Articles about Privacy

Some Facebook users have reported that the social network is asking them to upload a selfie as a means of verifying their identity.

It seems that the company is testing out a new form of captcha as it asks that you "upload a photo of yourself that clearly shows your face." Just like Facebook's recent idea that users could protect themselves against revenge porn by uploading naked images of themselves, the test is likely to raise concerns about privacy.

Continue reading →

A joint research project between Yale University's Privacy Lab and French non-profit Exodus Privacy has uncovered widescale tracking in a large number of Android apps. The likes of Tinder, Spotify, Uber, Twitter and Snapchat -- as well as masses of lesser-known apps -- were found to be riddled with snooping components relating to no less than 25 well-known trackers.

In all, around three quarters of apps were found to gather personal information about users via a variety of third-party tracking techniques. Researchers have published their findings online so Android users can check if their favorite apps are snooping on them.

Continue reading →

For those concerned about their privacy, location services is just one more setting to disable on their phone. But Google has now revealed that it is not only able to, but actually does track the location of Android users even if location services are disabled.

More than this, Google records the addresses of nearby cell towers -- thereby giving a very good idea of location -- even when there is no SIM card in a phone and no apps are used. This data has been collected since the beginning of the year.

Continue reading →

The idea that what you do online is not a secret is something that we have all -- just about -- come to terms with. That said, most people still expect a modicum of privacy, and they certainly don’t expect literally every keystroke they type to be logged by the websites they visit.

But, say researchers at Princeton University, this is exactly what is happening. Hundreds of the most popular websites are using "session replay scripts" that record every single thing a visitor does. They are designed to monitor how visitors interact with a site to help gather information that could improve page design, and the incredibly extensive data that is collected is sent off to a third party for analysis.

Continue reading →

More than three quarters of Android phones are vulnerable to screen and audio recording by attackers. By exploiting the MediaProjection service, an attacker can easily trick a user into granting the relevant rights to a malicious app.

Although the vulnerability has been fixed in Android 8 Oreo, users running Lollipop, Marshmallow or Nougat remain at risk. MediaProjection is -- by design -- able to capture screen activity and audio, and it does have legitimate uses, but by using a technique known as tap-jacking permission can be given for it to be used for more nefarious things.

Continue reading →

Regulators in Germany have introduced a ban on children's smartwatches citing privacy concerns. Telecoms regulator the Federal Network Agency (FNA) describes the wearables as "spying devices" and advises parents to destroy them.

The FNA said that parents had been using such smartwatches to listen in on their children at school, and warned teachers to be on the lookout for them. But a lack of regulation of the devices means that many have poor security, meaning they could be used by others to spy on wearers.

Continue reading →

Facebook caused more than a little eye-rolling with its anti-revenge porn program which requires users to upload the naked images of themselves that they would like to protect. It had been assumed that the entire process would be automated, making use purely of algorithms to analyze images and protect privacy. This assumption was wrong.

Facebook says that in actual fact an employee -- an actual human being -- will have to review the nude images that are sent in.

Continue reading →

Revenge porn is one of the latest online problems, and it's one to which it would seem difficult to come up with a solution. Facebook, however, thinks it has the answer. If you're willing to share your nude photos with the social network, it will use them to protect you against revenge porn attacks.

It's an idea that sounds like utter madness, but Facebook is at pains to convince users that it's actually a brilliant solution. Compromising images that are shared with Facebook will be hashed to create a digital fingerprint which the company can then use to identify the same images if they are uploaded by someone else.

Continue reading →

If you're using Tor, you're almost certainly doing so because you're looking for privacy and anonymity. But a newly discovered critical vulnerability has been revealed in the Mac and Linux versions of the browser that means IP addresses may be leaked.

The bug was discovered by security firm We Are Segment and was reported to Tor. While a proper patch is yet to be created, a fix has been released, and Tor users are strongly advised to install it.

Continue reading →

With the iPhone X due to ship to those who have pre-ordered tomorrow as well as being available in stores in limited numbers, it has emerged that Apple is allowing app developers to access facial data.

Concerns have already been voiced about the privacy of Face ID and how facial data is used, but Apple responded to these saying the data remains on the iPhone X and is never sent to the cloud. But contracts seen by Reuters show that app developers are permitted to take facial data off phones, providing certain criteria are met.

Continue reading →

GDPR affects all companies that engage with EU citizens, even if they have no physical presence in the EU, but a new study reveals that some major US firms still have websites that don’t comply.

The research by digital threat management company RiskIQ looks at 25 of the 50 largest banks in the US (as of 2017) and finds significant security gaps in personally identifiable information (PII) collection.

Continue reading →

As a computer user in 2017, privacy is always on my mind -- as it should be. I suppose I have always cared about securing my information and data, but in recent years, we have learned so many troubling things about government hackers -- including the USA -- that it seems more important than ever. Patriot Edward Snowden really shone a light on the unfortunate state of privacy, or lack thereof, in modern days.

This is why I was very intrigued by the Purism line of laptops. These are computers that are designed with privacy in mind. The Librem 13 v2, which I have been testing, features two hardware kill-switches -- one will cut the webcam and microphone, while the other kills the Wi-Fi and Bluetooth radios. By cutting access on the hardware level, hackers cannot access these things when switched off. Instead of using a traditional bios system for booting, it even leverages Coreboot. It runs a Linux-based operating system called "Pure OS" which aims to be very secure and private. Unfortunately, the OS ends up being a little too secure, and the weak link of the overall package. But does that really matter?

Continue reading →

It's something that has been rumored for years -- that Facebook is using the microphones on smartphones and computers around the world to listen in on conversations. Is it that the social network is particularly interested in hearing what everyone has to say? Sort of -- rumor has it that the company wants to know what you're talking about so it can deliver carefully targeted ads.

A surprising number of Facebook users believe that Facebook is listening to them. They say that following conversations about a topic, they then see ads related to it. But is this really because of Facebook?

Continue reading →

The New York Times has announced that it is launching a Tor Onion Service version of its website. The new, more secure way to access the site will open it up to people around the world whose internet connections are blocked or monitored.

It also caters to a growing breed of people who are concerned about what their web browsing habit might reveal and who have turned to Tor to protect their privacy.

Continue reading →

Researchers at threat prevention specialist Check Point have uncovered a vulnerability which could allow hackers to gain control of the LG Hom-Bot robot vacuum cleaner's video camera.

The camera normally sends live video to the associated LG SmartThinQ app as part of its HomeGuard Security feature. Once in control of a specific user's LG account, any LG device or appliance associated with that account could be controlled by the attacker -- including the robot vacuum cleaner, refrigerators, ovens, dishwashers, washing machines and dryers, and air conditioners.

Continue reading →