Facebook Shuts Down Onavo Spyware...We Think

Facebook is shutting down its Onavo spyware VPN and associated “research” app. That is, if you believe anything Facebook says.

To preempt any more scandals around Onavo and the Facebook Research app and avoid Google stepping in to forcibly block the apps, Facebook is now taking Onavo off the Play Store and stopping recruitment of Research testers. That’s a surprising voluntary move that perhaps shows Facebook is finally getting in tune with the public perception of its shady actions.

Eh, I wouldn’t go that far. Not with Facebook blaming users when it screws them over.

This Google Nest Device Has a Secret Microphone

The Nest Secure smart home hub has had a secret microphone this whole time. But poor Google just plain forgot to tell us.

On Tuesday, a Google spokesperson told Business Insider the company had made an “error.” “The on-device microphone was never intended to be a secret and should have been listed in the tech specs. That was an error on our part,” the spokesperson said.

Silly Google, tricks are for kids. Also, get a HomePod.

Sharenting is When You Over Share Your Kid Online

There’s a new phenomenon called sharenting. This is when parents share a large portion of their kids’ lives to the internet, usually without their consent.

Recently a parenting blogger wrote in a Washington Post essay that despite her 14-year-old daughter’s horror at discovering that her mother had shared years of highly personal stories and information about her online, she simply could not stop posting on her blog and social media. The writer claimed that promising her daughter that she would stop posting about her publicly on the internet “would mean shutting down a vital part of myself, which isn’t necessarily good for me or her.”

That was the most ridiculous part to read. Good grief, the world isn’t going to end because you can’t post about your kid anymore Karen. No one cares about them except you.

No, You Probably Don't Take Privacy and Security Seriously

Zach Whittaker is tired of the same old line companies use, like when they suffer a data breach: “We take your privacy and security seriously.”

The truth is, most companies don’t care about the privacy or security of your data. They care about having to explain to their customers that their data was stolen…About one-third of all 285 data breach notifications had some variation of the line. It doesn’t show that companies care about your data. It shows that they don’t know what to do next.

I’m betting there’s a template that public relations employees have that they copy and paste into official emails sent out in the wake of security stuff like this.

How to Manage Your Online Personal Data

Louise Matakis put together a guide on how to manage your online personal data, and figuring out who buys, sells, and barters it.

Personal data is often compared to oil—it powers today’s most profitable corporations, just like fossil fuels energized those of the past. But the consumers it’s extracted from often know little about how much of their information is collected, who gets to look at it, and what it’s worth. Every day, hundreds of companies you may not even know exist gather facts about you, some more intimate than others. That information may then flow to academic researchers, hackers, law enforcement, and foreign nations—as well as plenty of companies trying to sell you stuff.

A good guide as usual from Wired.

Remember Bandersnatch? Netflix Saved Your Choices

Black Mirror’s Bandersnatch is a choose-your-own-adventure game that went viral. As it turns out, Netflix saved the choices you made.

He found that Netflix is tracking the decisions its users make (which makes sense considering how the film works), and that it is keeping those decisions long after a user has finished the film. It is also stores aggregated forms of the users choice to “help [Netflix] determine how to improve this model of storytelling in the context of a show or movie.”

This doesn’t seem like a huge issue to me. This is standard analytics the platform keeps.

Sorry, Facebook Messenger Decryption is Secret

Yesterday a U.S. judge ruled that a secret government effort to compel Facebook to decrypt Messenger voice conversations won’t be revealed.

Groups including the American Civil Liberties Union argued that the public’s right to know the state of the law on encryption outweighed any reason the U.S. Justice Department might have for protecting a criminal probe or law-enforcement method.

One word: PRISM.

Be Safe on the Internet With This Security Checklist

The Security Checklist is an open source list of resources designed to improve your online privacy and security. Check things off to keep track as you go.

This website provides a beginner’s checklist for staying safe on the internet. This website is the result of a conversation started during a recent episode of the Design Details Podcast and a subsequent tweet by Michael Knepprath.

This is a great website that Kelly Guimont pointed my way. Even if you’re a techie and have a handle on your online privacy, you should check this out too.

Apple Tells Developers to Change or Remove Screen Recording

A hot news item today was the revelation that some apps record your screen to learn what you do within the app. This can be used for testing and troubleshooting. Apple has responded, saying:

In an email, an Apple spokesperson said: Protecting user privacy is paramount in the Apple ecosystem. Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity.

As I said in my argued, the fact that developers know what you do within the app isn’t a big deal. The issues, as Apple noted, are: 1. Users don’t know this happens, and this isn’t disclosed in privacy policies; and 2. Sometimes sensitive data isn’t properly redacted.

iOS 12.2 Will Remove 'Do Not Track' Option

In the next update of iOS and macOS Apple will remove the Do Not Track option from Safari. This is okay.

Removed support for the expired Do Not Track standard to prevent potential use as a fingerprinting variable.

Before I see a headline from Forbes titled “iOS 12.2 Has a Nasty Surprise” let me say that removing Do Not Track is good. It never did anything anyway because obeying it was completely voluntary. Which of course means that every website ignored it. And now it can be used to fingerprint your browser. Good riddance.

What Would Happen if You Remove Apple From Your Life?

Kashmir Hill has experimented with cutting out tech giants from her life. In week 5 she found out what it was like to remove Apple.

In addition to abandoning all my iProducts, I am blocking myself from interacting with Apple in any way, using a custom VPN designed for me by technologist Dhruv Mehrotra. The VPN prevents my devices from communicating with the 16,777,216 IP addresses controlled by Apple, rendering iCloud and any Apple apps defunct.

It’s an interesting experiment, especially going so far as to block Apple IP addresses. I look forward to Ms. Hill’s next experiment: Blocking Amazon, Facebook, Apple, Google, and Microsoft all at once.

This Website Exposes Apple Censorship in China

A new website called AppleCensorship.com exposes how the company censors apps in China at the behest of the government.

A new website exposes the extent to which Apple cooperates with Chinese government internet censorship, blocking access to Western news sources, information about human rights and religious freedoms, and privacy-enhancing apps that would circumvent the country’s pervasive online surveillance regime.

I’m a fan of Apple, privacy, and Apple’s stance on privacy. That being said I think whenever Apple mentions privacy on its website there should be an asterisk with fine print saying: “We believe privacy is a fundamental human right except in these cases.”

Your Health Data is Turned Into a Risk Score and Sold

Yet another reason why we need privacy laws. Companies collect your health data and turn it into a “risk score” which gets sold to doctors, insurers, and hospitals.

Over the past year, powerful companies such as LexisNexis have begun hoovering up the data from insurance claims, digital health records, housing records, and even information about a patient’s friends, family and roommates, without telling the patient they are accessing the information, and creating risk scores for health care providers and insurers.

There is no law against collecting and using this data.

WIN an iPhone 16 Pro Max!