Recently, digital intruders entered the Ring surveillance camera in the bedroom of an 8-year-old girl in Mississippi and started talking to her [1], then various other intrusions took place and it emerged that 3600 e-mail addresses, passwords, localizations and other personal data of Ring users were published online [4].
Continue…Google and Facebook help connect the world and provide crucial services to billions users, but this services come at a systemic cost.
Continue…The e-mail provider Tutanota advertises to be the “world’s most secure e-mail service”.
The company offers encrypted e-mail communication and claims to have six million customers relying on this security promise.
UPDATE 2019/11/14: Facebook released version 247.0 that fixes the glitch.
Joshua Maddux published on his Twitter account a video captured from an iPhone running iOS 13.2.2: in this video, a glitch in the interface of Facebook App reveals that the camera is up and running without any notification.
The bug is really simple to reproduce: simply open a Facebook page, tap on profile image and swipe down in order to close the full screen image.
After this sequence, the interface of the app fails to re-align and shows on the background the video stream captured by the rear camera.
Below the test performed on my device (iPhone 7):
I did the same test on an iPhone XS, without being able to reproduce the bug.
Now, the main question is: why the camera is on?
Is it just a stupid bug or just one of several techniques used by Facebook in order to collect data?
Relax, regardless of whether this is a bug or a data-collection feature, the remediation is pretty simple.
Without coming to buy a smartphone with camera kill-switch [1], or a more affordable camera cover [2], you can disable camera access for the facebook app, as shown by Marco De Sanctis on the twitter thread above:
For additional privacy, Marco disables also microphone and bluetooth access, that can be used by facebook for location tracking [3].
Browser fingerprinting is an incredibly accurate method of tracking online activity but, luckily, there are a few things you can do to try to wipe your fingerprints.
TL;DR
Are you a privacy obsessed? Don’t use an unusual browser!
Are you a privacy obsessed?
You can do everything in your power to avoid being tracked through your phone, such as change OS, avoid Google‘s services, only use open-source apps from F-Droid, turn off WiFi and location services but…there is one thing that is majorly overlooked.
Security researchers from Google’s Project Zero team say they have discovered a number of compromized websites which used previously undisclosed security flaws to attack any iPhone that visited them.
Continue…End-to-end encryption is not everything!
Continue…On this article on his blog, Bruce Schneier talks on protecting yourself from identity theft.
TL;DR: You can’t. You can only prevent criminals from using your personal information, which they almost certainly already have.
Continue…