Thursday, March 21, 2024
Signal App - New Usernames Keeps Cops Out of Your Data
Signal is the gold standard for secure messaging apps because not only are messages encrypted, but so is pretty much everything else. Signal doesn’t know your name or profile photo, who any of your contacts are, which Signal groups you’re in, or who you talk to and when...
With the long-awaited announcement that usernames are coming to Signal — over four years in the making — Signal employed the same careful cryptography engineering it’s famous for, ensuring that the service continues to learn as little information about its users as possible. more
Monday, March 18, 2024
Your Doctor’s Office Might Be Bugged
Okay, your conversation just got recorded. But where does it go? Is it stored somewhere? How is it used beyond writing my note? The AI technology companies need to address these questions and comply with Health Insurance Portability and Accountability Act laws. Additionally, new regulations may be needed as the technology evolves. more
Intel Patent Addresses Privacy Issues with Voice Assistants
The company filed a patent application for a “privacy preserving digital personal assistant.” Rather than sending your raw voice data to the cloud for processing, Intel’s tech encrypts that data to keep your personal information and identity from being shared in that environment.
“Existing digital personal assistant technologies force users to surrender the content of their voice commands to their digital personal assistance provider, and most actions of the available digital personal assistants are performed in the cloud,” Intel said in the filing. “This presents a large privacy and security concern that will only grow (over time) with increased adoption.” more
Tuesday, August 15, 2023
Ford has a better idea?
...While Ford may be keeping your road rage anonymous, the company may also want to use your voice to sell you stuff. The company filed a patent application for a system for “providing targeted content to users.” more
Tuesday, May 2, 2023
The First Digital Security Rule of Traveling
The first digital security rule of traveling is to leave your usual personal devices at home. Go on your trip with “burner” travel devices instead.
Aside from the potential for compromise or seizure by authorities, you also run the gamut of risks ranging from having your devices lost or stolen during your trip. It’s typically way less dangerous to just leave your usual devices behind, and to bring along devices you only use when traveling. This doesn’t need to be cost prohibitive: You can buy cheap laptops and either inexpensive new phones or refurbished versions of pricier models. (And also get privacy screens for your new phones and laptops, to reduce the information that’s visible to any onlookers.)
Your travel devices should not have anything sensitive on them. If you’re ever coerced to provide passwords or at risk of otherwise having the devices be taken away from you, you can readily hand over the credentials without compromising anything important. more
Thursday, March 30, 2023
Arizona Bill to Make Drone Spying a Crime Moves Forward
In a party-line vote on Wednesday, members of the House Commerce Committee approved legislation that would make it a criminal offense to intentionally photograph, tape or otherwise observe someone else in a private place where that person has a “reasonable expectation of privacy.”
The only thing is that there hasn’t been a consensus as to when exactly someone crosses that line. more
Monday, March 6, 2023
Non-Disclosure Agreements That End Up in the Toilet
Contract Summary
NDA is an edible non-disclosure agreement that protects in perpetuity all information exchanged within 30 minutes of ingestion. Every NDA is comprised of a size 00 gelatin capsule imprinted with a QR code leading to this website and filled with powder made from copies of this agreement printed onto rice paper with ingestible ink. NDA can be executed by any number of people at once. Simply provide every party with their own capsule before executing the agreement. Parties can extend the duration of effect by consuming additional NDA. more
Tuesday, January 10, 2023
"Well, shut my mouth!"
Shiftall's Mutalk believes it can help.
French startup Skyted created a similarly sound-absorbing mask to ensure privacy on calls while in crowded and noisy places. It looks more like a bulky version of the reusable masks we've all grown accustomed to during the pandemic, but Skyted says it absorbs 80% of voice vibration and directs it instead through a wireless Bluetooth connection to our phones or computers.
Sunday, September 25, 2022
Covenant Eyes: God isn't the only one watching you...
GRACEPOINT is (an) evangelical Southern Baptist church... when Grant Hao-Wei Lin came out to a Gracepoint church leader during their weekly one-on-one session, he was surprised to learn that he wasn’t going to be kicked out. According to his church leader, Hao-Wei Lin says, God still loved him in spite of his “struggle with same-sex attraction.”
But Gracepoint did not leave the matter in God’s hands alone. At their next one-on-one the following week, Hao-Wei Lin says the church leader asked him to install an app called Covenant Eyes on his phone...
Covenant Eyes is part of a multimillion-dollar ecosystem of so-called accountability apps that are marketed to both churches and parents as tools to police online activity. For a monthly fee, some of these apps monitor everything their users see and do on their devices, even taking screenshots (at least one per minute, in the case of Covenant Eyes) and eavesdropping on web traffic, WIRED found. The apps then report a feed of all of the users’ online activity directly to a chaperone—an “accountability partner,” in the apps’ parlance. When WIRED presented its findings to Google, however, the company determined that two of the top accountability apps—Covenant Eyes and Accountable2You—violate its policies. more
Thursday, June 2, 2022
Researchers Develop Anti-Eavesdropping Algorithm for Smartphone Mics
This algorithm works by using predictive voice technology: that is, it can recognize human speech and instinctively generate audible background noise like muffling or whispers in order to camouflage the user’s words.
The technology works in real-time as the algorithm is able to create the obstruction while a person is speaking to a voice-controlled device or conversing with a friend.
But why create such an algorithm in the first place?
The problem stems from advertiser eavesdropping. While this is an issue that has not been proved or disproved, there is plenty of anecdotal evidence that backs it up. more
Thursday, August 26, 2021
Personal Security: Remove Your House from Apple Maps, Google Maps & Bing Maps
If you’d like to opt out of a property you own or rent appearing in one of these street-level views, you can use a reporting or request method in each service:
- Apple: Apple requires that you email them “to request that a face, license plate, or your own house be censored.” The address is MapsImageCollection@apple.com.
- Google: Visit maps.google.com and go to the address of concern. Expand the side panel on the left, then click the photo in the side panel to have it enlarge in your browser. Look for an info box in the upper left of the photo and click on the icon of the three vertical dots. In the pop-up that appears, click “Report a problem” and select what you would like to have blurred from the “Request blurring” list of options. You can also submit via the Google Maps app.
- Microsoft: Visit Bing Maps, click “Report a privacy concern with this image” at the lower-left corner of the page, and select House (or another option) from “What kind of concern do you have?” You can describe in the text box below that you want to have your house blurred. more
Friday, August 13, 2021
Tips for Closing Hard-to-Delete Online Accounts
via Consumer Reports
Tips for Deleting Old Accounts
- Check to see if anyone has figured out the steps. Google “how to delete [company name] account” and you’ll often find instructions. (A step-by-step guide to deleting two dozen common accounts.)
- Go to the Settings page first. Companies sometimes put the delete button in settings, account menus, or pages to edit your profile; it varies by company.
- Try the privacy policy. Privacy policies often include instructions, and you can search for words like “account,” “delete,” “close,” or “deletion.”
- Explore the Help menus. If there’s a Help menu or an FAQ section on a website, you can often find deletion instructions there.
- Try customer service. When available, text chats are usually faster than phone calls in my experience.
- Take advantage of privacy laws. California’s privacy law, the CCPA, requires most businesses to let state residents delete data collected from them. Companies don’t have to fulfill a deletion request if you’re not a resident, but some honor requests from anyone. Look for “California” or “CCPA” in privacy policies for details.
- Don’t forget the accounts you’ve forgotten. You may have registered for accounts years ago that have slipped your mind. A whole article
with detailed instructions on how to find them. Some tips to get
started: Google your email address and old usernames; check for saved
log-ins in your web browser or password manager; search your email inbox
for old “welcome” messages. Try variations on phrases like “welcome
to,” “new account,” “password,” or “confirm your email.” more
Wednesday, June 23, 2021
FutureWatch - Super Microphones Coming to Eavesdropping Devices and...
... more mundane items like smart speakers and cell phones...
A KAIST research team ... has developed a bioinspired flexible piezoelectric acoustic sensor with multi-resonant ultrathin piezoelectric membrane mimicking the basilar membrane of the human cochlea. The flexible acoustic sensor has been miniaturized ... is ready for accurate and far-distant voice detection. moreSunday, May 9, 2021
PimEyes: Cool New PI Tool or Privacy Alert - You Decide
You probably haven't seen PimEyes, a mysterious facial-recognition search engine, but it may have spotted you... Anyone can use this powerful facial-recognition tool — and that's a problem.
If you upload a picture of your face to PimEyes' website, it will immediately show you any pictures of yourself that the company has found around the internet. You might recognize all of them, or be surprised (or, perhaps, even horrified) by some; these images may include anything from wedding or vacation snapshots to pornographic images.
PimEyes is open to anyone with internet access. more
Tuesday, April 20, 2021
PI Alert: Samsung is Crippling Your Latest Surveillance Trick
Samsung has announced that customers will soon be able to scan for unknown Galaxy SmartTags trackers using Samsung’s SmartThings Find service. The feature, called Unknown Tag Search, will be coming to the SmartThings app starting next week.
Users will be able to scan the nearby area for any SmartTags that don’t belong to them but that are moving along with them. This feature could be a big win for safety, providing an easy way to make sure that nobody’s tracking you with a tiny SmartTag that they slipped in your backpack, purse, coat pocket, etc. It’s a nice feature if you’re concerned about the privacy or security implications of Tile-like tracking devices. more
Wednesday, March 31, 2021
Privoro Launches Audio Masking Chamber & RF Shield for Mobile Devices
(Press release)
Privoro, today revealed its latest product,
Vault, a first-of-its-kind defense against remote data capture. The
Vault case is a two-in-one portable Faraday enclosure and audio masking
chamber for smartphones, providing unsurpassed protection against not
only wireless attacks and location tracking but also eavesdropping and
spying.
Vault eliminates smartphone signals more effectively than portable, fabric-based Faraday products, delivering a minimum of 100 dB of radio frequency (RF) attenuation – 10 billion times signal reduction. When a smartphone is placed in the Vault case, the smartphone can no longer be reached via cellular, WiFi, Bluetooth, near-field communication (NFC) and radio-frequency identification (RFID).
In addition to RF shielding, Vault's user-controlled audio masking prevents the extraction of intelligible speech up to voice levels of 90 dBA through independent noise signals. Users will have the assurance that conversations in the vicinity of Vault cannot be deliberately captured by bad actors through the enclosed smartphone's cameras and microphones.
Privoro developed Vault to meet the requirements of nation-state customers seeking to tackle the long-standing unique and critical security risks that mobile devices pose. more
Wednesday, March 17, 2021
Google Jumps into Your Nest with its Own New Nest
Google has launched a new ‘Nest Hub’ home assistant that tracks its owners’ sleep.
But its standout feature is its new sleep tracking technology. To use it, the Nest Hub is supposed to be placed on a bedside table, so that it can monitor its owners as they sleep.
It can not only track the amount of sleep, and how deep it is, but also other things that might disturb that sleep – as well as other people sharing the bed – such as coughing and snoring. more
Interesting points...
• Google says the recorded audio and raw Soli data stays on the device and
does not get sent to Google, though extrapolated sleep event data is
sent to the company’s servers.
• Sleep Sensing (Google’s name for sleep tracking) is completely opt-in
and can be disabled at any time.
• This will be a paid
feature.
For some people this will be helpful and worth it. For others, it is AI creepy creep.
Hackers, on your mark! ...
Monday, March 8, 2021
Privacy and the Clubhouse App
Clubhouse might be the hottest app that's not even publicly available yet, but privacy issues are already being discussed online. Some of the people who are particularly upset? Those who say they have profiles without even having used the app before...
Clubhouse reportedly requests access to your phone's contacts, under the pretense that you can connect with other users of the social network. But people are claiming that Clubhouse takes information from your contact list and builds "shadow profiles" of people who have never signed up...
If you allow Clubhouse to use your contact list, the app then reportedly has access to your contacts' names, phone numbers and how many friends they have on Clubhouse. But that's not all. Privacy advocates note Clubhouse records voice chats of the virtual rooms, which also doesn't sit well with some current users of the app.
Clubhouse's Community Guidelines states: "Solely for the purpose of supporting incident investigations, we temporarily record the audio in a room while the room is live." more
More privacy considerations...
• Clubhouse app technology runs on the platform of Agora.io, an audio tech startup in Shanghai, China.
• Voice recordings may be paired with personal account details, and transferred into a government dossier for future voice identification surveillance purposes.
• What is said using the app may not be very private given hackers, lurkers and government interests. Not a good way to communicate confidentially.
“I refuse to join any club that would have me as a member” ― Groucho Marx
Tuesday, February 23, 2021
The Most Secure and Anonymous Communication Tools Available
via David Koff, Tech Talk - The Technology Newsletter for Everyone...
What I’m about to share with you here is… kind of fringe. Like, “Edward Snowden” fringe.
Hopefully, that got your attention.
For some years now, the hacker, privacy, and journalism communities have all been debating, discussing, and using the tools I’m about to share with you in this installment. These tools are used not only to lock down your security and anonymity on the known internet, but also to access the portions of the internet that are normally hidden — “The Dark Web.”
Despite their usefulness, I haven’t really seen information about these
tools shared with the general public in a straightforward,
easy-to-understand way. I think it’s worth changing that; while most of
us don’t need the same high-privacy, high-security tools that confidential informants, journalists, and whistleblowers use, we should all know about these tools in case the time comes when we actually need them. more
Monday, February 15, 2021
Pretty Good Phone Privacy - Protects Both User Identity and Location
Abstract
To receive service in today’s cellular architecture phones uniquely identify themselves to towers and thus to operators. This is now a cause of major privacy violations as operators sell and leak identity and location data of hundreds of millions of mobile users.In this paper, we take an end-to-end perspective on the cellular architecture and find key points of decoupling that enable us to protect user identity and location privacy with no changes to physical infrastructure, no added latency, and no requirement of direct cooperation from existing operators.
We describe Pretty Good Phone Privacy (PGPP) and demonstrate how our modified back end stack (NGC) works with real phones to provide ordinary yet privacy-preserving connectivity. We explore inherent privacy and efficiency trade-offs in a simulation of a large metropolitan region. We show how PGPP maintains today’s control overheads while significantly improving user identity and location privacy. more
BONUS... "It protects users from fake cell phone towers (IMSI-catchers) and surveillance by cell providers." a good summary explanation