Urban Massage Data Leak Exposes Creepy Clients

· · Link

Urban Massage, a London-based massage startup, suffered a data breach recently. Among the records were allegations of sexual misconduct by clients towards workers.

But, many records also included allegations of sexual misconduct by clients — such as asking for “massage in genital area” and requesting “sexual services from therapist.” Others were marked as “dangerous,” while others were blocked due to “police enquiries.” Each complaint included a customer’s personally identifiable information — including their name, address and postcode and phone number.

Now that GDPR is in effect Urban Massage could face harsh financial penalties, up to 4% of its global revenue.

Customer Service Chats See Typing in Real Time

· · Link

Customer service chats are able to show whatever you type as you type it, even if you don’t send it or change it.

Before the customer clicks the “Send message” button, you have a chance to see in real time what the customer is typing. This gives you more time to prepare an answer or solution to the customer’s problem. Customers will appreciate your quick and precise answers.

As long as “real time chat” is clearly disclosed, I don’t really see a problem with this. But it sounds like it’s not clearly disclosed in most cases.

Chat bubble icon made by Fermam Aziz from www.flaticon.com.

Oco HD Security Camera: $63.20

· · TMO Deals

Oco HD Security Camera

We have a deal on the Oco HD Security Camera. This device can capture HD footage and beam it straight to your phone. You can also store your video via microSD card, or use the company’s cloud service and view it any time via the mobile app. It’s $79 through our deal, but promo code CMSAVE20 at checkout brings it down to $63.20.

Ajit Pai Accused of Weakening Oversight of Cell Carriers

· · Link

Last week the FCC announced several initiatives to help combat SMS spam. But consumer groups say they actually weaken oversight of cell carriers.

By now Ajit Pai has developed a fairly impressive skill: take something that cellular carriers lobbied for, and justify it by insisting it’s essential for overall efficiency and effective consumer protection.

Basically, cell carriers want the FCC to classify text messages as Title I Information Services. This removes certain consumer protections and makes it possible for carriers to censor any speech they think is “controversial.”

Smart Speaker Buyers Brush off Privacy Concerns

· · Link

A study from researchers at the University of Michigan found that smart speaker buyers tend to brush off privacy concerns.

“What was really concerning to me was this idea that ‘it’s just a little bit more info you give Google or Amazon, and they already know a lot about you, so how is that bad?’” said Florian Schaub, an assistant professor in the University of Michigan School of Information and a co-author of the study. “It’s representative of this constant erosion of what privacy means and what our privacy expectations are.”

It’s too early in the morning and I can’t think of the term for this, but this study seems a bit loaded to me. Do these buyers already not care about privacy, or did buying a smart speaker further erode their concerns?

Seven Countries Accuse Google of GDPR Violations

· · Link

Seven different countries are accusing Google of GDPR violations. They ask privacy regulators to take action against Google for its location practices.

“These practices are not compliant with the General Data Protection Regulation (GDPR), as Google lacks a valid legal ground for processing the data in question. In particular, the report shows that users’ consent provided under these circumstances is not freely given,” it said.

Google’s response is that Location History is off by default, and you can edit, delete, or pause it at any time. Further reading: 6 ways Google tricks you into letting it track your location.

A Detailed Comparison Chart: iPhone X, XR, XS/Max

· · Link

Apple iPhone XS

CNET has produced a fairly detailed comparison chart that shows the similarities and differences of last year’s iPhone X and this year’s iPhone XR, iPhone XS and XS Max. See “What’s new and different.” However, the similarities may surprise you. Missing? System RAM, 4K frame rates and stereo sound nuances. Still, it’s worth a gander.

BentoStack Charge Holds Apple Accessories, with Qi Charger on Top: $72

· · TMO Deals

BentoStack Charg

Check out our deal on the BentoStack Charge. It’s a compartmentalized case for Apple accessories, and it has a Qi wireless charger on top. Cool, yeah? The video gives you a nice overview of this device, and you can get it through us for $89.99. [Update: Stack Commerce gave us a coupon code—CMSAVE20—that brings the price down to $72!]

Ohio Firms can Pay their Taxes Using Bitcoin

· · Link

Bitcoin in the abstract

Starting this week, businesses in Ohio will be able to pay their taxes using Bitcoin. Engadget reported that the service could eventually be expanded to accept payment of personal taxes. According to the Wall Street Journal: “Ohio businesses will be able to go to the website OhioCrypto.com and register to pay everything from cigarette sales taxes to employee withholding taxes with Bitcoin.”  Ohio is the first state to allow taxes to be paid via Bitcoin. The change was pushed forward by Ohio state Treasurer Josh Mandel.

This doesn’t eliminate the regulatory concerns around cryptocurrency, and it’s doubtful that more than a handful of businesses will use it. It’s happening in Ohio precisely because state Treasurer Josh Mandel says he can do it without requiring help from the legislature or the governor. It could be considerably more difficult to implement this by passing a bill.

UK Parliament Seizes Internal Facebook Documents

· · Link

FTC Facebook privacy investigation

LONDON – The UK Parliament has exercised its legal powers and seized a number of internal Facebook documents. The cache of papers is alleged to contain revelations surrounding the data and privacy controls that resulted in the Cambridge Analytica scandal. Furthermore, The Observer reported that, “they include confidential emails between senior executives, and correspondence with [Mark] Zuckerberg.” Damian Collins, Conservative MP and chair of the House of Commons Digital, Culture, Media and Sport Select Committee, sent a parliamentary official to the London hotel where Ted Kramer, the founder of Six4Three, a software company that is suing Facebook, was staying. Mr. Kramer was eventually compelled to hand over the documents. Facebook has denied all the allegations made and demanded the return of the papers. The Observer has the full details:

The documents seized were obtained during a legal discovery process by Six4Three. It took action against the social media giant after investing $250,000 in an app. Six4Three alleges the cache shows Facebook was not only aware of the implications of its privacy policy, but actively exploited them, intentionally creating and effectively flagging up the loophole that Cambridge Analytica used to collect data. That raised the interest of Collins and his committee.

The iPad is a Wonderful Accessibility Tool

· · Link

The iPad is a wonderful accessibility tool, and one man with Down syndrome uses his iPad to keep up with his family more easily (via The Loop).

This guy, whose genetic abnormality was once thought to cap his learning ability at the kindergarten level, is becoming adept at computer/information age technology.

You folks made that possible. You paid the taxes that produce the classes and programs that give those of us who have special needs the needed special care.

While the idea of using an iPad as your only device enrages so-called “pundits”, people like Greg remind us that the iPad is the computer for everyone.

Corporations Aren't Aligned With Consumer Interests

· · Link

No matter how many times Mark Zuckerberg or other CEOs say sorry, corporations will continue to screw us over until someone steps in.

The result is that even if their leaders earnestly wanted to impart meaningful change to provide restitution for their wrongs, their hands are tied by entrenched business models and the short-term focus of the quarterly earnings cycle. They apologize and go right back to problematic behavior.

It’s not just Facebook though, this is every company that puts money over users (so all of them?) Whether you like regulation or not, I think both sides can agree that nothing can be done without outside influence. Like I said in a previous link, criminals don’t voluntarily turn themselves in.

What if You Could Edit Laws Using GitHub?

· · Link

Washington D.C. has made GitHub the central repository for its system of laws. It’s not a copy of the laws, it’s the actual source. And they can be edited.

Last week, I opened the file on GitHub that had the typo, edited the file, and submitted my edit using GitHub’s “pull request” feature. A pull request is a request to the file’s maintainer to review a change and then, if approved, pull it in to the main file.

This is really neat and I hope more states will follow this approach. It creates a different mindset around the law: One of collaboration and transparency, instead of separation and obfuscation.

Oco Motion HD Pan/Tilt Wireless Security Camera: $103.20

· · TMO Deals

Oco Motion HD Pan/Tilt Wireless Security Camera

We have a deal on the Oco Motion HD Pan/Tilt Wireless Security Camera. This device i controllable from your iPhone or Android device. You can save video locally or to the cloud, and it has pan and tilt, a built-in microphone, and more. It’s $129 through our deal, but promo code BFSAVE20 at checkout brings it down to $103.20.

How Singapore Airlines uses iPads to Help Pilots

· · Link

Pilots have a lot of paperwork to do. To try and help, Singapore Airlines arm theirs with an iPad loaded with two specialized apps. These apps organize the roster, track flying hours and deliver key information such as routing, weather and fuel load. It is all secured using TouchID. Crucially, Singapore Airlines has to maintain these processes in a way that pilots, who are creatures of habit, are comfortable with. CNet went into the cockpit and found that using iPads has led to a number of improvements for Singapore Airlines’s pilots.

The airline started looking into this back in 2015, before rolling out iPads loaded with two essential custom apps, FlyNow and Roster. These iPads are secured with Apple’s TouchID, letting them ditch the previously used two-factor authentication dongles pilots had to carry around. That’s on top of the other apps that give pilots detailed weather information and flight charting information.

Disk Drill PRO Lifetime License: $18 with Promo Code

· · TMO Deals

Disk Drill PRO

We have a deal on a lifetime license for Disk Drill PRO for Mac. This software is designed to make it easy to recover documents, music, photos, videos, or even whole partitions that have gone missing from your computer. Our deal is for $29.99, but promo code BFSAVE40 will save you another 40%, for a checkout price of $18.

JavaScript Attack Can Be Used to Spy on Browser Tabs

· · Link

Besides the Amazon leak, here’s some more troubling news. Researchers demonstrated a side-channel JavaScript attack that made it possible for them to spy on your other browser tabs. And even Tor is susceptible.

This information can be used to target adverts at you based on your interests, or otherwise work out the kind of stuff you’re into and collect it in safe-keeping for future reference. The technique is described in a paper recently distributed through ArXiv called “Robust Website Fingerprinting Through the Cache Occupancy Channel.”

It doesn’t sound like there’s a fix for this at the moment.

Amazon Leaks Users' Names and Email Addresses

· · Link

Amazon is emailing customers to tell them it leaked their names and email addresses due to a “technical error.”

It then goes on to say, “The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.”

None of which is terribly reassuring. Although it doesn’t include the customer’s name it doesn’t look like a phishing attack as there is no link and no call to action.

Amazon says there is no need to change your password but you should change it anyway. If they can’t protect emails and names, why would we trust them with our passwords?