7 Private Alternatives to Apple Apps and Services

· Andrew Orr · Quick Tip

Andrew found seven Apple alternatives to use if you don’t want your data shared with the FBI, including Bitwarden, Cryptomator, and more.

Why is Zoom Sending Our Data to Facebook?

· Andrew Orr · Link

As people are required to work from home, apps like Zoom help us with video conferencing. But why is the iOS app sending our data to Facebook?

Upon downloading and opening the app, Zoom connects to Facebook’s Graph API, according to Motherboard’s analysis of the app’s network activity. The Graph API is the main way developers get data in or out of Facebook. The Zoom app notifies Facebook when the user opens the app, details on the user’s device such as the model, the time zone and city they are connecting from, which phone carrier they are using, and a unique advertiser identifier created by the user’s device which companies can use to target a user with advertisements.

I’ll add this to my #DeleteFBSDK endeavors.

The FBI is Collecting Your Data Through its ‘FitTest’ App

· Andrew Orr · Link

The FBI has been promoting its fitness app called FitTest to help people exercise at home. It’s also collecting your data.

…an FBI spokesperson reiterated the app’s privacy statement, adding that “the app does not gather or save any personal information other than what you select for your profile.”

But the app’s privacy statement makes room for some tracking: When FitTest accesses pages from the official FBI website, it says, “fbi.gov’s privacy policy applies.” The fbi.gov privacy policy states that “individuals using this computer system are subject to having all of their activities monitored and recorded.”

I can’t wait for the FBIPhone and FBIMessage apps.

KeepSolid VPN Unlimited Adds DNS Firewall for Customers

· Andrew Orr · Link

Logo of keepsolid vpn

KeepSolid’s VPN Unlimited added a new feature for its customers. This DNS firewall can block domains associated with malware, porn, drugs and alcohol, gambling, games, and more.

This benefit of KeepSolid DNS Firewall is closely connected with the previous one. If you don’t open a malicious website, you won’t get infected with malware. Better prevent than cure, agree? And there is really much to avoid, as malware attacks are exponentially increasing over time.

Great news for KeepSolid customers. And if you’re not a customer, I recommend reading my roundup of DNS services to use.

Lawyers: Turn off Alexa and Google Home Before Confidential Meetings

· Andrew Orr · Link

Lawyers who are working from home are encouraged to turn off devices like Amazon Alexa and Google Home because these products may eavesdrop.

“Perhaps we’re being slightly paranoid, but we need to have a lot of trust in these organizations and these devices,” Hancock said. “We’d rather not take those risks.”

The firm worries about the devices being compromised, less so with name-brand products like Alexa, but more so for cheap knock-off devices, he added.

It’s definitely not just cheap knock-offs.

Should We Ban Targeted Advertising?

· Andrew Orr · Link

Gilad Edelman asks an important question at Wired: Why don’t we just ban targeted advertising?

The solution to our privacy problems, suggested Hansson, was actually quite simple. If companies couldn’t use our data to target ads, they would have no reason to gobble it up in the first place, and no opportunity to do mischief with it later. From that fact flowed a straightforward fix: “Ban the right of companies to use personal data for advertising targeting.”

Instead of, or in addition to, banning or restricting targeted advertising, I think we should go a step further and restrict data collection, which is what these companies use for these ads in the first place. When any startup without a track record can enter the business of collecting and selling our personal information, that’s a problem.

Google: “We Don’t Sell Your Data, We Just Monetize It”

· Andrew Orr · Link

One way to avoid the California Consumer Privacy Act is to claim that you don’t sell data. This is what Google has seemingly done.

Google monetizes what it observes about people in two major ways: It uses data to build individual profiles with demographics and interests, then lets advertisers target groups of people based on those traits. It shares data with advertisers directly and asks them to bid on individual ads.

As I tweeted yesterday, there is no difference between selling “access” to data and selling data “directly.” In both scenarios, people are products for advertisers. Although I’m sure lawsuits have been won and lost on lesser technicalities.

This Safari Extension Can Clean Links With Trackers

· Andrew Orr · Link

Image of generic fingerprint

A Safari extension called Clean Links can automatically remove tracking parameters from URLs. Blocked trackers include UTM by Google Analytics, FBCLID by Facebook, and others. It is a random app from GitHub outside of the App Store. I uploaded it to VirusTotal and it didn’t show anything weird. But the creator also makes the source code available.

To install Clean Links you can either download the latest prebuild extension from the releases tab, or you can clone the repository and build it yourself.

I also use a shortcut that can accomplish the same thing on iOS and iPadOS.

Australia Takes Facebook to Court Over Privacy Violations

· Andrew Orr · Link

Australia’s privacy regulator is taking Facebook to court over Cambridge Analytica. It could impose a fine of AUD$1.7 million (US$1.1 million) for every privacy violation.

“Facebook failed to take reasonable steps to protect those individuals’ personal information from unauthorised disclosure,” the Australian commissioner’s office said.

Big companies like Facebook need fines in the billions of dollars for them to start paying attention.

Utah is Now a Surveillance State Thanks to This Company

· Andrew Orr · Link

A surveillance company called Banjo has partnered with Utah state authorities to enable a dystopian panopticon.

The lofty goal of Banjo’s system is to alert law enforcement of crimes as they happen. It claims it does this while somehow stripping all personal data from the system, allowing it to help cops without putting anyone’s privacy at risk. As with other algorithmic crime systems, there is little public oversight or information about how, exactly, the system determines what is worth alerting cops to.

DuckDuckGo Tracker Radar is a Custom Block List

· Andrew Orr · News

DuckDuckGo Tracker Radar is a new block list created by the company over the past couple years. It’s open source and available on GitHub.

New App ‘MyPrivacy’ Gives You a VPN, Photo Vault, Password Manager, More

· Andrew Orr · Cool Stuff Found

MyPrivacy is a new app from the makers of MyPermissions. It’s an all-in-one tool that gives you a VPN, password manager, private browser, photo vault, social permissions manager, and app lock. It requires a subscription of up to US$99/year. The privacy policy also looks decent. It mentions both “military-grade” and “NSA-grade” encryption, which likely refers to AES-256. There are certainly cheaper solutions out there but having everything in one app is convenient.

New App ‘MyPrivacy’ Gives You a VPN, Photo Vault, Password Manager, More

When You Download Facebook Data, it Doesn’t Show Everything

· Andrew Orr · Link

Facebook isn’t being completely truthful about the data available in its “Download Your Information” feature. Some information is left out.

Privacy International recently tested the feature to download all ‘Ads and Business’ related information (You can accessed it by Clicking on Settings > Your Facebook Information > Download Your Information). This is meant to tell users which advertisers have been targeting them with ads and under which circumstances. We found that information provided is less than accurate. To put it simply, this tool is not what Facebook claims. The list of advertisers is incomplete and changes over time.

As Privacy International points out, this is in violation of GDPR because Facebook doesn’t let you see all of the advertisers that have your data.