Security Cloud Privacy Tech

Tagged With 'Privacy'

<< More tags

Evaluate your cybersecurity posture for Data Privacy Day

Data Privacy Day is upon us once again, here’s an interesting discussion around key privacy topics and how they might impact you.

Is Digital Privacy Important?

Digital privacy is critical in our communities. Why don’t we have it?

Risk Analysis (And Essays) Shouldn’t End in “Um”

“Um” is not a great call to action, but sometimes it’s all you’ve got.

How Can You Figure out How Likely an App Is to Have Security Problems?

Can you—as a user—understand an app or service’s security posture? If so, how?

How The App Privacy Card in the Apple App Store Matters To You

What steps should we take to evaluate the privacy impact of a mobile app?

Do You Care About Data Privacy? Does Anyone?

Data Privacy Day is January 28th, can we raise awareness about the issues around data privacy effectively? Will you take action?

Does Your Utility Control Your Smart House?

When your local electric utility offered a new smart thermostat a heavy discount, a lot of homeowners jumped at the chance. Unfortunately, a clause in the terms of the promotion grants the utility access to your data and the ability to remotely control the device!

Privacy at WWDC21

Apples annual developer conference announced the latest version of all of Apples operating sytems and privacy was a key pillar across all of them.

Apple vs. Facebook Battling For Your Privacy

Apple and Facebook have been battling very publicly around privacy issues. What’s really going on?

Google Gathers FLoC of Privacy Bull

Google continues to advocate for a ‘privacy-first’ web. The problem? Their definition of privacy and how it seems to be a Google-powered adtech nightmare.

No Privacy With Google Chrome on iOS

Google has had to disclose the amount of tracking its apps do in iOS. Shocking no one: it turns out it’s a lot.

Clubhouse's Entirely Predictable Privacy and Moderation Issues

Clubhouse is the hot new social network. It’s a promising audio-only network that now boasts over 2 millions active weekly users. During this rise, it’s committed some easily avoidable and obvious mistakes around privacy and content moderation. Can they recover?

Security and Privacy Are Linked

Security and privacy are linked yet for some reason, you see privacy experts ignoring the impact of security and security experts who are unconcerned with privacy. Why?

Passwords Suck

Passwords are the worst. Trying to pick a “secure” one makes the whole thing worse. Every site and service has it’s own variation on the “rules” for making a strong password and it’s hard to remember what you’ve set your password to.

Are those rules really making our passwords stronger? Do we need so many …

Is Apple Tracking The Apps You Use?

Apple recently launched macOS Big Sur and a security researcher’s post vent viral highlighting a steady stream of communications that “phone home” detailing what apps you’re using on your system. What’s going on here?

Is privacy promoting Apple actually spying on every app running on every macOS system around the …

Advertising to & Tracking iOS 14 Users

Ad-tech, digital marketing, and the surveillance economy are worth billions and billions of dollars. It all hinges on the ability to target ads and you can’t target ads without tracking users and their devices.

A privacy-focused design decision by Apple for iOS 14 puts Facebook on edge and Google on notice. What is the IDFA? What happens in …

Do App Stores Help Your Privacy & Security?

Epic Games is current waging war on Apple and Google over the right to distribute apps to mobile users. There’s been a ton of excellent coverage of the issues, but it’s usually missing one key perspective; what do we as users get from the App Stores?

One Month After the Twitter Hack

On July 15th, 2020, Twitter was hit with the most visible hack of a social network of all time. 130 of the top accounts tweeted out a bitcoin scam. A month after, have we learned anything? What’s the impact of continuing to use Twitter?

Is TikTok a Threat?

The President has promised to ban TikTok in the United States for national security reasons. Is that the case? Are there real security & privacy concerns or is this purely a political move?

Zoom Us and Practical Cybersecurity

Video conferencing platform Zoom has been in the news almost constantly over the past few weeks. At first it was hailed as a tool to help reduce this isolated feeling all of us are experiencing, then it was a pile on for security and privacy issues, and finally the last two weeks have started a redemption story.

Contact Tracing via Smartphones

Contact tracing during an outbreak is a massive undertaking. Google and Apple are collaborating in order to automate parts of this task. Will it work? What are the challenges? We dive into the issue

Privacy at CES 2020

CES 2020 brought out the big (and small) players in tech and one thing they all had in common was how much they used the word “privacy”. Is this privacy-washing or the start of real change?

New Rules for Youtube

COPPA was passed in the US in 1998 but a recent ruling against YouTube for violating the decades old law means big changes for creators.

Data Retention in Canada

Canadian data privacy laws state that an organization is responsible for the life cycle of the data. Most orgs struggle with protecting it while it’s in use, what about after they no longer need it?

Catching Distracted Drivers With Technology

Google really doesn’t like humans and they LOVE data. At the intersection of those two areas is a new A.I assistant that calls business to complete simple tasks for it’s users and to automatically update Google’s databases: enter Google Duplex.

E-transfer Security

CBC’s Go Public pointed out the rising rates of e-transfer fraud and consumers are shocking. The expectation was that e-transfers were safe and convenient…turns out, not so much.

Retargeting In Online Politics

CBC News posted an article about how Canadian federal MPs are using digital tracking technologies on their personal websites. So what is retargeting? How is it used? Why is its use in politics different?

Privacy Expectations

Facebook was recently called out for listening to users audio messages on Facebook Messenger. They aren’t alone. Apple, Amazon, Google, and Microsoft all have admitted to having contractors analyze audio from their voice assitants (and Microsoft’s Skype service). What’s the impact? Do you need to worry?

FaceApp: Relax You're Just Old (Now)

FaceApp (first released in 2017) is back in the news for the #AgeChallenge and a host of privacy concerns. There’s a lot of knee-jerk reactions around the app but what’s really going on? We dive in on this (as usual) no-BS episode…

Web Browser Privacy

On Kara Swisher’s show, Recode Decode, she recently hosted Gabe Weinberg from DuckDuckGo. Their conversation revolved around some core concepts in online privacy.

During that conversation, a few terms popped up that I think are often misunderstood or misinterpreted. This episode looks at those terms and what they actually mean.

Nest, IoT, and Your Privacy

Bad Robot Transcript Good morning on this episode of the show. We’re going to take a look at the recent moves by nest and how they impact your privacy. The Nest Labs was founded in 2010 and quickly Brought The Nest learning thermostat to Market. This iconic product was a transformative product for the smart home. You see it everywhere. …

Porn & Digital Identity

The Digital Economy Act of 2017 in the UK is trying to put up enforceable age gates to pornography. That might be a good idea but it’s extremely difficult to actual do online. At the same time, here in Canada, our major financial players are launching a joint identity service.

Connect both of these issues together and the larger issue …

Borders & Cybersecurity

A recent CBC News article highlighted both the powers of border agents to search digital devices and the general lack of awareness of your rights at the border. Are you aware of your rights as you cross the border? Do you take precautions to protect your digital footprint?

Facebook's F8 & Information Management

Facebook held its annual F8 developer conference this week and—in addition to the usual product updates—they repeatedly talked about creating and enabling private spaces. What’s stopping them? 15 years of poor information management.

Facial Recognition Consent

Facial recognition is becoming more and more common. In some cases, it’s used to make existing procedures more efficient or to connect existing data points together. While that seems like the community has already consented to these use cases, people often have a visceral reaction to hearing that new technology is being applied.

Facebook's Security Fail

Since May of 2016 Facebook has been prompting some new users for their email passwords. Yes, their email passwords. WTF?

Metadata Trails

Thomas Brewster, writing for Forbes, highlighted a recent case by the DEA. The case itself isn’t out of the ordinary. What is interesting is the issues raised by search warrant request for LogMeIn.com…parent company of LastPass. This password management service is used by the accused and is potentially a treasure trove of information …

Services & Privacy Perceptions

A recent tweet called out a user’s perception about Grammarly, a SaaS-based grammar and writing tool. They accused the service of being predatory (due to it’s license) and a keylogger. While the points are off base (but not insanely so), they do raise a bigger issue: the user perception about a service vs the actual privacy risk

Warrant Canaries

We rely on some digital services for critical functions around security and privacy. Trusting those services is paramount to their success and ours. But it can be difficult to trust when you don’t know what’s going on behind the scenes. Gag orders from the courts can amplify those trust issues. The idea of a warrant canary can help to …

Secret App Telemetry

Websites, apps, and even your desktop applications may be tracking a how lot more of your behaviour than you think. The reason in most cases is simply to deliver a better application from a technical perspective. But sometimes, it’s more insidious.

Your Child's Digital Identity

You’re building out a digital identity for you kids almost from the day they are born. But it’s not just you, the clubs they belong to, schools they attend, and sports they play are all contributing. What’s the impact to your child? To their digital future?

Terms of Service

You agree to new contracts all the time but you probably don’t think of them as contracts, they are simply the “Terms of Service”. A recent study found that most of these agreements are essentially unreadable. That sets up a one-sides relationship between the services and their users. Fine for the services, not so much for the …

Facebook & The Value of Privacy

Facebook continues to do anything they can to build data profiles on users. This week it was revealed that they shifted their Onavo efforts to a new “research” project where they targeted 13-35 year olds via 3rd party market research companies. Lots of questions and issues here…

Facebook's 10 Year Challenge

The 10 Year Challenge is sweeping social media right now. It’s a harmless way of looking back at yourself—and everyone else—a decade ago…or is it?

Is there something more to this challenge? Something very big brother tied to facial recognition?

Tracking Smartphone Data

Three articles this week each touching on smartphone data highlight a much bigger issue. Each of these articles remind us how much data our phones generate and how valuable that data is. Yet we don’t treat that data as valuable. It’s packaged and resold with no compensation to the owner of that data…if they are even aware that …

Australia, Huawei, Apple, and the Government of Canada

Data privacy is a critical area of concern around the world. Look no further than four distinct events today: Australia passing a new law, an arrest for Huawei, Apple publishes a new paper, and the Government of Canada sets a new directive.

The Internet Is Forever

You can’t really remove something from the internet. Not is the owner/operator really wants it out there. That’s a huge advantage and challenge for the internet community. What are the impacts of that fact?

Facebook...ugh...%$&#ing, Facebook

Facebook removes 800+ accounts this week, some with massive followings, for political content. The twist? They were US-based, not foreign. What does this mean for our use of social networks?

Google+ & Infrastructure Monitoring

Google recently conducted a complete security & privacy review of various APIs associated with Google+. The result? The service is shutting down and they found a vulnerability. Did they take the proper steps in disclosing the issue?

50 Million Facebook Accounts Hacked?!?

50 million Facebook accounts were hacked. Facebook responded quickly to the issue but could’ve done better communicating throughout. Here’s what you need to know about the hack.

Facebook, Shadow Profiles, & Data Brokers

A recent study proved that Facebook uses more information about you than you realize. Behind the scenes, Facebook compiles “shadow profiles” from various sources in order to better target ads…anyone surprised? 😔

End-to-end Encryption & WhatsApp

In the recent dust up with the founders of WhatsApp, you might have heard the term “end-to-end encryption”. What is it? What does it means for you? Why was it frustrating efforts to data mine and monetize WhatsApp?

Cybersecurity Basics #10 - Personally Identifiable Information

Personally identifiable information (PII) and Personal Health Information (PHI) are critical concepts. They help identify information that needs additional safeguards and care.

Family Locator Apps

Should you track your children’s every move? Your partners? Family locator apps promise safety and convenience but are they really just an invasion of privacy?

Cybersecurity Basics #5 - Encryption

Encryption: what is it? why does it work?

VPNs

VPNs can help secure your internet traffic when you’re travelling. They can help you route around geographic restrictions. But is using a VPN exposing you to more risk? What is the impact of centralizing all of your internet requests with one specific company?

G Suite for Education

GMail in the classroom just like on your phone. The promise of G Suite for Education is enticing. A low-cost way for schools to provide collaboration tools to students and teachers. But what are the privacy implications of letting the search giant into our schools?

Facial Recognition Discussion Required

Facial recognition is a technology that exemplifies the underlying neutrality of most technology. When used with positive intentions it makes out devices more secure. When in the wrong hands, it can violate privacy on a massive scale. Do we need to regulate this technology? At what level? Regardless of your stance, we need to talk about this as a …

Fortnite a Good Example

Over the few years, mobile has become the dominant platform for gaming. As a result, smaller, simple games have come to prominence. In order to make money developers have (over) rotated on in-app purchases. Fortnite is a great example of an addictive FREE game that is making a ton of money without resorting to trickery.

Apple, Graylock, And Context

With iOS 12, Apple will reduce the time an iOS device responds to the USB port when locked down to an hour. Having a hard time understanding why that matters to you? It’s because it really won’t. It is however a gap in the security posture of these devices that Apple is fixing.

Google In Schools

G Suite for Education is making waves in the Canadian education market. And why not? It looks like a win-win-win. Too good to be true?

Net Neutrality

Net Neutrality is a simple dictate that states all network packets must be treated equally. This–of course–tanks a few business models for ISPs and in the US, they have successfully lobbying to remove previously regulations.

Transparency & Backpedaling

Security and privacy center on trust. You can’t have that without a high level of transparency. In this day and age, everything comes to light eventually. Better to be up front and open with most activities.

Encryption Law Enforcement And Transparency

Apparently the FBI misrepresented the number of devices they can’t access due to encryption by up to a factor of 6x. This is most likely due to clerical error and a lack of actual statistics rather than malicious intent.

Being Transparent With User Data

How do you handle data collection from your users? Is it hidden and suspect like the current rash of mobile provider exposures? With no opt-out like Microsoft Office? Or clear and transparent?

Ethics In Technology & Security

Deep thoughts in this episode around ethics in technology and their use. Sparked by the latest issues around mobile phone tracking, this episode tackles the lack of ethics discussions around security and technology.

AI's Security & Privacy Impact

There have been a lot of advancements in AI research and use lately, but are we moving in the right direction? Are we having the right conversations around AIs impact?

The F8 Fallout

Facebook wrapped up it’s F8 conference this week with a series of new product announcements. In this episode, we’ll take a look and see how these announcements fit into the bigger picture.

F8 & The Future Of Facebook

Facebook is hosting it’s annual F8 conference and it appears that this will be a reserved year. Understandable given the scandals of late…

Poor Naming Choice For Gmail Redesign

Gmail just launched a nice, new redesigned UI. It’s slick and has some great new features. One feature, “Confidential Mode”, is particularly interesting and poorly named/positioned.

iOS Graykey And Going Dark

Encryption on mobile devices is a challenge for law enforcement. 3rd party companies often use hacks in their products to address this need. Is it right? Is it sustainable?

Apple vs. The FBI

The FBI and other federal law enforcement in the US (and elsewhere) continue to push back against “going dark”. Thankfully Apple is fighting back, because when we break security systems and processes, no one wins. This post tracks the signficant events in Apple vs. the FBI.

Splitting Hairs With Facebook Testimony

Facebook was called to the carpet and showed well…because they weren’t asked the right questions

Privacy And Security vs. Usability

It’s often stated that you have to trade usability for security. I call 💩

Ubiquitous Digital Tracking

Had enough of the Facebook / Cambridge Analytica scandal yet? Yeah, me too. Thankfully, it’s rolling up to address the bigger issue of digital tracking in general.

Changing Perspectives & The Unraveling Of Online Tracking

We’re tracked everywhere online. Should we be? Is there an upside to this practice?

Facebook Data Mining & The Long Weekend Round-up

After the long weekend, this episode is a bit of a round up. Nothing big jumping out but a few minor issues to address.

Facebook Data Downloads

You upload a ton of data to Facebook and in turn, Facebook generates a ton of data about you. I built a tool to take a look at Facebook’s view of you.

Privacy At Scale

As the Facebook / Cambridge Analytica scandal continues to snowball, we take a look at the larger issues. How does privacy scale? Can it scale under the current social networks? What’s next?

Terms of Service

Terms of Service agreements hide all manner of tricks and cede all of the power to the issuing corporation. Should they?

Facebook Data Misuse And Social Network Responsibility

Ugh. Facebook Has Allowed A 3rd Party To Harvest Millions of Credentials

Passwords, Educatiing Users, and the Communal Good

Security awareness is next to useless. Educate users instead

Workflow, Passwords, and More

Passwords are a horrible solution to the challenge of authentication. But they’re the “best” we have for now…right?

Blockchain For Identities

Does blockchain finally bring the transparency and accountability needed for an internet scale identity provider?