An anonymous Apple source reportedly told Kommersant Business Daily that Russia’s new device law poses a security threat to Apple devices.
Homeland Security Cancels Facial Recognition Plan for Americans
Homeland Security had a plan to expand its use of airport facial recognition to include U.S. citizens. After much outcry the agency will drop that plan, although foreign nationals and visitors will still face mandatory scanning.
A spokesperson for Customs and Border Protection, which filed the proposal, said the agency has “no current plans to require U.S. citizens to provide photographs upon entry and exit from the United States,” and that it “intends to have the planned regulatory action regarding U.S. citizens removed from the unified agenda next time it is published.”
Apple Explains its Location Data Collection on iPhone 11 Models
Security researcher Brian Krebs found that his iPhone 11 Pro accessed his location even when turned off. Now Apple has explained why.
US Among Top 5 Worst Countries for Biometrics Privacy
The United States is one of the worst countries in the world when it comes to the privacy of citizens’ biometrics data.
While there is a handful of state laws that protect state residents’ biometrics (as can be seen in our state privacy study), this does leave many US citizens’ biometrics exposed as there is no federal law in place.
Apple Doesn’t Truly Let You Change Search Engines
Apple lets you go into iOS settings and change your default search engine. But Google is still the default engine when you search via Spotlight.
Traffic Cameras Could Soon Tell if you Text and Drive
Australia will soon install a camera system powered by machine learning that is designed to spot mobile phones in cars.
To let drivers adjust, warning letters will be sent to those spotted using phones by the cameras for the first three months. Australia uses a points system for drivers — unrestricted driver’s licenses have 13 points. After the first three months, drivers caught using their phones illegally will lose five points and be issued a $344 fine. During other periods, the penalty could increase to 10 points. If a driver loses all of their points, they could lose their license.
Distracted driving is absolutely a serious problem, but I don’t think more surveillance infrastructure is the answer.
This VPN App Sent User Data to China
According to a report of VPN apps for 2019, downloads of these apps has increased 54%. But people need to be careful which VPN app they use. The most popular app called VPN – Super Unlimited sent user data to China. But it’s privacy policy made no secret of this.
We regularly collect and use information that could identify an individual, in particular about your purchase or use of our products, services, mobile and software applications and websites… We use various technologies to determine [your] location, including IP addresses, GPS, and other sensors.
The VPN apps I wrote about are all safe (or at least I personally believe them to be safe).
This Tool Shows Which Sites Disguise Third-Party Trackers
Tracking companies have started disguising their third-party trackers as first-party trackers to bypass privacy tools, called CNAME tracking. This tool called TrackingTheTrackers can find them.
This method is called CNAME Cloaking and the disguise is not obvious if one does not know where to look. That’s why we made a free analysis tool that anyone can run on any website. We also wrote an in-depth article about this, you can read it here.
Sounds like a helpful tool. I’ll be keeping an eye on this one. Even Apple does it (But The Mac Observer doesn’t).
Apple's App Behavior, Black Friday Gift Guide – TMO Daily Observations 2019-11-27
John Martellaro and Andrew Orr join host Kelly Guimont to discuss Apple’s apps behavior vs third party apps, and the Black Friday gift guide.
Lawmakers Wonder if Apple Uses Privacy for Anti-Competitive Behavior
Rep. David N. Cicilline (D-RI) is concerned that Apple may be using its privacy measures to hide anti-competitive behavior.
Apple Car Patent Describes ‘Private Lighting’
A patent for the Apple Car describes “systems with synchronized windows” to give drivers a sort of private lighting capability.
Why Teaching Privacy to Your Kids is Important
Siobhan O’Flynn writes about all the ways that companies like Google collect data from kids in violation of the Children’s Online Privacy Protection Act. It starts when schools increasingly turn to Google services in education.
Alphabet Inc. dominates child-directed and child-featured content online through YouTube Kids and has now colonized online educational spaces through Google Docs, G-Suite, Chromebooks and the associated Gmail accounts for children that are required for use. This means that Google’s access to children’s data spans entertainment (YouTube and YouTube Kids), search and purchase histories (via associated parental accounts), and educational sectors.
Startpage News Tab Gives You ‘Unprofiled’ News
Startpage News Tab is a new feature of the search engine that promises to give people news that hasn’t been personalized.
Personally curated feeds, sometimes referred to as a “filter bubble,” are based on an individual’s online behavior constructed by previous search queries, browsing history, social media clicks, IP address, device, and so on…Our goal with Startpage News Tab is to help people break out of that bubble.
Mozilla Unveils 2019 Privacy Not Included Gift Guide
Mozilla announced its third annual 2019 *Privacy Not Included gift guide to highlight gadgets and toys that are secure, and ones that aren’t secure.
This year we found that many of the big tech companies like Apple and Google are doing pretty well at securing their products, and you’ll see that most products in the guide meet our Minimum Security Standards. But don’t let that fool you. Even though devices are secure, we found they are collecting more and more personal information on users, who often don’t have a whole lot of control over that data.
Need the Tor Browser on iOS? Try Onion Browser
Need a Tor browser on iOS? Onion Browser is the only iOS app recommended on the Tor Project’s website. Starting out at the U.S. Naval Research Lab, Tor is a special network that helps people browse the internet with as much privacy as possible. You should note there are a couple of security advisories on its website: WebRTC/Media leaks: Due to iOS limitations, WebRTC and media files leak outside of Tor and are routed over the normal internet. This will reveal your real IP address to sites using these features. (If you are using a VPN, the VPN IP address is revealed instead.) To defend against this, you may set Strict security mode in Host Settings, which will disable Javascript. More information here. OCSP leak: Visiting EV “Green Bar” HTTPS sites may leak information that can be used to reveal the domain name of the website you are visiting. This is handled within iOS and cannot be changed by Onion Browser. There is no known workaround. A detailed report can be found here. App Store: Free
Privacytools.io Delists Startpage Over System1
Privacytools.io delists Startpage from its list of privacy tools and services. Startpage had been taken over by Privacy One Group, which itself is owned by System1. System1 is a targeted advertising company with a business model that seemed—to many—to be in conflict with Startpage’s own privacy-centric model.
Because of the conflicting business model and the unusual way the company reacted, claiming to be fully transparent but being evasive at the same time, we have no choice but to de-list Startpage from our recommendations until it is fully transparent about its new ownership and data processing. Remaining questions include…
Suspicionless Searches of Travelers' Devices Ruled Unconstitutional
A federal court ruled that suspicionless searches of travelers’ phones and laptops is unconstitutional, a win for privacy rights.
The ruling came in a lawsuit, Alasaad v. McAleenan, filed by the American Civil Liberties Union, Electronic Frontier Foundation, and ACLU of Massachusetts, on behalf of 11 travelers whose smartphones and laptops were searched without individualized suspicion at U.S. ports of entry.
504th Military App Could Expose Soldiers’ Data
The 504th military app gives soldiers weather updates, training changes, and other logistics. But its terms of service say it collects a lot of personal data, and if the app was hacked it could potentially expose top-secret information.
The app’s permissions — which suggested it could pull GPS location data, photos, contacts and even rewrite memory cards — frustrated soldiers who have taken extreme precautions they felt were glossed over by Trotter and other senior leaders…The worst-case scenario, he said, was “our cover might be blown.” While the app said permissions could be disabled, the soldiers said there was a failure of confidence it was secure. Senior leaders checked the phones of subordinates to ensure they had the app installed, soldiers in the unit said.
Why it’s especially concerning: “The app developer, Straxis LLC, is based in Tulsa but has a subsidiary in southern India.”
Microsoft Pledges to Follow California’s Privacy Law in All States
Microsoft has pledged to abide by California’s privacy law in the rest of the United States, saying it is a strong supporter for the law.
Is Facebook Secretly Accessing Your Camera? This Man Found a Bug
For years there have been anecdotes from people saying that Facebook secretly uses their phone’s microphone and/or camera for targeted advertising. Joshua Maddux tweeted about a bug he found within the Facebook app. By tapping on a profile picture and slowly sliding it down the screen, you can see his rear camera being accessed on the left hand side. He tested it using five iPhones running iOS 13.2.2.
Found a
@facebook#security &#privacy issue. When the app is open it actively uses the camera. I found a bug in the app that lets you see the camera open behind your feed. Note that I had the camera pointed at the carpet.
