Privacy researchers push back on judge’s order to destroy NYPD public records

Privacy researchers push back on judge’s order to destroy NYPD public records

Privacy researchers obtained documents about the New York City Police Department’s use of facial recognition technology through a public records lawsuit. Any time a government agency orders documents that were obtained legally to be returned or destroyed is a threat to freedom of information and constitutional rights of reporters everywhere.

Remote Code Execution on most Dell computers

Remote Code Execution on most Dell computers

To bypass the Referer/Origin check, we have a few options: Find a Cross Site Scripting vulnerability in any of Dell’s websites (I should only have to find one on the sites designated for SupportAssist) Find a Subdomain Takeover vulnerability Make the request from a local program Generate a random subdomain name and use an external machine to DNS Hijack the victim.

Chelsea Manning to remain in jail after appeals court denies bail request

Chelsea Manning to remain in jail after appeals court denies bail request

A federal appeals court on Monday denied a request by the former US army intelligence analyst Chelsea Manning to be released from jail on bail, and upheld a lower court’s decision to hold Manning in civil contempt for refusing to testify before a grand jury.

Is Apple really better about privacy? Here's what we found out

Is Apple really better about privacy? Here's what we found out

Unlike Facebook and Google, Apple says it scrambles this information and looks at patterns of usage, not at who it’s coming from.

New Huawei P30 Pro found to be querying serve...

New Huawei P30 Pro found to be querying serve...

The Facebook page ExploitWareLabs at 5:32 p.m. on Sunday uploaded a post which included a list of DNS (Domain Name System) queries being delivered behind the scenes from a new Huawei P30 Pro. A DNS query (also known as a DNS request) is a demand for information sent from a user's computer (DNS client) to a DNS server.

California Attorney General Must Investigate Improper Database Searches on Community Observers at Controversial Police Event

California Attorney General Must Investigate Improper Database Searches on Community Observers at Controversial Police Event

On April 12, Media Alliance and the Electronic Frontier Foundation filed a request for investigation into possible misuse of the CLETS database and a request that the agency cease all similar background checks on journalists and advocates engaged in oversight roles.

Facebook accidentally scraped the email contacts of 1.5 million users

Facebook accidentally scraped the email contacts of 1.5 million users

"Last month we stopped offering email password verification as an option for people verifying their account when signing up for Facebook for the first time," a Facebook spokesperson said an a statement to Mashable.

GitHub - realtho/PartyLoud: A simple tool to do several HTTP / HTTPS requests and simulate navigation

GitHub - realtho/PartyLoud: A simple tool to do several HTTP / HTTPS requests and simulate navigation

Internal Engine is now complete and operative cURL is now used to generate pseudo-random requests HTML response is now parsed using grep Bad URLs are now filtered using a wordlist mechanism (wordlist is located in a file named badwords) ✅ Changed. and python are now no more required to run the script disabled user-defined number of processes [0.0.2] - 2019-03-18.

Ex-Mozilla CTO: US border cops demanded I unlock my phone, laptop at SF airport – and I'm an American citizen

Ex-Mozilla CTO: US border cops demanded I unlock my phone, laptop at SF airport – and I'm an American citizen

"CBP's baseless detention and intrusive interrogation of Andreas Gal and the attempted search of his devices violated his Fourth Amendment rights," ACLU Northern California senior counsel William Freeman said of the complaint.

EFF Submits Consumer Data Privacy Comment to the California Attorney General

EFF Submits Consumer Data Privacy Comment to the California Attorney General

The Electronic Frontier Foundation has filed comments on two issues: first, how to verify consumer requests to companies for access to personal information, and for deletion of that information; and second, how to make the process of opting out of the sale of data easy, using the framework already in place for the Do Not Track (DNT) system.

Android Q privacy change: User control over app access to device location

Android Q privacy change: User control over app access to device location

ActivityCompat.requestPermissions(this, new String[] { Manifest.permission.ACCESS_COARSE_LOCATION}, YOUR_PERMISSION_REQUEST_CODE); } Periodic checks of user's location Your app might have a use case that requires access to the user's location all the time.

Surveillance firm asks Mozilla to be included in Firefox's certificate whitelist

Surveillance firm asks Mozilla to be included in Firefox's certificate whitelist

On one side Mozilla is pressured by organizations like the Electronic Frontier Foundation, Amnesty International, and The Intercept to decline DarkMatter's request, while on the other side DarkMatter claims it never abused its TLS certificate issuance powers for anything bad, hence there's no reason to treat it any differently from other CAs that have applied in the past.

Your Smart Scale is Leaking More than Your Weight: Privacy Issues in IoT

Your Smart Scale is Leaking More than Your Weight: Privacy Issues in IoT

Changing privacy settings (Medium – CVSS 5.3) Possible attack scenario: A malicious user – within BLE range – could track the victim because the device keeps the MAC address fixed due to a configuration in the Generic Attribute Profile (GATT).

Netflix Has Saved Every Choice You’ve Ever Made in ‘Black Mirror: Bandersnatch'

Netflix Has Saved Every Choice You’ve Ever Made in ‘Black Mirror: Bandersnatch'

The GDPR granted EU citizens a right to access —anyone can request a wealth of information from a company collecting data. Veale told me that requesting the data was as easy as sending Netflix an email, but the specifics of getting the information he want were complicated.

Script Blocking Exceptions Update

Script Blocking Exceptions Update

We found that blocking certain third-party scripts broke many sites, so predicated on our cookie blocking and fingerprinting protection, we hardcoded some exceptions to ensure the best possible user experience.

How SUPL Reveals My Identity And Location To Google When I Use GPS

How SUPL Reveals My Identity And Location To Google When I Use GPS

The only information that can be traced back to a person, if the A-GPS client is implemented with privacy in mind, is the IP address from which the request was made to the server.

Apple Is Removing 'Do Not Track' From Safari

Apple Is Removing 'Do Not Track' From Safari

Advertisement For that story, we asked all the browser-providing companies why they still had the option, given that it could mislead users into thinking it was actually protecting their privacy.

How Does Bluzelle Help You With GDPR Compliance?

How Does Bluzelle Help You With GDPR Compliance?

Although the GDPR encompasses many different requirements, the following are some of the most important ones: Data Subject Access Request : a data subject (ie: individual) should have the right of access to personal data which have been collected concerning him or her, and to exercise that right easily and at reasonable intervals, in order to be aware of, and verify, the lawfulness of the processing.

Microsoft's GitHub: Requests for user data double in 2018, but gag orders grow faster

Microsoft's GitHub: Requests for user data double in 2018, but gag orders grow faster

Requests to GitHub to disclose user information more than doubled in 2018, but gag orders increased even faster, the Microsoft-owned code hosting repository has revealed in its 2018 transparency report.

ACLU Sues Federal Government Over Social Media Surveillance

ACLU Sues Federal Government Over Social Media Surveillance

“It’s clear from already public information that all of the agencies we’re targeting in our FOIA lawsuit engage in manual and automated surveillance of social media users and their speech, and it’s unacceptable for the government to withhold details about this domestic spying,” Cagle and Handeyside said.

Google planning changes to Chrome that could break ad blockers

Google planning changes to Chrome that could break ad blockers

with 110 posters participating Share this story Google is planning to change the way extensions integrate with its Chrome browser. For example, extensions will no longer be able to load code from remote servers, so the extension that's submitted to the Chrome Web store contains exactly the code that will be run in the browser.

Extensions: Implement Manifest V3

Extensions: Implement Manifest V3

Beside causing uBO and uMatrix to no longer be able to exist, it's really concerning that the proposed declarativeNetRequest API will make it impossible to come up with new and novel filtering engine designs, as the declarativeNetRequest API is no more than the implementation of one specific filtering engine, and a rather limited one (the 30,000 limit is not sufficient to enforce the famous EasyList alone).

The FBI ‘Can Neither Confirm nor Deny’ That It Monitors Your Social Media Posts

The FBI ‘Can Neither Confirm nor Deny’ That It Monitors Your Social Media Posts

Indeed, in its letter responding to our FOIA request, the FBI said that simply acknowledging its use of social media surveillance would “risk circumvention of the law.” The bureau seems to be saying that if people knew that the government is monitoring what they’re saying on social media, they’d be less likely to say it.

“Alexa, play some music” isn’t the only time Amazon is listening to you.

“Alexa, play some music” isn’t the only time Amazon is listening to you.

Now that you know that your voice recordings are being sent via the internet to a centralized location, you may have assumed Amazon will need to store that data for some period of time — for example, to use its Natural Language Processing algorithms to interpret your request for a weather report (or to buy a pizza), gather that information, and then send it back to your device for it to speak the response.

Stopping Unsolicited Mail, Phone Calls, and Email

Stopping Unsolicited Mail, Phone Calls, and Email

The good news is that you can cut down on the number of unsolicited mailings, calls, and emails you receive by learning where to go to "just say no." Consumer Reporting Companies If you decide that you don't want to receive prescreened offers of credit and insurance, you have two choices: You can opt out of receiving them for five years or opt out of receiving them permanently.

ACLU sues US government to learn more about NSA call records program

ACLU sues US government to learn more about NSA call records program

The ACLU says in the lawsuit that it is concerned that the government hasn't acted on its request for additional information because the request “relates to sweeping surveillance activities that implicate core privacy and free speech rights of Americans,” the AP reported.

You’re not quitting Facebook if you still use Instagram and WhatsApp

You’re not quitting Facebook if you still use Instagram and WhatsApp

Here’s our guide for deleting Facebook but making sure you keep all the photos you’ve added to it over the years. If you want to save anything you’ve sent or received on WhatsApp before you delete, there’s a “Request Account Info” button above the “Delete My Account” button.

Have companies deleted your data?

Have companies deleted your data?

The ad-tech companies Criteo, Quantcast, and Tapad responded to our requests with 1) long explanations about the benefits of digital tracking, 2) assurances that the companies do not collect data that can be used to identify us, and 3) that it was super easy to opt out.

EPIC Investigates Airport Facial Recognition Opt-Out Procedures

EPIC Investigates Airport Facial Recognition Opt-Out Procedures

One consequence is that it is now more difficult for travelers to opt-out of the screening procedure EPIC wrote that "CBP is modifying rules as it is implementing the program," contrary to federal law.

Subject Access Requests – tapmydata – Medium

Subject Access Requests – tapmydata – Medium

Tap provides a secure two way street between both organisations and individuals when it comes to access requests.

More