kravietz @kravietz@social.privacytools.io

"15.4% of the 1.3 million Android applications we analyzed, contained security-related code snippets from Stack Overflow. Out of these 97.9% contain at least one insecure code snippet." https://www.aisec.fraunhofer.de/en/stackoverflow.html #security #privacy

Client-side scanning is a new proposal of US law enforcement to combat child porn by hashing every image sent by IM clients against a database of known CP hashes. EFF discusses how this can be abused.

https://www.eff.org/deeplinks/2019/11/why-adding-client-side-scanning-breaks-end-end-encryption #privacy

"Facebook isn't neutral turf on which good ideas will naturally prevail over bad ones, John Stuart Mill-style. It's an advertising-driven business whose design deliberately promotes its own peculiar idea of "engagement." https://www.axios.com/costs-facebook-free-speech-zuckerberg-444086fb-8f91-467a-b388-936b9de10a02.html #facebook #privacy

Conveniently skips CA and other shenanigans but still interesting PoV:

"Why would Facebook or Google owe you anything? (...) You willfully used a service and generated data that wouldn’t otherwise exist. What you get in return is Facebook itself, for which you’ve not paid a nickel. (...) You’re an infinitesimally small part of a data cooperative whose benefits accrue to the very users that generated it." https://www.wired.com/story/no-data-is-not-the-new-oil/ #privacy #facebook #google

Facebook, Twitter and Alphabet’s Google have failed to provide adequate transparency for global users around political advertising on their services, a privacy advocacy group said on Tuesday.

https://www.reuters.com/article/us-tech-privacy/privacy-group-says-tech-giants-not-delivering-on-political-ads-pledges-idUSKBN1WH2NW #privacy #twitter #google #facebook

Smart TVs sending sensitive user data to Netflix and Facebook

#privacy #facebook

https://amp.ft.com/content/23ab2f68-d957-11e9-8f9b-77216ebe1f17

"Ecuadorian authorities have arrested the executive of a data analytics firm after his company left the personal records of most of Ecuador's population exposed online on an internet server." #privacy Novaestrat

#Facebook “uses precise location even when you’re not using the app” #privacy https://www.theregister.co.uk/AMP/2019/09/10/facebook_location_tracking/

#facebook asked people for their mobile numbers "only for #authentication purposes", then used them for profiling, and then leaked on the web... https://techcrunch.com/2019/09/04/facebook-phone-numbers-exposed/ #privacy

"This system behind Facebook’s $50 billion business makes it a liability for any user to “friend” another. There’s simply no way to be sure which friends will agree to surrender one’s personal information." #privacy https://gizmodo.com/alex-stamos-ex-facebook-security-chief-blames-journal-1837520235

A must see - "The Great Hack", Netflix original documentary about #facebook and Cambridge Analytica #privacy scandal

This document answers many questions about #privacy of #peertube tl;dr theoretically it's possible to determine IP watching a particular video but existing safeguards make it infeasible especially with #webtorrent https://scitech.video/about/peertube

"Brave Rewards for Android relies on SafetyNet (...) this means that Rewards only works on certain Android devices" (=devices with Google Play Services tracking enabled) https://github.com/brave/browser-android-tabs/issues/1865 #privacy #bravebrowser

"Twitter Inc said on Tuesday that it may have used data for personalized ads without a user’s permission due to issues with the microblogging website’s settings" #privacy https://www.reuters.com/article/us-twitter-data-idUSKCN1UX02O

BTW OONI saw a huge spike in measurements in KZ in July https://explorer.ooni.io/country/KZ but show no blocking nor HTTP interception #kazakhstan #mitm #censorship #privacy however per this article https://censoredplanet.org/kazakhstan it may not capture the HTTPS interception

Brave Rewards cannot on ungoogled phones I'm afraid due to heavy usage of Google proprietary SafetyNet https://github.com/brave/browser-android-tabs/issues/1865 #privacy #android

Facebook is embedding tracking data inside the photos you download https://techstartups.com/2019/07/13/facebook-embedding-tracking-data-inside-photos-download/ #privacy #facebook

Hey @write_as on your Subscribe page could you use Captcha other than Google's Recaptcha? What's the point of federation if we're still feeding all our personal details to Google... #privacy #captcha

The Reg is bashing NHS for placing Google and FB trackers on sensitive pages, but this comment nails it https://www.theregister.co.uk/2019/07/11/nhs_inform_loads_facebook_pixel_google_doubleclick_trackers/ #privacy

How to run a small social network site for your friends https://runyourown.social/ #privacy #socialmedia