Facebook Like collecting data in illegal way, rules German court

Facebook Like collecting data in illegal way, rules German court

German court rules that Facebook like button is breaking the law

Facebook ‘like’ buttons on commercial websites break German law if users are not warned that their personal data is being shared, a court ruled on Wednesday. This ruling issued by Dusseldorf district court may come as a dampener for Facebook which has just launched its reaction buttons instead of Likes.

The ruling came in the matter of a shopping website using the Facebook Like button on its website. The court banned has banned it from using the Like function on its pages if it did not first warn customers their data was being recorded. The retailer will now be forced to warn users that ‘liking’ the site on Facebook grants permission for the company to log their IP address.

The Fashion ID site, run by the Peek & Cloppenburg brand, was warned that it could be fined 250,000 euros ($275,000) for every breach of the order, seen by AFP.

However, the ruling may have a far reaching impact on the way Facebook Likes are incorporated by websites operating in Germany. “A mere link to a data protection statement at the foot of the website does not constitute an indication that data are being or are about to be processed,” the court said. The ruling may have implications in other European countries as well.

Fashion ID was taken to court by consumer organization Verbraucherzentrale who accused the site of failing to adhere to Germany’s data protection laws.

A Facebook spokesman responded to Wednesday’s ruling, “This case is specific to a particular website and the way they have sought consent from their users in the past. The ‘Like’ button, like many other features that are used to enhance websites, is an accepted, legal and important part of the Internet, and this ruling does not change that.”

read more

Microsoft, Apple, Facebook and Google attack United Kingdom for its hacking law

Microsoft, Apple, Facebook and Google attack United Kingdom for its hacking law

United Kingdom lambasted by Apple, Google, Facebook, Yahoo and Microsoft over its proposed hacking law

In a rare bonhomie the three tech giants came together to criticize United Kingdom’s new hacking law. Apple, Microsoft, Google and Facebook criticized plans by the UK government for a new law that would allow government authorities and law enforcement agencies to hack computer systems to access data.

According to the provisions of the draft Investigatory Powers Bill, government authorities and law enforcement agencies like intelligence and security services, police and the armed forces would be free to hack into devices belonging to Britons and visitors to United Kingdom to obtain data, such as communications, when they have a warrant to do so.

The draft bill has been pilloried by netizens on social network however, the government argues that the hacking provisions – part of the wider internet surveillance legislation – are needed so that law enforcement can intercept the communications of criminals even when they are encrypted.

However the gang of four tech companies have put together a warning saying that the plan would set a dangerous precedent that would be followed by other countries, will damage trust in their services and may be impossible to implement anyway.

The tech giants have issued a joint submission to the committee of MP’s overseeing the nitty gritties of the bill before it is submitted before the UK’s parliament for vote.

In the joint submission, Facebook, Google, Microsoft, Twitter and Yahoo state that, “To the extent this could involve the introduction of risks or vulnerabilities into products or services, it would be a very dangerous precedent to set, and we would urge your government to reconsider.”

“We urge the government to make clear that actions taken under authorization do not introduce new risks or vulnerabilities for users or businesses” they said.

In its submission Apple said the plans would put tech companies in a very difficult position. “For the consumer in, say, Germany, this might represent hacking of their data by an Irish business on behalf of the UK state under a bulk warrant – activity which the provider is not even allowed to confirm or deny. Maintaining trust in such circumstances will be extremely difficult.”

All the tech companies have warned that the bill if passed by UK’s parliament would spell doom for, “if followed by other countries, could endanger the privacy and security of users in the UK and elsewhere.”

UK’s largest mobile operator, Vodafone also joined the anti bill bandwagon. It warned that equipment interference elements are perhaps the most contentious of all the powers within the scope of the draft bill.

“The obligations relating to equipment interference have the potential to significantly undermine trust in the United Kingdom’s communications service providers”, it warned.

Firefox maker Mozilla warned that the “bulk systems intrusion” provisions in the bill could be used to “compel a software developer, like Mozilla, to ship hostile software, essentially malware, to a user — or many users — without notice.”

read more

Intel sues Chinese company for hacking 4k video copyright protection

Intel sues Chinese company for hacking 4k video copyright protection

Intel joins hands with Warner Bros. to sue Chinese company for making a 4k video ripping machine

Warner Bros. and Intel’s daughter company Digital Content Protection have sued a Chinese hardware manufacturer who made devices enabling consumers to bypass 4K copy protection.

The devices called HDFury 4K, can be used by pirates and users to copy 4k video from streaming platforms as well as other HDCP 2.2 protected content.  Warner Bros. and Intel have taken exception to ripping 4K protected videos and are filing a lawsuit against China’s LegendSky, makers of the HDFury 4K.

LegendSky launched its range of new ripping devices which allow users to strip the latest HDCP encryption. This hardware sits between a HDCP-compliant source device and another device, allowing it to pass on a “stripped” 4K signal.

Warner Bros is a genuine victim and is suing LegendSky because many of its films could be ripped instantaneously using the HDFury 4K. But if you are wondering why Intel is filing the suit, here is why. Intel owns a company called Digital Content Protection, which content makers pay a fee to in order to protect their digital creations from would-be pirates.

The company’s High-bandwidth Digital Content Protection is supposed to stop hackers being able to copy and share 4K digital content without a trace.

The lawsuit copy, obtained by TorrentFreak, claims HDCP as an “an indispensable content-protection technology” that secures digital audio and video as it travels from set-top boxes, DVDs, Blu-rays, computers, DVRs, games consoles and HDTV.

However, Intel’s technology doesnt seem to be successful in protecting 4K content as would appear from HDFury 4K. Intel admits that in the documents filed before the court

The HDFury Devices harm DCP because, among other things, they undermine the effectiveness of HDCP, lower the value of HDCP, and thereby jeopardize DCP’s ability to license HDCP to Digital Device manufacturers and Digital Content owners.

Both Warner Bros. and DCP accuse LegendSky of violating the DMCA’s anti-circumvention provisions. In addition, they claim that the company violated the Lanham Act by falsely stating that the HDFury devices comply with HDCP’s license requirements.

TorrentFreak confirmed that HDFury 4K ‘stripper’ indeed works as promised by its maker. The first devices were shipped from China early November, a few days before the first 4K rips appeared online.

read more

Leaked : Secret catalogue of spying gear that US government uses to spy on you

Leaked : Secret catalogue of spying gear that US government uses to spy on you

Catalogue of smartphone spying equipments the Feds and police don’t want you see

Want to know what kind of equipments the United States law enforcement agencies use to snoop on your cellphone? A secret internal U.S. government catalogue containing dozens of cellphone surveillance devices used by the military and by intelligence agencies have been obtained by The Intercept. The catalogue includes mostly variants on the Stingray/Dirtbox, which pretend to be cellular towers in order to gather the subscriber details of all the people within range (up to an entire city, for the airplane-mounted Dirtboxes).

“The Intercept obtained the catalog from a source within the intelligence community concerned about the militarization of domestic law enforcement,” states the post published on The Intercept.

“A few of the devices can house a “target list” of as many as 10,000 unique phone identifiers. Most can be used to geolocate people, but the documents indicate that some have more advanced capabilities, like eavesdropping on calls and spying on SMS messages. Two systems, apparently designed for use on captured phones, are touted as having the ability to extract media files, address books, and notes, and one can retrieve deleted text messages.”

Some are designed to be used at static locations, while others can be discreetly carried by an individual. Other have names like Artemis, Blackfin, Cyclone, Gilgamesh, Jugular, Maximus, Spartacus and Yellowstone.

The capabilities and costs of the different devices that are in use in at least 60 law enforcement agencies in the US are detailed in the catalog, though most of the law enforcement agencies will not admit to owning them. While some of these devices are paid for with civil forfeiture funds stolen from random citizens, they are more often bought with DHS anti-terror grants.

The catalog also includes 53 cellphone spying devices, including Stingray I/II surveillance boxes and Boeing “dirt boxes.”

Small enough to fit in a backpack, there are some devices such as the REBUS Ground Based Geo-Location that “provides limited capability to isolate targets utilizing Firewall option.”

The document also includes many other cellphone spying devices that are less popular than Stingray but could be used by law enforcement and intelligence agencies in various scenarios, including the deployment on drones and aircrafts.

Within the catalog, the NSA is listed as the vendor of one device, while another was developed for use by the CIA, and another was developed for a special forces requirement. About a third of over 50 devices described in the document are so secret, they had not been described in public before.

The cellphone spying devices have been used by local law enforcement agencies across the United States for a long time, and these systems are a long debated as they allow authorities to conduct dragnet surveillance on US citizens.

“The archetypical cell-site simulator, the Stingray, was trademarked by Harris Corp. in 2003 and initially used by the military, intelligence agencies, and federal law enforcement.” continues the post. “Another company, Digital Receiver Technology, now owned by Boeing, developed dirt boxes — more powerful cell-site simulators — which gained favor among the NSA, CIA, and U.S. military as good tools for hunting down suspected terrorists. The devices can reportedly track more than 200 phones over a wider range than the Stingray.”

The case of Marc Raimondi was also reported by The Intercept. Raimondi, who was employed by the Harris company and is now a Department of Justice spokesman, claims that the agency’s use of Stingray cellphone spying devices is legal.

Jennifer Lynch, a senior staff attorney at the Electronic Frontier Foundation, has waged a legal battle challenging the use of cellphone surveillance devices in a domestic context.

“We’ve seen a trend in the years since 9/11 to bring sophisticated surveillance technologies that were originally designed for military use—like Stingrays or drones or biometrics—back home to the United States,” said Jennifer Lynch “But using these technologies for domestic law enforcement purposes raises a host of issues that are different from a military context.”

Federal authorities have worked hard to not let the public know much about the cell-site simulators used by law enforcement.

read more

North Korea is accessing tourists’ private data on their laptops

North Korea is accessing tourists' private data on their laptops

North Korea is searching tourists’ laptops, web history

North Korean officials are searching visitors’ laptops, tablets, phones, and other gadgets for forbidden content.

North Korea is, of course, an awful place to be, and not the first idea most have for an international vacation. The nation has been trying to increase its tourist numbers over the last couple years, however, going so far as to offer mobile Internet access (revoked) and Internet ‘cafes’ lacking in peripherals. If neither of those things deter you from visiting, though, there’s the latest warning from the State Department stating, among other things, that North Korean customs will search through your Internet browser history.

It’s no secret that North Korea is very strict about what visitors can do and what they can bring, but that hasn’t stopped many from smuggling content in and out. That is becoming more difficult, however, as the nation grows more paranoid about security amidst its push for tourists. Bringing so much as a single paperback book could get you extra scrutiny from officials.

According to the State Department, visitors should realize that North Korean officials are searching visitors’ laptops, tablets, phones, and other gadgets for forbidden content. This extends so far as to involve one’s browser history and cookies, which are analyzed to see if you’ve accessed anything the DPRK doesn’t like, never mind that the access took place outside of the country.

Anything from a Bible app to adult website bookmarks could get visitors in trouble.

Of course, there’s a whole host of other things that can get visitors in trouble aside from having signs of banned content on a laptop. Trying to buy something from an unapproved vendor, for example, is a no-no. So is talking to strangers, snapping wayward pictures, saying anything in personal phone calls that may be considered critical or negative of the nation, and more.

read more

EFF claims Google’s Chromebook stores student’s data

EFF claims Google's Chromebook stores student's data

EFF lodges complaint with the FTC, alleging that Google is mining student data without permission

The civil liberties group, Electronic Frontier Foundation (EFF) has accused Google of using its Chromebooks to store children’s data. According to the complaint filed with the United States Federal Trade Commission (FTC), EFF has claimed that Google Chromebook invaded privacy of students.

The EFF’s complaint alleges that Google has enabled by default the “Sync” feature on its Chrome browser for chromebooks sold to schools, which monitors and collects data on internet searches, websites visited, saved passwords, and videos viewed by US students using the laptops from kindergarten through to the 12th grade in order to improve its digital services.

EFF has also said that the children cant change the Chromebook privacy settings as the privilege of changing those lies with the school administrators. EFF also added that Google has been violating its own Student Privacy Pledge signed in 2014, which it said is legally enforceable under the Federal Trade Commission Act.

“Google is violating the Student Privacy Pledge in three ways. First, when students are logged into their Google for Education accounts, student personal information in the form of data about their use of non-educational Google services is collected, maintained, and used by Google for its own benefit, unrelated to authorized educational or school purposes,” the privacy group alleged in its complaint.

“Second, the ‘Chrome Sync’ feature of Google’s Chrome browser is turned on by default on all Google chromebook laptops — including those sold to schools as part of Google for Education — thereby enabling Google to collect and use students’ entire browsing history and other data for its own benefit, unrelated to authorized educational or school purposes.

“And third, Google for Education’s administrative settings, which enable a school administrator to control settings for all program chromebooks, allow administrators to choose settings that share student personal information with Google and third-party websites in violation of the Student Privacy Pledge.”

Meanwhile Google has stated that its tools complied with the law. Google provides schools with Chromebooks and its Google Apps for Education (GAFE) products – a suite of cloud-based productivity tools. According to Google no ads appear on the following Apps in Chromebooks given to the students.

  • Gmail
  • Drive
  • Calendar
  • Sites

The EFF unearthed the information during its Spying on Students campaign looking into privacy risks of school-supplied devices and software, which was launched on Tuesday.

“Despite publicly promising not to, Google mines students’ browsing data and other information, and uses it for the company’s own purposes. Making such promises and failing to live up to them is a violation of FTC rules against unfair and deceptive business practices,” argued EFF staff attorney Nate Cardozo.

“Minors shouldn’t be tracked or used as guinea pigs, with their data treated as a profit center. If Google wants to use students’ data to ‘improve Google products’, then it needs to get express consent from parents.”

EFF has also released a guide for parents and students on changing chromebook settings to improve privacy.

read more

Facebook’s “Most Used Words” App Accused Of Stealing Personal Data

Facebook's "Most Used Words" App Accused Of Stealing Personal Data

“Most Used Words On Facebook” App Collects Lot Of Your Personal Information

Facebook newest application not only wrecks personal space but is making users wondering if it’s worth it. The “What Are Your Most Used Words on Facebook?” app created by a South Korean company named Vonvon displays a “word cloud” based on your frequently used words in past status messages, and assembles them into a picture that shows the most common ones in a larger size. The application might seem like fun at first, but UK-based VPN company Comparitech warns that it is a “privacy nightmare.”

According to Comparitech, which first reported the privacy issues says that the app has been shared over 16 million times. The site wrote “That’s over 16 million people who agreed to give up almost every private detail about themselves to a company they likely know nothing about.”

In order to make the application work, basically you need to grant the application access. In other words, when a Facebook user signs up to use the app, he or she agrees to give the “What Are Your Most Used Words on Facebook?” app permission to collect your IP address, profile picture, age, friends list, posts, posts you are tagged in, birthday, education history, hometown, likes, photos and more. This data can be stored on Vonvon’s servers anywhere across the world.

There is growing concern among Facebook users after they have discovered that the applications needs additional access to personal stuff like photos, posted movies and even conversations. While the application is quite invasive by nature, no one spared a thought to think if sharing your personal data is worth the trouble.

“We may continue to use any non-personally-identifying information in accordance with this Privacy Policy (e.g., for the purpose of analysis, statistics and the like) also after the termination of your membership to this WebSite and\or use of our services, for any reason whatsoever,” says Vonvon’s privacy policy. “Vonvon processes Personal Information on its servers in many countries around the world. Such information may be stored on any of our servers, at any location.

While there is no clarity as to what the site is doing with the information, but it makes clear that it can sell the information to anybody that it wants without giving you any notification and that simply using the app means that you have given your permission for them to do so.

Once it has sold that data on, it gives no protection for how it is used. The privacy policy “does not apply to the practices of entities Vonvon does not own or control, or to individuals whom Vonvon does not employ or manage, including any third parties to whom Vonvon may disclose Personal Information”, the terms read.

While we are not sure if this application is worthy to access our Facebook profile, one thing is clear though that one has to be extra cautious and be doubly sure before allowing any application to access your Facebook profile.

read more

Facebook Wants To Tell Businesses Where You Are Without Your Consent

Facebook Wants To Tell Businesses Where You Are Without Your Consent

Facebook will share you location with businesses if you are near their stores

Everyone who uses Facebook knows that it is the worst when it comes to the FB users privacy. It has been at the brunt of attacks from privacy advocates for revealing important user data to its advertisers. Now it will go one step further and reveal your location to the businesses without your explicit consent.

Earlier this month, Facebook announced a new feature that will share your location with businesses when you’re near their stores. For this purpose, Facebook will use your geolocation data to find out what percentage of passersby have seen a brand’s ad, and to help stores custom-tailor their ads to promote more traffic to physical stores.

This feature called “local insights” tab will be available for free to any business with a Facebook page, though paid advertisers will get to see the share of people passing a store’s locations that have seen their ads.

The saving grace is that Facebook wont share your personal information and just your geo-location. However even then this feature feels awfully creepy and invasive to your privacy. This is especially so as a vast majority of Facebook users probably don’t even know such a feature actually exists.

Luckily for Facebook users you can protect yourself from Facebook’s prying eyes.

In the Facebook mobile app, click on the “More” tab, and then “Account Settings.” Then go to “Location Settings” and then turn of the toggle for location tracking.

read more

Tor Project looks to crowdfunding to reduce its dependency on US Government money

Tor Project looks to crowdfunding to reduce its dependency on US Government money

Tor does not want to depend on government money, starts crowdfunding campaign for funding

In order to lessen its dependence on U.S. government donations, private communication network Tor, the network that facilitates hidden communications and secure Internet activity has launched a campaign seeking crowdfunding for its work.

According to The Verge, currently up to 90 percent of its funding comes from government donations. To kick off the campaign for donations, the organization has published a blog post called a ‘This is what a Tor Supporter looks like: Laura Poitras’, who is the filmmaker behind the documentary on the Edward Snowden-NSA leaks and a leading privacy advocate.

“There are so many reasons…that we want to protect our privacy and not broadcast every move we make online. Tor is an essential tool that is needed by people to do what they do. It fosters free speech and independent voices.” she said.

Poitras, who is on the U.S. government’s watch list, explains in the post that she sees Tor as “an essential tool that is needed by people to do what they do. It fosters free speech and independent voices.”

It is how Snowden and her communicated and shared the information that was essential to breaking his story. Poitras says:

“There’s no way I would have been able to protect the initial source without using Tor… Fundamentally, without Tor and other free software tools I wouldn’t have been able to do the reporting, and the story would not have been broken”.

With just a post on the Tor blog and a handful of media reports, the crowdfunding campaign has gotten off to a relatively low-key start. It has become all the more obvious this month that there is a huge requirement for independent donations.

The reason being reports suggest that researchers at Carnegie Mellon were paid $1 million by the FBI for research on how to crack Tor. According to the fairly vague statement issued by university, it claims — which were first raised by Tor — were “inaccurate” and that Carnegie Mellon was issued with a subpoena “requesting information about research it had performed.”

Carnegie Mellon wasn’t too clear on the inaccuracies of the claims but, nevertheless, cyber security watchers have questioned whether there was some form of secret understanding between the two parties.

Tor is taking donations at this webpage here.

read more

Stopping Microsoft from tracking your every move on Windows 10

Stopping Microsoft from tracking your every move on Windows 10

This is how to stop Microsoft from tracking your every move on Windows 10

Ever since Windows 10 was introduced by Microsoft, it has been notorious for spying on you, the users. Windows 10 installed with Express Settings can track a very large amount of data. Windows 10 Home can track and share the websites you visit, your purchases, the searches you make, contacts, calendar details, location and the voice commands you use with virtual assistant, Cortana.

According to Microsoft, your personal information is sent back to its servers as it is rarely recorded and there is always an opt-out, whenever it does. However, those who are uncomfortable with the operating system’s exceptional thirst for data can rest.

A new third-party app assures to stop all of the background data collection in Windows 10, including the features that Microsoft does not let users to disable from within the settings.

Nicknamed Spybot Anti-Beacon, this one-click solution slows down the process on your operating system’s telemetry data.

The Spybot Anti-Beacon tool, that operates independently has now be updated so that it can work across Windows 7, Windows 8.1 and Windows 10.

Spybot, who have been in the privacy business since 2000 offers Anti-Beacon that is small, easy to use and free of charge. Windows 10 users who do not wish to have details about their PC usage sent to Microsoft, this lightweight app was built to address the privacy concerns of such users.

All you need to do is to just tap “Immunise” on the main screen of the app to disable any known tracking features included by Microsoft in the operating system.

While using Anti-Beacon if any there problems that occur with your PC , undoing the changes made can be done by clicking the “Undo” button in the main window. Although, this will re-enable all tracking services.

Windows 10 – which is being installed on thousands of computers automatically in the latest adoption push by Microsoft – is continually being updated and tweaked by Microsoft.

Nicknamed Threshold 2, which is the latest update is scheduled to roll out later this month. It includes twists to the failed Microsoft Edge browser, several patches, and some visual changes.

In a move to appeal to businesses to choose the new unified Windows operating system, Microsoft recently relaxed its stance on data collection for enterprise customers. The ability to turn off telemetry tracking was recently gained by Windows 10 Enterprise, even though Microsoft strangle suggests you to leave it on.

Speaking to PC World, Vice President Joe Belfiore said “We’re going to continue to listen to what the broad public says about these decisions. Ultimately our goal is to balance the right thing happening for the most people – really, for everyone – with complexity that comes with putting in a whole lot of control.”

He added: “And in the case of knowing that our system that we’ve created is crashing, or is having serious performance problems, we view that as so helpful to the ecosystem, and so not an issue of personal privacy, that today, we collect that data so that we make that experience better for everyone.”

In the name of convenience, Windows 10 takes a lot of decisions out of the hands of its users.

The next-generation functionality included in new operating system is whether or not worth the trade-off, could finally decide whether or not you opt for the free upgrade.

Microsoft does let you to control some of its data collection policies by navigating to Start > Settings > Privacy, even if you can’t disable all of the telemetry data in the consumer editions.

Following the upgrade to Windows 10, users have reported annoyingly slow boot-up speeds, privacy concerns, trouble with wifi connections and problems with child safety features.

Currently, Windows 10 is a free operating system upgrade to customers running original versions of Windows 7/8/8.1.

read more