SEC fines Yahoo (now Altaba) $35 million over massive data breach

How the once mighty have fallen.

Read the rest

Facebook vs regulation: we exist nowhere and everywhere, all at once

Where is Facebook located? Well, if you're the taxman, Facebook's global HQ is a tiny shed somewhere in Ireland, where Facebook can escape virtually all taxation; but on the other hand, if you're the EU, Facebook is headquartered in America, where the General Data Protection Regulation doesn't apply. Read the rest

Cops use backdoored WhatsApp photo to extract fingerprints and convict user

South Wales Police announced they were able to access a WhatsApp user's photos through a backdoor, then extract fingerprint data from a picture of a weed dealer's hand to help convict 11 involved people. Read the rest

Department of Homeland Security wants to build a database to track journalists and their sources

Well, this is creepy: According to Bloomberg Law, the U.S. Department of Homeland Security is currently shopping for a contractor that can help it compile a list of editors, journalists, and online "media influencers." Additionally, they're looking for goons to help them identify all social media coverage that relates to the agency or events that the agency may be involved in.

From Bloomberg:“Services shall provide media comparison tools, design and rebranding tools, communication tools, and the ability to identify top media influencers,” according to the statement. DHS agencies have “a critical need to incorporate these functions into their programs in order to better reach federal, state, local, tribal, and private partners,” it said.

The plan, according to DHS, is to set up a database of influential journalists, publications and online influencers. Those with access to the database--you can go ahead and read that as Big Brother--will be able to browse “present contact details and any other information that could be relevant, including publications this influencer writes for, and an overview of the previous coverage published by the media influencer.”

So, kind of like Mudrack, but for spooks.

The proposed database could be searchable by factors such as what beat a writer covers, where they're located, what publications they work for, and whether they rely on local or international sources in their work. Now, here's where it gets ugly. One of the other points that DHS wants to be able to search is the "sentiment" of a story. Was a writer's take on events pro-America or not? Read the rest

Facebook tried to get hospitals to share patient data, including medical conditions

Facebook tried to get hospitals to share "anonymized data" on patients with it, including conditions and prescriptions, for a "research project."

Read the rest

87 million Facebook users' data shared with Cambridge Analytica

Facebook admitted Wednesday that 87 million users' data was harvested by Cambridge Analytica--about 74% more than previously disclosed.

The new figure sharply increased the company’s previous estimate of how many users’ information was harvested by Cambridge Analytica. For weeks, Facebook had said that the data of about 50 million users was at issue.

Facebook released the revised estimate of affected users as part of an extended statement about its plans for handling personal data. The company said it would start alerting users on April 9 about whether their information may have been shared with Cambridge Analytica.

Another day, another numbingly obvious example of "dumb fucks." Read the rest

Zuckerberg: Americans won't receive the same Facebook privacy tools as Europeans (Update: now they will)

Facebook could give American users the same privacy enhancements that are coming to European users. But they won't, Mark Zuckerberg admits. Put simply, they aren't legally obliged to.

In a phone interview with Reuters yesterday Mark Zuckerberg declined to commit to universally implementing changes to the platform that are necessary to comply with the European Union’s incoming General Data Protection Regulation (GDPR).

Rather, he said the company was working on a version of the law that would bring some European privacy guarantees worldwide — declining to specify to the reporter which parts of the law would not extend worldwide.

“We’re still nailing down details on this, but it should directionally be, in spirit, the whole thing,” Reuters quotes Zuckerberg on the GDPR question.

This is a subtle shift of line. Facebook’s leadership has previously implied the product changes it’s making to comply with GDPR’s incoming data protection standard would be extended globally.

Photo: Reuters / Jonathan Ernst UPDATE: Today, on a conference call with reporters, Zuckerberg says “We intend to make all the same controls available everywhere, not just in Europe.” Read the rest

Zuckerberg: Facebook will not stop spying on Americans to comply with EU privacy law

The imminent implementation of the EU's General Data Protection Regulation (GDPR) has been hailed as a victory for global privacy advocates; since the regulation severely limits the collection of data on Europeans -- even when they're communicating with non-Europeans -- services like Facebook would risk running afoul of the GDPR if they collected data on anyone in a way that violated EU rules, and since the penalties for violating the GDPR are incredibly draconian, the benefits of such surveillance would surely be outweighed by the risk of getting it wrong. Read the rest

Cloudflare's 1.1.1.1: an encrypted, privacy-protecting DNS service

Cloudflare, a company with a history of resisting surveillance and censorship orders (albeit imperfectly and sometimes with undesirable consequences) has announced a new DNS service, hosted at the easy-to-remember address of 1.1.1.1, which accepts connections under the still-novel DNS-over-HTTPS protocol, and which has privacy designed in, with all logs written only to RAM (never to disk) and flushed every 24 hours. Read the rest

Facebook kept copies of videos you deleted

Madison Malone Kircher writes that Facebook keeps copies of "every video you ever filmed on the platform", even after you think you've deleted them.

Stephanis says that her archive contains videos she clearly never planned to shared with anyone. “There are videos of me just checking my teeth,” she explained. My sister also had videos — rehearsing for school musicals and cheerleading — where she was using Facebook’s desktop camera to review herself and then erase, or so she thought, the video forever.

I thought this was a funny quirk of my sister’s. And then I looked at my own data archive. There, at the bottom of the list of videos I’d put on the platform, I found clips that appear to have never been posted to Facebook but were saved anyway.

From what I can tell, most people haven’t noticed this yet.

Facebook is a permanent record of everything you do on Facebook. Read the rest

Help crowdfund the Harlem Cryptoparty and 100 unlimited, privacy-protecting wifi hotspots for Puerto Rico

Calyx is an amazing nonprofit, privacy-oriented activist ISP (they were the first ISP to successfully resist a secret Patriot Act warrant); they are notable for offering an unlimited, unfiltered, unthrottled 4G/wifi hotspot for a tax-deductible $400 year (mine has repeatedly saved my bacon). Read the rest

How to evaluate secure messengers and decide which one is for you

The Electronic Frontier Foundation is running an excellent series on the potential and pitfalls of secure messaging app -- this is very timely given the ramping up of state surveillance and identity theft, not to mention anyone looking to #DeleteFacebook and transition away from Facebook Messenger. Read the rest

Data Defenders, a media literacy game about data collection and targeting for kids in grades 4-6

Mediasmarts (previously), a Canadian media literacy nonprofit, has just released Data Defenders, a timely video game about data collection and targeting aimed at kids in grades 4-6. Read the rest

Cops routinely unlock phones with corpses' fingers

Since 2016, when an FBI agent first used a dead suspect's finger to unlock his phone, police forces across the USA have made a routine practice of unlocking phones using suspects and victims' dead fingers, saving big on buying cyberwar tools like Cellebrite's $1500-$3000 unlocker, or Grayshift's $30k/year Graykey. Read the rest

Zuckerberg to Facebook users: you agreed to this

Vanity Fair's Maya Kosodd points out the consequences of tapping or clicking through the little popups when you sign up for Facebook: these are contracts that let Facebook do everything that you're now complaining about.
In its current iteration, Facebook’s Messenger application requests that those who download it give it permission to access incoming and outgoing call and text logs. But, as users discovered when prompted to download a copy of their personal data before permanently deleting their Facebook accounts, a certain amount of data was covertly siphoned without explicit permissions.

But, as Facebook responds:

You may have seen some recent reports that Facebook has been logging people’s call and SMS (text) history without their permission.

This is not the case.

...

People have to expressly agree to use this feature. If, at any time, they no longer wish to use this feature they can turn it off

In other words, he's calling you a dumb fuck again.

Here's the screen where they trick people into giving them their call history. The contrast ratio of the silvertext is, according to WebAIM, 2:32 to 1, which fails the applicable accessibility standards for readable text.

Here you're agreeing to "text anyone in your phone," as far as you're concerned, which of course you want to be able to do--and can already do without letting Facebook track your calls and messages. Not only is this fact in small print silvertext, it's parked in an eyes-glaze-over paragraph about "continuous uploads" that uses superficially simple and approachable language to conceal what it's really about: letting Facebook track your calls and messages. Read the rest

Poll: Facebook is the least trusted custodian of private information, majority of Americans do not trust it

A Reuters/Ipsos poll of 2,237 subjects found that the majority of Americans (59%) "do not trust Facebook to obey US privacy laws." Read the rest

UK Information Commissioner's Office raids Cambridge Analytica's London office

The London offices of soi-dissant Facebook mind-control sorcerers Cambridge Analytica were raided by the UK Information Commissioner's Office, after a judge issued a search warrant for material related to the illegal acquisition of 50,000,000 Facebook profiles by the company. Read the rest

More posts