In an order issued this week, the 9th Circuit Court of Appeals upheld a ruling in which Facebook social widgets may be considered wiretaps.
privacy
Senate Judiciary Committee Passes Anti-Privacy ‘EARN IT Act’
Today the Senate Judiciary Committee passed the EARN IT act, a bill that weakens Section 230 protections for social media companies in an attempt to fight online child abuse.
Private Social Network ‘MeWe’ Takes on Snapchat Stories
A private social network Andrew reviewed before is MeWe, and it just announced a featured called Journals for its premium subscription.
Here’s Why This Company Won’t Add ‘Sign In with Apple’
Today is the deadline for developers to add Sign In with Apple to their apps. One company, AnyList, doesn’t want to add it and explained why.
After considering the merits of Sign in with Apple, we have decided not to support it. We understand that this may surprise some of our customers, so we’d like to explain in detail why we made this decision.
A couple arguments make sense, but I’m not buying some others. 1) I’m not a programmer so I don’t know how hard it is to add Sign In with Apple. 2) Saying iCloud isn’t “real email” is stupid. 3) AnyList removed its Facebook login, which is still a privacy-positive move even without adding Apple login.
PSA: The Deadline to Add ‘Sign In with Apple’ is Tuesday, June 30
The deadline for developers to add Sign In with Apple into their apps is coming up tomorrow, June 30. Andrew has several guides available for readers.
16 Web APIs Apple Avoided Over Privacy Concerns
ZDnet has a list of 16 Web APIs that Apple declined to add to Safari over concerns they could be used to track users.
The vast majority of these APIs are only implemented in Chromium-based browsers, and very few on Mozilla’s platform.
Apple claims that the 16 Web APIs above would allow online advertisers and data analytics firms to create scripts that fingerprint users and their devices.
Apple Adds Encrypted DNS Support to iOS 14, macOS 11
A WWDC20 presentation shows how Apple is adding support for encrypted DNS to iOS 14 and macOS 11. It will support HTTPS and TLS.
Security Friday: Privacy Updates, Macworld All-Star Band Reunion – TMO Daily Observations 2020-06-26
Andrew Orr and Dave Hamilton join host Kelly Guimont to discuss the latest privacy changes from WWDC, and the Macworld All-Star Band reunion.
Safari 14 Adds Face ID, Touch ID to FIDO Logins
A feature coming to Safari 14 later this year involves logging into websites with Face ID and Touch ID through the Web Authentication API.
‘Lawful Access to Encrypted Data Act’ is Latest Encryption Attack
Senators Lindsey Graham (R-South Carolina), Tom Cotton (R-Arkansas) and Marsha Blackburn (R-Tennessee) introduced the Lawful Access to Encrypted Data Act yesterday. It seeks to bring back the Crypto Wars of the 1990s by crippling encryption with the introduction of backdoors.
Yet increasingly, technology providers are deliberately designing their products and services so that only the user, and not law enforcement, has access to content – even when criminal activity is clearly taking place. This type of “warrant-proof” encryption adds little to the security of the communications of the ordinary user, but it is a serious benefit for those who use the internet for illicit purposes.
”Adds little to the security of the communications of the ordinary user.” That’s the level of contempt these people have for the rest of us.
Craig Federighi Reveals iOS 14 Clipboard Will Be Locked Down
Michael Grothaus interviewed Craig Federighi where he talks about iOS 14 privacy features. One feature is restricted access to the system clipboard/pasteboard. Apps will no longer have full access, which was a problem in the past.
Though there isn’t a lot of evidence apps have done this on a wide scale, apps will now require your approval to access the pasteboard for the first time. If a messaging app requests approval, it’s probably legit–but look out if, say, a free gaming app wants to get at your pasteboard.
As regular readers can guess, I’m excited for the new privacy features in iOS 14 and macOS Big Sur.
WWDC 2020: New Privacy Features in iOS 14
Amid all of the announcements today we’re getting some new privacy features in iOS 14. Here are two main ones coming this year.
WWDC 2020: macOS Big Sur is the Platform's Biggest Design Change Ever
macOS Big Sur includes some of the biggest changes in design and Safari in years. The design copies iOS but keeps certain UI elements unique.
U.S. Lawmakers Ask Zoom About its Ties to China
Three lawmakers in the U.S. have asked Zoom to clarify its relationship with China after the company suspended user accounts at its request.
Transfer ‘Signal’ Data With its New Update
With a new update rolling out it’s now easier to transfer Signal data between devices. It uses a local connection encrypted end-to-end.
UK Government Releases NHS COVID Contracts With Private Companies
Faced with pressure, the UK government has released its contracts with Amazon, Google, Microsoft, Faculty, Palantir, and others.
The contracts show that companies involved in the NHS datastore project, including Faculty and Palantir, were originally granted intellectual property rights (including the creation of databases), and were allowed to train their models and profit off their unprecedented access to NHS data.
The REAL reason why they wanted to avoid Apple and Google’s privacy solution.
‘CamTag’ is a set of Reusable Privacy Camera Stickers
CamTag is a set of reusable privacy camera stickers for your devices. These stickers are a way to make sure that you aren’t being spied upon by malicious third parties. These stickers are glue-free so you can reuse them on your iPhone, iPad, and Macs. They come in different designs and you can customize it with your own design or branding. It’s a Kickstarter campaign and it’s been fully funded. Estimated delivery is October 2020. Pledge US$9 or more to get the first reward tier, which gives you 25 privacy stickers in 5 sizes.
Private Messenger ‘Signal’ Now Automatically Blurs Faces
Private messenger app Signal added a feature that lets it automatically blur faces in your images.
Thousands of people are protesting against police brutality and to support the Black Lives Matters cause. If you are a part of the protests, you might post photos of the demonstration around you on social media or send them to your friends — and that’s not entirely safe, because it could help identify people there and put them in danger.
A great feature. I’ve been trying to create a shortcut that can obfuscate faces.
How the ‘Untappd’ Beer App Was Used to Track Military, CIA Movements
Researchers were able to use beer rating app Untappd to track the location history of military and CIA personnel.
Examples of users that can be tracked this way include a U.S. drone pilot, along with a list of both domestic and overseas military bases he has visited, a naval officer, who checked in at the beach next to Guantanamo’s bay detention center as well as several times at the Pentagon, and a senior intelligence officer with over seven thousand check-ins, domestic and abroad. Senior officials at the U.S. Department of Defense and the U.S. Air Force are included as well.
Not even the CIA is safe against the data industrial complex.
Security Friday, Apple Card Updates – TMO Daily Observations 2020-05-29
Andrew Orr joins host Kelly Guimont to discuss Security Friday news and some updates to Apple Card data in the Wallet app.
How to Safeguard Your Privacy at a Protest
Motherboard has a short guide to protecting your privacy in case you join a protest. Rule number one: Get a burner phone, don’t use your personal phone.
Naturally, law enforcement will likely be heavily surveilling these protests and others with all sorts of tech and spying gear. And it’s not just the cops: when much of a protest is broadcast via tweets or live-steaming, those watching may also want to digitally target protesters, perhaps by identifying them publicly.
The Care19 Contact Tracing App Gives Your Location Data to Foursquare
Care19, a contact tracing app used by North and South Dakota, violates its own privacy policy. Notably, the creator of the app, ProudCrowd, made sure that location data from the app is shared with Foursquare, although it claims it’s not used for commercial purposes. It’s a violation of its privacy policy because users are told their location data is private:
This location data is private to you and is stored securely on ProudCrowd, LLC servers. It will not be shared with anyone including government entities or third parties, unless you consent or ProudCrowd is compelled under federal regulations.
Siri Grading Whistleblower Goes Public With Apple Dissatisfaction
The subcontractor who revealed Apple’s Siri grading program is going public. Thomas le Bonniec isn’t satisfied with what happened.
In Update to Privacy Policy, Twitter Gives More Data to Advertisers
Twitter updated its privacy policy on Monday to reflect that more of your data will be shared with advertisers.
To help us understand if these ads are effective, we share device-level data, like IP address, with our advertising partners. We don’t share things like your name, email, phone number, or Twitter username.
To help mobile app advertisers understand if the ads they run on Twitter are effective, Twitter shares some device-level data, like which ads your device may have seen or clicked on, with them. We don’t share your name, email, phone number, or Twitter username.
It doesn’t matter if they don’t share details like your phone number if it gets leaked anyway.