ICYMI is posted every Monday recapping privacy news over the last week from around the web.
Google violated federal wiretap laws when it continued to collect information about what users were doing on the internet without their permission even though they were browsing in so-called private browsing mode, according to a potential class-action lawsuit filed against the internet giant on Tuesday.
The lawsuit, filed in U.S. District Court for the Northern District of California, said Google tracked and collected consumer browsing history even if users took steps to maintain their privacy. The suit said Google also violated a California law that requires consent of all parties to read or learn the contents of private communication.
We just saw Arizona bring a lawsuit to Google's doorstep last week for this issue and now we have another one on the books in California. This isn't the first time Google has collected data when users took steps to maintain their privacy either.
Pay us if you want to commit crimes on our service.
This sentiment is reflected in protection policies of current mobile operating systems, where third-party apps can access accelerometer data without requiring security permission. It has been shown in experiments, however, that seemingly innocuous sensors can be used as a side channel to infer highly sensitive information about people in their vicinity. Drawing from existing literature, we found that accelerometer data alone may be sufficient to obtain information about a device holder’s location, activities, health condition, body features, gender, age, personality traits, and emotional state. Acceleration signals can even be used to uniquely identify a person based on biometric movement patterns and to reconstruct sequences of text entered into a device, including passwords.
Connections can be formed from the most unexpected things.
The latest version of Signal for Android and iOS introduces a new blur feature in the image editor that can help protect the privacy of the people in the photos you share. Now it’s easy to give every face a hiding place, or draw a fuzzy trace over something you want to erase. Simply tap on the new blur tool icon to get started.
[...] We want to do something outside of the app too, so we’ll be distributing versatile face coverings to the community free of charge. We’ve been working to find a manufacturer capable of producing high volumes of face coverings in the current global circumstances. We’re finalizing a few remaining details and will provide more information soon.
Pretty cool stuff.
At that point, experts began taking a closer look at the document, now publicly available on the web. They discovered something else of interest: yellow dots in a roughly rectangular pattern repeated throughout the page. They were barely visible to the naked eye, but formed a coded design. After some quick analysis, they seemed to reveal the exact date and time that the pages in question were printed: 06:20 on 9 May, 2017 – at least, this is likely to be the time on the printer’s internal clock at that moment. The dots also encode a serial number for the printer.
These “microdots” are well known to security researchers and civil liberties campaigners. Many colour printers add them to documents without people ever knowing they’re there.
This has been around for decades but it's great to see this being talked about since the majority of people don't know this exists.
The government tried to argue a lock screen contains no privacy interests. The court disagrees. Even though the information gleaned might be minimal (the FBI agent was likely looking to verify the phone was still in "airplane" mode), the expectation of privacy remains… as does the warrant requirement. It's the intrusion that matters -- not the government's subjective beliefs about the contours of privacy protections.
So when you are using the @brave browser and type in "binance[.]us" you end up getting redirected to "binance[.]us/en?ref=35089877" - I see what you did there mates 😂
Brave certainly has spending their goodwill liberally as of late. Read more about Brave and some of their shenanigans over here.
Want to join the discussion? Check out this post, and others, over at the CupWire subreddit and leave a comment.