Skip to main content

Home/ Future of the Web/ Group items tagged privacy

Rss Feed Group items tagged

Paul Merrell

Google Confirms Android Camera Security Threat: 'Hundreds Of Millions' Of Users Affected - 2 views

  • The security research team at Checkmarx has made something of a habit of uncovering alarming vulnerabilities, with past disclosures covering Amazon’s Alexa and Tinder. However, a  discovery of vulnerabilities affecting Google and Samsung smartphones, with the potential to impact hundreds of millions of Android users, is the biggest to date. What did the researchers discover? Oh, only a way for an attacker to take control of smartphone camera apps and remotely take photos, record video, spy on your conversations by recording them as you lift the phone to your ear, identify your location, and more. All of this performed silently, in the background, with the user none the wiser.
Paul Merrell

California's Attorney General joins the long list of people who have had it with Facebo... - 0 views

  • California’s attorney general has gone to court to force Facebook to hand over documents as part of an investigation into the company. Xavier Becerra filed a “petition to enforce investigative subpoena” with the Superior Court of California in San Francisco on Wednesday morning, arguing that Facebook’s response to his subpoenas has been “patently inadequate.” Citing a “lack of cooperation” not just with his office but also the Federal Trade Commission (FTC), Xavier Becerra points out [PDF] that it took Facebook a year to respond to his initial inquiry to produce documents relating to the Cambridge Analytica scandal, where Facebook allowed a third party to access vast amounts of personal information through its systems.
  • Not only that but Facebook flat out refused to “search communications involving senior executives,” meaning that it refused to search for relevant information in the emails and other communications of CEO Mark Zuckerberg and COO Sheryl Sandberg, among others. “Facebook is not just continuing to drag its feet, it is failing to comply with lawfully issued subpoenas and interrogatories,” the filing states.
  • The filing comes the same day that 7,000 pages of internal Facebook files were published online. Those documents were obtained and leaked amid a lawsuit between Facebook and a third-party app developer and were labelled as “highly confidential” by the antisocial network. The main upshot of those files is that they show Facebook used the data it gathered on millions of its users as a business weapon: it provided people's profile information to companies that, for instance, agreed to spend hundreds of thousands of dollars on adverts within Facebook, and it cut off developers that posed a competitive threat to its ever-growing stable of companies and services (or developers that wouldn't pay up, or were just too sketchy for the internet giant.) This confirms earlier reporting. CEO Zuckerberg also continues to avoid visiting London, or anywhere in the UK, out of fear he will be arrested for repeatedly failing to comply with a request by Parliament to answer questions about Facebook’s actions, as revealed in the tranche of documents.
Paul Merrell

Lessons (So Far) From WhatsApp v. NSO - Lawfare - 0 views

  • NSO Group, an Israeli vendor of “lawful” hacking tools designed to infect a target’s phone with spyware, is regarded by many as a bad actor. The group claims to be shocked when its products are misused, as they have been in Mexico, Saudi Arabia and the United Arab Emirates. One incident might be excusable, but the group’s continued enabling of misbehavior has resulted in well-earned enmity. Recently, Facebook struck back. NSO Group deployed a weaponized exploit for Facebook’s WhatsApp messenger, integrated it into its Pegasus malcode system, and offered it to its customers (a mix of legitimate government agencies and nefarious government actors) interested in hacking WhatsApp users beginning in April. This was a particularly powerful exploit because it required no user interaction and the only sign of the exploit a user might discover would be a series of “missed calls” received on the user’s phone. Facebook patched the vulnerability on May 13, blocking the NSO campaign. Facebook wasn’t satisfied with simply closing the vulnerability. In cooperation with CitizenLab, Facebook identified more than 100 incidents in which NSO Group’s WhatsApp exploit appeared to target human rights activists and journalists. In total, Facebook and CitizenLab identified 1,400 targets (which apparently also included government officials in U.S. allied governments). They then filed a federal lawsuit against NSO Group, closed NSO Group member accounts, and, most damaging of all to NSO’s customers, sent a notice to all identified victims alerting them of the attack. This meant that all targets, both dissidents and drug lords alike, were notified of this surveillance. The lawsuit will be a case to watch. Facebook has already revealed a large amount of detail concerning NSO Group’s internal workings, including the hands-on nature of its business model: NSO Group actively assists countries in hacking targets. For example, we now know that while an NSO Group employee may not press the “Enter” key for a target, NSO employees do act to advise and consult on targeting; and NSO Group is largely responsible for running the infrastructure used to exploit targets and manage implants. Expect more revelations like this as the case proceeds.
Paul Merrell

WhatsApp sues Israel's NSO for allegedly helping spies hack phones around the world - R... - 0 views

  • WhatsApp sued Israeli surveillance firm NSO Group on Tuesday, accusing it of helping government spies break into the phones of roughly 1,400 users across four continents in a hacking spree whose targets included diplomats, political dissidents, journalists and senior government officials.
  • In a lawsuit filed in federal court in San Francisco, messaging service WhatsApp, which is owned by Facebook Inc (FB.O), accused NSO of facilitating government hacking sprees in 20 countries. Mexico, the United Arab Emirates and Bahrain were the only countries identified. WhatsApp said in a statement that 100 civil society members had been targeted, and called it “an unmistakable pattern of abuse.” NSO denied the allegations.
  • Citizen Lab, a cybersecurity research laboratory based at the University of Toronto that worked with WhatsApp to investigate the phone hacking, told Reuters that the targets included well-known television personalities, prominent women who had been subjected to online hate campaigns and people who had faced “assassination attempts and threats of violence.”
  • ...1 more annotation...
  • NSO came under particularly harsh scrutiny over the allegation that its spyware played a role in the death of Washington Post journalist Jamal Khashoggi, who was murdered at the Saudi Consulate in Istanbul a little over a year ago. Khashoggi’s friend Omar Abdulaziz is one of seven activists and journalists who have taken the spyware firm to court in Israel and Cyprus over allegations that their phones were compromised using NSO technology. Amnesty has also filed a lawsuit, demanding that the Israeli Ministry of Defense revoke NSO’s export license to “stop it profiting from state-sponsored repression.”
Paul Merrell

EFF Hits AT&T With Class Action Lawsuit for Selling Customers' Location to Bounty Hunte... - 0 views

  • The lawsuit, which comes after multiple Motherboard investigations into phone location data selling, is seeking an injunction against AT&T which would try to enforce the deletion of any sold data.
Paul Merrell

Facebook Setting Aside Up To $5 Billion For Privacy Violations : NPR - 1 views

  • Facebook expects to pay a fine of up to $5 billion in a settlement with federal regulators. The tech giant disclosed that figure in its first-quarter 2019 financial results. Facebook has been in negotiations with the Federal Trade Commission following concerns that the company violated a 2011 consent decree. Back then, company leaders promised to give consumers "clear and prominent notice" when sharing their data with others and to get "express consent."
  • But, experts say, Facebook broke its promise. Just one example: giving user data to Cambridge Analytica, the political consulting firm that did work for the 2016 Trump campaign. Facebook estimates the fine will be in the $3 billion to $5 billion range and has set aside $3 billion for payment. "The matter remains unresolved, and there can be no assurance as to the timing or the terms of any final outcome," the company's statement says.
Paul Merrell

Facebook Quietly Notifies Public That Millions Of Instagram Users Had Passwords Exposed... - 0 views

  • While everyone was focused on the release of the Mueller report Thursday, Facebook quietly notified the public that the passwords of "millions of Instagram users" were stored in an unencrypted format on an internal server, and searchable by any employee.
  • In March, security expert Brian Krebs of KrebsonSecurity noted:  The Facebook source said the investigation so far indicates between 200 million and 600 million Facebook users may have had their account passwords stored in plain text and searchable by more than 20,000 Facebook employees. The source said Facebook is still trying to determine how many passwords were exposed and for how long, but so far the inquiry has uncovered archives with plain text user passwords dating back to 2012. My Facebook insider said access logs showed some 2,000 engineers or developers made approximately nine million internal queries for data elements that contained plain text user passwords. -KrebsonSecurity In short, if you believe Facebook that the passwords were not improperly accessed, rest well. If you don't believe them, and you use your Instagram password for other things, perhaps it's time to think of a new one.  
Paul Merrell

Shocking Leak Reveals Facebook Leveraged User Data To Reward Friends, Punish Enemies | ... - 0 views

  • As traders focused on bank earnings and the outlook for global growth, NBC News wrested the market's attention back toward Facebook by publishing a report on what appears to be the largest leak of internal documents since the data privacy scandal that has dogged the company for more than a year erupted with the first reports about Cambridge Analytica's 'improper' leveraging of Facebook user data to influence elections.
  • Some 4,000 pages of documents shared with the network news organization by a journalist affiliated with the ICIJ, the same organization that helped bring us the Panama Papers leaks, revealed that Facebook had employed sensitive user data as a bargaining chip to attract major advertisers and close other deals between 2011 and 2015, when the company was struggling to cement its business model following its botched 2012 IPO.
  • Facebook essentially offered companies like Amazon unfettered access to its data in exchange for agreeing to advertise on Facebook's platform, according to the documents, only a small fraction of which have been previously reported on. All of this was happening at a time when the company publicly professed to bee safeguarding user data.
Paul Merrell

Cell Phone Carriers Are Secretly Selling Your Real-Time Location Data | Zero Hedge - 0 views

  • Four of the country's largest cellular providers have been selling your real-time location information, allowing a Texas-based prison technology company, Securus, to track any phone "within seconds," without a warrant.  The system uses data sold by AT&T, Sprint, T-Mobile, Verizon and other carriers - who provide it through an intermediary called LocationSmart.  The service can find the whereabouts of almost any cellphone in the country within seconds. It does this by going through a system typically used by marketers and other companies to get location data from major cellphone carriers, including AT&T, Sprint, T-Mobile and Verizon, documents show. -New York Times Last week Sen. Ron Wyden (D-OR) sent a letter to the FCC demanding an investigation into Securus, after the New York Times revealed that former Mississippi County sheriff Cory Hutcheson used the service almost a dozen time to track the phones of other officers, and even targeted a judge. 
Paul Merrell

Opinion: Berkeley Can Become a City of Refuge | Opinion | East Bay Express - 0 views

  • The Berkeley City Council is poised to vote March 13 on the Surveillance Technology Use and Community Safety Ordinance, which will significantly protect people's right to privacy and safeguard the civil liberties of Berkeley residents in this age of surveillance and Big Data. The ordinance is based on an ACLU model that was first enacted by Santa Clara County in 2016. The Los Angeles Times has editorialized that the ACLU's model ordinance approach "is so pragmatic that cities, counties, and law enforcement agencies throughout California would be foolish not to embrace it." Berkeley's Peace and Justice and Police Review commissions agreed and unanimously approved a draft that will be presented to the council on Tuesday. The ordinance requires public notice and public debate prior to seeking funding, acquiring equipment, or otherwise moving forward with surveillance technology proposals. In neighboring Oakland, we saw the negative outcome that can occur from lack of such a discussion, when the city's administration pursued funding for, and began building, the citywide surveillance network known as the Domain Awareness Center ("DAC") without community input. Ultimately, the community rejected the project, and the fallout led to the establishment of a Privacy Advisory Commission and subsequent consideration of a similar surveillance ordinance to ensure proper vetting occurs up front, not after the fact. ✖ Play VideoPauseUnmuteCurrent Time 0:00/Duration Time 0:00Loaded: 0%Progress: 0%Stream TypeLIVERemaining Time -0:00 Playback Rate1ChaptersChaptersdescriptions off, selectedDescriptionssubtitles off, selectedSubtitlescaptions settings, opens captions settings dialogcaptions off, selectedCaptionsAudio TrackFullscreenThis is a modal window.Caption Settings DialogBeginning of dialog window. Escape will cancel and close the window.
Paul Merrell

Belgian court finds Facebook guilty of breaching privacy laws - nsnbc international | n... - 0 views

  • A court in the Belgian capital Brussels, on Friday, found the social media company Facebook guilty of breaching Belgian privacy laws. Belgium’s Privacy Commission had taken Facebook to court and the judge agreed with the Commission’s view that Facebook had flouted the country’s privacy legislation. The company has been ordered to correct its practice right away of face fines. Facebook has lodged an appeal.
  • Facebook follows its users activities by means of so-called social plug-ins, cookies, and pixels. These digital technologies enable Facebook to follow users’ behavior when online. Cookies, for example, are small files that are attached to your internet browser when you go online and visit a particular site. They are used to collect information about the kind of things you like to read or look at while surfing the web. Facebook uses the data both for its own ends, but also to help advertisers send tailor made advertising. In so doing Facebook also uses certain cookies to follow people that don’t even have a Facebook profile. The court ruled that it is “unclear what information Facebook is collecting about us” and “what it uses the information for”. Moreover, Facebook has not been given permission to keep tabs on internet-users by a court of law.
  • he court has ordered Facebook to stop the practice straight away and to delete any data that it has obtained by means contrary to Belgian privacy legislation. If Facebook fails to comply it will face a penalty payment of 250,000 euro/day.
  • ...1 more annotation...
  • Facebook, for its part, has said that it is to appeal against the verdict.
Gonzalo San Gil, PhD.

Google Has Quietly Dropped Ban on Personally Identifiable Web Tracking - ProPublica - 1 views

  •  
    "Google is the latest tech company to drop the longstanding wall between anonymous online ad tracking and user's names. by Julia Angwin ProPublica, Oct. 21, 2016, 8 a.m."
Gonzalo San Gil, PhD.

Stop letting Big Cable abuse our privacy! - 0 views

  •  
    "The FCC is about to vote on rules that make it harder for Comcast and other big cable companies to exploit and profit off our personal data-information about our location, what websites we have visited, and other critical info. "
Gonzalo San Gil, PhD.

To ensure security and privacy, open source software is required - 0 views

  •  
    "Having access to the source code is an undeniable benefit in ensuring the security of a piece of software"
Gonzalo San Gil, PhD.

Data snooping blunders by UK spies, cops led to wrongful arrests-watchdog | Ars Technic... - 0 views

  •  
    "IP address mistakes particularly troubling; likely to get worse under Snoopers' Charter. Glyn Moody - Sep 9, 2016 1:24 pm UTC "
Gonzalo San Gil, PhD.

Sengi IT - Big Brother needs to be stopped! | Indiegogo - 1 views

  •  
    "Independence day for your private data. SENGI: a new way of using cloud services and messaging apps. Johannes Ehrlich Halle, Germany About"
Gonzalo San Gil, PhD.

Keep the FBI out of my Computer - Access Now - 0 views

  •  
    "The U.S. Federal Bureau of Investigation (FBI) wants the power to hack into computers anywhere in the world, and even millions of computers at once. Instead of asking U.S. Congress for permission, they're sneaking a procedural rule change through the bureaucracy. It's called Rule 41 and it's part of the U.S.Federal Rules of Criminal Procedure. Read more about Rule 41 and government hacking here and here. "
Gonzalo San Gil, PhD.

[# ! #Tech:] How do I permanently erase hard disk? - 1 views

  •  
    "I am going to sell my laptop soon. Before discarding my system, I want to make sure that no one should be able to use my personal data using any method (format do not work). Is there any open source software out there that can help me permanently erase my hard disk?"
  •  
    "I am going to sell my laptop soon. Before discarding my system, I want to make sure that no one should be able to use my personal data using any method (format do not work). Is there any open source software out there that can help me permanently erase my hard disk?"
Gonzalo San Gil, PhD.

Solid - 1 views

  •  
    "Solid is an exciting new project led by Prof. Tim Berners-Lee, inventor of the World Wide Web, taking place at MIT and the Qatar Computing Research Institute. The project aims to radically change the way Web applications work today, resulting in true data ownership as well as improved privacy. "
Gonzalo San Gil, PhD.

Keeweb A Linux Password Manager - LinuxAndUbuntu - 0 views

  •  
    "Today we are depending on more and more online services. Each online service we sign up for, let us set a password and this way we have to remember hundreds of passwords. In this case, it is easy for anyone to forget passwords. "
1 - 20 of 104 Next › Last »
Showing 20 items per page