Here are 15 privacy settings you should change from defaults, from Linkedin to cellphones to smart TVs

The Washington Post rounds up 15 privacy defaults that no one in their right mind would want to leave as-is, and provides direct links to change 'em (hilariously and predictably, Verizon/Oath/Yahoo's privacy settings dashboard times out when you try to load it) -- once you're done with that, go back and follow his links to unfuck the privacy defaults for Google, Apple, Amazon, Microsoft and #DeleteFacebook. (via Reddit) Read the rest

Facebook only pretended to shut down access to friends' data in 2015, quietly continued access for its favored partners

Facebook opened up access to friends' data through its API in a bid to attract developers to its platform, but in 2015, it incurred those developers' wrath when it pulled the rug out from under them, killing the API calls that allowed apps to mine their users' friends' data. Read the rest

Cambridge Analytica: Director 'met Assange to discuss U.S. election', channelled $ to WikiLeaks

A former executive from the data-mining dark operator Cambridge Analytica 'visited Julian Assange in February last year and told friends it was to discuss what happened during the US election,' the Guardian reported today.

Brittany Kaiser worked as a director there until not long ago, and is reported “to have channelled cryptocurrency payments and donations to WikiLeaks.”

Excerpt:

Assange issued a statement saying that he had turned down the Cambridge Analytica offer. Alexander Nix, the company’s chief executive, told Westminster MPs the same in February, during an appearance at the Commons digital, culture, media and sport (DCMS) select committee. Nix said he found a contact for WikiLeaks’ speaking agency on the internet and sent Assange an email.

But visitor logs from the Ecuador embassy obtained by the Guardian and Focus Ecuador appear to show that Brittany Kaiser, a senior executive at Cambridge Analytica until earlier this year, visited Assange on 17 February 2017. Information passed to the DCMS committee in the UK and the Senate judiciary committee in the US states that the meeting was “a retrospective to discuss the US election”.

Kaiser is also alleged to have said that she had funnelled money to WikiLeaks in the form of cryptocurrency. She called the organisation her “favourite charity”. The reports passed to investigators say that money was given to her by third parties in the form of “gifts and payments”.

After the afore-quoted story was published, there was all-new news in London today.

Former Cambridge Analytica CEO Alexander Nix. Read the rest

Facebook gave user data to 'at least 4 Chinese companies,' including tech giant ID'd as security threat by U.S. intel

Despite Mark Zuckerberg's internal war on transparency, the Facebook data abuse reveals just keep on coming. Read the rest

For more than a decade, Facebook shared your friends' data and other sensitive info with phone makers, even after they claimed not to (they're still doing it)

From 2007 onward, Facebook created dozens of data-sharing arrangements with mobile phone vendors that let them raid your friends' personal information as well as your own, in arrangements that are still ongoing today, years after Facebook publicly announced that it had closed off this kind of data-mining by its partners. Read the rest

UK consumer review magazine Which?: your smart home is spying on you, from your TV to your toothbrush

The UK consumer review magazine Which? (equivalent to America's Consumer Reports) has published a special investigation into the ways that Internet of Things smart devices are spying on Britons at farcical levels, with the recommendation that people avoid smart devices where possible, to feed false data to smart devices you do own, and to turn off data-collection settings in devices' confusing, deeply hidden control panels. Read the rest

Efail: instructions for using PGP again as safely as is possible for now

It's been nearly three weeks since the publication of Efail, a critical set of attacks against PGP/GPG-encrypted emails that was so hard to mitigate that EFF's recommendation was to stop using it for mail altogether until a solution could be worked out. Read the rest

FBI says to reboot your router ASAP to avoid Russia malware VPNFilter

Have you tried turning it off and on again?

The FBI sent out an urgent bulletin advising anyone with a home or small office internet router to immediately turn it off and then turn it on again as a way to help stop the spread of a malware outbreak with origins in Russia. Read the rest

Turning on the internet after GDPR day

Dolan Darker (YouTube) welcomes the world to the web of 2018.

Read the rest

GDPR: Don't forget to bring a towel!

May 25 is Towel Day, when fans of The Hitchhiker's Guide to the Galaxy jokingly adorn a towel and praise the household item as if it prepares the owner for any sticky situation. Author Douglas Adams was a master of these tongue-in-cheek references to our modern existence, helping the reader (and listener) feel as if they might one day walk across their livingroom and into a silly, star-spanning adventure.

Good riddance to Klout, horseman of the influencer apocalypse

Social rating site Klout saw where society was heading with influencer marketing, but like many bad ideas that were a little ahead of their time, Klout will not live on to see the devastation they helped usher in. Read the rest

A data-broker has been quietly selling realtime access to your cellphone's location, and they suck, so anyone could get it for free

Last week, the New York Times revealed that an obscure company called Securus was providing realtime location tracking to law enforcement, without checking the supposed "warrants" provided by cops, and that their system had been abused by a crooked sheriff to track his targets, including a judge (days later, a hacker showed that Securus's security was terrible, and their service would be trivial to hack and abuse). Read the rest

The secret, unaccountable location-tracking tool favored by dirty cops has been hacked (and it wasn’t hard)

Securus is the widely abused location-tracking tool that exploits a loophole in privacy law to allow police to extract realtime and historical cellphone location data without a warrant or any accountability. Read the rest

Bay Area nurses protest, demanding removal of Mark Zuckerberg's name from their hospital

Nurses picketed The Priscilla Chan and Mark Zuckerberg San Francisco General Hospital And Trauma Center (AKA "Zuckerberg San Francisco General Hospital") and covered up Zuckerberg's name on the hospital sign, citing concerns that patients would not trust a hospital that was associated with someone with such a long rap-sheet for privacy violations. Read the rest

Uber and Lyft agree to stop forcing driver sexual assault victims into arbitration, confidentiality agreements

Ride-sharing services Uber and Lyft have now both stated that they will no longer force victims of sexual assault into non-binding arbitration, as has been the practice of both firms until today. Read the rest

Site generates privacy-preserving YouTube embeds

Jag Talon''s Embed Bud is a single-serving site (made with Glitch) that generates less invasive YouTube embed snippets to use on the web. It's a simple trick that adds the encrypted-media attribute to the http iframe so you don't have to. Suggestion: it could also add modestbranding and showinfo (to remove logos and telltale overlays), rel=0 (to remove next-up recommendations based on user history), and start=15s (because the only thing that ever happens in the first 15 seconds of a YouTube video is logos, music and "hey guys") Read the rest

Efail: researchers reveal worrying, unpatched vulnerabilities in encrypted email

A group of researchers have published a paper and associated website describing a clever attack on encrypted email that potentially allows an attacker to read encrypted emails sent in the past as well as current and future emails; EFF has recommended switching off PGP-based email encryption for now, to prevent attackers from tricking your email client into decrypting old emails and sending them to adversaries. Read the rest

More posts