Tag Archives: privacy

Windows 10? Here are privacy issues you should consider

Posted on by

Sign into Windows with your Microsoft account and the operating system immediately syncs settings and data to the company’s servers. That includes your browser history, favorites and the websites you currently have open as well as saved app, website and mobile hotspot passwords and Wi-Fi network names and passwords.

Source: Windows 10? Here are privacy issues you should consider

The updated terms also state that Microsoft will collect information “from you and your devices, including for example ‘app use data for apps that run on Windows’ and ‘data about the networks you connect to.’”

AT&T’s plan to watch your Web browsing—and what you can do about it

Posted on by

If you have AT&T’s gigabit Internet service and wonder why it seems so affordable, here’s the reason—AT&T is boosting profits by rerouting all your Web browsing to an in-house traffic scanning platform, analyzing your Internet habits, then using the results to deliver personalized ads to the websites you visit, e-mail to your inbox, and junk mail to your front door.

via AT&T’s plan to watch your Web browsing—and what you can do about it | Ars Technica.

Use https.  They may know which sites you visit but they won’t know any of the http fields because that is all encrypted.  Most big sites like Google and Facebook use https by default nowadays.

Web privacy is the newest luxury item in era of pervasive tracking

Posted on by

Another is Ekko.net, a privacy-focused service that is currently invite-only. It gives users the ability to create policies that govern specific accounts or even communications, explains Ekko.net founder Rick Peters. For example, a user might decide to assign a password to protect a specific e-mail thread, text message, or social media communication. Or they might set a “self destruct” date for a message, causing it to be erased at a predetermined time.

via Web privacy is the newest luxury item in era of pervasive tracking – CSMonitor.com.

Will tools such as Blur and Ekko.net tilt the playing field in favor of consumers and their privacy?

Privacy experts say: Probably not.

Your Samsung SmartTV Is Spying on You, Basically

Posted on by

A single sentence buried in a dense “privacy policy” for Samsung’s Internet-connected SmartTV advises users that its nifty voice command feature might capture more than just your request to play the latest episode of Downton Abbey.

“Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party,” the policy reads.

via Your Samsung SmartTV Is Spying on You, Basically – The Daily Beast.

how Whisper app tracks ‘anonymous’ users

Posted on by

But on Monday – four days after learning the Guardian intended to publish this story – Whisper rewrote its terms of service; they now explicitly permit the company to establish the broad location of people who have disabled the app’s geolocation feature.

Whisper has developed an in-house mapping tool that allows its staff to filter and search GPS data, pinpointing messages to within 500 meters of where they were sent.

via Revealed: how Whisper app tracks ‘anonymous’ users | Technology | The Guardian.

Whisper, which was recently valued at over $200m, has grown rapidly since its launch two years ago. It is among the fleet of confessional apps, such as Secret and Yik Yak, which backers say enable users to be more candid than they are on other social media platforms.

Why would Chinese hackers want hospital patient data?

Posted on by

people without health insurance can potentially get treatment by using medical data of one of the hacking victims.Halamka, who also runs the “Life as a healthcare CIO” blog, said a medical record can be worth between US$50 and $250 to the right customer — many times more than the amount typically paid for a credit card number, or the cents paid for a user name and password.

via Why would Chinese hackers want hospital patient data? | ITworld.

Vigilant Solutions National Vehicle Location Service

Posted on by

The largest pool of data is that harvested by Vigilant from commercial sources, most notably, Vigilant’s subsidiary, DRN (Digital Recognition Network). This pool of LPR data totals over 1.8 billion detections and grows at a rate of almost 70 million per month. This data is available via an annual subscription and greatly enhances an agency’s investigative reach.

via Vigilant Solutions National Vehicle Location Service.

You Are a Rogue Device

Posted on by

The user’s guide for one of Aruba’s recent software products states: “The wireless network has a wealth of information about unassociated and associated devices.” That software includes “a location engine that calculates associated and unassociated device location every 30 seconds by default… The last 1,000 historical locations are stored for each MAC address.”

For now, Seattle’s mesh network is concentrated in the downtown area. But the SPD has indicated in PowerPoint presentations—also acquired by The Stranger—that it hopes to eventually have “citywide deployment” of the system that, again, has potential surveillance capabilities that the SPD declined to answer questions about. That could give a whole new meaning to the phrase “real-time situational awareness.”

via You Are a Rogue Device by Matt Fikse-Verkerk and Brendan Kiley – Seattle Features – The Stranger, Seattle’s Only Newspaper.

This is why you should always have wifi  disabled, in “airplane mode,” turned off when not in use.  Only turn on wifi for your device manually when you need to use a network.  Doing this also extends battery life because running the radio interface uses a lot of juice.  This network they built in Seattle would have great public benefit if it were open for all to use and there’s few engineering reasons why it can’t be.   Since emergencies are rare may as well utilize it and then kick people off indiscriminately when the network truly is needed.  I suspect however it’s not open for use by the rabble.  Another blurb from the article:

It’s reasonable to assume that locally gleaned information will be shared with other organizations, including federal ones. An SPD diagram of the mesh network, for example, shows its information heading to institutions large and small, including the King County Sheriff’s Office, the US Coast Guard, and our local fusion center.

Fusion centers, if you’re unfamiliar with the term, are information-sharing hubs, defined by the Department of Homeland Security as “focal points” for the “receipt, analysis, gathering, and sharing” of surveillance information.

At least if they’re going to spy  provide some value to the spied upon “user.”

Facebook ‘stalker’ tool uses Graph Search for powerful data mining

Posted on by

So Lee wrote “FBStalker,” a Python script he and Werrett debuted Thursday at the Hack in the Box security conference in Kuala Lumpur. In its current form, FBStalker runs in the Chrome browser on OS X, entering queries into Facebook’s Graph Search and pulling data. They used FBStalker in the attack against the man in Hong Kong.

Even if a person’s profile is locked down to strangers, their friends’ open profiles can be examined, giving an indication, for example, who the person may be close with. FBStalker uses Graph Search to find photos in which two people are tagged in, comments on profiles and more.

via Facebook ‘stalker’ tool uses Graph Search for powerful data mining – security, HITB, Facebook – Computerworld.

New York Just Subpoenaed Airbnb to Hand Over Its User Data

Posted on by

The city is fighting the startup for breaking local laws against operating an illegal hotel out of your home, worried that hustlers are abusing the online service to turn a profit. To that end, New York Attorney General Eric Schneiderman just slapped the company with a subpoena to hand over the user data of all New Yorkers who’ve listed their apartment on the site, the New York Daily News reported today. That’s about 225,000 users.

via New York Just Subpoenaed Airbnb to Hand Over Its User Data | Motherboard.