Mozilla Adds Facebook Messenger, Houseparty, and WeChat to 'Privacy Not Included' Guide

In a review of the privacy features of 21 popular video call apps, Mozilla said Apple’s FaceTime is safe, while WeChat, Houseparty, and Facebook Messenger are not.

Says Jen Caltrider, *Privacy Not Included Lead at Mozilla: Video call apps are now a routine part of millions of people’s lives. And even when the pandemic recedes, that won’t change. In this new world, people deserve to know if the apps they’re using everyday respect their privacy — or if they’re snooping on them. While video call apps may feel more intimate than social media platforms, there’s still a ton of data being collected, stored, and shared. For that reason, users should assume that anything they say on a video call app could be made public.

Here's How Much Your Car Knows About You

Jon Callas, the Electric Frontier Foundation’s director of technology projects, explained what data newer cars, especially Tesla, collect from you.

“All of these things are at least theoretically able to be logged,” cautioned Callas. “And there is a port that you can connect something to — and there’s lots of hardware and software that you can connect to your car and get all sorts of telemetry information about how the car is running — and just like there are people who hack their computers there are people who hack their cars.”

PrivacyTools Website Rebrands as Privacy Guides (Update) is a website I’ve long used to learn about different types of private software. The team announced that it will rebrand as Privacy Guides.

Our work maintaining PrivacyTools has been extremely difficult of late without access to key assets such as the domain and without the participation of its founder.

This name change is the first step in this process of regaining our independence as a community. Eventually, we plan on creating a new legal organization designed around the community to ensure our long-term sustainability. This will take some careful planning and time to get right, but we’re confident we can prevent this from ever happening again, and keep us independent of any one team member.

Update: It appears there is some contention or intra-politics. The official PrivacyTools Twitter account said it is a project split, not a rebrand.

Here are Steps to Take to Protect Your Privacy on Apple Devices

Macinstruct published a brief guide on protecting your privacy on Apple devices as a response to Apple’s CSAM detection plans.

We’re now encouraging readers to protect their privacy by disabling certain Apple features. In situations where privacy is a hard requirement, it may be necessary to consider using non-Apple hardware and software. This article provides an overview of our recommendations and your options.

It’s a decent guide except for the recommendation to disable iMessage in favor of SMS. iMessage is end-to-end encrypted, SMS is not. My advice for iMessage privacy is to prevent Messages from storing content in iCloud. When that happens, Apple has the capability to decrypt texts. On an iPhone or iPad, go to Settings > Profile Name > iCloud, and turn off the toggle for Messages. Then go to Settings > Messages > Keep Messages. Change it to auto-delete old messages after 30 days. Or, use a private messenger such as Signal.

Examining Apple's Carefree Attitude Towards Employee Privacy

Zoe Schiffer, writing for The Verge, investigates Apple employees and “the blurring of personal and work accounts.”

This is how it starts: a new Apple employee is told during onboarding that collaborating with their colleagues will require them to make extensive use of iCloud storage, and their manager offers a two terabyte upgrade. This will link their personal Apple ID to their work account — in fact, the instructions for accessing this upgrade explicitly say “you must link your personal Apple ID with your AppleConnect work account.”

Private Search Engine 'Xayn' Releases Web Version of its App

An AI company based in Berlin, Germany called Xayn has launched a web version of its private search engine app.

Both versions of Xayn use Masked Federated Learning to protect users’ data privacy while still providing them with an individually tailored web experience. They are created with the same code base in Flutter, a developing framework that’s designed to function both on mobile and web. The team transferred the AI to work directly in the respective browsers with high speed via WebAssembly so that all personal data stays privately within the browsers.

Looks like it doesn’t work yet on Safari.

AdGuard: 'People Should be Worried About Apple CSAM Detection'

Adblocking company AdGuard is the latest to offer commentary on Apple’s controversial decision to detect CSAM in iCloud Photos. The team ponders ways to block it using their AdGuard DNS technology.

We consider preventing uploading the safety voucher to iCloud and blocking CSAM detection within AdGuard DNS. How can it be done? It depends on the way CSAM detection is implemented, and before we understand it in details, we can promise nothing particular.

Who knows what this base can turn into if Apple starts cooperating with some third parties? The base goes in, the voucher goes out. Each of the processes can be obstructed, but right now we are not ready to claim which solution is better and whether it can be easily incorporated into AdGuard DNS. Research and testing are required.

IMF: Credit Scores Should be Based on Browsing History

As if reality couldn’t be more dystopian, researchers for the International Monetary Fund proposed that credit scores should include data from peoples’ browsing, search, and purchase history.

Citing soft-data points like “the type of browser and hardware used to access the internet, the history of online searches and purchases” that could be incorporated into evaluating a borrower, the researchers believe that when a lender has a more intimate relationship with the potential client’s history, they might be more willing to cut them some slack.

What an insane, stupid idea. Too poor to afford a Mac? Sorry! Your credit score won’t be rising above 600.