Privacy | So Long, and Thanks for All the Fish

Ring camera accounts breach: Amazon blames users, EFF respond!

Posted on January 3, 2020December 30, 2019 by Andrea Fortuna

Recently, digital intruders entered the Ring surveillance camera in the bedroom of an 8-year-old girl in Mississippi and started talking to her [1], then various other intrusions took place and it emerged that 3600 e-mail addresses, passwords, localizations and other personal data of Ring users were published online [4].

Google and Facebook surveillance threatens human rights, Amnesty International says

Posted on December 13, 2019December 18, 2019 by Andrea Fortuna

Google and Facebook help connect the world and provide crucial services to billions users, but this services come at a systemic cost.

Court forces e-mail provider Tutanota to release unencrypted messages

Posted on November 15, 2019November 15, 2019 by Andrea Fortuna

The e-mail provider Tutanota advertises to be the “world’s most secure e-mail service”.
The company offers encrypted e-mail communication and claims to have six million customers relying on this security promise.

A glitch on Facebook App’s UI reveals a weird camera activity

Posted on November 13, 2019November 14, 2019 by Andrea Fortuna

UPDATE 2019/11/14: Facebook released version 247.0 that fixes the glitch.

Joshua Maddux published on his Twitter account a video captured from an iPhone running iOS 13.2.2: in this video, a glitch in the interface of Facebook App reveals that the camera is up and running without any notification.

Found a @facebook #security & #privacy issue. When the app is open it actively uses the camera. I found a bug in the app that lets you see the camera open behind your feed. Note that I had the camera pointed at the carpet. pic.twitter.com/B8b9oE1nbl
— Joshua Maddux (@JoshuaMaddux) November 10, 2019

The bug is really simple to reproduce: simply open a Facebook page, tap on profile image and swipe down in order to close the full screen image.
After this sequence, the interface of the app fails to re-align and shows on the background the video stream captured by the rear camera.

Below the test performed on my device (iPhone 7):

I did the same test on an iPhone XS, without being able to reproduce the bug.

The doubt

Now, the main question is: why the camera is on?
Is it just a stupid bug or just one of several techniques used by Facebook in order to collect data?

No panic!

Relax, regardless of whether this is a bug or a data-collection feature, the remediation is pretty simple.

Without coming to buy a smartphone with camera kill-switch [1], or a more affordable camera cover [2], you can disable camera access for the facebook app, as shown by Marco De Sanctis on the twitter thread above:

pic.twitter.com/mjmHcL9bmx
— Marco De Sanctis (@crad77) November 12, 2019

For additional privacy, Marco disables also microphone and bluetooth access, that can be used by facebook for location tracking [3].

References

Some thoughts about Browser Fingerprinting

Posted on September 12, 2019September 11, 2019 by Andrea Fortuna

Browser fingerprinting is an incredibly accurate method of tracking online activity but, luckily, there are a few things you can do to try to wipe your fingerprints.

TL;DR
Are you a privacy obsessed? Don’t use an unusual browser!