Meitu's anime makeover app is a permission-grabbing privacy disaster

Meitu is one of Google Play's "Sand Hill" apps, part of the company's accelerator for apps with "viral potential" -- take a pic of yourself and Meitu will make you over to look like an anime character, and all they ask in return is every salient fact about you that can be gleaned from your mobile device. Read the rest

EFF's full-page Wired ad: Dear tech, delete your logs before it's too late

EFF has run a full-page ad in this month's Wired, addressed to the technology industry, under the banner "Your threat model just changed," warning them that the incoming administration has vowed to spy on and deport millions of their fellow Americans on the basis of religion and race, and that they are in grave risk of having their services conscripted to help with this effort. (Trump is also an avowed opponent of net neutrality) Read the rest

After ACLU investigation, Twitter blocks US surveillance "fusion centers" from monitoring tool

The ACLU of Northern California recently published a leaked email showing that Dataminr -- a Twitter-monitoring company partially owned by Twitter itself -- was selling access to US domestic surveillance "fusion centers" where local, state and federal agencies pool resources to spy on their targets. Read the rest

Bruce Schneier's four-year plan for the Trump years

1. Fight the fights (against more government and commercial surveillance; backdoors, government hacking); 2. Prepare for those fights (push companies to delete those logs; remind everyone that security and privacy can peacefully co-exist); 3. Lay the groundword for a better future (figure out non-surveillance internet business models, privacy-respecting law enforcement, and limits on corporate surveillance); 4. Continue to solve the actual problems (cybercrime, cyber-espionage, cyberwar, the Internet of Things, algorithmic decision making, foreign interference in our elections). Read the rest

Malware delivered by bad ads takes over your home router to serve more bad ads (for now)

Proofpoint has identified a new version of DNSChanger EK, a strain of malware that changes your DNS settings so that the ads on the websites you browse are replaced with other ads that benefit the attackers -- and which can also be used for more nefarious ends, because controlling your DNS means controlling things like where your computer gets software updates. Read the rest

Company town + Internet of Things + Drones = total surveillance of remote mine workers

Rio Tinto is a giant UK/Australian mining corporation that operates many facilities in Australia's remotest reaches, where there is no housing for workers, so the company ends up building "company towns" where their laborers live, closing the loop between home and worklife, and putting them both under control of a corporation; now the company is flirting with the kind of "smart city" technology that has been tried elsewhere, but generally in places where the residents are citizens, not employees, and the governing law is created by a legislature, not a non-negotiable employment contract. Read the rest

The latest generation of chatbot toys listen to your kids 24/7 and send their speech to a military contractor

Last year's Hello Barbie chatbot toy sent all your kid's speech to cloud servers operated by Mattel and its tech partner, but only when your kid held down Barbie's listen button -- new chatbot toys like My Friend Cayla and the i-Que Intelligent Robot are in constant listening mode -- as is your "OK Google" enabled phone, your Alexa-enabled home mic, and your Siri-enabled Ios device -- and everything that is uttered in mic range is transmitted to Nuance, a company that makes text-to-speech tech (you probably know them through their Dragon-branded tools), and contracts to the US military. Read the rest

For two years, criminals stole sensitive information using malware hidden in individual pixels of ad banners

Eset's report on Stegano, a newly discovered exploit kit, reveals an insanely clever, paranoid, and devastatingly effective technique used by criminals to infect their victims' computers by hiding malicious code in plain sight on websites that accepted their innocuous-seeming banner ads. Read the rest

The Snoopers Charter is now law in the UK: "extreme surveillance" rules the land

Britain's love-affair with mass surveillance began under the Labour government, but it was two successive Conservative governments (one in coalition with the Liberal Democrats, who are nominally pro-civil liberties) who took Tony Blair's mass surveillance system and turned it into a vicious, all-powerful weapon. Now, their work is done. Read the rest

Tech companies: you have 63 days to make these 5 changes to protect your users before Trump is sworn in

When the next president takes office, he brings with him an anti-encryption, anti-free-press, Islamophobic, racist, anti-transparency agenda that will depend on the tech sector's massive databases of identifiable information and their sophisticated collection capabilities to bring his agenda to fruition. Read the rest

Clinton's data-driven "ground game" sucked in exactly the same way "targeted ads" suck, for the same reason

Tom Ewing rails against the Clinton campaign's reliance on "micro-modelling preference at an individual voter level to tell [volunteers] who to turn out where with what message and where to allocate resources." Read the rest

Startup uses ultrasound chirps to covertly link and track all your devices

Silverpush, a startup that's just received $1.25M in venture capital, uses ultrasonic chirps that are emitted by apps, websites, and TV commercials to combine the identities associated with different devices (tablets, phones, computers, etc), so that your activity on all of them can be aggregated and sold to marketers. Read the rest

Internet users care about their privacy but have given up on safeguarding it

It's not a fair trade, and everyone knows it.

Mark Zuckerberg just dropped another $100M to protect his privacy

Remember when Mark Zuckerberg declared that the age of privacy was over? Read the rest

Bankrupt Radio Shack will sell the customer data they promised to keep private

They were the first company to dabble in a laughably crude version of the surveillance business-model, aggressively collecting your address every time you bought batteries so they could get into the direct-mail racket. Read the rest