Privacy

2019: July-Sept

Liberty News Control Freaks
Privacy News Bollox Britain
2012   2013   2014   2015   2016   2017   2018   2019   Latest  
Jan-March   April-June   July-Sept    


 

Canada backs off from supporting the protection of strong encryption...

A detailed analysis suggesting that Canada is moving to supporting backdoors and deliberately weakening algorithms


Link Here 24th August 2019
Full story: Internet Surveillance in Canada...Telecommunications monitoring

 

 

 

Extract: Offtrack snooping...

Facebook is introducing a privacy option to prevent its offline tracking capabilities


Link Here 21st August 2019
Full story: Facebook Privacy...Facebook criticised for discouraging privacy
Facebook is revealing a wider range of websites and apps that gather data for Facebook, previously without being identified or seeking consent. Facebook will offer a new privacy control covering these newly revealed snoopers.

A feature in settings called Off-Facebook Activity will show all the apps and websites that send information about you to Facebook, which is then used to target ads more effectively.You will also be able to clear your history and prevent your future off-app behaviour being tapped.

For now, it is rolling out very slowly, with only Ireland, South Korea and Spain getting access. But the goal is to eventually offer it globally.

Facebook collects data from beyond its platform either because you have opted to use the social media site to log in to an app or, more likely, because a website uses something called Facebook Pixel to track your activities.

If you select options to turn off tracking Facebook will still collect the data, but it will be anonymised.

...Read the full article from bbc.com

 

 

Offsite Article: Say No to the Cashless Future...


Link Here 13th August 2019
...and to Cashless Stores. By Jay Stanley of the ACLU

See article from aclu.org

 

 

FBI, Donald Trump, big tech, marketeers...they're all at it...

Everyone's out to scrape all your social media postings and compile a searchable database of your life


Link Here 10th August 2019
A few days ago Donald Trump responded to more mass shooters by calling on social networks to build tools for identifying potential mass murderers before they act. And across the government, there appears to be growing consensus that social networks should become partners in surveillance with the government.

So quite a timely moment for the Wall Street Journal to publish an article about FBI plans for mass snooping on social media:

The FBI is soliciting proposals from outside vendors for a contract to pull vast quantities of public data from Facebook, Twitter and other social media to proactively identify and reactively monitor threats to the United States and its interests.

The request was posted last month, weeks before a series of mass murders shook the country and led President Trump to call for social-media platforms to do more to detect potential shooters before they act.

The deadline for bids is Aug. 27.

As described in the solicitation, it appears that the service would violate Facebook's ban against the use of its data for surveillance purposes, according to the company's user agreements and people familiar with how it seeks to enforce them.

The Verge comments on a privacy paradox:

But so far, as the Journal story illustrates, the government's approach has been incoherent. On one hand, it fines Facebook $5 billion for violating users' privacy; on the other, it outlines a plan to potentially store all Americans' public posts in a database for monitoring purposes.

But of course it is not a paradox, many if not most people believe that they're entitled to privacy whilst all the 'bad' people in the world aren't.

Commercial interests are also very keen on profiling people from their social media postings. There's probably a long list of advertisers who would love a list of rich people who go to casinos and stay at expensive hotels.

Well As Business Insider has noted, one company Hyp3r has been scraping all public postings on Instagram to provide exactly that information:

A combination of configuration errors and lax oversight by Instagram allowed one of the social network's vetted advertising partners to misappropriate vast amounts of public user data and create detailed records of users' physical whereabouts, personal bios, and photos that were intended to vanish after 24 hours.

The profiles, which were scraped and stitched together by the San Francisco-based marketing firm Hyp3r, were a clear violation of Instagram's rules. But it all occurred under Instagram's nose for the past year by a firm that Instagram had blessed as one of its preferred Facebook Marketing Partners.

Hyp3r is a marketing company that tracks social-media posts tagged with real-world locations. It then lets its customers directly interact with those posts via its tools and uses that data to target the social-media users with relevant advertisements. Someone who visits a hotel and posts a selfie there might later be targeted with pitches from one of the hotel's competitors, for example.

The total volume of Instagram data Hyp3r has obtained is not clear, though the firm has publicly said it has a unique dataset of hundreds of millions of the highest value consumers in the world, and sources said more than of 90% of its data came from Instagram. It ingests in excess of 1 million Instagram posts a month, sources said.

See full article from businessinsider.com

 

 

The People vs the Snooper's Charter... and the snoopers win...

Court Judgement allows the government to continue spying on us


Link Here 31st July 2019
Full story: Snooper's Charter Plus...2015 Cameron government expands the Snooper's Charter
Liberty writes:

In response to today's judgment in the People's vs the Snooper's Charter case Megan Goulding, Liberty lawyer, said:

This disappointing judgment allows the government to continue to spy on every one of us, violating our rights to privacy and free expression. We will challenge this judgment in the courts, and keep fighting for a targeted surveillance regime that respects our rights.

These bulk surveillance powers allow the state to hoover up the messages, calls and web history of hordes of ordinary people who are not suspected of any wrong-doing.

The Court recognised the seriousness of MI5's unlawful handling of our data, which only emerged as a result of this litigation. The security services have shown that they cannot be trusted to keep our data safe and respect our rights.

 

 

Updated: Not so incognito as you may expect...

Porn sites are tracking and snooping on users, and for some, their browsing may be classified as contrary to their public life.


Link Here 31st July 2019

Elena Maris of Microsoft Research, Timothy Libert Carnegie Mellon University, and Jennifer Henrichsen University of Pennsylvania have penned a study examining tracking technologies from the likes of Google and Facebook that are incorporated into re world's porn websites. They write:

This paper explores tracking and privacy risks on pornography websites. Our analysis of 22,484 pornography websites indicated that 93% leak user data to a third party. Tracking on these sites is highly concentrated by a handful of major companies, which we identify [Google and Facebook].

Our content analysis of the sample's domains indicated 44.97% of them expose or suggest a specific gender/sexual identity or interest likely to be linked to the user. We identify three core implications of the quantitative results:

  • 1) the unique/elevated risks of porn data leakage versus other types of data,

  • 2) the particular risks/impact for vulnerable populations, and

  • 3) the complications of providing consent for porn site users and the need for affirmative consent in these online sexual interactions

The authors describe the problem:

One evening, Jack decides to view porn on his laptop. He enables incognito mode in his browser, assuming his actions are now private. He pulls up a site and scrolls past a small link to a privacy policy. Assuming a site with a privacy policy will protect his personal information, Jack clicks on a video. What Jack does not know is that incognito mode only ensures his browsing history is not stored on his computer. The sites he visits, as well as any third-party trackers, may observe and record his online actions. These third-parties may even infer Jack's sexual interests from the URLs of the sites he accesses. They might also use what they have decided about these interests for marketing or building a consumer profile. They may even sell the data. Jack has no idea these third-party data transfers are occurring as he browses videos.

The Authors are a bit PC and seem obsessed about trying to relate cookie consent with sexual consent but finally cnclude:

Through our results and connections to past porn site privacy and security breaches and controversies, we demonstrate that the singularity of porn data and the characteristics of typical porn websites' lax security measures mean this leakiness poses a unique and elevated threat. We have argued everyone is at risk when such data is accessible without users' consent, and thus can potentially be leveraged against them by malicious agents acting on moralistic claims of normative gender or sexuality. These risks are heightened for vulnerable populations whose porn usage might be classified as non-normative or contrary to their public life.

The authors seemed to think the porn sites are somehow ethical and should be doing the 'right' thing.  But in reality they are just trying to make money like everyone else and as they say, if the product is free the your data is the payment. But as the report points out, that price may be a prove a little higher than expected.

Update: An unconvincing denial from Google

20th July 2019. See article from avn.com

AVN notes that Google responded to the claims in a rather obtuse way. Google on Thursday attempted to deny the study's findings, as quoted by The Daily Mail newspaper.

We don't allow Google Ads on websites with adult content and we prohibit personalized advertising and advertising profiles based on a user's sexual interests or related activities online, the company said. Additionally, tags for our ad services are never allowed to transmit personally identifiable information.

The study, however, did not allege that Google had placed actual advertisements from its GoogleAds network on porn sites, and in its elliptical statement, Google did not specifically deny that its tracking code is embedded on thousands of adult sites.

In related news Google has also announced changes to incognito mode on its Chrome browser to make it just a little more incognito.

Chrome's Incognito Mode is based on the principle that you should have the choice to browse the web privately. At the end of July, Chrome will remedy a loophole that has allowed sites to detect people who are browsing in Incognito Mode.

People choose to browse the web privately for many reasons. Some wish to protect their privacy on shared or borrowed devices, or to exclude certain activities from their browsing histories. In situations such as political oppression or domestic abuse, people may have important safety reasons for concealing their web activity and their use of private browsing features.

We want you to be able to access the web privately, with the assurance that your choice to do so is private as well.

Google also noted a useful bit of info on evading article count restrictions imposed by some publishers with metered access policies

Today, some sites use an unintended loophole to detect when people are browsing in Incognito Mode. Chrome's FileSystem API is disabled in Incognito Mode to avoid leaving traces of activity on someone's device. Sites can check for the availability of the FileSystem API and, if they receive an error message, determine that a private session is occurring and give the user a different [more restricted] experience.

With the release of Chrome 76 scheduled for July 30, the behavior of the FileSystem API will be modified to remedy this method of Incognito Mode detection.

The change will affect sites that use the FileSystem API to intercept Incognito Mode sessions and require people to log in or switch to normal browsing mode, on the assumption that these individuals are attempting to circumvent metered paywalls.

Unlike hard paywalls or registration walls, which require people to log in to view any content, meters offer a number of free articles before you must log in. This model is inherently porous, as it relies on a site's ability to track the number of free articles someone has viewed, typically using cookies. Private browsing modes are one of several tactics people use to manage their cookies and thereby reset the meter count.

Of course it is probably a bit easier to find an addon that lets you block or delete the cookies for specific websites or else to try just turning javascript off.

Update: More incognito

31st July 2019. See article from venturebeat.com

And as promised, Google Chrome has been updated to make incognito mode a little more incognito.

Chrome 76 which was released today has but a stop to the common ways in which websites can work out that users are surfing the web incognito and then ban them from accessing content.

 

 

Offsite Article: Encryption is dead at the hands of Facebook...


Link Here 29th July 2019
Full story: Internet Encryption...Encryption, essential for security but givernments don't see it that way
If Facebook can 'filter' or 'backup' your 'encrypted' communications then this proves that encryption is compromised, as does continued operation in any country that demands backdoors

See article from forbes.com

 

 

Offsite Article: A Dangerous Edge...


Link Here 24th July 2019
A technical article explaining how Microsoft's internet browser Edge sends all your page URLs to Microsoft in the name of blocking phishing websites

See article from bleepingcomputer.com

 

 

Offsite Article: US Attorney General gets aggressive about encryption...


Link Here 24th July 2019
Full story: US Crypto Wars...US authorities look to breaking the encryption used to keep people safe
'The status quo is exceptionally dangerous, it is unacceptable and only getting worse. It's time for the United States to stop debating whether to address it and start talking about how to address it'

See article from apnews.com

 

 

Offsite Article: So where's the GDPR 'consent' for Experian's social scoring...


Link Here 22nd July 2019
When local councils use data tools to classify us, what price freedom? By Kenan Malik

See article from theguardian.com

 

 

Offsite Article: Don't Let Encrypted Messaging Become a Hollow Promise...


Link Here 20th July 2019
Full story: Internet Encryption...Encryption, essential for security but givernments don't see it that way
The EFF publishes a technical discussion on how the authorities are circumventing encryption used by messaging services

See article from eff.org

 

 

Offsite Article: An always on home microphone is always going to be too tempting for snoops and spooks...


Link Here 12th July 2019
Belgian researchers reveal recordings from Google's home assistant that are clearly not activated by an 'OK Google'

See article from theregister.co.uk

 

2012   2013   2014   2015   2016   2017   2018   2019   Latest  
Jan-March   April-June   July-Sept    

melonfarmers icon
 

Top

Home

Index

Links

Email
 

US

World

Media

Info

UK
 

Film Cuts

Nutters

Liberty
 

Cutting Edge

Shopping

Sex News

Sex+Shopping

Advertise
 



Liberty News

Privacy News
 

Control Freaks

Bollox Britain
 


Adult DVD+VoD

Online Shop Reviews
 

Online Shops

New  & Offers
 
Sex Machines
Fucking Machines
Adult DVD Empire
Adult DVD Empire
Simply Adult
30,000+ items in stock
Low prices on DVDs and sex toys
Simply Adult
Hot Movies
Hot Movies