privacy Archives

Hundreds of Tor Servers From 'KAX17' Threaten to Deanonymize Users

Andrew Orr · 11:17 AM EST, Dec 6th, 2021 · Add Comment

Security researcher ‘Nusenu’ has uncovered hundreds of Tor servers belonging to an entity tracked as KAX17.

Grouping these servers under the KAX17 umbrella, Nusenu says this threat actor has constantly added servers with no contact details to the Tor network in industrial quantities, operating servers in the realm of hundreds at any given point.

KAX17’s focus on Tor entry and middle relays led Nusenu to believe that the group, which he described as “non-amateur level and persistent,” is trying to collect information on users connecting to the Tor network and attempting to map their routes inside it.

Link

Twitter Now Bans Posting Images of People Without Their Consent

Andrew Orr · 9:55 AM EST, Nov 30th, 2021 · Add Comment

TechCrunch shares an update to Twitter’s private information safety policy regarding images posted on its platform. It bans sharing images and videos of private people without their consent.

This doesn’t mean that Twitter will require consent from all individuals in a photo or video before its posted. But if a person depicted wants the media taken down, Twitter will take it down.

Cool Stuff Found

'Libreddit' is a New Frontend Client for Reddit Designed for Privacy

Andrew Orr · 12:41 PM EST, Nov 29th, 2021 · Add Comment

Libreddit is a new frontend for Reddit, written in Rust, that aims to preserve privacy. The developer shared the service on r/Privacy. “Reddit tracks a lot of data but Libreddit logs nothing and uses no JavaScript by default so client-side monitoring isn’t possible. There are 35 community-hosted instances that can be used to access Libreddit; one can spread their traffic across multiple for even more privacy. 7 of our instances are .onion hidden services so you can browse Libreddit using Tor.” Official Instance: https://libreddit.spike.codes. If this gets too slow due to traffic, use another instance.

Link

Tor Project Offers Rewards for More Servers During Decline

Andrew Orr · 11:20 AM EST, Nov 19th, 2021 · Add Comment

The Tor Project has seen a decline in relays and bridge servers, and offers rewards for people to help increase the network.

Rewards include the likes of hoodies, t-shirts, and stickers and are meant to provide some sort of meaningful gift to those who help keep the Tor anonymity network alive and resilient to censorship.

More specifically, the rewards will be provided to those who run Tor “bridges,” which serve as entry points into the Tor network for users located in countries that block access to Tor servers.

Link

Musicians Call for Concert Venues to Drop Amazon Palm Scanning Technology

Andrew Orr · 8:57 AM EST, Nov 18th, 2021 · Add Comment

Musicians and activist groups are calling on Red Rocks Amphitheatre to stop its rollout of Amazon’s palm scanning tech.

The letter contributors are worried Amazon might send palm data to government agencies hoping to track activists and marginalized people, particularly in light of its past collaborations with police. They’re also concerned thieves might steal info from the cloud, and see AEG as inconsistent after it condemned the use of facial recognition in 2019.

Link

Contract Lawyers Latest Sector to Face Remote Surveillance Programs

Andrew Orr · 1:13 PM EST, Nov 12th, 2021 · Add Comment

As WP reports, businesses are increasingly using surveillance software to monitor what their employees do on computers. Contract lawyers are the latest group to face this.

The monitoring is a symptom of “these pervasive employer attitudes that take advantage of these technologies to continue these really vicious cycles … that treat employees as commodities,” she said. “The irony in this situation is that it’s attorneys, who traditionally advocate for employee rights or justice when they’re made aware of intrusions like these.”

Link

Proctoring Apps For Schools is Mass Surveillance for Kids

Andrew Orr · 11:11 AM EST, Nov 9th, 2021 · Add Comment

In an op-ed for Teen Vogue, writers from Fight For The Future argue that test proctoring apps that many schools use is mass surveillance of minors.

Remote proctoring software is, essentially, spyware that students are forced to install, typically as a browser plug-in or a computer program. Invasive features like keystroke logging, screen recording, network traffic monitoring, and video and audio recording are common. Many of the programs also collect tons of biometric data through eye-movement tracking and facial recognition.

News

Peloton Latest to Complain That Apple Privacy Hurts Ability to Target Users

Andrew Orr · 3:36 PM EDT, Nov 5th, 2021 · 1 Comment

Peloton recently held an earnings call and mentioned that Apple’s privacy features with iOS have negatively affected its ad revenue.

Link

Facebook Moves to Cancel its Facial Recognition System

Andrew Orr · 8:53 AM EDT, Nov 3rd, 2021 · 3 Comments

Facebook announced it will cancel its facial recognition system responsible for cataloging its billion-strong user base.

Our technology will no longer automatically recognize if people’s faces appear in Memories, photos or videos. People will no longer be able to turn on face recognition for suggested tagging or see a suggested tag with their name in photos and videos they may appear in. We’ll still encourage people to tag posts manually, to help you and your friends know who is in a photo or video. This change will also impact Automatic Alt Text (AAT), a technology used to create image descriptions for people who are blind or visually impaired. AAT currently identifies people in about 4% of photos.

The above quote is probably the only useful part of the self-congratulatory update.

News

Privacy Features Cause Social Media Companies to Lose $10 Billion in Ad Revenue

Andrew Orr · 9:27 AM EDT, Nov 1st, 2021 · 2 Comments

User consent, through tools like Apple’s App Tracking Transparency, isn’t good for business. Some companies lost US$10 billion as a result.

Link

Blockchains Aren't as Private as You Think, But They Could Be

Andrew Orr · 8:10 AM EDT, Oct 29th, 2021 · Add Comment

Cybersecurity expert Mashael Al Sabah was recently featured on MIT’s Business Lab podcast. She talks about privacy issues with blockchain technology and how they can be fixed. You can listen to the podcast with the link below (direct link on Apple Podcasts), and.or read the podcast transcript.

A lot of people think that they are completely anonymous when they use Bitcoin, and this gives them a false sense of security. In our research, what we did is that we crawled social media, like there’s popular forum for Bitcoin users called Bitcointalk.org, and we crawled Twitter as well for Bitcoin addresses that users attributed to themselves. In some forums, people share their Bitcoin addressees along with their profile information. So, now you have the public profile information, which includes usernames, emails, age, gender, city.

News

Minors Can Now Request Photo Removal From Google Search

Andrew Orr · 1:11 PM EDT, Oct 27th, 2021 · Add Comment

Google says that minors, or their parents, can now request their photos be removed from Google Search as a new privacy feature.

Link

iMessages are End-To-End Encrypted But iCloud Backups Are Not

Andrew Orr · 12:58 PM EDT, Oct 7th, 2021 · Add Comment

For Lifehacker, Jake Peterson wrote a reminder that under certain circumstances, Apple can theoretically access your iMessages.

Here’s the tricky thing; Messages in iCloud is end-to-end encrypted, just as you’d expect—that’s why there’s no way to access your messages on the web, such as by logging in to icloud.com. There’s one big problem, though: your iCloud Backup isn’t end-to-end encrypted—and Apple stores the key to unlock your encrypted messages within that backup.

Messages in iCloud has been a thing for a few years now, but you can turn it off.