aggregator

Trump Administration Unveils Order To Prioritize and Promote AI

Slashdot - Your Rights Online - Pn, 2019-02-11 16:44
U.S. President Donald Trump on Monday will sign an executive order asking federal government agencies to dedicate more resources and investment into research, promotion and training on artificial intelligence (AI), Reuters reports, citing a senior administration official said. From the report: Under the American AI Initiative, the administration will direct agencies to prioritize AI investments in research and development, increase access to federal data and models for that research and prepare workers to adapt to the era of AI. There was no specific funding announced for the initiative, the administration official said on a conference call, adding that it called for better reporting and tracking of spending on AI-related research and development. The initiative aims to make sure the United States keeps its research and development advantage in AI and related areas, such as advanced manufacturing and quantum computing. Trump, in his State of the Union speech last week, said he was willing to work with lawmakers to deliver new and important infrastructure investment, including investments in the cutting-edge industries of the future, calling it a "necessity."

Read more of this story at Slashdot.

How Hackers and Scammers Break Into iCloud-Locked iPhones

Slashdot - Your Rights Online - N, 2019-02-10 17:15
Motherboard's Joseph Cox and Jason Koebler report of the underground industry where thieves, coders, and hackers work to remove a user's iCloud account from a phone so that they can then be resold. They reportedly are able to do this by phishing the phone's original owners, or scam employees at Apple Stores, which have the ability to override iCloud locks. The other method (that is very labor intensive and rare) involves removing the iPhone's CPU from the Logic Board and reprogramming it to create what is essentially a "new" device. It is generally done in Chinese refurbishing labs and involves stealing a "clean" phone identification number called an IMEI. Here's an excerpt from their report: Making matters more complicated is the fact that not all iCloud-locked phones are stolen devices -- some of them are phones that are returned to telecom companies as part of phone upgrade and insurance programs. The large number of legitimately obtained, iCloud-locked iPhones helps supply the independent phone repair industry with replacement parts that cannot be obtained directly from Apple. But naturally, repair companies know that a phone is worth more unlocked than it is locked, and so some of them have waded into the hacking underground to become customers of illegal iCloud unlocking companies. In practice, "iCloud unlock" as it's often called, is a scheme that involves a complex supply chain of different scams and cybercriminals. These include using fake receipts and invoices to trick Apple into believing they're the legitimate owner of the phone, using databases that look up information on iPhones, and social engineering at Apple Stores. There are even custom phishing kits for sale online designed to steal iCloud passwords from a phone's original owner. [...] There are many listings on eBay, Craigslist, and wholesale sites for phones billed as "iCloud-locked," or "for parts" or something similar. While some of these phones are almost certainly stolen, many of them are not. According to three professionals in the independent repair and iPhone refurbishing businesses, used iPhones -- including some iCloud-locked devices -- are sold in bulk at private "carrier auctions" where companies like T-Mobile, Verizon, Sprint, AT&T, and cell phone insurance providers sell their excess inventory (often through third-party processing companies.)

Read more of this story at Slashdot.

Trump's Border Wall Could Split SpaceX's Texas Launchpad In Two

Slashdot - Your Rights Online - N, 2019-02-10 15:34
An anonymous reader quotes the Los Angeles Times A launchpad on the U.S.-Mexico border, which it plans to use for rockets carrying humans around the world and eventually to Mars, could be split in two by the Trump administration's planned wall... Lawmakers said they were concerned about the effect on the company's 50-acre facility after seeing a Department of Homeland Security map showing a barrier running through what they described as a launchpad... James Gleeson, a SpaceX spokesman, declined to provide details on how the fence would affect the facility. "The Department of Homeland Security and U.S. Customs and Border Protection recently requested SpaceX permit access to our South Texas Launch site to conduct a site survey," he said in a statement. "At this time, SpaceX is evaluating the request and is in communication with DHS to further understand their plans...." Musk is working on a new, more powerful vehicle known as Starship to eventually ferry humans to Mars. SpaceX recently announced that it would test the Starship test vehicle at the site in south Texas.

Read more of this story at Slashdot.

Should All Government IT Systems Be Using Open Source Software?

Slashdot - Your Rights Online - N, 2019-02-10 10:34
Writing at Linux Journal, Glyn Moody reports that dozens of government IT systems are switching to open source software. "The fact that this approach is not already the norm is something of a failure on the part of the Free Software community..." One factor driving this uptake by innovative government departments is the potential to cut costs by avoiding constant upgrade fees. But it's important not to overstate the "free as in beer" element here. All major software projects have associated costs of implementation and support. Departments choosing free software simply because they believe it will save lots of money in obvious ways are likely to be disappointed, and that will be bad for open source's reputation and future projects. Arguably as important as any cost savings is the use of open standards. This ensures that there is no lock-in to a proprietary solution, and it makes the long-term access and preservation of files much easier. For governments with a broader responsibility to society than simply saving money, that should be a key consideration, even if it hasn't been in the past.... Another is transparency. Recently it emerged that Microsoft has been gathering personal information from 300,000 government users of Microsoft Office ProPlus in the Netherlands, without permission and without documentation. He includes an inspiring quote from the Free Software Foundation Europe about code produced by the government: "If it is public money, it should be public code as well. But when it comes to the larger issue about the general usage of proprietary vs. non-proprietary software -- what do Slashdot's readers think? Should all government IT systems be using open source software?

Read more of this story at Slashdot.

83% Of Consumers Believe Personalized Ads Are Morally Wrong

Slashdot - Your Rights Online - N, 2019-02-10 04:34
An anonymous reader quotes Forbes: A massive majority of consumers believe that using their data to personalize ads is unethical. And a further 76% believe that personalization to create tailored newsfeeds -- precisely what Facebook, Twitter, and other social applications do every day -- is unethical. At least, that's what they say on surveys. RSA surveyed 6,000 adults in Europe and America to evaluate how our attitudes are changing towards data, privacy, and personalization. The results don't look good for surveillance capitalism, or for the free services we rely on every day for social networking, news, and information-finding. "Less than half (48 percent) of consumers believe there are ethical ways companies can use their data," RSA, a fraud prevention and security company, said when releasing the survey results. Oh, and when a compan y gets hacked? Consumers blame the company, not the hacker, the report says.

Read more of this story at Slashdot.

'Why Data, Not Privacy, Is the Real Danger'

Slashdot - Your Rights Online - So, 2019-02-09 20:34
"While it's creepy to imagine companies are listening in to your conversations, it's perhaps more creepy that they can predict what you're talking about without actually listening," writes an NBC News technology correspondent, arguing that data, not privacy, is the real danger. Your data -- the abstract portrait of who you are, and, more importantly, of who you are compared to other people -- is your real vulnerability when it comes to the companies that make money offering ostensibly free services to millions of people. Not because your data will compromise your personal identity. But because it will compromise your personal autonomy. "Privacy as we normally think of it doesn't matter," said Aza Raskin, co-founder of the Center for Humane Technology [and a former Mozilla team leader]. "What these companies are doing is building little models, little avatars, little voodoo dolls of you. Your doll sits in the cloud, and they'll throw 100,000 videos at it to see what's effective to get you to stick around, or what ad with what messaging is uniquely good at getting you to do something...." With 2.3 billion users, "Facebook has one of these models for one out of every four humans on earth. Every country, culture, behavior type, socio-economic background," said Raskin. With those models, and endless simulations, the company can predict your interests and intentions before you even know them.... Without having to attach your name or address to your data profile, a company can nonetheless compare you to other people who have exhibited similar online behavior... A professor at Columbia law school decries the concentrated power of social media as "a single point of failure for democracy." But the article also warns about the dangers of health-related data collected from smartwatches. "How will people accidentally cursed with the wrong data profile get affordable insurance?"

Read more of this story at Slashdot.

Hundreds Rally For Their Right To Not Vaccinate Their Children

Slashdot - Your Rights Online - So, 2019-02-09 17:34
CBS News reports that as Washington state confronts a measles outbreak which has sickened at least 56 people, "hundreds rallied to preserve their right not to vaccinate their children." They packed a public hearing for a new bill making it harder for families to opt out of vaccination requirements, reports The Washington Post: An estimated 700 people, most of them opposed to stricter requirements, lined up before dawn in the cold, toting strollers and hand-lettered signs, to sit in the hearing.... The Pacific Northwest is home to some of the nation's most vocal and organized anti-vaccination activists. That movement has helped drive down child immunizations in Washington, as well as in neighboring Oregon and Idaho, to some of the lowest rates in the country, with as many as 10.5 percent of kindergartners statewide in Idaho unvaccinated for measles. That is almost double the median rate nationally.... One activist who spoke Friday, Mary Holland, who teaches at New York University law school and said her son has a vaccine-related injury, warned lawmakers that if the bill passes, many vaccine opponents will "move out of the state, or go underground, but they will not comply." The sponsor of a similar bill in Oregon says that anti-vaxxers "have every right to make a bad decision in the health of their child, but that does not give them the right to send an unprotected kid to public school. So if they want to homeschool their kid and keep them out of other environments, that's their decision." But there are still 17 U.S. states that allow "personal or philosophic exemptions to vaccination requirements," reports the Post, "meaning virtually anyone can opt out." (Though some states are now considering changes.) "The enablers are state legislators in those states, that have allowed themselves to be played," complains Dr. Peter Hotez, a co-director of the Texas Children's Hospital Center for Vaccine Development at Baylor College of Medicine in Houston. The World Health Organization estimates that measles vaccines have saved over 21 million lives since 2000. But last year in the European region's population of nearly 900 million people, at least 82,600 people contracted measles, reports Reuters. "Of those, 72 cases were fatal."

Read more of this story at Slashdot.

Amazon's Home Security Company Is Turning Everyone Into Cops

Slashdot - Your Rights Online - So, 2019-02-09 01:20
An anonymous reader quotes a report from Motherboard: Neighbors is not just a social media app: it's a service that's meant to be used with Ring security cameras, a Wi-Fi-powered home security company that was acquired by Amazon last February in a $1 billion deal. Neighbors was launched in May 2018, three months after the acquisition. If you have Ring security cameras, you can upload video content straight from your security camera to Neighbors. [...] Beyond creating a "new neighborhood watch," Amazon and Ring are normalizing the use of video surveillance and pitting neighbors against each other. Chris Gilliard, a professor of English at Macomb Community College who studies institutional tech policy, told Motherboard in a phone call that such a "crime and safety" focused platforms can actively reinforces racism. In Amazon's version of a "new neighborhood watch," petty crimes are policed heavily, and racism is common. Video posts on Neighbors disproportionately depict people of color, and descriptions often use racist language or make racist assumptions about the people shown. In many ways, the Neighbors/Ring ecosystem is like a virtual gated community: people can opt themselves in by downloading the Neighbors app, and with a Ring camera, users can frame neighbors as a threat. Motherboard individually reviewed more than 100 user-submitted posts in the Neighbors app between December 6 and February 5, and the majority of people reported as "suspicious" were people of color. Motherboard placed the "home" address at the VICE offices in Williamsburg, Brooklyn and kept the default 5-mile neighborhood radius, meaning the neighborhood encompassed all of lower Manhattan, most of Brooklyn, and parts of Queens and Hoboken. According to the Ring Community Guidelines, the Neighbors app bans "direct threats against any individuals, bullying, harassment, and any posts that demean, defame, or discriminate," but it relies on Neighbors users to report posts that violate that rule. The guidelines also claim that only "crime and safety related content" is allowed. The guidelines do not define what qualifies as "safety," but they do encourage users to "consider the behavior that made you suspicious and whether such suspicion is reasonable." When asked if Ring moderates content on Neighbors or reviews posts for racism, a company spokesperson said, "The Neighbors app by Ring is meant to facilitate this collaboration within communities by allowing users to easily share and communicate with their neighbors and in some cases, local law enforcement, about crime and safety in real-time."

Read more of this story at Slashdot.

Attacking a Pay Wall That Hides Public Court Filings

Slashdot - Your Rights Online - Pt, 2019-02-08 16:01
The federal judiciary has built an imposing pay wall around its court filings, charging a preposterous 10 cents a page for electronic access to what are meant to be public records. A pending lawsuit could help tear that wall down. From a report: The costs of storing and transmitting data have plunged, approaching zero. By one estimate, the actual cost of retrieving court documents, including secure storage, is about one half of one ten-thousandth of a penny per page. But the federal judiciary charges a dime a page to use its service, called Pacer (for Public Access to Court Electronic Records). The National Veterans Legal Services Program and two other nonprofit groups filed a class action in 2016 seeking to recover what they said were systemic overcharges. "Excessive Pacer fees inhibit public understanding of the courts and thwart equal access to justice, erecting a financial barrier that many ordinary citizens are unable to clear," they wrote. The suit accuses the judicial system of using the fees it charges as a kind of slush fund, spending the money to buy flat-screen televisions for jurors, to finance a study of the Mississippi court system and to send notices in bankruptcy proceedings.

Read more of this story at Slashdot.

Australia Parliamentary Network Hacked In Possible Foreign Government Attack

Slashdot - Your Rights Online - Pt, 2019-02-08 15:00
An anonymous reader quotes a report from The Sydney Morning Herald: National security agencies are continuing to scour the Parliament's computer network for threats to MPs' data after what is being described as a "sophisticated" hack attack that could be the work of a foreign government. Alastair MacGibbon, head of the Australian Cyber Security Centre, said the government's cyber experts would work over coming days and weeks to make sure all the breaches had been detected and the hackers' presence removed. The hacking comes just three months ahead of the federal election, prompting fears that if MPs emails or data were stolen they could be used to cause political interference of the style Russia perpetrated against the United States in the 2016 presidential campaign. Sources said the fact that Parliament had significantly upgraded its cyber defense since an attack by Chinese intelligence agencies in 2011 suggested the latest hackers were highly skilled, potentially pointing to a foreign government. Mr MacGibbon stressed it was too early to say who was behind the attack but said this part of the investigation. The network is used by all MPs, including ministers. House Speaker Tony Smith and Senate President Scott Ryan said in a joint statement there was "no evidence that any data has been accessed or taken at this time, however this will remain subject to ongoing investigation." They said they had no evidence the hack was an effort to "influence the outcome of parliamentary processes or to disrupt or influence electoral or political processes."

Read more of this story at Slashdot.

Google Warns News Sites May Lose 45 Percent of Traffic If EU Passes Its Copyright Reform

Slashdot - Your Rights Online - Pt, 2019-02-08 12:00
Google's SVP of Global Affairs, Kent Walker, laid out Google's opposition to the EU's highly contested copyright reform rules. "Google warns Article 11 and Article 13 could have catastrophic effects on the creative economy in Europe by hampering user uploads and news sharing," reports The Next Web. From the report: Article 11 in its current form will limit news aggregators' abilities to show snippets of articles. According to Google's own experiments, the impact of it only showing URLs, very short fragments of headlines, and no preview images would be a "substantial traffic loss to news publishers." "Even a moderate version of the experiment (where we showed the publication title, URL, and video thumbnails) led to a 45 percent reduction in traffic to news publishers," Walker explained. "Our experiment demonstrated that many users turned instead to non-news sites, social media platforms, and online video sites -- another unintended consequence of legislation that aims to support high-quality journalism." "Article 11, called the 'link tax' by opponents, requires anyone who copies a snippet of text from a publisher's articles to have a license to do so," reports ZDNet. "Article 13 demands that online platforms filter and block uploads of copyright-infringing material." The European Parliament approved Article 11 and Section 13 in September. The finalized version may be passed in March or April of this year.

Read more of this story at Slashdot.

Ex-Cons Create 'Instagram For Prisons,' and Wardens Are Fine With That

Slashdot - Your Rights Online - Pt, 2019-02-08 04:50
Bloomberg's Olivia Carville writes about three apps that are offering a cheaper way for families to connect with incarcerated loved ones. Here's an excerpt from her report: Pigeonly and its ilk have hit on a communication model -- a necessarily inelegant one -- that meets inmates' desire for a more tangible connection while serving the social-media habits of their loved ones. One of the apps, Flikshop, has been affectionately dubbed the "Instagram for prisons." It's an imperfect metaphor perhaps, but the app is the closest thing to the social network in prison, and Flikshop postcards are pinned up on cell walls across the U.S. Beyond giving prisoners an easier, cheaper and more fulfilling way to communicate, the men who started these apps also want to make inmates less likely to re-offend because they see there's a life to be lived on the outside. Decades of research show that recidivism rates fall when prisoners are in regular contact with family. Criminal justice advocacy groups and rehabilitation non-profits have already started using the apps to make the prison population aware of their services. Frederick Hutson, 34, started Pigeonly, Inc. in 2013, fresh from a five-year stint in federal prison for drug trafficking. "I saw first-hand how difficult and expensive it was to stay in touch," Hutson says. "I also saw how much of an impact that made on the person behind bars. I would see the guys that had the financial means to stay in touch and when they left prison I would hear that they were doing well, but those who didn't have the support network on the outside -- I'd see them coming back in." Pigeonly -- named for the pigeon post services of wartime fame -- wants to become a bridge between those who live in a digital world and those who are imprisoned in an analog one. Customers subscribe to the app for a monthly fee, ranging from $7.99 to $19.99, in order to send photos and messages and have access to cheaper online phone rates. Pigeonly has 20 full-time staff, half of whom were previously incarcerated themselves. Every day, they send up to 4,000 mail orders into county, state and federal penitentiaries across the country.

Read more of this story at Slashdot.

NCTA Asks For Net Neutrality Law Allowing Paid Prioritization

Slashdot - Your Rights Online - Pt, 2019-02-08 03:30
DarkRookie2 shares a report from Ars Technica: Cable industry chief lobbyist Michael Powell today asked Congress for a net neutrality law that would ban blocking and throttling but allow Internet providers to charge for prioritization under certain circumstances. Powell -- a Republican who was FCC chairman from 2001 to 2005 and is now CEO of cable lobby group NCTA -- spoke to lawmakers today at a Communications and Technology subcommittee hearing on net neutrality. Powell said there is "common ground around the basic tenets of net neutrality rules: There should be no blocking or throttling of lawful content. There should be no paid prioritization that creates fast lanes and slow lanes, absent public benefit. And, there should be transparency to consumers over network practices." Despite Powell's claim of "common ground," his statement on paid prioritization illustrates a divide between the broadband industry and proponents of net neutrality rules. Obama-era Federal Communications Commission rules banned paid prioritization as well as blocking and throttling, while Trump's FCC overturned the ban on all three practices. Net neutrality advocates are trying to restore those rules in full in a court case against the FCC, and any net neutrality law proposed by Democrats in Congress would likely mirror the Obama-era FCC rules. Republican lawmakers are preparing legislation that would impose weaker rules. The report notes that Powell's proposal for paid prioritization is full of caveats: "There should be no paid prioritization that creates fast lanes and slow lanes, absent public benefit." "His testimony to Congress didn't explain how ISPs can charge online services for prioritization without dividing Internet access into fast lanes and slow lanes, and his statement seems to indicate that slow lanes would be allowed as long as the paid prioritization creates some 'public benefit,'" reports Ars. "How 'public benefit' would be defined or who would determine which paid priority schemes benefit the public are not clear."

Read more of this story at Slashdot.

Apple Tells App Developers To Disclose Or Remove Screen Recording Code

Slashdot - Your Rights Online - Pt, 2019-02-08 02:50
An anonymous reader quotes a report from TechCrunch: Apple is telling app developers to remove or properly disclose their use of analytics code that allows them to record how a user interacts with their iPhone apps -- or face removal from the app store, TechCrunch can confirm. In an email, an Apple spokesperson said: "Protecting user privacy is paramount in the Apple ecosystem. Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity." "We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary," the spokesperson added. It follows an investigation by TechCrunch that revealed major companies, like Expedia, Hollister and Hotels.com, were using a third-party analytics tool to record every tap and swipe inside the app. We found that none of the apps we tested asked the user for permission, and none of the companies said in their privacy policies that they were recording a user's app activity. Even though sensitive data is supposed to be masked, some data -- like passport numbers and credit card numbers -- was leaking.

Read more of this story at Slashdot.

Green New Deal Bill Aims To Move US To 100 Percent Renewable Energy, Net-Zero Emissions

Slashdot - Your Rights Online - Pt, 2019-02-08 00:50
An anonymous reader quotes a report from Ars Technica: On Thursday morning, NPR posted a bill drafted by Representative Alexandria Ocasio-Cortez (D-NY) advocating for a Green New Deal -- that is, a public works bill aimed at employing Americans and reducing greenhouse gas emissions in the face of climate change. A similar version of the bill is expected to be introduced in the Senate by Senator Ed Markey (D-Mass.). The House bill opens by citing two recent climate change reports: an October 2018 report from the Intergovernmental Panel on Climate Change and a heavily peer-reviewed report released in November 2018 by a group of U.S. scientists from federal energy and environment departments. Both reports were unequivocal about the role that humans play in climate change and the dire consequences humans stand to face if climate change continues unchecked. The bill lists some of these consequences: $500 billion in lost annual economic output for the U.S. by 2100, mass migration, bigger and more ferocious wildfires, and risk of more than $1 trillion in damage to U.S. infrastructure and coastal property. To stop this, the bill says, the global greenhouse gas emissions from human sources must be reduced by 40 to 60 percent from 2010 levels by 2030, and we must reach net-zero emissions by 2050. [...] The Green New Deal specifically calls for a 10-year mobilization plan that would "achieve net-zero greenhouse gas emissions through a fair and just transition for all communities and workers" by creating "millions" of high-paying jobs through investment in U.S. infrastructure. Specific kinds of infrastructure aren't listed, but general categories or works projects are outlined. Adaptive infrastructure tailored to communities, like higher sea walls and new drainage systems, would be included. NPR notes that the language is classified as a non-binding resolution, "meaning that even if it were to pass... it wouldn't itself create any new programs. Instead, it would potentially affirm the sense of the House that these things should be done in the coming years." Surprisingly, the bill doesn't mention fossil fuels at all. "In a draft version of the Green New Deal that had been circulated in December, a Frequently Asked Questions section did not preclude eventually calling for a tax or a ban on fossil fuels, but it noted that this was not what the bill was about," notes Ars Technica. "Simply put, we don't need to just stop doing some things we are doing (like using fossil fuels for energy needs)," the FAQ notes under the Green New Deal draft language. "We also need to start doing new things (like overhauling whole industries or retrofitting all buildings to be energy efficient). Starting to do new things requires some upfront investment."

Read more of this story at Slashdot.

Apple Removes Useless 'Do Not Track' Feature From Latest Beta Versions of Safari

Slashdot - Your Rights Online - Cz, 2019-02-07 16:40
In the release notes for Safari 12.1, the new version of Apple's browser installed in iOS 12.2, Apple says that it is removing support for the "Do Not Track" feature, which is now outdated. From a news writeup: "Removed support for the expired Do Not Track standard to prevent potential use as a fingerprinting variable," the release note reads. The same feature was also removed from Safari Technology Preview today, Apple's experimental macOS browser, and it is not present in the macOS 10.14.4 betas. According to Apple, Do Not Track is "expired" and support is being eliminated to prevent its use as, ironically, a fingerprinting variable for tracking purposes. It is entirely up to the advertising companies to comply with the "Do Not Track" messaging, and it has no actual function beyond broadcasting a user preference.

Read more of this story at Slashdot.

Facebook Ordered To Stop Combining WhatsApp and Instagram Data Without Consent in Germany; Company Says It Needs That Data To Fight Terrorism and Child Abuse

Slashdot - Your Rights Online - Cz, 2019-02-07 16:00
Facebook has been ordered to curb its data collection practices in Germany after a landmark ruling on Thursday that the world's largest social network abused its market dominance to gather information about users without their consent. From a report: The order applies to data collected by Facebook-owned platforms like WhatsApp and Instagram, but also third-party sources that Facebook uses to flesh out its advertising profiles, including those of non-users. The Bundeskartellamt, or Federal Cartel Office (FCO), has given Facebook one month to appeal the landmark decision, which comes after a three-year investigation. If the appeal fails, the tech company will have to ensure these data sources are not combined without consent within the next four months. Although the ruling only applies within Germany, the decision could influence regulators in other countries. Gizmodo adds: Facebook insists that combining all of that data is actually great. In fact, the company says, it's keeping everyone safe from stuff like terrorism and child abuse. From Facebook's statement this morning: "Facebook has always been about connecting you with people and information you're interested in. We tailor each person's Facebook experience so it's unique to you, and we use a variety of information to do this -- including the information you include on your profile, news stories you like or share and what other services share with us about your use of their websites and apps. Using information across our services also helps us protect people's safety and security, including, for example, identifying abusive behavior and disabling accounts tied to terrorism, child exploitation and election interference across both Facebook and Instagram."

Read more of this story at Slashdot.

Many Popular iPhone Apps Secretly Record Your Screen Without Asking

Slashdot - Your Rights Online - Cz, 2019-02-07 15:00
An anonymous reader quotes a report from TechCrunch: Many major companies, like Air Canada, Hollister and Expedia, are recording every tap and swipe you make on their iPhone apps. In most cases you won't even realize it. And they don't need to ask for permission. You can assume that most apps are collecting data on you. Some even monetize your data without your knowledge. But TechCrunch has found several popular iPhone apps, from hoteliers, travel sites, airlines, cell phone carriers, banks and financiers, that don't ask or make it clear -- if at all -- that they know exactly how you're using their apps. Worse, even though these apps are meant to mask certain fields, some inadvertently expose sensitive data. Apps like Abercrombie & Fitch, Hotels.com and Singapore Airlines also use Glassbox, a customer experience analytics firm, one of a handful of companies that allows developers to embed "session replay" technology into their apps. These session replays let app developers record the screen and play them back to see how its users interacted with the app to figure out if something didn't work or if there was an error. Every tap, button push and keyboard entry is recorded -- effectively screenshotted -- and sent back to the app developers. [...] Apps that are submitted to Apple's App Store must have a privacy policy, but none of the apps we reviewed make it clear in their policies that they record a user's screen. Glassbox doesn't require any special permission from Apple or from the user, so there's no way a user would know. When asked, Glassbox said it doesn't enforce its customers to mention its usage in their privacy policy. A mobile expert known as The App Analyst recently found Air Canada's iPhone app to be improperly masking the session replays when they were sent, exposing passport numbers and credit card data in each replay session. Just weeks earlier, Air Canada said its app had a data breach, exposing 20,000 profiles.

Read more of this story at Slashdot.

Huawei Admits To Needing 5 Years, $2 Billion To Fix Security Issues

Slashdot - Your Rights Online - Cz, 2019-02-07 12:00
Bruce66423 writes: In a remarkable piece of honest self assessment, Huawei has produced a letter to a House of Commons committee member in response to security concerns raised by the UK Huawei Cyber Security Evaluation Centre (HCSEC) in its annual report, a body that includes Huawei, UK operators and UK government officials. The firm pledged to spend about $2 billion over five years to resolve these issues. However they also claim that: "Huawei has never and will never use UK-based hardware, software or information gathered in the UK or anywhere else globally, to assist other countries in gathering intelligence. We would not do this in any country" -- a claim in sharp contrast to the ability of the Communist Party of China to suborn anyone into doing so. Good to see that Chinese firms still have a sense of humor. As The Economist puts it: "And China's leaders are tightening their grip on business, including firms such as Huawei in which the state has no stake. This influence has been formalized in the National Intelligence Law of 2017, which requires firms to work with China's one-party state."

Read more of this story at Slashdot.

NYPD To Google: Stop Revealing the Location of Police Checkpoints

Slashdot - Your Rights Online - Cz, 2019-02-07 09:00
schwit1 shares a report from the New York Post: The NYPD is calling on Google to yank a feature from its Waze traffic app that tips off drivers to police checkpoints -- warning it could be considered "criminal conduct," according to a report on Wednesday. The department sent a cease-and-desist letter over the weekend demanding Google disable the crowd-sourced app's function that allows motorists to pinpoint police whereabouts, StreetsBlog reported. "Individuals who post the locations of DWI checkpoints may be engaging in criminal conduct since such actions could be intentional attempts to prevent and/or impair the administration of the DWI laws and other relevant criminal and traffic laws," wrote Acting Deputy Commissioner for Legal Matters Ann Prunty in the letter, according to the website. My $0.02 is that the NYPD loses on first amendment grounds.

Read more of this story at Slashdot.