Turbotodd

Ruminations on tech, the digital media, and some golf thrown in for good measure.

Archive for the ‘data security’ Category

Grindr Reveals HIV Status, Location Data to Third Parties

leave a comment »

The privacy morasse plot thickens.

BuzzFeed reported yesterday via an independent data analysis by an outside research firm that show popular gay dating app is sharing its users’ HIV status with two outside companies.

The gay hookup app Grindr, which has more than 3.6 million daily active users across the world, has been providing its users’ HIV status to two other companies, BuzzFeed News has learned.

The two companies — Apptimize and Localytics, which help optimize apps — receive some of the information that Grindr users choose to include in their profiles, including their HIV status and “last tested date.”

Because the HIV information is sent together with users’ GPS data, phone ID, and email, it could identify specific users and their HIV status, according to Antoine Pultier, a researcher at the Norwegian nonprofit SINTEF, which first identified the issue.

If the Nixonian saying was “It’s not the cover up but the crime,” perhaps the 21st century privacy counterpart should be along the lines of, “It’s not the first use of the information, it’s the unintended third party use.”

As BuzzFeed’s article points out, Grindr is a unique place for openness about one’s HIV status, but to have that information shared with third parties that an individual was never notified about…that’s a safety risk, and one that should whose mitigation should best be left with the individual and not Grindr.

George Orwell’s not only spinning in his grave, he’s doing triple axels in multiples of three at a time.

Privacy may not be dead, but it sure has taken a beating in the first three months of 2018. 

Written by turbotodd

April 3, 2018 at 9:33 am

Posted in 2018, data security, privacy

Tagged with ,

A Pixel at a Time

leave a comment »

You know that whole Yahoo! data breach thing, the one where the company late last year revealed that a 2013 hack exposed the private information of over 1 billion users…yeah, well, Verizon (which bought Yahoo!, has revised the impact of the breach, suggesting that it impacted all 3 billion of its users.

While you get your head around that, a friendly reminder that former Equifax CEO Richard Smith testified on Capitol Hill yesterday before the House Energy and Commerce Committee.

On September 7, Equifax announced it had suffered a massive cyber breach in which the Social Security numbers, names, birthdates, and addresses of 145.5 million Americans were stolen.

How did Smith explain the hack? Equifax had learned of a weak spot in the Apache Struts software in a key computer system back in March, but never patched it. Smith then laid blame on a faulty scanner and a single Equifax staffer responsible for mishandling patches.

In a company of 9,900 employes, a single individual person was in charge of its patching process.

According to a C|NET report of the testimony, several House committee members suggested federal laws to regulate credit monitoring companies like Equifax.

Don’t hold your breath.

But if you do, let it go starting around 12 EST today, especially if you’re an Android, because Google is hosting an announcement event with news on the Android, smartphone, Chromebook, and related fronts.

Gizomodo’s sneak peak suggests that new Pixel 2 and Pixel 2 XL smartphones will be on offer. Also rumoured, a new Google Home Mini (think Google’s version of the Echo Dot) as well as a pricey Google “Pixelbook” that is expected to have a $99 optional Pixelbook Pen and a 360-degree hinge that allows the device to morph instantly into a tablet.

There’s also talk of a new Daydream VR headset, and possibly even more support for the increasingly popular Google Assistant.

The clock is ticking…you can follow the action starting at 9 AM PDT on The Verge.

Written by turbotodd

October 4, 2017 at 10:10 am

%d bloggers like this: