Feb. 10, 2019
On Thursday, Bezos published emails in which the Enquirer’s parent company explicitly threatened to publish intimate photographs of Bezos and his mistress, which wereapparently exchanged between the two through their iPhones, unless Bezos agreed to a series of demands involving silence about the company’s conduct. In a perfect world, none of the sexually salacious material the Enquirer was threatening to release would be incriminating or embarrassing to Bezos: it involves consensual sex between adults that is the business of nobody other than those involved and their spouses. But that’s not the world in which we live: few news events generate moralizing interest like sex scandals, especially among the media.
Feb. 8, 2019
This weekend at the excellent FOSDEM gathering there were no less than three presentations on DNS over HTTPs. Daniel Stenberg presented a keynote session “DNS over HTTPS – the good, the bad and the ugly” (video), Vittorio Bertola discussed “The DoH Dilemma” while Daniel, Stéphane Bortzmeyer and I formed a DNS Privacy Panel expertly moderated by Jan-Piet Mens. I want to thank Daniel, Jan-Piet, Rudolf van der Berg, Stéphane & Vittorio for proofreading & improving this post, but I should add this does not imply an endorsement from anyone!
Nov. 23, 2018
Google is tracking you. Even when you’re in Airplane Mode. It knows when you get out the car.
When you’re walking. We now have proof. Google has been secretly tracking people against their wishes.
The company has been collecting Android users’ location data, even when they’ve actively disabled location services. It’s an extremely concerning discovery, which means that Google can pinpoint exactly where you are even when you go out of your way to hide this information.
Nov. 20, 2018
Snowden and Cambridge Analytica have put France off Silicon Valley giants. It’s a change of heart that could have global ramifications France is working hard to avoid becoming a digital colony of the US or China. Last month, both the French National Assembly and the French Army Ministry declared that their digital devices would stop using Google as their default search engines.
Nov. 12, 2018
Britain’s biggest employer organisation and main trade union body have sounded the alarm over the prospect of British companies implanting staff with microchips to improve security. UK firm BioTeq, which offers the implants to businesses and individuals, has already fitted 150 implants in the UK. The tiny chips, implanted in the flesh between the thumb and forefinger, are similar to those for pets.
Oct. 27, 2018
Walking around downtown Orlando, you might not notice the lightbulb-sized camera affixed to one of the traffic signal poles along the city’s palm tree–studded avenues. But it’s there, scanning all the same. If it sees you, the camera will instantly send a live video feed over to Amazon’s facial “Rekognition” system, cross-referencing your face against persons of interest.
Sep. 23, 2018
Starting with Chrome 69, logging into a Google Site is tied to logging into Chrome. This is typically the topic where things are complex enough that tweets or 500 character Mastodon toots don’t do it justice. I’d also mention that I prefer to avoid directly linking people’s posts on this, because I dislike the practice of taking discussions out of their original audience and treating them as official or semi-official communications from a given company.
Sep. 15, 2018
Google is reportedly building a prototype system that would tie Chinese users’ Google searches to their personal phone numbers, as part of a new search service that would comply with the Chinese government’s censorship requirements. The Intercept writes that the “Dragonfly” Android app, a secret project revealed by a whistleblower last month, could be linked to a user’s phone number — making it simple to track individual users’ searches. This tracking would be in addition to Dragonfly’s blacklisting of terms like “human rights,” “student protest,” and “Nobel Prize,” which might normally pull up news about Chinese activist and Nobel laureate Liu Xiaobo.
Jul. 6, 2018
One board member described the police’s justification for the raids as a ‘tenuous’ link between the privacy group, a blog, and its email address. In the early morning on June 20, German security services raided the homes of several board members of Zwiebelfreunde, a non-profit group that helps to support privacy and anonymity projects. Moritz Bartl in Augsburg, Jens Kubieziel in Jena, and Juris Vetra in Berlin were raided, as was the home of a former board member who still had access to the board’s bank accounts.
Jun. 29, 2018
California lawmakers unanimously passed a new privacy bill on Thursday that would give residents of the state more control over the information businesses collect on them and impose new penalties on businesses that don’t comply. It is the first law of its kind in the United States. The so-called California Consumer Privacy Act of 2018 (AB 375) was introduced late last week by state assemblymember Ed Chau and state senator Robert Hertzberg, in a rush to defeat a stricter privacy-focused ballot initiative that had garnered more than 600,000 signatures from Californians.
Jun. 29, 2018
Further ReadingFacebook’s Cambridge Analytica scandal, explained [Updated]As Facebook tries to get ahead of public pressure about what the service does and doesn’t track about its users, a patent application has emerged which would enable something that the service’s detractors have long theorized and feared: silently triggered microphones that keep tabs on Facebook users. The patent, filed by Facebook in December 2016 and published on June 14 (PDF), emerged this week thanks to its discovery by UK publication Metro. The patent’s language revolves specifically around advertisements—Facebook’s biggest cash cow—and how a device with an installed app could be triggered by a vague ‘activation module’ to turn on its microphone and listen to how those ads play out in an average home.
Jun. 6, 2018
If Artificial Intelligence (AI) is increasingly able to recognise and classify faces, then perhaps the only way to counter this creeping surveillance is to use another AI to defeat it. We’re in the early years of AI-powered image and face recognition but already researchers at the University of Toronto have come up with a way that this might be possible. The principal at the heart of this technique is adversarial training, in which a neural AI network’s image recognition is disrupted by a second trained to understand how it works.
May. 31, 2018
In its letter, the ACLU argues that Amazon, which has in the past opposed secret government surveillance, should not be in the business of selling AFR technology that the company claims can “identify people in real-time by instantaneously searching databases containing tens of millions of faces.” Further, the ACLU insists, Rekognition’s capability to track “persons of interest,” coupled with its other features which “read like a user manual for authoritarian surveillance,” lends itself to the violation and abuse of individuals’ civil rights. Amazon naturally disagrees.
May. 28, 2018
For all the promise it holds for the future, artificial intelligence is still guilty of historic bias. Voice recognition software struggles with English accents that are not American or British and facial recognition can be guilty of racial profiling. As this technology increasingly outpaces human discourse on race, China seems to be getting ahead on recognizing a diverse range of faces across the wider world, despite its own struggles with racial insensitivity.
May. 25, 2018
For some of America’s biggest newspapers and online services, it’s easier to block half a billion people from accessing your product than comply with Europe’s new General Data Protection Regulation. With about 500 million people living in the European Union, that’s a hard ban on one-and-a-half times the population of the U.S. A&E Television Networks has narrowed its EU blockade to limit the damage to its audience. Websites for its History and Lifetime channels greet the European visitors with a message that its ‘content is not available in your area,’ whereas the website for youth-focused Viceland remains accessible.
May. 24, 2018
A Portland family contacted Amazon to investigate after they say a private conversation in their home was recorded by Amazon’s Alexa — the voice-controlled smart speaker — and that the recorded audio was sent to the phone of a random person in Seattle, who was in the family’s contact list. A Portland family contacted Amazon to investigate after they say a private conversation in their home was recorded by Amazon’s Alexa — the voice-controlled smart speaker — and that the recorded audio was sent to the phone of a random person in Seattle, who was in the family’s contact list.
May. 23, 2018
Amazon is actively courting law-enforcement agencies to use a cloud-based facial-recognition service that can identify people in real time, the American Civil Liberties Union reported Tuesday, citing the documents obtained from two US departments. The service, which Amazon markets under the name Rekognition, can recognize as many as 100 people in a single image and can compare images against databases containing tens of millions of faces. Company executives describe deployment by law enforcement agencies as common use case.
May. 18, 2018
LocationSmart’s demo is a free service that allows anyone to see the approximate location of their own mobile phone, just by entering their name, email address and phone number into a form on the site. LocationSmart then texts the phone number supplied by the user and requests permission to ping that device’s nearest cellular network tower. Once that consent is obtained, LocationSmart texts the subscriber their approximate longitude and latitude, plotting the coordinates on a Google Street View map.
May. 18, 2018
After reading an interview (german content) of the EU-Commisioner for Justice, Consumers and Gender Equality Věra Jourová with the German newspaper “Die Zeit” in which she stated that the GDPR is so easy, even she could implement it, I got very curious and wanted to see how compliant the EU’s websites are. It took me less than five minutes to spot a violation: on the website of the EU Parliament Google Analytics is being used to track the visitors without the neccesary anonymizeIP flag, which in turn causes Google to store the complete IP address without anonymizing the last octet. You can take a look for yourself by checking the source code of this page (archived version in case it gets fixed in the meantime).
May. 18, 2018
SMS is a weak link in a handset’s security. With it you can interact, remotely, with an application on someone’s phone when the phone is not connected to the internet: Despite being older than many of its users, Short Messaging Service (SMS) remains a very popular communications medium and is increasingly found on remote sensors, critical infrastructure and vehicles due to an abundance of cellular coverage.