Privacy is a growing concern in today’s world. Follow along with all our coverage related to privacy, security, what Apple and other companies are doing to keep your information safe, and what steps you can take to keep your information private.
There have been plenty of signs lately that the Apple ad business is growing fast, and that the company plans to turn it into a significant source of revenue. But while there is plenty of money to be made, some are accusing Apple of making a U-turn – and even Machiavellian-level plotting to take business from companies like Google and Facebook.
The latest report suggests that Apple has quadrupled its hires for ad roles in the past couple of years, and one research group has suggested the company’s ad business could be worth $30B a year by 2026 …
Expand Expanding Close
We argued only this week that the sale of smartphone location data is out of control, and a new report today provides a perfect illustration. It found that location data was pulled from a number of popular smartphone apps for use by US police, without the knowledge of app users – or even the companies who created the apps.
Billions of location records from some 250 million phones were searched by more than 20 US government agencies, after the private data was purchased from a company called Fog Data Science…
Expand Expanding Close
Major VPN services have shut down service in India, as there is no way to comply with a new law without breaching their own privacy protection standards.
The law also applies to iCloud Private Relay, but Apple has not yet commented on its own plans …
Expand Expanding Close
A Californian bill colloquially known as the Kids’ Code has been unanimously passed by the State Senate, following earlier approval by the State Assembly. It now requires the signature of Gov. Gavin Newsom to take effect.
The California Age-Appropriate Design Code Act addresses a key loophole in the equivalent federal law, the much weaker Children’s Online Privacy Protection Act of 1998 …
Expand Expanding Close
The sale of location data sales has become both big business, and one of the biggest privacy threats in recent years. While the companies involved in this $14B industry claim that only aggregated and anonymized data is sold, numerous investigations have shown that this simply isn’t true.
Just yesterday, we learned that the Federal Trade Commission is suing a data broker that can identify people seeking abortions, and that it made samples of that data publicly available. In the past, we’ve seen how location data can reveal everything from where cops’ kids go to school to US troop movements in war zones …
Expand Expanding Close
A DoorDash hack has been confirmed by the company, with full customer contact details exposed by the security breach: name, address, and phone numbers.
Separately, LastPass has also confirmed an attack on its own systems, but says it doesn’t believe that any user data was obtained …
Expand Expanding Close
iPhone Lockdown Mode is an extreme form of security designed to protect people who might find themselves targets of state-sponsored spyware, like Pegasus. However, a privacy activist says it also makes it easy for a website to detect when someone is using it – and has demonstrated this.
So what is designed to be protection against rogue governments could actually end up helping them identify people who may be of interest …
Expand Expanding Close
Apple holds privacy and security as two of its core values and it has detailed resources on how to protect your devices, accounts, and personal safety. Follow along for a look at the recommended steps to check who can see your iPhone location including how to make sure no one can track you.
Expand Expanding Close
A DuckDuckGo Email Protection service was last year launched as a limited beta, with a waiting list for those wanting to use it. The waitlist is now gone, and anyone can get access to it right away.
The privacy-focused email forwarding service strips out trackers, and offers the ability to create disposable email addresses, all without changing your email provider – similar to Apple’s Hide My Email feature …
Expand Expanding Close
Apple’s known for its push for privacy by stating this is a “fundamental human right.” Different from most Big Tech companies, Apple says it’s not a company driven by ads, which means it doesn’t need to collect your data to sell products. Now, a new study shows that, in fact, Apple is the company that collects less data compared to other companies.
Expand Expanding Close
A Twitter investigation has been announced by the Senate Judiciary Committee, following claims of “extreme” security failings at the social network. The claims were made in an 84-page report by the company’s former head of security, Peiter Zatko.
Concerns have been expressed about the national security risks of bad actors being able to fake tweets from the accounts of world leaders and major media organizations …
Expand Expanding Close
A Facebook privacy lawsuit looks likely to be settled after parent company Meta offered a total of $37.5M to settle claims by US users.
The lawsuit relates to Facebook tracking user locations even after they had switched off Location Services …
Expand Expanding Close
Update: Elon Musk’s lawyers have now issued a subpoena to speak to Zatko about the claims.
Former Twitter security head Peiter Zatko has filed a formal complaint that the company has “extreme, egregious deficiencies” in its protections against hackers, and has done little to defeat spam.
He accuses the company of deceiving the Federal Trade Commission (FTC), following promises made back in 2011 after hackers twice took full control of Twitter …
Expand Expanding Close
The British government has backed a call by the country’s security services for client-side scanning for child sexual abuse material – aka Apple’s CSAM approach.
Home Secretary Priti Patel has written an op-ed in which she indicates government support for the stance, while also attacking Facebook’s plans to make all Messenger chats end-to-end encrypted by default …
Expand Expanding Close
Spyware company NSO, whose Pegasus app can be used to give attackers almost full remote access to an iPhone, has announced that it is downsizing, and losing its CEO.
Bizarrely, the company argues that this is in order to prepare for growth …
Expand Expanding Close
A few days ago, developer Felix Krause shared a detailed report on how mobile apps can use their own in-app web browser to track user data. Now Krause is back with a new tool that lets anyone see JavaScript commands injected through an in-app browser.
Expand Expanding Close
A phishing attack on communications giant Twilio led to a Signal privacy compromise for around 1,900 users. Their phone numbers were exposed, along with SMS verification codes that would allow an attacker to register accounts to a new device …
Expand Expanding Close
A Hide My Email Ventura feature for third-party apps has been removed from Apple’s website. The disposable email address feature now appears to remain limited to the company’s own Mail and Safari apps.
The feature has been removed from the Ventura preview page sometime in the past week or so …
Expand Expanding Close
An AirTag stalker has been handed a prison sentence and subjected to a restraining order after he was found to have planted the tracking device in his former girlfriend’s car.
Not being the brightest of criminals, the stalker revealed his knowledge of the victim’s whereabouts by sending her a text message …
Expand Expanding Close
One of the more annoying things some apps do is incorporate their own in-app browser, opening that for web links instead of respecting your chosen default browser.
This has long been a nuisance, but a developer has now explained the security risks of doing so, especially when dealing with companies not noted for their privacy standards – like Facebook …
Expand Expanding Close
An FTC privacy push could begin as soon as today, says a new report, thanks to the determination of chair Lina Khan to make this a key issue for the commission.
However, insiders say that the process of drawing up FTC privacy rules is likely to be a slow one, and it could be years before the commission is in a position to enforce them …
Expand Expanding Close
Update: Twitter has rather belatedly confirmed that a hacker was able to expose the account details, though the company has not commented on the 5.4M number. See statement at the end of the piece.
A Twitter data breach has allowed an attacker to get access to the contact details of 5.4M accounts. Twitter has confirmed the security vulnerability which allowed the data to be extracted.
The data – which ties Twitter handles to phone numbers and email addresses – has been offered for sale on a hacking forum, for $30,000 …
Expand Expanding Close
A European court ruling could result in ad tracking rules becoming much stricter in future. The court essentially set a precedent that inferred data is still personal data.
This means that if a company can work out things about you, then that information is protected every bit as much as personal data you provided directly …
Expand Expanding Close
Security researchers have discovered a developer error in more than 3,200 mobile apps, which make possible full or partial Twitter account hijacks.
In the worst examples, affecting around 320 apps, it enables an attacker to gain complete control of a Twitter account …
Expand Expanding Close