privacy

Link

Document Collaboration That Doesn’t Need the Cloud

Andrew Orr ·

Collabio Spaces is an interesting new office suite that allows for document collaboration without needing external servers. Unfortunately it requires a subscription, but could be a useful tool for sensitive documents.

The P2P software lets multiple people co-edit a document locally — from a mobile device or desktop computer — without A) the risk of uploading sensitive information to the cloud (i.e. as you must if you’re using a shared document function of a service like Google Docs); or B) the tedium of emailing a text to multiple recipients and then having to collate and resolve changes manually, once all the contributions trickle back.

Link

Most Browser Tracking Protection Isn’t Very Effective by Default

Andrew Orr ·

DuckDuckGo wrote on Tuesday that most browser tracking protection doesn’t stop tracking by default. There are multiple ways to track people besides third-party cookies, for example.

The issue is that once such trackers are loaded in your browser, they have a ton of ways to track you beyond just third-party cookies (e.g., by another form of cookies called first-party cookies, by your IP address, and much, much more).

Therefore, to really stop a cross-site tracker, the kind that tries to track your activity from site to site, you have to prevent it from actually loading in your browser in the first place.

Of course, the post is a plug for the DuckDuckGo browser extension, but the details behind tracking are good to know.

Link

Starting April 15, TikTok Won’t Let You Opt Out of Personalized Ads

Andrew Orr ·

Starting April 15, TikTok will make personalized ads mandatory whether you want them or not.

TikTok says it is “committed” to respecting the privacy of its users, according to a TikTok spokesperson. “We will continue to be transparent about our data privacy practices and help users understand their privacy choices on our Safety Center.”

People will still be able to control whether TikTok personalizes ads based on data pulled from other apps and websites.

Committed to respecting the privacy of its users. Eye roll.

Link

Comparing Privacy Policies: Clubhouse Versus Twitter

Andrew Orr ·

Clubhouse and Twitter Spaces are the newest entries to the audio space, but they both do different things with your data. Matt Binder examined their privacy policies.

The two platforms’ approaches to data storage really speak to a major difference in their intended uses. It seems Twitter users will be able to Spaces for more permanent content that they can repurpose for other platforms and mediums; whereas Clubhouse rooms will live strictly in the moment.

I don’t want to spoil the article but it sounds like Clubhouse audio recordings are more ephemeral.

Link

Cryptee Adds DOCX Support for File Editing

Andrew Orr ·

Hot on the heels of its big 3.0 update, the next announcement for Cryptee is support for DOCX uploading and editing. You can also export documents as DOCX, making Cryptee a viable cloud-based private alternative to Microsoft Word and Google Docs. However, there is an extra security bonus to Cryptee:

A little known fact about docx files is that, due to the fact that they support macros, and other ways to execute code in them, they are commonly used by malicious third parties to distribute and spread malware viruses. Cryptee does not run / execute macros while opening docx files, allowing you to open / edit / save DOCX files safely, without having to worry about your computer getting infected.

Link

Google Reveals Plan to End Third-Party Cookies

Andrew Orr ·

Google wrote a post updating its plans for its Privacy Sandbox project. Its goal is to make third-party cookies obsolete.

we are confident that with continued iteration and feedback, privacy-preserving and open-standard mechanisms like the Privacy Sandbox can sustain a healthy, ad-supported web in a way that will render third-party cookies obsolete.

Once these approaches have addressed the needs of users, publishers, and advertisers, and we have developed the tools to mitigate workarounds, we plan to phase out support for third-party cookies in Chrome.

I don’t know what the new “open standards” will be, but I’m definitely skeptical given the nature of Google’s advertising business. Will there be a new first-party tracking technique? Update: Here’s why the EFF thinks it’s a terrible idea.

Link

Brave Prepares to Launch the Brave Search Engine

Andrew Orr ·

Private browser Brave is getting ready to launch its own branded search engine with its acquisition of Cliqz.

The former Cliqz dev team, who had subsequently been working on Tailcat, are moving to Brave as part of the acquisition. The engineering team is led by Dr Josep M Pujol — who is quoted in Brave’s PR saying it’s “excited to be working on the only real private search/browser alternative to Big Tech”.

Interesting move, and I look forward to more private search engines.

Link

Firefox 86 Introduces ‘Total Cookie Protection’ Privacy Feature

Andrew Orr ·

Firefox 86, introduced recently by Mozilla, adds a new privacy feature called Total Cookie Protection.

Total Cookie Protection works by maintaining a separate “cookie jar” for each website you visit. Any time a website, or third-party content embedded in a website, deposits a cookie in your browser, that cookie is confined to the cookie jar assigned to that website, such that it is not allowed to be shared with any other website.

Link

Encrypted Cloud Storage Service ‘Cryptee’ Announces Massive Update

Andrew Orr ·

Cryptee is an end-to-end encrypted cloud storage service and announced a huge update on Sunday.

We’ve re-designed the entire platform, re-engineered everything from ground up, added hundreds of new features, and created an entirely new Cryptee experience for you. Along the way we’ve realized it’s going to be a massive leap forward, so we thought we should get a new logo too.

I think Cryptee is a great service and one that I’ve recommended in the past.

Link

Email Spy Pixels are a Widespread Problem, Says BBC

Andrew Orr ·

At the BBC’s request, email service “Hey” analyzed its traffic and found two-thirds of emails sent to users contained a spy pixel.

Defenders of the trackers say they are a commonplace marketing tactic. This information can then be used to determine the impact of a specific email campaign, as well as to feed into more detailed customer profiles. Hey’s co-founder David Heinemeier Hansson says they amount to a “grotesque invasion of privacy”. And other experts have also questioned whether companies are being as transparent as required under law about their use.

These pixels are tiny 1×1 images embedded in photos that can track a variety of data points. You could turn off “Load Remote Images” automatically in Settings > Mail, but then of course they would load along with other photos when you want to see them.

Link

DNS Provider ‘Quad9’ Announces Move to Switzerland

Andrew Orr ·

Quad9 is a non-profit DNS provider, so called because of its 9.9.9.9 DNS server. It announced on Wednesday it has moved its headquarters from California to Zürich, Switzerland supported by Packet Clearing House and SWITCH.

Quad9’s move to Switzerland is being facilitated by SWITCH, one of Switzerland‘s centers of competence for internet security. The foundation operates several critical infrastructures and has been committed to greater cybersecurity for decades to make the internet a more secure place for its users. SWITCH is taking a seat on Quad9’s foundation council and contributing to Quad9’s governance.

Interesting move. For many people, private services and companies located in a country like the U.S. is a negative. This is because of the Five Eyes Alliance.