NSA Wants to Spy on Americans Because Reasons

· Andrew Orr · Link

U.S. government servers have been getting hacked left and right. In response, the NSA wants us to think that approval of domestic spying will solve the problem, despite suffering an egregious hack in 2016 where its zero-day exploits were stolen.

“We truly need to look at the ability for us to see ourselves and right now it’s difficult for us to see ourselves,” Nakasone testified on Thursday to the Senate Armed Services Committee. Adversaries like China and Russia “are operating with increased sophistication, scope [and] scale, including operations that can end “before a warrant can be issued,” he warned.

Google Bravely Blocks Apps From Scanning Your Other Apps

· Andrew Orr · Link

Android bot on mac keyboard

Google announced that it will stop Android apps from scanning the list of your other apps in Android 11. Why this behavior was accepted before is beyond me.

Google has another page that lists allowable use cases for Play Store apps querying your app list, including “device search, antivirus apps, file managers, and browsers.” The page adds that “apps that must discover any and all installed apps on the device, for awareness or interoperability purposes may have eligibility for the permission.”

Time to make a fake antivirus app which queries your list of apps to sell to other companies.

Document Collaboration That Doesn’t Need the Cloud

· Andrew Orr · Link

collabio spaces office suite

Collabio Spaces is an interesting new office suite that allows for document collaboration without needing external servers. Unfortunately it requires a subscription, but could be a useful tool for sensitive documents.

The P2P software lets multiple people co-edit a document locally — from a mobile device or desktop computer — without A) the risk of uploading sensitive information to the cloud (i.e. as you must if you’re using a shared document function of a service like Google Docs); or B) the tedium of emailing a text to multiple recipients and then having to collate and resolve changes manually, once all the contributions trickle back.

Most Browser Tracking Protection Isn’t Very Effective by Default

· Andrew Orr · Link

Trackers on webmd

DuckDuckGo wrote on Tuesday that most browser tracking protection doesn’t stop tracking by default. There are multiple ways to track people besides third-party cookies, for example.

The issue is that once such trackers are loaded in your browser, they have a ton of ways to track you beyond just third-party cookies (e.g., by another form of cookies called first-party cookies, by your IP address, and much, much more).

Therefore, to really stop a cross-site tracker, the kind that tries to track your activity from site to site, you have to prevent it from actually loading in your browser in the first place.

Of course, the post is a plug for the DuckDuckGo browser extension, but the details behind tracking are good to know.

Starting April 15, TikTok Won’t Let You Opt Out of Personalized Ads

· Andrew Orr · Link

Walmart Enters the TikTok Purchase War - article

Starting April 15, TikTok will make personalized ads mandatory whether you want them or not.

TikTok says it is “committed” to respecting the privacy of its users, according to a TikTok spokesperson. “We will continue to be transparent about our data privacy practices and help users understand their privacy choices on our Safety Center.”

People will still be able to control whether TikTok personalizes ads based on data pulled from other apps and websites.

Committed to respecting the privacy of its users. Eye roll.

The Ulysses Group Wants to Sell Location Data to US Military

· Andrew Orr · Link

Ulysses group logo

A contractor with the U.S. military called The Ulysses Group wants to start selling vehicle location data to the military.

Ulysses can provide our clients with the ability to remotely geolocate vehicles in nearly every country except for North Korea and Cuba on a near real time basis. Currently, we can access over 15 billion vehicle locations around the world every month.

Comparing Privacy Policies: Clubhouse Versus Twitter

· Andrew Orr · Link

Twitter versus clubhouse

Clubhouse and Twitter Spaces are the newest entries to the audio space, but they both do different things with your data. Matt Binder examined their privacy policies.

The two platforms’ approaches to data storage really speak to a major difference in their intended uses. It seems Twitter users will be able to Spaces for more permanent content that they can repurpose for other platforms and mediums; whereas Clubhouse rooms will live strictly in the moment.

I don’t want to spoil the article but it sounds like Clubhouse audio recordings are more ephemeral.

Cryptee Adds DOCX Support for File Editing

· Andrew Orr · Link

DOCX Microsoft word document

Hot on the heels of its big 3.0 update, the next announcement for Cryptee is support for DOCX uploading and editing. You can also export documents as DOCX, making Cryptee a viable cloud-based private alternative to Microsoft Word and Google Docs. However, there is an extra security bonus to Cryptee:

A little known fact about docx files is that, due to the fact that they support macros, and other ways to execute code in them, they are commonly used by malicious third parties to distribute and spread malware viruses. Cryptee does not run / execute macros while opening docx files, allowing you to open / edit / save DOCX files safely, without having to worry about your computer getting infected.

Google Reveals Plan to End Third-Party Cookies

· Andrew Orr · Link

Google chrome browser window

Google wrote a post updating its plans for its Privacy Sandbox project. Its goal is to make third-party cookies obsolete.

we are confident that with continued iteration and feedback, privacy-preserving and open-standard mechanisms like the Privacy Sandbox can sustain a healthy, ad-supported web in a way that will render third-party cookies obsolete.

Once these approaches have addressed the needs of users, publishers, and advertisers, and we have developed the tools to mitigate workarounds, we plan to phase out support for third-party cookies in Chrome.

I don’t know what the new “open standards” will be, but I’m definitely skeptical given the nature of Google’s advertising business. Will there be a new first-party tracking technique? Update: Here’s why the EFF thinks it’s a terrible idea.

Brave Prepares to Launch the Brave Search Engine

· Andrew Orr · Link

Brave search engine preview

Private browser Brave is getting ready to launch its own branded search engine with its acquisition of Cliqz.

The former Cliqz dev team, who had subsequently been working on Tailcat, are moving to Brave as part of the acquisition. The engineering team is led by Dr Josep M Pujol — who is quoted in Brave’s PR saying it’s “excited to be working on the only real private search/browser alternative to Big Tech”.

Interesting move, and I look forward to more private search engines.