Google+ Hack Convinces Google to End Google+

Or maybe it was the backlash after they covered up a data breach. Google+ to shut down after coverup of data-exposing bug.

A security bug allowed third-party developers to access Google+ user profile data since 2015 until Google discovered and patched it in March, but decided not to inform the world. When a user gave permission to an app to access their public profile data, the bug also let those developers pull their and their friends’ non-public profile fields.

They didn’t admit to any of this because – according to a company memo – they didn’t want the Cambridge-Analytica-style publicity. OK, now they have their own bad publicity.

Now Google+, which was already a ghost town largely abandoned or never inhabited by users, has become a massive liability for the company.

When will companies take security seriously? When an executive who makes a boneheaded decision – like either not funding security, or covering it up – is held accountable in a court of law. Nothing else is going to get it done.


Good Advice on Travel and Electronics

So you think you have privacy. Not when you travel, you don’t. Crossing Borders With Electronic Devices.

Before you travel, get a burner phone and cross borders with it wiped clean.

New Zealand has decided to double down on anti-privacy policies.

Chrome 69 Won’t Delete Google’s Cookies

Ask to delete all cookies, Google won’t delete all cookies. Chrome 69 Keeps Google’s Cookies After You Clear Browser Data.

Because Google knows better than you. And they dropped their “Don’t Be Evil” goal, and seem to be doubling down on being evil.

It has been discovered that when you try to clear all cookies in the Chrome browser, every cookie will be deleted except for authentication cookies created by Google. This means that after clearing cookies, you will be logged out of every site that you are currently logged into, except for Google.

This “Let’s not delete our own data” behavior from Google is on top of them logging you into the browser, when you didn’t ask them to. If you logged into Gmail or YouTube, Google would log you into Chrome – even if you didn’t want them to. Log out of YouTube, and Google kept you logged into the browser. They say they didn’t scoop up all of your browser history, but given how evil they’ve become, do you believe them?

Chrome 70 will walk back some of these “evil” changes, but I’ve stopped using Chrome in the interim. You may want to reconsider your use of browsers.

I use a bunch of different browsers. Opera and Vivaldi. Firefox. Chrome. Very rarely Microsoft’s Edge (when I need to test something that isn’t working because of all the privacy extensions I have in the other browsers). I even have an old version of Pale Moon installed, though I need to see if there is a new version available. And of course the TOR Browser. I may have to drop the use of Chrome.

I do this because websites love to track you. And one of the ways they do that is by tracking all kinds of things about your browser. Version, size of display, etc.

Seems like I’m not alone: Why I’m done with Chrome. Matthew Green is a cryptographer and professor at Johns Hopkins University. He takes issue with the “forced login” policy.

If you didn’t respect my lack of consent on the biggest user-facing privacy option in Chrome (and didn’t even notify me that you had stopped respecting it!) why should I trust any other consent option you give me? What stops you from changing your mind on that option in a few months, when we’ve all stopped paying attention?

Hat tip to Security Now.

If the App is Free, That Means YOU Are the Product

They have to make money somehow, so it is by selling all of your information. Dozens of popular iPhone apps caught sending user location data to monetization firms.

A group of security researchers say dozens of popular iPhone apps are quietly sharing the location data of “tens of millions of mobile devices” with third-party data monetization firms.

Almost all require access to a user’s location data to work properly, like weather and fitness apps, but share that data often as a way to generate revenue for free-to-download apps.

There is a list of at least some of the apps involved, including those, like AccuWeather and NOAA Weather Radar that changed the code once they were busted. But some don’t.</p

Apple is demanding that all apps have a privacy policy by October 3, which will do nothing, but lets them pretend they are doing something. Have you EVER not installed an app or piece of software because something the privacy policy or the other disclaimers made you hesitant? And yes, I do read those and I do take them seriously. And when I don’t like something, I have been known to perpetrate misinformation. (You mean you don’t have disposable email addresses?)

Now That’s What You Call Ironic

So you may not know – if like me you really don’t care about anything relating to actors, Hollywood or celebrity – but Geoffrey Owens, one-time regular on The Cosby Show, was seen (Oh. My. God.) actually working for a living at a New Jersey Trader Joe’s. Actually working? The horror.

So of course some woman has to take his photo and “shame” him for having an actual job, and providing for his family. Of course because of all the publicity, he had to quit that job. Woman who took photo of ‘Cosby’ actor working at N.J. Trader Joe’s totally regrets it. Why, because she got schooled in the fine art of mind your own damn business. (To be fair, I don’t think she meant to shame him. That’s how the photos got used, however, and then she got swept up with the garbage.)

Karma Lawrence, the woman who snuck a picture of former “Cosby Show” actor Geoffrey Owens as he cashed out her groceries at an N.J. Trader Joe’s, is filled with regret.

That’s right. Her name is Karma.

That’s when the vitriol began in earnest. Lawrence’s inbox and social media profiles overfloweth with hate mail. One person photoshopped devil horns on her head. Others had all sorts of fun with her first name.

“So much hate. So much nastiness. Oh, it’s been terrible,” Lawrence said in an interview with NJ Advance Media on Tuesday. “They write Karma’s a b****. It’s bad.”

It’s oh so terrible that she got called out for being a privacy invading idiot. Her defense? She reads magazines that have paparazzi photos all the time. (No, she didn’t get paid, not sure what that says about her.) So the next time you see someone that you recognize, ignore them as they go about their business. Don’t be an idiot paparazzo.

How did I find out about this? Mike Rowe was of course asked to comment.

Continue reading

Bug or Feature? Facebook Made Your Life Public in May

Privacy is such a 20th Century concept. Facebook bug switched as many as 14 million users’ privacy settings to ‘public’

Facebook Inc. had a software bug for 10 days in May that set the audience for people’s posts to “public,” even if they had intended to share those posts with only friends or an even smaller audience.

So no one noticed a bug for 10 days. Did anyone test? (Before or after the implementation?)

Actually given Facebook’s pogrom against all things conservative, I’m not sure why anyone who reads this blog regularly would still be using FB. Oh it is convenient to support the people working against your Constitutional Rights. Really? I hope you have a lot of luck with that.

You won’t find me on FB, and I’m on Twitter less and less, and have considered ditching it too. (Social media is a time-waster, and I waste enough time on this blog.)

What’s the Opposite of Privacy? Facebook

In violation of a consent decree. Does this mean that Zuckerberg lied to Congress? Facebook Gave Device Makers Deep Access to Data on Users and Friends – The New York Times

Facebook formed a bunch of partnerships with companies like Apple/Blackberry/Samsung/et al that let them access data on users’ friends without explicit consent. Which is apparently in violation of an F.T.C consent decree from 2011. Those agreements are still in place.

Because as far as the Facebook is concerned, privacy is not something that you get to have.

“It’s like having door locks installed, only to find out that the locksmith also gave keys to all of his friends so they can come in and rifle through your stuff without having to ask you for permission,” said Ashkan Soltani, a research and privacy consultant who formerly served as the F.T.C.’s chief technologist.

And people wonder why I don’t use Facebook.