Survey: nearly half think it may be legal to install spyware on a family member's devices

Comparitech commissioned a survey of 2,000 people in the US and UK to ask whether they thought "it is legal to install a program on a partner's phone to snoop on their activity?" and whether they would "ever consider adding a program to your child's phone that allows you to listen to their conversations and spy on their messages?" Read the rest

Leaked confidential memo reveals Facebook program to identify and target "insecure" kids

The Australian reports on a leaked memo -- described but not published -- marked "confidential" and created and distributed internally by Facebook that describes how the system's surveillance tools can identify children and teens in "insecure" moments when they "need a boost," explaining that they had identified markers to tell them when a young person was feeling "stressed", "defeated", "overwhelmed", "anxious", "nervous", "stupid", "silly", "useless", and a "failure." Read the rest

Cyber-arms dealers offer to sell surveillance weapons to undercover Al Jazeera reporters posing as reps of South Sudan and Iran

Companies in the EU and China have been caught offering to commit fraud to launder sales of mass surveillance weapons to Al Jazeera reporters posing as representatives of autocratic regimes under sanction for gross human rights abuses; these weapons would allow their users to target and round up political dissidents for arbitrary detention, torture and murder. Read the rest

IBM reports data breaches were up 566% (4B docs!) last year

Information security is a race between peak indifference to surveillance and the point of no return for data-collection and retention. Read the rest

Verizon mandates pre-installed spyware for all its Android customers

"Appflash" will come pre-installed on all Verizon Android handsets; it's a Google search-bar replacement, but instead of feeding telemetry about your searches, handset, apps and activities to Google, it will send them to Verizon. Read the rest

The 265 Republican Congressjerks who just nuked your online privacy sold out for chump change

Yesterday, Congress voted to bar the FCC from ever making a rule that limits how your ISP can spy on you and sell your data, without your permission. Read the rest

Google Home: a $129 speaker that plays advertisements when you ask it for a "daily briefing"

Owners of Google Home smart-speakers got a surprise today when their personal assistants finished the "daily briefing" (a rundown of weather, calendar reminders an traffic info) with a plug for Disney's new Beauty and the Beast movie: ""By the way, Disney’s live action Beauty and The Beast opens today," followed by a long spiel for the movie. Read the rest

Excellent advice: 3 minutes of Poppy reciting "Delete Your Facebook"

Surreal Youtube star and musician That Poppy has a message for you: "Delete Your Facebook." It's timely advice, and sound. (via JWZ) Read the rest

Facebook CSO Alex Stamos is a human warrant-canary for the Trump era

Even before he took the job of Chief Security Officer of Yahoo, Alex Stamos had a reputation for being a badass: a thoughtful security ethicist who served as an expert witness in defense of Aaron Swartz, Stamos cemented his reputation by publicly humiliating the director of the NSA over mass surveillance. Read the rest

Meitu's anime makeover app is a permission-grabbing privacy disaster

Meitu is one of Google Play's "Sand Hill" apps, part of the company's accelerator for apps with "viral potential" -- take a pic of yourself and Meitu will make you over to look like an anime character, and all they ask in return is every salient fact about you that can be gleaned from your mobile device. Read the rest

EFF's full-page Wired ad: Dear tech, delete your logs before it's too late

EFF has run a full-page ad in this month's Wired, addressed to the technology industry, under the banner "Your threat model just changed," warning them that the incoming administration has vowed to spy on and deport millions of their fellow Americans on the basis of religion and race, and that they are in grave risk of having their services conscripted to help with this effort. (Trump is also an avowed opponent of net neutrality) Read the rest

After ACLU investigation, Twitter blocks US surveillance "fusion centers" from monitoring tool

The ACLU of Northern California recently published a leaked email showing that Dataminr -- a Twitter-monitoring company partially owned by Twitter itself -- was selling access to US domestic surveillance "fusion centers" where local, state and federal agencies pool resources to spy on their targets. Read the rest

Bruce Schneier's four-year plan for the Trump years

1. Fight the fights (against more government and commercial surveillance; backdoors, government hacking); 2. Prepare for those fights (push companies to delete those logs; remind everyone that security and privacy can peacefully co-exist); 3. Lay the groundword for a better future (figure out non-surveillance internet business models, privacy-respecting law enforcement, and limits on corporate surveillance); 4. Continue to solve the actual problems (cybercrime, cyber-espionage, cyberwar, the Internet of Things, algorithmic decision making, foreign interference in our elections). Read the rest

Malware delivered by bad ads takes over your home router to serve more bad ads (for now)

Proofpoint has identified a new version of DNSChanger EK, a strain of malware that changes your DNS settings so that the ads on the websites you browse are replaced with other ads that benefit the attackers -- and which can also be used for more nefarious ends, because controlling your DNS means controlling things like where your computer gets software updates. Read the rest

Company town + Internet of Things + Drones = total surveillance of remote mine workers

Rio Tinto is a giant UK/Australian mining corporation that operates many facilities in Australia's remotest reaches, where there is no housing for workers, so the company ends up building "company towns" where their laborers live, closing the loop between home and worklife, and putting them both under control of a corporation; now the company is flirting with the kind of "smart city" technology that has been tried elsewhere, but generally in places where the residents are citizens, not employees, and the governing law is created by a legislature, not a non-negotiable employment contract. Read the rest

The latest generation of chatbot toys listen to your kids 24/7 and send their speech to a military contractor

Last year's Hello Barbie chatbot toy sent all your kid's speech to cloud servers operated by Mattel and its tech partner, but only when your kid held down Barbie's listen button -- new chatbot toys like My Friend Cayla and the i-Que Intelligent Robot are in constant listening mode -- as is your "OK Google" enabled phone, your Alexa-enabled home mic, and your Siri-enabled Ios device -- and everything that is uttered in mic range is transmitted to Nuance, a company that makes text-to-speech tech (you probably know them through their Dragon-branded tools), and contracts to the US military. Read the rest

For two years, criminals stole sensitive information using malware hidden in individual pixels of ad banners

Eset's report on Stegano, a newly discovered exploit kit, reveals an insanely clever, paranoid, and devastatingly effective technique used by criminals to infect their victims' computers by hiding malicious code in plain sight on websites that accepted their innocuous-seeming banner ads. Read the rest

More posts