Loss of Privacy

Keeping you informed on recent losses to privacy and civil rights worldwide.

favorite-website-spying-on-you

a glut of companies are lurking in the shadows of the Internet, gathering your data to sell it to anyone who’s willing to pay the price. These so-called “data brokers” can easily follow your digital trail by using your browser cookies and other ingenious tracking methods.

And it’s not just general statistics, demographics, or overall trends that they’re selling. Many data brokers sell dossiers on individuals, complete profiles that include your name and personal information, without your knowledge or consent. These dossiers can include sensitive information such as medical history, political and religious affiliations, and sexual orientation.

There are no regulations for companies such as these. If you want to keep your personal data private and not let anonymous companies bid over it, you have to take matters into your own hands to block their efforts.

Source.

flattr this!

As a parent Adam Sheffield says he worries about his Xbox Kinect being capable of spying on his family in their home, “It recognizes him when he enters the room and says “Hi.” The question a lot of people have, what’s that data being used for?”

Sheffield is a Cyber Security Program Manager and he says there is a good reason to be worried, “You should assume anything that can connect to internet – push info out, is a source of collection.”

And this applies to more than just gaming devices – computers, TV’s, cellphones – anything online. “When you download an app you give them permission to access phone book, camera, microphone. Could they go in and turn on your camera and microphone? They could. Are they? I am not quite sure.”

Experts say go into your privacy settings and make it as private as possible, but there’s no promise it’s fool proof. Make sure to change your password from the default and decide how many devices online you actually need.

“Develop a personal threshold with what you are comfortable sharing with. As for my son, we put a sticker over the camera unless he is using it. Not that we are paranoid or anything,” says Sheffield.

Source.

flattr this!

A new Barbie doll has been designed to record and store conversations it has with children. The recordings will be analyzed by researchers who say they will use the data to make the toy’s responses more complete.

“Whatever we come away with as our first blush attempt at the conversations, we’ll see what kids want to talk about or not. We’ll take our honest best guess at that and then see what comes back, and then that will change and evolve over time as those conversations happen between individual children and Barbie dolls,” Oren Jacob, CEO of ToyTalk said in a recent statement.

However, security experts have raised concerns about how else that information could be used.

“It wouldn’t take much for a malicious individual to intercept either the wi-fi communications from the phone or tablet, or connect to the doll over Bluetooth directly. These problems aren’t difficult to solve; the manufacturer needs to check the phone application carefully to make sure it’s secure. They also need to check that any information sent by the doll to their online systems is protected,” Ken Munro, a security researcher at Pen Test Partners said.

The company responded to these concerns with a statement, saying that:

“While we’re familiar with the Cayla doll and with what happened in terms of a privacy breach, Hello Barbie is fundamentally different on many levels. As with all of ToyTalk’s products–we started with apps for kids–online privacy and security is of utmost importance. That’s why we ask for parental consent and agreement to use their kids’ speech, anonymously, to add to our database in order to increase Barbie’s conversational capabilities. To address the issue of being able to intercept the wi-fi communications or connect Barbie via Bluetooth, all communications take place over a secured TLS (HTTPS) network and it’s not possible to connect her via Bluetooth. Further Barbie connects directly to ToyTalk servers–not via an outside app with local data stored on it. And no back doors are being added to the app, to further avoid access issues.”

The problem they are not addressing is that they will be recording the conversations of children. Children do not have a fully functioning filter to know what they should and should not be talking about to what is a stranger. They don’t know who will be listening to them or what is going to happen with those conversations.

Children also have a habit of telling their dolls, stuffed animals and figurines confidential stuff they do not wish to share with anyone else.

This is yet another example of surveillance microphones attempting to get their foot in the door to our homes. We already have to be leery of Xbox Kinect, Amazon Echo, Samsung Smart TV and everything else listed in the Internet of Things.

flattr this!

Known as Stingrays, the FBI has admitted to using cell phone towers to track you. Their usual response includes they must do this to catch terrorists, pedophiles and missing children.

The press conference actually occurred back in October, but the video didn’t surface until this weekend and hadn’t been reported on until the Charlotte Observer’s excellent investigation into the use of Stingrays by local police was published on Sunday.

Stingrays work by allowing police to track the movement of a suspect, and are often used without a warrant, which was recently declared unconstitutional by the Florida Supreme Court.

Comey also said that the agency has “nothing to hide” from “good people,” but that secrecy is important if Stingrays are going to be effective. Comey doesn’t note, however, that, in trying to track down any one “bad person,” the agency law enforcement necessarily tracks the locations of everyone within a wide geographic radius, thanks to the way the technology works.

The ACLU, meanwhile, has said that every year, millions of good people are getting wrapped up in a surveillance dragnet they didn’t ask to be involved in.

“The devices wrap up innocent people, which looks like a dragnet search that’s not legal under the Fourth Amendment,” Nate Wessler, a staff attorney for the ACLU, recently told me. “Even if they’re tracking a specific suspect, they’re getting info about every bystander. That’s a concern.”

flattr this!

Security of users’ passwords should be at the forefront of every web developer’s mind. Tom takes us through the insecure ways in which some websites deal with passwords.

flattr this!