Turbotodd

Ruminations on tech, the digital media, and some golf thrown in for good measure.

Archive for the ‘privacy’ Category

Facebook’s Portal Doublethink

leave a comment »

CNET is reporting that Facebook’s new home smart video assistants, Portal and Portal Plus, are now available for sale on the Portal online store, Amazon and Best Buy.

Facebook Portal Plus is selling for $349, and has 1080p HD res and a 15.6-inch screen. The $199 Portal has a 720p, 10.1-inch screen. Both serve as Alexa speakers as well as offer Facebook’s “Hey, Portal” (so original!) voice service.

Yes, Facebook’s Portal product uses Alexa service because, well, why reinvent the home assistant and copying is the sincerest form of flattery.

As for a Facebook video product being unleashed into the privacy of your home??  Well, I would have used to say read Facebook’s privacy policy with care…

A post from Facebook on privacy and security for Portal alleges the following:

  • Facebook does not listen to, view or keep the contents of your Portal video calls. This means nothing you say on a Portal video call is accessed by Facebook or used for advertising.
  • Portal video calls are encrypted, so your calls are secure.
  • Smart Camera and Smart Sound use AI technology that runs locally on Portal, not on Facebook servers. Portal’s camera doesn’t identify who you are.

And as to how they use information from Portal:

  • Portal is integrated with some of your Messenger and Facebook experiences. When you use Portal, we process the same kinds of information as when you use Facebook products on your other devices. Some of this information, including the fact that you logged into your account or how often you use a feature or app, may be used to inform the ads you see across Facebook.
  • While we don’t listen to, view or keep the contents of your Portal video calls, or use this information to target ads, we do process some device usage information to understand how Portal is being used and to improve the product.

Read the full post for more details here.

At least one technology journalist, The Wall Street Journal’s Joanna Stern, isn’t having any of it. She wrote:

I just couldn’t bring myself to set up Facebook’s camera-embedded screen in the privacy of my family’s home. Can you blame me when you look at the last 16 months?

The personal data of millions of users was accessed for political purposes without consent. Whoops. False news articles were deliberately spread across our feeds to hoax us. Whoops again. Hackers gained access to nearly 50 million accounts, the largest-ever security breach at the social network. Giant whoopsies.

However, she did go on to write that “The Portal+, with its 15.6-inch giant rotatable screen, is one of the most immersive video-chatting experiences I’ve ever had.”

Doublethink?

Written by turbotodd

November 8, 2018 at 9:33 am

Posted in 2018, privacy, video

Tagged with

Another Facebook Breach

leave a comment »

Happy Friday!

Well, depending on who you ask.

The BBC, Gizmodo, and others are reporting a new Facebook data breach, this time of private Facebook messages of at least 81,000 unfortunate souls.

It’s being reported the culprit was a Chrome Extension exploit, and is apparently not related to the more widespread September breach previously reported of 120 million Facebook accounts.

Some details:

The hackers, who may be Russian since they reached out to the BBC Russian Service, appear to have the Facebook messages of at least 81,000 people, mostly of Russians and Ukrainians, but also from people in the U.S., UK, and Brazil, according to the BBC.

“Browsers like Chrome can be very secure, but browser extensions can introduce serious gaps in their armor. The addition of browser extensions increases what is otherwise a small attack surface. Malicious extensions can be used to intercept and manipulate the data passing through the browser,” said Rick Holland, CISO of Digital Shadows, which helped the BBC analyze the breach.

As to the content of those messages:

Many of the messages are relatively benign and include simple chats about going on vacation and attending concerts. But as you’d expect, there are also more sensitive discussions, including “intimate correspondence between two lovers,” as the BBC describes it.

Hoped all 81K Facebook users whose private messages were sold!

Written by turbotodd

November 2, 2018 at 3:24 pm

Tim Cook and the Data Industrial Complex

leave a comment »

TechCrunch is reporting that Apple CEO Tim Cook has begun to basically throw down the gauntlet with respect to the global trade in digital data, suggesting that it has exploded into a “data industrial complex.”

“Our own information — from the everyday to the deeply personal — is being weaponized against us with military efficiency,” warned Cook. “These scraps of data, each one harmless enough on its own, are carefully assembled, synthesized, traded and sold.

“Taken to the extreme this process creates an enduring digital profile and lets companies know you better than you may know yourself. Your profile is a bunch of algorithms that serve up increasingly extreme content, pounding our harmless preferences into harm.”

This discussion came about as a result of a keynote speech Cook was giving to the 40th International Conference of Data Protection and Privacy Commissioners in Brussels.

Cook also addressed the issue of artificial intelligence, saying that “at its core this technology promises to learn from people individually to benefit us all. But advancing AI by collecting huge personal profiles is laziness, not efficiency.”

“For artificial intelligence to be truly smart it must respect human values — including privacy. If we get this wrong, the dangers are profound. We can achieve both great artificial intelligence and great privacy standards. It is not only a possibility — it is a responsibility.”

I find it fascinating that Cook tied up AI and privacy. He’s clearly looking well ahead to where some of the next major digital battlegroups are likely to take place, and the raw horsepower AI could bring to privacy violations.

Cook went on to say that Apple is “in full support of a comprehensive, federal privacy law in the United States.

He argued that a U.S. privacy law should prioritize four things:

  1. Data minimization — “the right to have personal data minimized”, saying companies should “challenge themselves” to de-identify customer data or not collect it in the first place
  2. Transparency — “the right to knowledge”, saying users should “always know what data is being collected and what it is being collected for, saying it’s the only way to “empower users to decide what collection is legitimate and what isn’t”. “Anything less is a shame,” he added
  3. The right to access — saying companies should recognize that “data belongs to users”, and it should be made easy for users to get a copy of, correct and delete their personal data
  4. The right to security — saying “security is foundational to trust and all other privacy rights”

Over the past several years, Apple has positioned itself as a protector of digital privacy rights. However, it should be noted that  Apple is also far less dependent on digital advertising revenue as are other key players in the tech space (Google, Facebook, Amazon, etc.)

Written by turbotodd

October 24, 2018 at 11:49 am

Bigger, Better, Badder Pixels

leave a comment »

Well, uh, that was awkward. 

Just a day after Google had to come clean about its Google+ privacy debacle (and announced the imminent demise of G+ for consumers once and for all), Google announced some new members of its hardware family.

I’m an iPhone guy, but I did purchase a Google Pixelbook chromebook earlier this year that I’ve been very happy with, so at minimum I wanted to pass along the speeds and feeds from yesterday’s Google Pixel 3/XL Android smartphone announcements.

The Verge has this tight breakdown:

The Pixel 3 starts at $799 for 64GB, with the 3 XL costing $899. Add $100 to either for the 128GB storage option. That’s a $150 and $50 premium over last year’s models, respectively.. Core specs for both include a Snapdragon 845, 4GB RAM (there’s no option for more), Bluetooth 5.0, and front-facing stereo speakers. Also inside is a new Titan M security chip, which Google says provides “on-device protection for login credentials, disk encryption, app data, and the integrity of the operating system.” Preorders for both phones begin today, and buyers will get six months of free YouTube Music service. The Pixels will officially launch on October 18th.

The Pixel 3 and 3 XL both feature larger screens than last year’s models thanks to slimmed down bezels — and the controversial notch in the case of the bigger phone. The 3 XL has a 6.3-inch display (up from six inches on the 2 XL), while the regular 3 has a 5.5-inch screen (up from five inches). Overall, though, the actual phones are very similar in size and handling to their direct predecessors.

And Google’s own blog post explains how the Pixel 3 will help you keep from talking to those undesirable humans you’re trying to avoid:

…Starting out in English in the U.S., Pixel 3’s on-device AI helps you screen phone calls and avoid spam calls. Imagine you’re at dinner with family or in a meeting at work and a call from an unknown caller comes in. Just tap on “Screen call” to find out who’s calling and why, as well as other information (as prompted by you). You’ll immediately see a transcript of the caller’s responses so that you can then decide whether to pick up, respond by tapping a quick reply (e.g., “I’ll call you back later”), or mark the call as spam and dismiss. Processing the call details on-device means these experiences are fast, private to you, and use up less battery.

Second, Pixel users in the U.S. will be the first to get access to an experimental new Google Assistant feature, powered by Duplex technology, which helps you complete real-world tasks over the phone, like calling a restaurant to book a table. This feature will initially be available later this year in New York, Atlanta, Phoenix and the San Francisco Bay Area to help people book restaurant reservations and will roll out to other U.S. cities in the future.

Because why talk to even yet another human to make a restaurant reservation when your Google Assistant can do all the work?

Written by turbotodd

October 10, 2018 at 9:44 am

Posted in 2018, google, privacy, smartphone

Tagged with ,

Google Hides A Bug

leave a comment »

Happy Monday.

If it’s Monday, it must be a security and/or privacy breach day!

In today’s privacy cluster—— spotlight, The Wall Street Journal informs us that Google exposed the private data of hundreds of thousands of users of the Google+ social network — and then opted not to disclose the issue this past spring.

According to the story, the company did so “in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage.”

This from the very same company that refused to send a very senior executive to the recent tech hearings on Capitol Hill (as opposed to Facebook and Twitter, who sent their COO and CEO, respectively).

Here’s the rundown on the core of the technical glitch and failed response:

A software glitch in the social site gave outside developers potential access to private Google+ profile data between 2015 and March 2018, when internal investigators discovered and fixed the issue, according to the documents and people briefed on the incident. A memo reviewed by the Journal prepared by Google’s legal and policy staff and shared with senior executives warned that disclosing the incident would likely trigger “immediate regulatory interest” and invite comparisons to Facebook’s leak of user information to data firm Cambridge Analytica….

….The internal memo from legal and policy staff says the company has no evidence that any outside developers misused the data but acknowledges it has no way of knowing for sure. The profile data that was exposed included full names, email addresses, birth dates, gender, profile photos, places lived, occupation and relationship status; it didn’t include phone numbers, email messages, timeline posts, direct messages or any other type of communication data, one of the people said.

The PII crown jewels, if you will.  

In response, Alphabet, Google’s parent company, is going to announce “a sweeping set of data privacy measures that include permanently shutting down all consumer functionality of Google+.”

To which millions of tech geeks like myself around the globe publicly ponder, “Is Google+ even still a thing?!!”

So you think that Google search history of yours that you wouldn’t want your spouse or closest friends and colleagues to see is still safe?!!

Think again.

Want to send Serge and Larry and the gang a message?  Go to the following page and delete your entire Google history:

https://myactivity.google.com/delete-activity

Written by turbotodd

October 8, 2018 at 1:18 pm

Posted in 2018, google, privacy

Tagged with , ,

Back to School

leave a comment »

Fake IDs are about to go the way of the mullet.

Well, at least real fake IDs — you know, the ones with that picture that made one look as old as possible but which would hardly survive a TSA check circa 2018.

I’m talking about Apple’s new partnership for a contactless ID card introduced in iOS 12 and watchOS5, which will allow students at Duke University, University of Alabama, and the University of Oklahoma to access dorms, dining halls, library, the gym, and also pay for bookstore supplies, laundry usage, and even restaurant meals.

Using the Apple Wallet and contactless NFC readers, as well as the Apple Wallet, students simply need hold their device near a card reader to unlock a door.

The new high tech ID cards certainly have benefits in terms of safety and convenience, but one has to wonder what are the implications of privacy, and how can all that digital campus data potentially be used or misused.

Meanwhile, be aware that if you’re traveling to New Zealand, a new law that went into effect yesterday, the Customs and Excise Act 2018, could require you to provide access (via password, pin-code, or fingerprint) to your electronic devices if officials have a “reasonable suspicion of wrongdoing.”

According to a story from RNZ, customs officials will examine one’s phone while it’s in flight mode (and not the cloud), but that for those who refuse, they could face fines up to $5,000 and confiscation of one’s device.

Privacy and due process issues abound…what constitutes “reasonable suspicion” and how does one challenge whether or not it is, in fact, reasonable.

So how long before we’re all chipped so we can be monitored everywhere, at all times, with no privacy whatsoever?

It could be sooner than you think.

Written by turbotodd

October 2, 2018 at 9:25 am

Posted in 2018, digital identity, privacy

Tagged with , ,

Didja Delete Your Facebook Yet?

leave a comment »

People around the globe are having a crisis of conscience.

Do I delete my Facebook account or do I not?

Even Hamlet didn’t have to contend with such an existential crisis.

Get a grip and some perspective, people.  Take a deep breath, and…one….hold…and two….

And then, if you’re really, really concerned about whether or not the privacy trade-off is worth keeping up with the virtual Joneses, Techpinions did some fast research of 1,000 Americans about their feelings and actions re: Facebook post-Cambridge Analytica;

The big takeaways:

  • 17% of respondents said they deleted the Facebook app from their phone over privacy concerns
  • 35% said they were using Facebook less than they used to over the privacy issue
  • 39% said they were “very aware” of the Cambridge Analytica scandal, while 37% said they were “somewhat aware.”
  • 9% reported deleting their Facebook account altogether

So, according to that report, nearly 1 in 10 have said “sayonara” to Facebook. 

For those who stayed, there’s the issue of perhaps exerting more usage of Facebook’s already-extensive privacy controls.  

Facebook VP of global marketing solutions, Carolyn Everson, spoke at The Wall Street Journal CEO Council in London, and indicated that “we have not seen wild changes in behavior with people saying I’m not going to share any data with Facebook anymore,” and that Facebook users largely haven’t changed their privacy settings in the past four weeks since the Cambridge story broke.

If you don’t want to break up with Facebook, but you’d like to exert more control of how your information is used there, check out this guidance from ZDNet.

It’s like getting your PhD in Facebook privacy!

Written by turbotodd

April 13, 2018 at 9:49 am

Posted in 2018, facebook, privacy

Tagged with , ,

%d bloggers like this: