When a user installs AVG AntiVirus, a Chrome extension called “AVG Web TuneUp” with extension id chfdnecihphmhljaaejmgoiahnihplgn is force-installed. I can see from the webstore statistics it has nearly 9 million active Chrome users. the attached exploit steals cookies from avg.com. It also exposes browsing history and other personal data to the internet, I wouldn’t Read more about AVG: “Web TuneUP” extension multiple critical vulnerabilities: exposes browsing history and other personal data[…]

One of the excellent features of new Windows devices is that disk encryption is built-in and turned on by default, protecting your data in case your device is lost or stolen. But what is less well-known is that, if you are like most users and login to Windows 10 using your Microsoft account, your computer Read more about Windows 10 uploads your Encryption Key to Microsoft with no opt-out.[…]

Under the original CISA legislation, companies would share their users’ information with federal government departments once it had been anonymized. The government could then analyze it for online threats, while the companies received legal immunity from prosecution for breaking existing privacy agreements. But as the bill was amended, the privacy parts of the proposed law Read more about Congress strips out privacy protections from CISA ‘security’ bill[…]

IAB Europe maakt zich grote zorgen over de nieuwe geharmoniseerde privacywetten die in 2018 van kracht worden in Europa. Ook Apple, Google, Microsoft en Nederland ICT zien economische hindernissen ontstaan. Source: IAB: ‘Nieuwe privacywet maakt online branche kreupel’ – Emerce

Ted Cruz’s presidential campaign is using psychological data based on research spanning tens of millions of Facebook users, harvested largely without their permission, to boost his surging White House run and gain an edge over Donald Trump and other Republican rivals, the Guardian can reveal. A little-known data company (Cambridge Analytica), now embedded within Cruz’s Read more about Ted Cruz campaign using firm that harvested data on millions of unwitting Facebook users[…]

Source: Home Page There is a review here at cloudwards

Privacy International battle exposes ‘bulk’ warrants Documents released by GCHQ to the Investigatory Powers Tribunal suggest the agency may be allowed to hack multiple computers in the UK under single “thematic” or “class” warrants. Responding to complaints brought by Privacy International and seven global internet and communication service providers, the British spy agency told the Read more about GCHQ can hack your systems at will – thanks to ‘soft touch’ oversight, judges not needed thanks[…]

Russia’s legal framework around the mass surveillance was found to be unfit because it did not limit the circumstances in which public authorities were allowed to conduct their surveillance activities, nor were there any limits on the duration of those activities. Additionally, there was insufficient supervision of the interception and a lack of “procedures for Read more about Russia’s blanket phone spying busted Europe’s human rights laws[…]

British programmer and writer John Graham-Cumming has spotted something interesting in the opening protocol of any HTTP/2 connection: an array of explicitly formatted code which spells the word PRISM, in an apparent reference to the NSA’s primary program for mass-surveillance of the internet, as disclosed by Edward Snowden in 2013. The HTTP/2 client connection begins Read more about Anti-NSA Easter egg in HTTP/2: every connection starts with PRISM[…]

Merrill is now able to reveal that the FBI believes it can force online companies to turn over the following information simply by sending an NSL demanding it: an individual’s complete web browsing history; the IP addresses of everyone a person has corresponded with; and records of all online purchases. The FBI also claims authority Read more about Revealed: What info the FBI can collect with a National Security Letter. Hint – a lot.[…]

AdNauseam is a browser extension designed to obfuscate browsing data and protect users from surveillance and tracking by advertising networks. Simultaneously, AdNauseam serves as a means of amplifying users’ discontent with advertising networks that disregard privacy and facilitate bulk surveillance agendas. Source: ADNAUSEAM – Clicking Ads So You Don’t Have To

Examples of data we collect include your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage. Source: Sneaky Microsoft renamed its data slurper before sticking it back in Windows 10

Identity Mixer is designed to protect users’ privacy by focusing just on the essentials of the proof. Thanks to a set of algorithms based on cryptography work done at IBM Research, the tool allows developers to build apps that can authenticate users’ identities using what’s known as a “zero-knowledge proof” that collects no personal data. Read more about New IBM tech lets apps authenticate you without personal data[…]

Earlier this week the Center for Democracy and Technology (CDT) warned that an Indian firm called SilverPush has technology that allows adverts to ping inaudible commands to smartphones and tablets. Now someone has reverse-engineered the code and published it for everyone to check. SilverPush’s software kit can be baked into apps, and is designed to Read more about How TV ads silently ping commands to phones: Sneaky SilverPush code reverse-engineered[…]

The materials — leaked via SecureDrop by an anonymous hacker who believes that Securus is violating the constitutional rights of inmates — comprise over 70 million records of phone calls, placed by prisoners to at least 37 states, in addition to links to downloadable recordings of the calls. The calls span a nearly two-and-a-half year Read more about Massive Hack of 70 Million Prisoner Phone Calls Indicates Violations of Attorney-Client Privilege – calls recorded and searchable[…]

It’s a privacy tool Source: About me

Under the radar, Verizon, Sprint, and other carriers have partnered with firms including SAP to manage and sell data. Source: The $24 Billion Data Business That Telcos Don’t Want to Talk About

Secret, anonymous messages aren’t just for the dastardly. Luckily, a little privacy isn’t difficult to get. With some effort and a spare phone, you’ll be whistleblowing, protecting your privacy from harassers, and staying anonymous when selling on Craigslist or looking for dates on Match. Here’s how. Source: How to Create an Untraceable Messaging Device With Read more about How to Create an Untraceable Messaging Device With an Old Phone[…]

The EU is offering a 3 month grace period before it starts to enforce the death of safe harbour. No data of EU citizens to repressive regimes! Source: Europe’s top privacy watchdog calls on firms to curb U.S. data transfers

When companies like Ancestry.com and 23andMe first invited people to send in their DNA for genealogy tracing and medical diagnostic tests, privacy advocates warned about the creation of giant genetic databases that might one day be used against participants by law enforcement. Source: Cops are asking Ancestry.com and 23andMe for their customers’ DNA So, people Read more about Cops are asking Ancestry.com and 23andMe for their customers’ DNA[…]

We’ve all become used to the idea of ads online — it’s something that has become part and parcel of using the internet — but in Windows? If you’ve updated to build 10565 of Windows 10, you’re in for something of a surprise: the Start menu is now being used to display ads. Source: Microsoft Read more about Microsoft now uses Windows 10’s Start menu to display ads[…]

Source: MPs to hold emergency debate over politicians’ communications being spied upon hahahaha it turns out that they are not exempt from GHCQ spying after all – and now they care!

Source: Positionspapier des ULD zum Safe-Harbor-Urteil des Gerichtshofs der Europäischen Union vom 6. Oktober 2015, C-362/14 – ULD

I know the French were collaborators during WWII, but shouldn’t they have learned their lesson then?! France wants proposed rules applied to EU citizens as well Source: Fingerprints, facial scans, EU border data slurp too tasty for French to resist

Such as your name, frequent flyer number and record locator, which allows you to log into the company website and view the rest of your flights… Source: What’s in a Boarding Pass Barcode? A Lot — Krebs on Security