Andrew Orr joins host Kelly Guimont to discuss Security Friday news including Mozilla’s product guide and an AirTag attack.
privacy
FTC Looks to Enhance Privacy Rules, Especially for Kids
The Federal Trade Commission is weighing options to strengthen online privacy rules, especially with regard to protecting children.
1Password Adds Email Aliases Powered by Fastmail Called 'Masked Email'
1Password has teamed up with Fastmail to give users a way to create email aliases when signing up for accounts.
These iPhone Apps Track You Even After You Say No With ATT
iOS 14’s App Tracking Transparency lets you disable app tracking, but these apps do it anyway, according to a recent investigation.
Mozilla Adds Facebook Messenger, Houseparty, and WeChat to 'Privacy Not Included' Guide
In a review of the privacy features of 21 popular video call apps, Mozilla said Apple’s FaceTime is safe, while WeChat, Houseparty, and Facebook Messenger are not.
Says Jen Caltrider, *Privacy Not Included Lead at Mozilla: Video call apps are now a routine part of millions of people’s lives. And even when the pandemic recedes, that won’t change. In this new world, people deserve to know if the apps they’re using everyday respect their privacy — or if they’re snooping on them. While video call apps may feel more intimate than social media platforms, there’s still a ton of data being collected, stored, and shared. For that reason, users should assume that anything they say on a video call app could be made public.
Apple Releases iOS 15 With Live Text, Shared With You, Focus, and More
Apple has officially released iOS 15 for customers on Monday, bringing plenty of fresh new features and quality-of-life upgrades.
Here's How Much Your Car Knows About You
Jon Callas, the Electric Frontier Foundation’s director of technology projects, explained what data newer cars, especially Tesla, collect from you.
“All of these things are at least theoretically able to be logged,” cautioned Callas. “And there is a port that you can connect something to — and there’s lots of hardware and software that you can connect to your car and get all sorts of telemetry information about how the car is running — and just like there are people who hack their computers there are people who hack their cars.”
PrivacyTools Website Rebrands as Privacy Guides (Update)
PrivacyTools.io is a website I’ve long used to learn about different types of private software. The team announced that it will rebrand as Privacy Guides.
Our work maintaining PrivacyTools has been extremely difficult of late without access to key assets such as the domain and without the participation of its founder.
This name change is the first step in this process of regaining our independence as a community. Eventually, we plan on creating a new legal organization designed around the community to ensure our long-term sustainability. This will take some careful planning and time to get right, but we’re confident we can prevent this from ever happening again, and keep us independent of any one team member.
Update: It appears there is some contention or intra-politics. The official PrivacyTools Twitter account said it is a project split, not a rebrand.
NoSpyPhone Protests Planned at Apple Stores in Major Cities
On the eve of the 2021 Fall Apple Event on Tuesday, protests are being planned at various Apple stores to protest CSAM detection features.
Privacy Advocates Deliver 59,000 Petition Signatures to Apple Over CSAM Detection
Privacy advocates have delivered a petition to Apple over its plans to install a system on its devices to detect child sexual abuse material.
Here are Steps to Take to Protect Your Privacy on Apple Devices
Macinstruct published a brief guide on protecting your privacy on Apple devices as a response to Apple’s CSAM detection plans.
We’re now encouraging readers to protect their privacy by disabling certain Apple features. In situations where privacy is a hard requirement, it may be necessary to consider using non-Apple hardware and software. This article provides an overview of our recommendations and your options.
It’s a decent guide except for the recommendation to disable iMessage in favor of SMS. iMessage is end-to-end encrypted, SMS is not. My advice for iMessage privacy is to prevent Messages from storing content in iCloud. When that happens, Apple has the capability to decrypt texts. On an iPhone or iPad, go to Settings > Profile Name > iCloud, and turn off the toggle for Messages. Then go to Settings > Messages > Keep Messages. Change it to auto-delete old messages after 30 days. Or, use a private messenger such as Signal.
EU Fines WhatsApp $266 Million Over Data Transparency
The Irish Data Protection Commission has ordered Facebook-owned WhatsApp to pay a US$266 million fine over the way it handles user data.
Judge Allows Lawsuit to Proceed That Claims Siri Violates Privacy
U.S. District Judge Jeffrey White has given the green light to a lawsuit that claims Siri violates user privacy. He did dismiss part of the complaint.
Here are the First States to Support iOS 15 Digital IDs
On Wednesday Apple revealed which U.S. states are the first to support storage of IDs within Apple Wallet in iOS 15 and watchOS 8.
Examining Apple's Carefree Attitude Towards Employee Privacy
Zoe Schiffer, writing for The Verge, investigates Apple employees and “the blurring of personal and work accounts.”
This is how it starts: a new Apple employee is told during onboarding that collaborating with their colleagues will require them to make extensive use of iCloud storage, and their manager offers a two terabyte upgrade. This will link their personal Apple ID to their work account — in fact, the instructions for accessing this upgrade explicitly say “you must link your personal Apple ID with your AppleConnect work account.”
Private Search Engine 'Xayn' Releases Web Version of its App
An AI company based in Berlin, Germany called Xayn has launched a web version of its private search engine app.
Both versions of Xayn use Masked Federated Learning to protect users’ data privacy while still providing them with an individually tailored web experience. They are created with the same code base in Flutter, a developing framework that’s designed to function both on mobile and web. The team transferred the AI to work directly in the respective browsers with high speed via WebAssembly so that all personal data stays privately within the browsers.
Looks like it doesn’t work yet on Safari.
AdGuard: 'People Should be Worried About Apple CSAM Detection'
Adblocking company AdGuard is the latest to offer commentary on Apple’s controversial decision to detect CSAM in iCloud Photos. The team ponders ways to block it using their AdGuard DNS technology.
We consider preventing uploading the safety voucher to iCloud and blocking CSAM detection within AdGuard DNS. How can it be done? It depends on the way CSAM detection is implemented, and before we understand it in details, we can promise nothing particular.
Who knows what this base can turn into if Apple starts cooperating with some third parties? The base goes in, the voucher goes out. Each of the processes can be obstructed, but right now we are not ready to claim which solution is better and whether it can be easily incorporated into AdGuard DNS. Research and testing are required.
Apple’s On-iCloud or Is It On-Device CSAM Scan?
John Kheit digs into where Apple’s CSAM scanning is taking place, arguing that where Apple reads your files is super important for privacy.
70M AT&T Customer Records Reportedly Stolen in Breach
Personal data from some 70 million AT&T customer records has been stolen, but the company is denying the data is really theirs.
IMF: Credit Scores Should be Based on Browsing History
As if reality couldn’t be more dystopian, researchers for the International Monetary Fund proposed that credit scores should include data from peoples’ browsing, search, and purchase history.
Citing soft-data points like “the type of browser and hardware used to access the internet, the history of online searches and purchases” that could be incorporated into evaluating a borrower, the researchers believe that when a lender has a more intimate relationship with the potential client’s history, they might be more willing to cut them some slack.
What an insane, stupid idea. Too poor to afford a Mac? Sorry! Your credit score won’t be rising above 600.
Apple, You Broke Your Privacy Promises and Our Hearts
John sees Apple reversing its commitment to privacy, which he feels has broken the hearts of many apple fans, including his own.
Researchers Propose New Way to Limit Location Tracking With ‘Pretty Good Phone Privacy’
Researchers have proposed a way to limit smartphone tracking from carriers. It’s called Pretty Good Phone Privacy.
Apple Privacy Chief Tries to Reduce Concerns About CSAM And Messages Safety Features
Apple’s privacy chief, Erik Neuenschwander, explained its stance, following an outcry over its proposals on countering the spread of CSAM.
Ancestry.com Gave Itself Commercial Rights to Your Photos
Recently, Ancestry.com updated its terms and conditions to give itself the rights to use your photos for any reason in perpetuity.