Facebook Gave Device Makers Deep Access to Data on Users and Friends

Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found.

Source: Facebook Gave Device Makers Deep Access to Data on Users and Friends – The New York Times

Researchers Hacked Amazon’s Alexa to Spy On Users, Again

“On default, Alexa ends the sessions after each duration… we were able to build in a feature that kept the session going [so Alexa would continue listening]. We also wanted to make sure that the user is not prompted and that Alexa is still listening without re-prompts,” Erez Yalon, manager of Application Security Research at Checkmarx, told Threatpost.

Source: Researchers Hacked Amazon’s Alexa to Spy On Users, Again | Threatpost | The first stop for security news

Want to see something crazy? Open this link on your phone with WiFi turned off.

But what these services show us is even more alarming: US telcos appear to be selling direct, non-anonymized, real-time access to consumer telephone data to third party services — not just federal law enforcement officials — who are then selling access to that data.

Source: Want to see something crazy? Open this link on your phone with WiFi turned off.

Configure Windows telemetry in your organization (Windows 10)

Microsoft does not intend to gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user’s device. If we determine that sensitive information has been inadvertently received, we delete the information.

Source: Configure Windows telemetry in your organization (Windows 10)

With Windows 10, Microsoft Blatantly Disregards User Choice and Privacy

The tactics Microsoft employed to get users of earlier versions of Windows to upgrade to Windows 10 went from annoying to downright malicious. Some highlights: Microsoft installed an app in users’ system trays advertising the free upgrade to Windows 10. The app couldn’t be easily hidden or removed, but some enterprising users figured out a way. Then, the company kept changing the app and bundling it into various security patches, creating a cat-and-mouse game to uninstall it.

Source: With Windows 10, Microsoft Blatantly Disregards User Choice and Privacy: A Deep Dive | Electronic Frontier Foundation

And while users can disable some of these settings, it is not a guarantee that your computer will stop talking to Microsoft’s servers. A significant issue is the telemetry data the company receives. While Microsoft insists that it aggregates and anonymizes this data, it hasn’t explained just how it does so.

FTC Issues Warning Letters to App Developers Using ‘Silverpush’ Code

Known as Silverpush, the software is designed to monitor consumers’ television use through the use of “audio beacons” emitted by TVs, which consumers can’t hear but can be detected by the software. The letters note that the software would be capable of producing a detailed log of the television content viewed while a user’s mobile device was turned on for the purpose of targeted advertising and analytics.

Source: FTC Issues Warning Letters to App Developers Using ‘Silverpush’ Code | Federal Trade Commission

Company Tracks Iowa Caucusgoers by their Cell Phones

When you open an app or look at a browser page, there’s a very fast auction that happens where different advertisers bid to get to show you an ad. Their bid is based on how valuable they think you are, and to decide that, your phone sends them information about you, including, in many cases, an identifying code (that they’ve built a profile around) and your location information, down to your latitude and longitude.

Source: Company Tracks Iowa Caucusgoers by their Cell Phones – Schneier on Security

Windows 10? Here are privacy issues you should consider

Sign into Windows with your Microsoft account and the operating system immediately syncs settings and data to the company’s servers. That includes your browser history, favorites and the websites you currently have open as well as saved app, website and mobile hotspot passwords and Wi-Fi network names and passwords.

Source: Windows 10? Here are privacy issues you should consider

The updated terms also state that Microsoft will collect information “from you and your devices, including for example ‘app use data for apps that run on Windows’ and ‘data about the networks you connect to.’”

AT&T’s plan to watch your Web browsing—and what you can do about it

If you have AT&T’s gigabit Internet service and wonder why it seems so affordable, here’s the reason—AT&T is boosting profits by rerouting all your Web browsing to an in-house traffic scanning platform, analyzing your Internet habits, then using the results to deliver personalized ads to the websites you visit, e-mail to your inbox, and junk mail to your front door.

via AT&T’s plan to watch your Web browsing—and what you can do about it | Ars Technica.

Use https.  They may know which sites you visit but they won’t know any of the http fields because that is all encrypted.  Most big sites like Google and Facebook use https by default nowadays.

Web privacy is the newest luxury item in era of pervasive tracking

Another is Ekko.net, a privacy-focused service that is currently invite-only. It gives users the ability to create policies that govern specific accounts or even communications, explains Ekko.net founder Rick Peters. For example, a user might decide to assign a password to protect a specific e-mail thread, text message, or social media communication. Or they might set a “self destruct” date for a message, causing it to be erased at a predetermined time.

via Web privacy is the newest luxury item in era of pervasive tracking – CSMonitor.com.

Will tools such as Blur and Ekko.net tilt the playing field in favor of consumers and their privacy?

Privacy experts say: Probably not.