SWI has reported that Swiss public television, SRF, has found a second company besides Crypto AG was involved in manufacturing manipulated devices allegedly used for spying by foreign intelligence.
According to SRF sources, the Swiss company Omnisec AG had ties to US intelligence services. This follows revelations in February by SRF, German television ZDF and The Washington Post that Zug-based firm Crypto AG was at the heart of a huge international spying operation led by the CIA, and to a lesser extent by the German BND spy agency. Omnisec was one of the largest competitors of Crypto AG.
Swiss cryptologist and professor Ueli Maurer was a consultant for Omnisec for years and told SRF that in 1989 US intelligence services (National Security Agency) contacted Omnisec through him.
Of concern are the OC-500 series devices. Devices were sold to several Swiss federal agencies. However, Swiss authorities only noticed the devices weren’t secure in the mid-2000s.
This is the world we live in. Everything, everything can be dangerous to our privacy.
Business Insider has reported In a letter to pro-privacy nonprofits, including Human Rights Watch and the Electronic Frontier Foundation, Apple accused Facebook of collecting “as much data as possible” while showing a “disregard for user privacy.”
Facebook shot back saying Apple is abusing its dominance to “self-preference their own data collection.”
Apple’s letter was defending the delayed rollout of a privacy feature that will require users to opt in to being followed by ad-trackers on apps. Facebook previously complained this feature would gut its advertising revenue.
This is good. A fight between two of the biggest violators of people’s privacy can be really good as more people now can understand how these companies are abusing their ability to collect people’s data and misusing this power.
Apple is a privacy hero in the mind of a lot of people while it’s just another one of the biggest privacy-violating companies in the world.
Facebook also accused Apple of sending the letter as a “distraction” from privacy concerns that emerged last week after a series of Mac computers had difficulties opening apps. Security researcher Jeffrey Paul claimed in a blog this was because macOS has started harvesting data from users.
“The truth is Apple has expanded its business into advertising and through its upcoming iOS 14 changes is trying to move the free internet into paid apps and services where they profit,” Facebook said.
“As a result, they are using their dominant market position to self-preference their own data collection while making it nearly impossible for their competitors to use the same data. They claim it’s about privacy, but it’s about profit,” the statement read.
“This is all part of a transformation of Apple’s business away from innovative hardware products to data-driven software and media.”
The Google’s decision about limiting people to 15 gigs of free storage and asking for money for more storage reminded me how terrible are these companies.
Before, they used to give people free (as in price) storage and products and in exchange, they collected, or better to say harvested, people’s data. Now, they’ll charge people but still use their personal data.
This should be an alert for people but sadly most people are dependent on these privacy-violating proprietary software products that they are afraid.
I can see that in future Google and other privacy-violating companies will charge people for everything and nothing would be free (as in price) and still people will get their privacy violated by these giants.
People should understand that Google and similar companies to it (like GMAFIA) are not their friends and are using them. When you use something brought by Google (or similar companies), you’re not using a service, you’re the product and the service. It’s your data that is valued for them, not you as a human being.
I’ve talked about Apple’s definition of privacy before and explained how horrible it is but they took this to the next level. Apparently the new version of Apple macOS informs Apple every time a user runs a program on its machine.
Many Apple fans and/or developers including Apple Inc. itself have tried to justify this privacy violation by explaining how it is secure or is not a big deal but sadly they are wrong.
Apple is not a privacy hero. They are not keeping all data to themselves and even if they were, it does not justify stealing our data and sneaking in our machines and collecting our very personal data.
What they did is stealing. Exactly like a thief who sneaks into our homes and collects/steals our belongings.
I have explained about the ridiculous “data protection” and how companies are misleading people about their privacy by using this word. This is exactly how Apple is doing it. Apple claims that it doesn’t share data with others while we know for a fact that it’s a lie. Now with that claim, they suddenly decided to consider themselves entitled to control everything.
It’s a disaster. Imagine how insecure and horrible this is. Apple doesn’t even follow the terms of stupid data protection. Jeffrey Paul, a security expert who reported this, wrote:
- These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables.
- These requests go to a third-party CDN run by another company, Akamai.
- Since October of 2012, Apple is a partner in the US military intelligence community’s PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.
Vice has reported that the iOS version of the Zoom app is sending some analytics data to Facebook, even if Zoom users don’t have a Facebook account, according to a Motherboard analysis of the app.
Upon downloading and opening the app, Zoom connects to Facebook’s Graph API, according to Motherboard’s analysis of the app’s network activity. The Graph API is the main way developers get data in or out of Facebook.
This is what you get when you use proprietary software, specially ones that are backed by corporations like GMAFIA and its friends.
According to the FTC, Zoom lied to users about end-to-end encryption for years. This is one of the obvious perils of nonfree (proprietary) software: you can’t verify that the software isn’t abusing you, you just have to take their word.
Ars Technica has reported that Zoom has agreed to upgrade its security practices in a tentative settlement with the Federal Trade Commission, which alleges that Zoom lied to users for years by claiming it offered end-to-end encryption.
“Since at least 2016, Zoom misled users by touting that it offered ‘end-to-end, 256-bit encryption’ to secure users’ communications, when in fact it provided a lower level of security,” the FTC said in the announcement of its complaint against Zoom and the tentative settlement.
Despite promising end-to-end encryption, the FTC said that “Zoom maintained the cryptographic keys that could allow Zoom to access the content of its customers’ meetings, and secured its Zoom Meetings, in part, with a lower level of encryption than promised.”
The Register has reported that Google on Thursday was sued for allegedly stealing Android users’ cellular data allowances through unapproved, undisclosed transmissions to the web giant’s servers.
The complaint contends that Google is using Android users’ limited cellular data allowances without permission to transmit information about those individuals that’s unrelated to their use of Google services.
Google, among other GMAFIA, are heavy privacy violators. “Google designed and implemented its Android operating system and apps to extract and transmit large volumes of information between Plaintiffs’ cellular devices and Google using Plaintiffs’ cellular data allowances,” the complaint claims.
Often when companies and some authorities talk about privacy, they start bringing “data protection” in discussion which means nothing than violating people’s privacy in a nicer way.
Data protection means the company or authority can actually collect data and use them but it can’t share or sell it to others, well at least publicly. This is exactly the way Apple advertises about its privacy policies.
Even many privacy activists are promoting Apple because of its privacy policies while Apple is in fact one of the biggest violators of people’s privacy. For example, it wasn’t a long ago that we found out Apple was (or maybe still is) letting contractors (actual humans, not even bots) to listen to people’s conversations with Siri.
Privacy comes when there’s no identifiable personal data involved. A company promising that it won’t jeopardize our privacy is not enough for people. We need mechanisms and products that will protect our privacy and it comes only when they don’t collect our data.
Well of course some products only work with our data. For example, a mobile phone map application for routing only works when we give it our location. Well, as far as I know, data can be purged or even be collected in a way that no personally identifiable data would be stored or transmitted.
We have a lot of services like EteSync that provide what they intend to provide and they actually work with very personal data. EteSync for example is a service that syncs your contacts and calendar but encrypts all data in a way that nobody except you yourself can see them.
This is what we want as a privacy service/product. If a corporation like Google follow policies like ‘data protection’, they would still violate our privacy while deceiving us about how they value our rights.
We need privacy, not data protection. Nobody should have access to our data to whether they want to protect it or not.
Beebom has reported that new app published by Google lets banks lock your Android device if you don’t make payments! Such a ridicule.
Spotted by the folks at XDA Developers, the Device Lock Controller app from Google lets financers of smartphones remotely lock an Android device. It uses the DeviceAdminService API in the Android system and enables banks and financiers to lock significant functionalities of your Android device if you fail to make your monthly payment.
With the device locked, users will be able to access very limited functions in their smartphones. These include emergency calls, incoming and select outgoing calls, settings, and backup and restore service.
Now, surprisingly, the “Device Lock Controller” app does not appear when you search for it on the Google Play Store and nor does it appear in the list of apps made by Google. So, XDA executives reached out to Google for clarification about this.
So, according to Google, the app was developed by them in partnership with a Kenyan carrier, Safaricom. A spokesperson from Google told XDA that the app was developed to help Safaricom with their new “Lipa Mdogo Mdogo” (Pay Bit by Bit) financing plan which lets customers get an Android Go device with monthly financing.
However, if the customer could not pay an installment after four days of its due date, Safaricom locks the device with this Google app. That’s one way of using brute force to make users pay their EMIs on time.