Microsoft will adopt Google Chrome's controversial Manifest V3 in Edge

Microsoft will adopt Google Chrome's controversial Manifest V3 in Edge

The Web Request API will still be available and still be able to provide information about all network requests fired by the browser … as opposed to what those announcements state, the deprecation of the blocking ability of the webRequest API accomplishes nothing privacy-wise for content blockers since they will *still* require broad hosts permissions.".

Surveillance in an Era of Pandemic and Protest

Surveillance in an Era of Pandemic and Protest

As this summer of pandemic and racial justice protests draws to a close, Naomi Klein hosted a landmark conversation between Shoshana Zuboff, author of “The Age of Surveillance Capitalism,” and Simone Browne, author of “Dark Matters: On the Surveillance of Blackness.” The three authors discussed how both governments and tech giants are using our moment of overlapping crises to push through discredited surveillance technologies that threaten privacy, democracy, and any hope of equality.

The History of Invidious

The History of Invidious

HookTube was pretty much the same idea from a user perspective, but it was not open source and it used the YouTube API instead of scraping the site.

Privacy News Online | Weekly Review: August 14, 2020

Privacy News Online | Weekly Review: August 14, 2020

If we read your comment, you’ll get 1 month of free VPN service from Private Internet Access.Privacy News Online is brought to you by Private Internet Access, the world’s most trusted VPN service.

India bans 59 Chinese apps, including TikTok, ShareIt, UC Browser

India bans 59 Chinese apps, including TikTok, ShareIt, UC Browser

“This Ministry has also received many representations raising concerns from citizens regarding security of data and risk to privacy relating to operation of certain apps.”.For all the latest India News, download Indian Express App.

New paper warns of Cambridge Analytica type privacy risks in G Suite Marketplace Apps

New paper warns of Cambridge Analytica type privacy risks in G Suite Marketplace Apps

A new research paper presented at IEEE 41 calls attention to the fact that Google Suites App Marketplace – whose apps are able to tap into the powerful Google API to read contacts, emails, calendar, etc – allows unverified apps to ask for and oftentimes receive sensitive user data.

Wyden, Rounds and Eshoo Lead Bipartisan Call to Secure U.S. Capitol Phone Networks

Wyden, Rounds and Eshoo Lead Bipartisan Call to Secure U.S. Capitol Phone Networks

– U.S. Senators Ron Wyden, D-Ore., and Mike Rounds, R-S.D., with Rep. Anna Eshoo, D-Calif., led 20 members of the House and Senate in a request to encrypt phone calls between the chambers to protect communications against foreign surveillance.

Shoshana Zuboff: A Human Future in the Age of Surveillance Capitalism

Shoshana Zuboff: A Human Future in the Age of Surveillance Capitalism

Instead of labor, surveillance capitalism feeds on every aspect of human experience,” writes Dr. Zuboff, the Charles Edward Wilson Professor Emerita at Harvard Business School as well as Faculty Associate at the Berkman Center for Internet and Society at Harvard Law School.

Tracking user location from IP address using Google API

Tracking user location from IP address using Google API

Tracking user location from IP address using Google API.ISP Geolocation LocationNotice the identified latitude and longitude, marking it on google map (below)you can see the distance of this location from my original point of access.

So I reverse engineered two dating apps...

So I reverse engineered two dating apps...

In this post I show some of my findings during the reverse engineering of the apps Coffee Meets Bagel and The League.It would be best if the developers make sure the app only attaches authorization bearer header in requests to The League API.

Contact tracing apps must respect privacy or be removed: EU

Contact tracing apps must respect privacy or be removed: EU

The European Union has called on Apple to remove from the App Store contact tracing apps that don’t have appropriate privacy safeguards.

Privacy is Cybersecurity for People

Privacy is Cybersecurity for People

Some people still imagine that companies Cybersecurity is about protecting assets like film footage from movies, or studio production tracks from recording sessions with music artists, or secret plans for the next Apple computer (duh, its another iPhone).

We Buy Gifts That Surveil Our Loved Ones Because There Is Nothing Else to Buy

We Buy Gifts That Surveil Our Loved Ones Because There Is Nothing Else to Buy

We buy DNA tests from 23AndMe that could one day end up in a police database, we buy Amazon Echo and smartphone technology used to target us with ads, and, increasingly, we are buying Amazon’s Ring doorbell cameras that are being used to watch ourselves and our neighbors, create a warrantless police surveillance apparatus, and serve as an attack surface that can allow hackers to enter our homes.

Cloudflare ordered to reveal identity behind pirate site

Cloudflare ordered to reveal identity behind pirate site

TorrentFreak writes that what API is trying to protect here are its monetary interests related to unauthorized copying and sale of the industry standards that the association produces.API's DMCA application, that has now been approved, said the copyrighted standards – described as a valuable asset – are available to download without permission.

Over 267 million Facebook users had their names, phone numbers, and profiles exposed thanks to a public database, researcher says

Over 267 million Facebook users had their names, phone numbers, and profiles exposed thanks to a public database, researcher says

An online database exposed the names, Facebook IDs, and phone numbers of more than 267 million people, said Bob Diachenko, a data-security researcher, and Comparitech, a tech website.

Facebook Scraping, Still a Privacy Disaster

Facebook Scraping, Still a Privacy Disaster

If someone were to scrape a list of people who belong to a particular Facebook group, or who like a certain page, they could easily upload their profile URLs to a PSE.

Exclusive: China's ByteDance moves to ringfence its TikTok app amid U.S. probe - sources

Exclusive: China's ByteDance moves to ringfence its TikTok app amid U.S. probe - sources

NEW YORK/WASHINGTON/BEIJING (Reuters) - ByteDance has stepped up efforts to separate its social media app TikTok from much of its Chinese operations, amid a U.S. national security panel’s inquiry into the safety of the personal data it handles, people familiar with the matter said.

.ORGanized Takeover – a timeline of the ISOC, PIR & Ethos Capital Deal

.ORGanized Takeover – a timeline of the ISOC, PIR & Ethos Capital Deal

Chehadé leaves ICANN before his contract expired in order to start his own consulting firm and later joins Abry Partners.Andrew Sullivan is appointed CEO of ISOC, starting in September.Nevett becomes the new CEO of PIR, responsible for .ORG.

10,331,579,614 Records Leaked in 2019 And Counting...

10,331,579,614 Records Leaked in 2019 And Counting...

The data breach to Capital One servers in March exposed the personal information of nearly 106 million of the bank's customers and applicants from 2005 up to 2019.

From Surveillance Communism To Surveillance Capitalism And Beyond

From Surveillance Communism To Surveillance Capitalism And Beyond

Part of the data we generate for the surveillance capitalist firms is a product of our necessary, work-related use of digital technologies, or our efforts to keep in touch with others.Surveillance capitalism, less overtly intrusive, makes our online activities a source of data that private firms harvest for their profit.

How to Set Your Google Data to Self-Destruct

How to Set Your Google Data to Self-Destruct

While there have been tools we can use to manually purge our Google search histories, few of us remember to do so.In May, the company introduced an option that lets us automatically delete data related to our Google searches, requests made with its virtual assistant and our location history.

Google Begins Testing Extension Manifest V3 in Chrome Canary

Google Begins Testing Extension Manifest V3 in Chrome Canary

Google has begun testing their upcoming extension manifest V3 in the the latest Chrome Canary build, and with this initial 'alpha' release, developers can begin testing their extensions under the upcoming specification.Error when using unsupported APIs If you switch the extension to use a service_worker instead then the extension loads properly into Google Chrome.

The Creepy Way Facebook And Amazon Profit Off Our Private Data

The Creepy Way Facebook And Amazon Profit Off Our Private Data

In an interview with HuffPost, Zuboff talks about how this new world is not just a threat to our privacy, but — as it starts to shape our actions — to our democracy itself: So, what is surveillance capitalism?

Vulnerability in WebEx and Zoom allows hackers to access their sessions

Vulnerability in WebEx and Zoom allows hackers to access their sessions

Vulnerability testing specialists point out that any web application that uses numeric or alphanumeric identifiers is exposed to enumeration attacks.

Debates Over ZAO and FaceApp Usher in the Era of Surveillance Capitalism

Debates Over ZAO and FaceApp Usher in the Era of Surveillance Capitalism

Shortly after the clamor abated around FaceApp, the Russian AI-powered app churning out disturbingly realistic photos of users as their older selves, a new controversial fad hit mobile stores in the form of the Chinese deep-fake app ZAO.

How safe are school records? Not very, says student security researcher

How safe are school records? Not very, says student security researcher

Among one of the more damaging issues Demirkapi found in Follett’s student information system was an improper access control vulnerability, which if exploited could have allowed an attacker to read and write to the central Aspen database and obtain any student’s data.

Apple plans to restrict how messaging apps access background iOS data

Apple plans to restrict how messaging apps access background iOS data

Apple plans to restrict how apps implement internet voice call functionality, which currently could allow mobile software to collect data while running in the background, according to a new report from The Information.

Capital One Canada

Capital One Canada

Capital One is not calling or texting customers regarding the cyber incident and is not asking for credit card or account information, or Social Insurance Numbers over the phone or via email.

New Warning Issued Over Google's Chrome Ad-Blocking Plans

New Warning Issued Over Google's Chrome Ad-Blocking Plans

The discovery was made by security researcher Sam Jadali, who told me at the time that Google’s Manifest V3 does not solve this specific problem: “It has some improvements however it explicitly states that server communication (potentially changing extension behavior) will still be allowed.

Massive Capital One breach exposes personal info of 100 million Americans

Massive Capital One breach exposes personal info of 100 million Americans

Banking institution Capital One has just revealed that it’s suffered a data breach that exposed the names, addresses, phone numbers, emails, dates of birth, and self-reported incomes of approximately 100 million Americans, and 6 million in Canada, due to a “configuration vulnerability” in the servers of an unnamed cloud computing company hosting the bank’s data.