Articles about Privacy

The idea that what you do online is not a secret is something that we have all -- just about -- come to terms with. That said, most people still expect a modicum of privacy, and they certainly don’t expect literally every keystroke they type to be logged by the websites they visit.

But, say researchers at Princeton University, this is exactly what is happening. Hundreds of the most popular websites are using "session replay scripts" that record every single thing a visitor does. They are designed to monitor how visitors interact with a site to help gather information that could improve page design, and the incredibly extensive data that is collected is sent off to a third party for analysis.

Continue reading →

More than three quarters of Android phones are vulnerable to screen and audio recording by attackers. By exploiting the MediaProjection service, an attacker can easily trick a user into granting the relevant rights to a malicious app.

Although the vulnerability has been fixed in Android 8 Oreo, users running Lollipop, Marshmallow or Nougat remain at risk. MediaProjection is -- by design -- able to capture screen activity and audio, and it does have legitimate uses, but by using a technique known as tap-jacking permission can be given for it to be used for more nefarious things.

Continue reading →

Regulators in Germany have introduced a ban on children's smartwatches citing privacy concerns. Telecoms regulator the Federal Network Agency (FNA) describes the wearables as "spying devices" and advises parents to destroy them.

The FNA said that parents had been using such smartwatches to listen in on their children at school, and warned teachers to be on the lookout for them. But a lack of regulation of the devices means that many have poor security, meaning they could be used by others to spy on wearers.

Continue reading →

Facebook caused more than a little eye-rolling with its anti-revenge porn program which requires users to upload the naked images of themselves that they would like to protect. It had been assumed that the entire process would be automated, making use purely of algorithms to analyze images and protect privacy. This assumption was wrong.

Facebook says that in actual fact an employee -- an actual human being -- will have to review the nude images that are sent in.

Continue reading →

Revenge porn is one of the latest online problems, and it's one to which it would seem difficult to come up with a solution. Facebook, however, thinks it has the answer. If you're willing to share your nude photos with the social network, it will use them to protect you against revenge porn attacks.

It's an idea that sounds like utter madness, but Facebook is at pains to convince users that it's actually a brilliant solution. Compromising images that are shared with Facebook will be hashed to create a digital fingerprint which the company can then use to identify the same images if they are uploaded by someone else.

Continue reading →

If you're using Tor, you're almost certainly doing so because you're looking for privacy and anonymity. But a newly discovered critical vulnerability has been revealed in the Mac and Linux versions of the browser that means IP addresses may be leaked.

The bug was discovered by security firm We Are Segment and was reported to Tor. While a proper patch is yet to be created, a fix has been released, and Tor users are strongly advised to install it.

Continue reading →

With the iPhone X due to ship to those who have pre-ordered tomorrow as well as being available in stores in limited numbers, it has emerged that Apple is allowing app developers to access facial data.

Concerns have already been voiced about the privacy of Face ID and how facial data is used, but Apple responded to these saying the data remains on the iPhone X and is never sent to the cloud. But contracts seen by Reuters show that app developers are permitted to take facial data off phones, providing certain criteria are met.

Continue reading →

GDPR affects all companies that engage with EU citizens, even if they have no physical presence in the EU, but a new study reveals that some major US firms still have websites that don’t comply.

The research by digital threat management company RiskIQ looks at 25 of the 50 largest banks in the US (as of 2017) and finds significant security gaps in personally identifiable information (PII) collection.

Continue reading →

As a computer user in 2017, privacy is always on my mind -- as it should be. I suppose I have always cared about securing my information and data, but in recent years, we have learned so many troubling things about government hackers -- including the USA -- that it seems more important than ever. Patriot Edward Snowden really shone a light on the unfortunate state of privacy, or lack thereof, in modern days.

This is why I was very intrigued by the Purism line of laptops. These are computers that are designed with privacy in mind. The Librem 13 v2, which I have been testing, features two hardware kill-switches -- one will cut the webcam and microphone, while the other kills the Wi-Fi and Bluetooth radios. By cutting access on the hardware level, hackers cannot access these things when switched off. Instead of using a traditional bios system for booting, it even leverages Coreboot. It runs a Linux-based operating system called "Pure OS" which aims to be very secure and private. Unfortunately, the OS ends up being a little too secure, and the weak link of the overall package. But does that really matter?

Continue reading →

It's something that has been rumored for years -- that Facebook is using the microphones on smartphones and computers around the world to listen in on conversations. Is it that the social network is particularly interested in hearing what everyone has to say? Sort of -- rumor has it that the company wants to know what you're talking about so it can deliver carefully targeted ads.

A surprising number of Facebook users believe that Facebook is listening to them. They say that following conversations about a topic, they then see ads related to it. But is this really because of Facebook?

Continue reading →

The New York Times has announced that it is launching a Tor Onion Service version of its website. The new, more secure way to access the site will open it up to people around the world whose internet connections are blocked or monitored.

It also caters to a growing breed of people who are concerned about what their web browsing habit might reveal and who have turned to Tor to protect their privacy.

Continue reading →

Researchers at threat prevention specialist Check Point have uncovered a vulnerability which could allow hackers to gain control of the LG Hom-Bot robot vacuum cleaner's video camera.

The camera normally sends live video to the associated LG SmartThinQ app as part of its HomeGuard Security feature. Once in control of a specific user's LG account, any LG device or appliance associated with that account could be controlled by the attacker -- including the robot vacuum cleaner, refrigerators, ovens, dishwashers, washing machines and dryers, and air conditioners.

Continue reading →

Recent breaches like that at Equifax have highlighted the importance of supporting victims with identity management services in the aftermath of an attack.

Identity and data defense firm CyberScout is launching a comprehensive marketplace for identity management, privacy, and cyber security education products and services, aimed at providing individuals with a one-stop-shop solution for all services relating to cyber protection.

Continue reading →

UK consumer group Which? is calling on the government to make an amendment to the Data Protection Bill that's currently being debated in Parliament. The group is looking for a change in the law that would make it easier for organizations to seek redress for groups of people in the event of a data breach.

Research by Which? suggests that there is confusion surrounding who is responsible for safeguarding data, and little knowledge among consumers about how to go about obtaining compensation.

Continue reading →

A shockingly large proportion of businesses have no idea how to behave when GDPR comes into play, a new report by the DMA has claimed.

More than half of marketers surveyed (56 percent) believe they’re on the right track, with four percent actually saying they’re ahead in their plans of being compliant by May 2018.

Continue reading →