Privacy is a growing concern in today’s world. Follow along with all our coverage related to privacy, security, what Apple and other companies are doing to keep your information safe, and what steps you can take to keep your information private.
The Siri grading whistleblower who revealed that private conversations were overheard by contractors working on improving Apple’s intelligent assistant has today revealed his identity.
He has done so in a letter to the European Union, calling for Apple to face the consequences of its privacy failure …
It looks like the most recent contention between the FBI and Apple over device encryption has come to an end as the agency has unlocked the two iPhones belonging to the Pensacola shooter with “no thanks to Apple.” Going further, AG William Barr has again called for the government to force Apple and others to create backdoors into their devices.
Update: We’ve got an official response from Apple on the matter that highlights all the ways it helped the FBI and that it’s precisely because it takes security and privacy so seriously that it doesn’t believe in creating a backdoor:
The terrorist attack on members of the US armed services at the Naval Air Station in Pensacola, Florida was a devastating and heinous act. Apple responded to the FBI’s first requests for information just hours after the attack on December 6, 2019 and continued to support law enforcement during their investigation. We provided every piece of information available to us, including iCloud backups, account information and transactional data for multiple accounts, and we lent continuous and ongoing technical and investigative support to FBI offices in Jacksonville, Pensacola and New York over the months since.
On this and many thousands of other cases, we continue to work around-the-clock with the FBI and other investigators who keep Americans safe and bring criminals to justice. As a proud American company, we consider supporting law enforcement’s important work our responsibility. The false claims made about our company are an excuse to weaken encryption and other security measures that protect millions of users and our national security.
It is because we take our responsibility to national security so seriously that we do not believe in the creation of a backdoor — one which will make every device vulnerable to bad actors who threaten our national security and the data security of our customers. There is no such thing as a backdoor just for the good guys, and the American people do not have to choose between weakening encryption and effective investigations.
Customers count on Apple to keep their information secure and one of the ways in which we do so is by using strong encryption across our devices and servers. We sell the same iPhone everywhere, we don’t store customers’ passcodes and we don’t have the capacity to unlock passcode-protected devices. In data centers, we deploy strong hardware and software security protections to keep information safe and to ensure there are no backdoors into our systems. All of these practices apply equally to our operations in every country in the world.
A massive data breach dubbed db8151dd has exposed the records of 22M people – including addresses, phone numbers, and social media links. But the source of the data is a mystery …
The US Senate yesterday voted – by a single vote – to allow government agencies like the FBI and CIA to access your browsing history without a warrant.
This means they would not need to show probable cause for believing you have committed a crime before requiring your ISP to hand over its records on your web browsing and search histories …
I’m a huge privacy advocate who’s written a lot about the topic because it’s a massively important issue.
It’s important for two reasons: First, because the kind of technology we have available to us today poses privacy risks never before imagined. China, for example, has demonstrated the ability of its massive network of facial-recognition cameras to track one individual among millions as they travel from one side of a city to the other.
Second, because once you allow something to happen, it is very, very hard to roll it back. Crises are particularly dangerous in this respect, because it’s easier to justify extreme measures at extreme times – like the coronavirus – but once a government goes down a particular road, it’s vanishingly rare that they abandon the approach once the crisis has passed…
A new blog post today reveals that Zoom bought Keybase, a 25-person startup specializing in encrypted message and file-sharing. It is the first acquisition in Zoom’s history …
Free Zoom accounts will get three more security features on May 9 as the company continues its efforts to boost privacy protections and fight abuse like Zoom-bombing …
Americans are divided on whether they would be willing to use coronavirus contact tracing apps powered by the joint Apple/Google API. A Washington Post/University of Maryland poll found an exact 50/50 split between those who would use it and those who wouldn’t.
That’s already less than ideal, but there were three further worrying aspects …
Update: Zoom 5.0.0 is finally landing today, after initially being promised for April 22. It hasn’t yet shown up in all app stores, but should do so shortly.
Zoom security and privacy has been boosted with the addition of no fewer than nine new features in the latest update, Zoom 5.0 …
Students taking examinations during the coronavirus lockdown say they are being subjected to remote proctoring via their webcams, and it’s creeping them out …
The joint Google/Apple contact tracing API for coronavirus has ‘a stunning blindspot’ claims one company working on a rival approach designed for adoption by businesses for their own employees, as a second company says there is good reason for companies to use a location-based approach.
Not everyone has a smartphone, says Microshare, which is instead proposing the use of Bluetooth badges, keyrings, and wristbands …
The German government has announced a change in policy over the weekend, and now favors the Apple/Google contact tracing approach for the coronavirus over the rival one proposed by the European Union.
Apple, meantime, is pushing an alternative term designed to emphasize the benefits over the methodology …
A new potentially serious software vulnerability has been discovered in iOS 13 that works via the default Mail app on iPhone and iPad. The security group ZecOps (via Motherboard) says that one of the two vulnerabilities is a zero-click exploit (no user interaction needed) that can be performed remotely.
An iOS 12 exploit has reportedly reemerged, being used by a group of hackers in China known as the “Evil Eye.” The latest Insomnia exploit gives attackers root access to iPhones running iOS 12.3 to 12.3.2.
The American Civil Liberties Union (ACLU) has praised some aspects of the Apple/Google coronavirus contact tracing API, while saying that the companies need to do better in three areas.
The ACLU says that any electronic contact tracing needs to respect six principles. The Apple/Google API makes “a strong start” with these, it says, but it has three criticisms …
The European Union has called on Apple to remove from the App Store contact tracing apps that don’t have appropriate privacy safeguards. Google should do the same with the Play Store, it says, stating that fighting the coronavirus must not mean sacrificing the rights of citizens.
It has previously called for a common standard across all 27 countries in the union and hinted – though not confirmed – that it will use the Apple/Google API …
If there’s one thing that’s become abundantly clear since Apple and Google’s API partnership, it’s that the coronavirus contact tracing privacy protections need to be spelled out in terms that non-technical people (even POTUS) can understand.
The two companies have gone to pains to explain that privacy was top priority in the design of the application programming interface, but mainstream media reports and conversations with non-techy friends have made it obvious that many don’t understand why apps that use this can be trusted …
Popular videoconferencing service Zoom will shortly allow paying subscribers to opt out of Chinese servers when routing calls …
Earlier this month, four US senators formally questioned Apple in a letter over its COVID-19 screening app and website even though the company has been transparent about how it works and the privacy and security it’s built on. Now Apple has officially responded to the government request.
The UK’s National Health Service has announced plans to adopt the Apple-Google coronavirus API jointly announced last week, but in a weakened form.
Even without the UK’s planned compromise, the idea of this type of contact tracing has come under criticism from a University of Cambridge computing professor …
The collection and sale of smartphone location data has long been a source of controversy, especially given that most people don’t realise they are being tracked.
But there’s a fresh argument now, as location data brokers claim they can use the data to help fight the spread of the coronavirus, while privacy advocates argue this is just an attempt to legitimize the wholesale tracking of consumers without informed consent …
Zoom has created a security advisory council to help conduct a detailed review of its apps, with Alex Stamos as one of its members. Stamos was Facebook’s chief security officer from 2015 to 2018, and now researches and teaches on ‘the misuse of technology’ at Stanford …
The Taiwanese government has made the decision to ban the use of Zoom over security concerns. The German government hasn’t gone quite that far, but the country’s foreign ministry has barred it from government computers and heavily restricted any use of the service …
Rather than each European country developing its own coronavirus tracking app, they should either all use the same one, or at least ensure that they use common standards, says the European Commission.
We recently outlined how these apps can help, but also how they can pose a significant risk to privacy without careful design…