set the record straight it has never been nor will it ever be Marriott’s policy to limit our guests’ ability to access the Internet by all available means, including through the use of personal Mi-Fi and/or Wi-Fi devices. As a matter of fact, we invite and encourage our guests to use these Internet connectivity devices in our hotels. To be clear, this matter does not involve in any way Wi-Fi access in hotel guestrooms or lobby spaces.”

“The question at hand is what measures a network operator can take to detect and contain rogue and imposter Wi-Fi hotspots used in our meeting and conference spaces that pose a security threat to meeting or conference attendees or cause interference to the conference guest wireless network.”

“In light of the increased use of wireless technology to launch cyber-attacks and purposefully disrupt hotel networks, Marriott along with the American Hotel & Lodging Association on behalf of the entire hotel industry is seeking clarity from the FCC regarding what lawful measures a network operator can take to prevent such attacks from occurring. We feel this is extremely important as we are increasingly being asked what measures we take to protect our conference and meeting guests and the conference groups that are using Wi-Fi technology in our hotels.”

What do you make of that? On social media, there’s a lot of people calling bullshit on the whole thing, with Marriott cutting and pasting a link to the above statement.

Facebook develops AI to watch over you

December 11th, 2014 1 Comment By Mof Gimmers

Facebook 300x300 Facebook develops AI to watch over youFacebook have said that they’re developing artificial intelligence, which is nice of them isn’t it? This AI will look over you and understand everything you do within the social network to help guide and control your behaviour.

You might think that is enough to chill the marrow in your bones, but Facebook have a different spin on it.

Yann LeCun, who heads up FAIR – that’s the creepy dystopian hell-name for Facebook’s AI division – said: “Imagine that you had an intelligent digital assistant which would mediate your interaction with your friends and also with content on Facebook.”

So how exactly will it guide you? Well, LeCun reckons that it’ll stop you from posting unflattering selfies. Imagine that – a program that is able to tell you if you look hanging or not. Of course, if you always looking minging, you might get a bit annoyed with some AI telling you all the sodding time.

Not only that, this artificial intelligence will take note of when you’re posting anything at all, whether you’ve been drinking, whether you’re in work or not and generally, it will try and gain context, draw a conclusion about it and then nag you. “Uh, this is being posted publicly. Are you sure you want your boss and your mother to see this?” the digital neg would ask.

It might also say: ‘Really? You’ve downed half a bottle of Tesco Value you gin and you’re thinking about sending a message to your ex?’

LeCun says this will be achieved through ‘deep learning’, which is a complex clutch of algorithms that will try to process abstract concepts. Basically, Facebook are having a go at Fuzzy Logic.

Remember the Microsoft paper clip that used to ‘helpfully’ chip-in when you were doing something in Word? Well, Facebook wants to create one of those for your online life.

LeCun says that Facebook are in a good position to get this sorted too, because the company collect such vast amounts of your personal information. The social network is already analysing your behaviour (and sometimes messing with your emotions), so having this bleak cyber assistant shouldn’t be at all surprising.

So there we have it – Facebook are creating an intelligent spy that inanely offers to nag at users, slowly gliding into an Arthur C. Clarke nightmare.

“Dave, this conversation can serve no purpose anymore. Goodbye”

selfie Half the public worried about putting pics onlineMore than half of the public still use email to share photos as they’re concerned about online safety, according to new research.

The survey of 2,000 British adults, conducted by Berland for private photo and video sharing platform KatchUp reckons 59% the 2000 British adults polled still claim to use email rather than share on social networks, when sharing personal photos.

82% said that keeping in touch with family was the most important thing to them, and almost two thirds (62%) won’t share any photos in any online capacity due to privacy worries.

Reasons such as the time it takes to filter the pics (49%), a fear of data being collected on social media (33%) and a dislike of adverts (17%).

KatchUp founder Katie Hobbs reckons she came up with the idea after a family dinner, saying: “I can’t believe that in the 40 years since it was invented, families still haven’t found a way of sharing that matches the safety and peace of mind that email gives us.”

“We’re hoping that KatchUp can give families the platform for sharing online that these special relationships deserve.”

Admittedly, email may have been invented in 1974 or something, but nobody did anything remotely useful on a computer, or even really knew what email was until around 1997.

KatchUp – two words in one with caps, very ’00s – allows users to create their own personal timeline of images, which they can then invite family and friends to view. We eagerly await the ‘KatchUp Photos Leaked By Hackers’ stories that’ll hit the press within 12 months.