Once Again, Two New Election App Breaches Exposed Personal Data on Millions of Israelis

Once Again, Two New Election App Breaches Exposed Personal Data on Millions of Israelis

In addition to the personal details of almost 6.5 million Israelis which leaked for the second time, the new flaws also revealed correspondence between activists and potential voters as well as the app’s source code, according to activist hacker Noam Rotem and Ran Bar-Zik, a senior developer at Verizon Media, who discovered the leaks.

The Private Internet Access Android app is being open sourced

The Private Internet Access Android app is being open sourced

Private Internet Access (PIA) is open sourcing its Android VPN app and dependencies code to the public as part of its commitment to open sourcing all clients in the name of transparency and privacy.

Every Click You Make: Data Tracking, Consumer Privacy In The Age Of Surveillance Capitalism

Every Click You Make: Data Tracking, Consumer Privacy In The Age Of Surveillance Capitalism

In the age of the Internet-of-things, every digital device you own collects information about you, while websites, corporations and social media platforms use different techniques to surveil and track your personal data.

Swift Crypto helps more developers than ever to build secure applications

Swift Crypto helps more developers than ever to build secure applications

Apple has introduced a new open-source Swift Crypto package which makes the secure capabilities of Apple’s CryptoKit available to the wider Swift community — even if they’re deploying their software on platforms other than Apple’s own.

FCC Says 'One or More' Phone Carriers Illegally Shared Location Data, Fueling Black Market Sales

FCC Says 'One or More' Phone Carriers Illegally Shared Location Data, Fueling Black Market Sales

Photo: Chip Somodevilla (GettyIn letters addressed to oversight lawmakers on Friday, FCC Chairman Ajit Pai announced that his agency’s nearly two-year investigation into the unauthorized sale of consumers’ phone location data had finally come to an end.

Column: Your car dealer may be quietly selling your data to your insurer

Column: Your car dealer may be quietly selling your data to your insurer

Be that as it may, a State Farm agent confided to me that the mileage information typically comes from data broker LexisNexis, which offers insurers a service called LexisNexis Vehicle History.

CERN Replacing Facebook Workplace With A Set Of Open-Source Software Alternatives

CERN Replacing Facebook Workplace With A Set Of Open-Source Software Alternatives

Now this European Organization for Nuclear Research is moving away from Facebook Workplace to instead make use of more open-source software packages.Pricing and privacy concerns move CERN to Mattermost, Discourse and other Open Source solutions.

The National Cyber Security Alliance’s Data Privacy Day Honeypot on StaySafeOnline.org

The National Cyber Security Alliance’s Data Privacy Day Honeypot on StaySafeOnline.org

Someone using this tool on the Stay Safe Online website to “update their privacy settings”, would actually be helping Hotjar build a profile of information about themselves, including the sites they shop on, the email service they use, the type of mobile device they have, how they listen to music, share photos and videos, the ride share services they use, their favorite search engines, social networks, web browsers and more.

Setting the Record Straight: PinePhone Misconceptions

Setting the Record Straight: PinePhone Misconceptions

Let’s start with the Allwinner A64 SoC, which is the brains of the PinePhone; it runs mainline Linux, uses mainline ATF and u-boot and there are open source drivers for all main SoC components.

Rogue NYPD cops are using facial recognition app Clearview

Rogue NYPD cops are using facial recognition app Clearview

Clearview AI, which has scraped millions of photos from social media and other public sources for its facial recognition program — earning a cease-and-desist order from Twitter — has been pitching itself to law enforcement organizations across the country, including to the NYPD.

Can hardware ever be trusted? The Betrusted project aims to find out by going back to basics

Can hardware ever be trusted? The Betrusted project aims to find out by going back to basics

Betrusted is more than just a secure CPU – it is a system complete with screen and keyboard, because privacy begins and ends with the user.” Its aim is to create a secure communication device whose hardware can be trusted, and which does protect privacy.

‘Couldn’t Sign You In’ — Google Denies Access to Several Linux Browsers

‘Couldn’t Sign You In’ — Google Denies Access to Several Linux Browsers

When users try to access the same site(s) in a major web browser, like Google Chrome or Mozilla Firefox, there is no error warning presented and the site loads without issue.

Certbot Leaves Beta with the Release of 1.0

Certbot Leaves Beta with the Release of 1.0

Earlier this week EFF released Certbot 1.0, the latest version of our free, open source tool that helps websites encrypt their traffic.The release of 1.0 officially marks the end of Certbot's beta phase, during which it has helped over 2 million users maintain HTTPS access to over 20 million websites.

Facebook built a facial-recognition app that let employees identify people by pointing a phone at them

Facebook built a facial-recognition app that let employees identify people by pointing a phone at them

The app, which was developed by Facebook employees between 2015 and 2016 and tested internally, relied on information from the social network's vast collection of user-uploaded photos and facial-recognition data to identify people in real life within seconds, sources told Business Insider.

Browsers and privacy

Browsers and privacy

The following browsers were tested: Firefox 70.0.1 (Mozilla Binaries from MX Linux) Firefox ESR 68.2.0 (Debian package) Chromium 78.0.3904.97 (Debian Package) Brave Browser 1.0.0 (Package from Brave web site) Epiphany 3.32.1.2 (Debian package) Midori 7.0 (Debian package) The method itself was relatively simple.

From Surveillance Communism To Surveillance Capitalism And Beyond

From Surveillance Communism To Surveillance Capitalism And Beyond

Part of the data we generate for the surveillance capitalist firms is a product of our necessary, work-related use of digital technologies, or our efforts to keep in touch with others.Surveillance capitalism, less overtly intrusive, makes our online activities a source of data that private firms harvest for their profit.

Beyond Aadhaar: India wants to create a giant centralized facial recognition database

Beyond Aadhaar: India wants to create a giant centralized facial recognition database

As that indicates, the idea is that any kind of image – whether a photograph, a drawing, or a CCTV feed capture – can be run against the database to search for matches.

ThinkPrivacy joins privacytools.io

ThinkPrivacy joins privacytools.io

While takes great pains to default towards open-source software projects, and services that originate from countries with the strictest privacy laws, ThinkPrivacy will look towards user friendliness and accessibility from products with a history of standing up for privacy rights and defending their users.

Smartphones with wheels: how modern transportation brings new privacy problems

Smartphones with wheels: how modern transportation brings new privacy problems

Here’s why vehicle-based surveillance is about to get much worse, as outlined by McKinsey: Today’s cars have up to 150 electronic control units; by 2030, many observers expect them to have roughly 300 million lines of software code.

Update on free software and telemetry (Updated October 24th, 2019)

Update on free software and telemetry (Updated October 24th, 2019)

On the other hand, we want to make sure that users who prefer using only free software can have a positive GitLab experience, as open source communities are important to GitLab. To make GitLab better faster, we need more data on how users are using GitLab. SaaS telemetry products, which provide analytics on user behavior inside web-based applications, have come a long way in the past few years.

Tech Tudor: Gitlab's "Important Updates to our ToS" - A nice and sleazy way to say we are unleashing Telemetry and Spying on you!

Tech Tudor: Gitlab's "Important Updates to our ToS" - A nice and sleazy way to say we are unleashing Telemetry and Spying on you!

So, who once declared themselves the champion of internet freedom (when Github was getting acquired by Microsoft some months back), now seems to be exploring new avenues of earning by way of subjecting their users to intense telemetry and spying.

Breakingviews - Google could buff its browser-privacy blemishes

Breakingviews - Google could buff its browser-privacy blemishes

SAN FRANCISCO (Reuters Breakingviews) - Google’s browser privacy could use more cover.In August, its engineering director argued blocking cookies, which are text files of data that allow advertisers to target online consumers, would only encourage more opaque tracking techniques like digital fingerprinting.

Ewwlo

Ewwlo

instead of building all apps from the source code (the proper way, to assure that there isn’t malware), 31 apps that come with the ROM are pre-built which is dangerous as you don’t know if those apps contain malware in them.

Buying a cheap smartphone? 7 things you need to know

Buying a cheap smartphone? 7 things you need to know

Academic research on pre-installed apps has concluded that “the supply chain around Android’s open source model lacks transparency” and that this “has facilitated potentially harmful behaviours and backdoored access to sensitive data and services without user consent or awareness”.We think that Google could do more to address the privacy and security concerns with pre-installed apps, for instance by banning pre-installed apps that can’t be deleted, by increasing transparency around the Android certification process and by better enforcing their own rules.

This Site Uses AI to Find Issues in Privacy Policies

This Site Uses AI to Find Issues in Privacy Policies

Guard is a site that uses AI to read epically long privacy policies and then highlight any aspects of them that might be problematic.For now, you’re limited to seeing ratings for only services Guard has decided to analyze, which includes most of the major apps out there like youTube, Reddit, Spotify, and Instagram.

Instagram’s own posts are not as private as you think

Instagram’s own posts are not as private as you think

This is done from a series of mouse clicks on any web browser to reveal the static URL of posts and private stories cached on servers.

There is more than only black and white in information security and privacy

There is more than only black and white in information security and privacy

When it comes to information security and privacy, some people specialized in spreading black and white thinking.The new filter bubble, inflated by black and white thinking of like-minded people, is proclaimed as the only truth.

Google Warning: Tens Of Millions Of Android Phones Come Preloaded With Dangerous Malware

Google Warning: Tens Of Millions Of Android Phones Come Preloaded With Dangerous Malware

Millions of shiny new Android smartphones are being purchased with dangerous malware factory-installed, according to Google's own security research team.Android is a thriving open-source community, which is great for innovation but not so great when threat actors seize the opportunity to hide malware in basic software loads that come on boxed devices.

Data isn't the new oil, it's the new CO2

Data isn't the new oil, it's the new CO2

The line of inquiry defending pervasive surveillance in the name of “individual freedom” and individual consent is tired and should be retired.But first let’s all admit that the line of inquiry defending pervasive surveillance in the name of “individual freedom” and individual consent gets us nowhere closer to understanding the threats we are facing.

Siri records fights, doctor’s appointments, and sex (and contractors hear it)

Siri records fights, doctor’s appointments, and sex (and contractors hear it)

One of the contract workers told The Guardian that Siri did sometimes record audio after mistaken activations. Apple, along with Google and Amazon, all have similar policies for the contract workers it hires to review those audio snippets.