@lukOlejnik Next update of Google's Chrome delivers "first-party sets". Feature bypasses single origin policy: several websites to communicate/share data/cookies/etc. Single origin policy prohibit such flows. Opens new tracking potential. #privacy #chrome
https://github.com/privacycg/first-party-sets
Mozilla opposed this change
https://github.com/privacycg/proposals/issues/17#issuecomment-641687052
The European Data Protection Supervisor (EDPS) publishes the tool Website Evidence Collector under the European Union Public License (EUPL-1.2). The tool supports the automation of privacy and personal data protection inspections of websites. The tool collects evidence of personal data processing, such as cookies, or requests to third parties.
Exclusive: Warning Over Chinese Mobile Giant #xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use
With a nice shitstorm currently going on around various "revolutionary" proposals on how to rebuild online #advertising I would like to bring back this excellent 2015 presentation that goes into technical details *why* exactly #adtech needs all this surveillance exactly https://idlewords.com/talks/what_happens_next_will_amaze_you.htm #privacy
No worries, we're fixing mobile too ¯\_(ツ)_/¯
"If Chrome fixes #privacy too fast it could break the web ... Much of the content on the web is supported by advertising revenue, and advertisers will shift to mobile apps"
EFF: BREAKING: We’ve confirmed that the Ring doorbell app on Android covertly shares personally identifiable information on its users with third-party companies, including Facebook. https://www.eff.org/deeplinks/2020/01/ring-doorbell-app-packed-third-party-trackers #amazon #privacy
Web trackers using CNAME Cloaking to bypass browsers’ ad blockers
https://portswigger.net/daily-swig/web-trackers-using-cname-cloaking-to-bypass-browsers-ad-blockers #privacy #advertising
"Algorithms and digital technologies constantly collect data and evaluate us and sometimes make life changing decisions such as credit, housing and employment. Advertisements play a crucial part in this in that they inform us about goods and services, opportunities, products or nudge us into certain behaviours."
"15.4% of the 1.3 million Android applications we analyzed, contained security-related code snippets from Stack Overflow. Out of these 97.9% contain at least one insecure code snippet." https://www.aisec.fraunhofer.de/en/stackoverflow.html #security #privacy
Client-side scanning is a new proposal of US law enforcement to combat child porn by hashing every image sent by IM clients against a database of known CP hashes. EFF discusses how this can be abused.
https://www.eff.org/deeplinks/2019/11/why-adding-client-side-scanning-breaks-end-end-encryption #privacy
"Facebook isn't neutral turf on which good ideas will naturally prevail over bad ones, John Stuart Mill-style. It's an advertising-driven business whose design deliberately promotes its own peculiar idea of "engagement." https://www.axios.com/costs-facebook-free-speech-zuckerberg-444086fb-8f91-467a-b388-936b9de10a02.html #facebook #privacy
Conveniently skips CA and other shenanigans but still interesting PoV:
"Why would Facebook or Google owe you anything? (...) You willfully used a service and generated data that wouldn’t otherwise exist. What you get in return is Facebook itself, for which you’ve not paid a nickel. (...) You’re an infinitesimally small part of a data cooperative whose benefits accrue to the very users that generated it." https://www.wired.com/story/no-data-is-not-the-new-oil/ #privacy #facebook #google
Facebook, Twitter and Alphabet’s Google have failed to provide adequate transparency for global users around political advertising on their services, a privacy advocacy group said on Tuesday.
https://www.reuters.com/article/us-tech-privacy/privacy-group-says-tech-giants-not-delivering-on-political-ads-pledges-idUSKBN1WH2NW #privacy #twitter #google #facebook
Smart TVs sending sensitive user data to Netflix and Facebook
https://amp.ft.com/content/23ab2f68-d957-11e9-8f9b-77216ebe1f17
"Ecuadorian authorities have arrested the executive of a data analytics firm after his company left the personal records of most of Ecuador's population exposed online on an internet server." #privacy Novaestrat
#Facebook “uses precise location even when you’re not using the app” #privacy https://www.theregister.co.uk/AMP/2019/09/10/facebook_location_tracking/
#facebook asked people for their mobile numbers "only for #authentication purposes", then used them for profiling, and then leaked on the web... https://techcrunch.com/2019/09/04/facebook-phone-numbers-exposed/ #privacy
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.