web analytics



Copyright 2015 Libero Themes.
All Rights Reserved.

8:30 - 6:00

Our Office Hours Mon. - Fri.


Call For Free 15/M Consultation



Westlake Legal Group > Posts tagged "data privacy"

Shocker: Alexa, Google apps letting hackers spy on you

Westlake Legal Group Alexa Shocker: Alexa, Google apps letting hackers spy on you The Blog hackers Google data privacy apps alexa

If you’re using one of those digital assistants like Alexa, Cortana or Google Home, you’ve probably gotten used to the idea that they’re sometimes listening to you when they’re not supposed to. (Either that or you really don’t follow the news very closely at all.) In addition to that, smart devices with cameras installed are probably recording videos and pictures of you when you don’t expect them to. But those are generally just instances of the people who make the devices looking for information to use when pitching ads to you. (Hopefully.)

As it turns out, however, hackers are able to come after you using the same systems by creating apps and hiding malware in them. As Ars Technica reports this week, developers were able to sneak apps into the app stores that were capable of recording your activities if you installed them on your devices. Isn’t that just wonderful?

The threat isn’t just theoretical. Whitehat hackers at Germany’s Security Research Labs developed eight apps—four Alexa “skills” and four Google Home “actions”—that all passed Amazon or Google security-vetting processes. The skills or actions posed as simple apps for checking horoscopes, with the exception of one, which masqueraded as a random-number generator. Behind the scenes, these “smart spies,” as the researchers call them, surreptitiously eavesdropped on users and phished for their passwords.

“It was always clear that those voice assistants have privacy implications—with Google and Amazon receiving your speech, and this possibly being triggered on accident sometimes,” Fabian Bräunlein, senior security consultant at SRLabs, told me. “We now show that, not only the manufacturers, but… also hackers can abuse those voice assistants to intrude on someone’s privacy.”

The details of what the whitehat hackers were able to do are disturbing, to say the least. They developed a series of apps for both Amazon and Google with malicious code hidden in them and were able to get all of them into the store and available to the public. This calls the companies’ vetting processes into question at a minimum.

In one example, an app performed the seemingly harmless service of generating a random number for the user. Another provided your “lucky horoscope” on any given day. Both of these apps appeared to function normally and then indicated that the process was complete and shut down. But the device was still listening, recording everything else said in the room and sending a transcript to the hacker’s server.

In another example, an app appeared to fail to perform and “shut down.” But then in a fake voice sounding like the digital assistant, it announced that an update was available and asked for the user to say or enter their password. That too was sent to the hacker’s server.

Check out this short video of one of the apps in action.

The linked article contains a detailed explanation of how these malicious apps pull off these tricks if you’re interested in that sort of thing. But the point is that the intruders conducting this test were easily able to do it (in multiple languages) and get the malware accepted into the online stores every time.

No, I don’t know what you’re supposed to do with this information aside from only downloading apps from trusted sources. But who’s a trusted source these days when even Amazon and Google have employees listening in on your activities. I have Cortana on my laptop because it came with that, but I’ve never enabled it. I also have the “okay Google” function on my phone that I use sometimes, but I don’t use all that many apps. This is apparently just one more risk you take every time you step out onto the information superhighway I guess.

The post Shocker: Alexa, Google apps letting hackers spy on you appeared first on Hot Air.

Westlake Legal Group Alexa-300x153 Shocker: Alexa, Google apps letting hackers spy on you The Blog hackers Google data privacy apps alexa  Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

The government wants the names of tens of thousands of app users

Westlake Legal Group CellPhone The government wants the names of tens of thousands of app users The Blog rifles data privacy apps

Forbes has a report this week with a rather disturbing sounding title, but the details don’t make it quite so clear cut. It’s titled, “Feds Demand Apple And Google Hand Over Names Of 10,000+ Users Of A Gun Scope App.”

Whoa! It not only raises questions of so-called “data privacy” for a large number of people, but it invokes Second Amendment fears by dragging rifle scopes into it. But as I suggested above, this might not be the tale of dystopian, Big Brother government intrusion you could be led to believe. The app in question is called Obsidian 4 and it’s manufactured by night-vision specialist American Technologies Network Corp. It allows users to “get a live stream, take video and calibrate their gun scope from an Android or iPhone device.” There are at least 10,000 people using the app and now the feds want Apple and Google to turn over all of their user data.

Own a rifle? Got a scope to go with it? The U.S. government might soon know who you are, where you live and how to reach you.

That’s because the government wants Apple and Google to hand over names, phone numbers and other identifying data of at least 10,000 users of a single gun scope app, Forbes has discovered. It’s an unprecedented move: Never before has a case been disclosed in which American investigators demanded personal data of users of a single app from Apple and Google. And never has an order been made public where the feds have asked the Silicon Valley giants for info on so many thousands of people in one go.

I suppose a demand for that much data when nearly all of the users haven’t been accused (or even suspected) of a crime yet could be seen as disturbing. But here’s where it gets complicated.

ICE is the agency looking into this question because of the rifle scopes that ATNC sells. The scopes aren’t illegal for Americans to purchase, but they are controlled in terms of exporting them out of the country. It’s alleged that many of these scopes have been showing up in the hands of criminal organizations in other countries, including the Taliban. The belief is that by checking the app’s user activity, they could pin down the locations outside the country where illegal shipments may have gone.

Sounds like a legitimate need by law enforcement to me. But the real question here is why ask for the data for all users? Surely Google and Apple could provide the user data for just those users outside the United States, right? Why not just ask for that if there are no issues with people using the scopes or the app in America? Seems like a reasonable compromise that both the government and the tech giants could see eye to eye on.

I’ll confess I was previously unaware of this app, but after looking into it a bit another question comes to mind. If you can remotely get video from the scope and “calibrate” it at a distance, does that mean you can also fire it remotely? Even if you had to rig up some sort of external trigger activating mechanism, that would be an alarming combination. Then again we already had a guy attach a handgun to a drone and fire it from his controller, so maybe that cat is already out of the bag.

The post The government wants the names of tens of thousands of app users appeared first on Hot Air.

Westlake Legal Group CellPhone-300x159 The government wants the names of tens of thousands of app users The Blog rifles data privacy apps  Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Amazon facial recognition once again identifies lawmakers as criminals

Westlake Legal Group FacialRec Amazon facial recognition once again identifies lawmakers as criminals The Blog facial recognition errors data privacy amazon

Jeff Bezos must really be getting tired of these headlines coming up all the time. It seems that their facial recognition software (known as Rekognition) has been subjected to yet another test and come up a little short. Or a lot short, particularly if you happen to be one of the more than two dozen state lawmakers who showed up as hits matching them against a database of known criminals. But hey… when you’re making omelets you’ve got to crack a few eggs, right? (CBS San Francisco)

A recent test of Amazon’s facial recognition technology reportedly ended with a major fail, as some state lawmakers turned up as suspected criminals.

The test performed by the American Civil Liberties Union screened 120 lawmakers’ images against a database of 25,000 mugshots. Twenty-six of the lawmakers were wrongly identified as suspects.

The ACLU said the findings show the need to block law enforcement from using this technology in officers’ body cameras. Meanwhile, supporters of facial recognition say police could use the technology to help alert officers to criminals, especially at large events.

As usual, let’s get the obvious joke out of the way first. If the software is identifying California legislators as criminals, honestly… how broken is it really? (Insert rimshot gif here.)

Getting back to the actual story, the first thing to note is that the “test” in question was performed by the American Civil Liberties Union (ACLU). At least that’s how it’s phrased in the CBS report. Last I checked, they weren’t a software development firm, so did they really make up and perform the test themselves or shop the job out to a firm with more direct experience? I’d like to see the details.

Of course, the results aren’t that suspect. Of all the facial recognition software out there that we’ve looked at, Amazon’s seems to be the one that winds up producing the most spectacular (and frequently hilarious) epic fails when put to independent testing. In that light, perhaps the ACLU wasn’t off the mark.

Of course, the ACLU isn’t looking to improve the technology. This test was run so they can continue their campaign to prevent law enforcement from using the software. Democratic Assemblymember Phil Ting of San Francisco (who was tagged as a felon) is quoted as saying, “While we can laugh about it as legislators, it’s no laughing matter if you are an individual who is trying to get a job, for an individual trying to get a home. If you get falsely accused of an arrest, what happens? It could impact your ability to get employment.”

These types of scare tactics are all too common and should be derided. I’ve asked multiple times now and am still waiting for an answer to one simple question. Does anyone have evidence of even a single instance where someone was misidentified by facial recognition and gone on to be prosecuted (or persecuted, as Ting suggests) because the mistake wasn’t discovered? I’ve yet to hear of a case. Did the police show up and arrest Ting after he was misidentified? I somehow doubt it.

Look, the technology is still in its infancy and it’s got a few bugs in it. They’re working them out as they go. Eventually, they’ll get it up to speed and the error rates should drop down to acceptable levels. And if this software can help catch a suspect in a violent crime in a matter of minutes or hours rather than days or weeks after they were spotted by a security camera, that’s a tool that the police need to have.

The post Amazon facial recognition once again identifies lawmakers as criminals appeared first on Hot Air.

Westlake Legal Group FacialRec-300x153 Amazon facial recognition once again identifies lawmakers as criminals The Blog facial recognition errors data privacy amazon  Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Now doorbell cams are destroying America or something

Westlake Legal Group doorbell Now doorbell cams are destroying America or something The Blog porch pirates online privacy facial recognition door data privacy

There’s something about cameras that seems to divide our nation, while at the same time pointing out dizzying differences in terms of how we evaluate the technology based on who is using it. We already know that privacy advocates (for lack of a better term) hate facial recognition software when it’s used by law enforcement of any kind. However, most of them don’t seem to have any problems with Facebook and other social media apps “tagging” them and their friends at the latest party. Speed cameras are also seen as being evil, even if they do occasionally catch violent felons fleeing the scene of a crime.

But now another sort of camera is coming under attack. It’s the newly ubiquitous doorbell camera that lets you know when someone is at your door even when you’re not home. Video taken by these cameras can be shared among neighbors and even the local police to catch porch pirates, burglars and other ne’er-do-wells, varlets and cullions. In some cases, as with the Amazon offering called “Ring,” police departments are partnering with the company to offer discounted camera deals. This, of course, means that they have to be done away with. (Associated Press)

[A]s more police agencies join with the company known as Ring, the partnerships are raising privacy concerns. Critics complain that the systems turn neighborhoods into places of constant surveillance and create suspicion that falls heavier on minorities. Police say the cameras can serve as a digital neighborhood watch.

Critics also say Ring, a subsidiary of Amazon, appears to be marketing its cameras by stirring up fear of crime at a time when it’s decreasing. Amazon’s promotional videos show people lurking around homes, and the company recently posted a job opening for a managing news editor to “deliver breaking crime news alerts to our neighbors.”

“Amazon is profiting off of fear,” said Chris Gilliard, an English professor at Michigan’s Macomb Community College and a prominent critic of Ring and other technology that he says can reinforce race barriers. Part of the strategy seems to be selling the cameras “where the fear of crime is more real than the actual existence of crime.”

The arguments being made against Ring (and related products) for teaming up with police are bizarre, to say the least. First of all, arguing that these are unnecessary measures during a time of falling crime rates is bogus. Thankfully, it’s true that violent crime continues to fall across most of the nation (except in several larger cities), but porch piracy is on the rise and has been for some time.

Also, the usefulness of these devices for homeowners is beyond question. It allows you to instantly communicate with someone coming to your door when nobody is home. And if they are on your porch or at your doorway, you have a right to know about it.

The same applies to the privacy argument. Your expectation of privacy drops dramatically when you walk out your door and into the public square. When you set foot on someone else’s property, your expectation of privacy evaporates. (With the exception of using personal facilities like bathrooms, locker rooms or showers with the permission of the owner.)

What it comes down to in the end is that the advocates arguing against this technology simply want to make it as difficult as possible for law enforcement to do their jobs if it involves “Big Brother” having an image of you or any other data on record. I continue to find this argument unconvincing.

The battle continues, however. Over at Buzzfeed this week you can find yet another screed about how facial recognition needs to be banned entirely. To be clear, I’m not saying there aren’t situations where the consumer should be leary about some of this technology. We recently learned that the Russians own and operate that FaceApp system that shows you pictures of yourself looking much older. Turns out they’ve been collecting all of your photos and might be using them to create fake social media profiles.

But that’s the Russians. Not our own law enforcement agencies. This was just a case of caveat emptor. If you don’t know who you’re dealing with, don’t download dodgy apps that rely on you submitting pictures of yourself. But that doesn’t make the technology a bad thing. It’s the people who are operating it.

The post Now doorbell cams are destroying America or something appeared first on Hot Air.

Westlake Legal Group doorbell-300x153 Now doorbell cams are destroying America or something The Blog porch pirates online privacy facial recognition door data privacy  Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

NBC: Zuckerberg papers show Soylent Facebook is made of people, or something

Westlake Legal Group zuckerberg-congress NBC: Zuckerberg papers show Soylent Facebook is made of people, or something The Blog Six4Three Mark Zuckerberg lawsuit facebook data privacy

The most important lesson to remember about the Internet is this: If you’re not paying for it, you’re not the customer — you’re the product. With that in mind, NBC News’ peek into Mark Zuckerberg’s plans to weaponize Facebook user data for his own purposes is not only not surprising, it’s laughably obvious:

Facebook CEO Mark Zuckerberg oversaw plans to consolidate the social network’s power and control competitors by treating its users’ data as a bargaining chip, while publicly proclaiming to be protecting that data, according to about 4,000 pages of leaked company documents largely spanning 2011 to 2015 and obtained by NBC News.

The documents, which include emails, webchats, presentations, spreadsheets and meeting summaries, show how Zuckerberg, along with his board and management team, found ways to tap Facebook’s trove of user data — including information about friends, relationships and photos — as leverage over companies it partnered with.

In some cases, Facebook would reward favored companies by giving them access to the data of its users. In other cases, it would deny user-data access to rival companies or apps.

For example, Facebook gave Amazon extended access to user data because it was spending money on Facebook advertising and partnering with the social network on the launch of its Fire smartphone. In another case, Facebook discussed cutting off access to user data for a messaging app that had grown too popular and was viewed as a competitor, according to the documents.

And … so? Yes, it’s slimy, and yes, it’s creepy, but Zuckerberg didn’t force Facebook users to upload every gritty detail of their lives. Users did that on their own. What did they think Facebook was going to do with it, especially since they were getting access to all this data for free themselves? How did they think Zuckerberg got to be a billionaire?

This tranche of documents come from a lawsuit filed by an app design company called Six4Three over Facebook’s treatment of their access to the data. Their app, Pikinis, developed an algorithm that found pictures on friends’ sites of people in swimwear, only it turned out to be a little more successful than anticipated. When Facebook tightened their privacy rules in 2015, Pikinis became defunct. That’s why the tranche ends in 2015, the most recent limit of data relevant to Six4Three’s complaint. Since then, Facebook insists that they only discussed treating customer data like livestock.

Of course, Zuckerberg was sanctimoniously proclaiming himself a privacy advocate at the same time. “All the while,” NBC notes, “Facebook was formulating a strategy to publicly frame these moves as a way of protecting user privacy.” They link to a New York Times profile of Zuckerberg’s 2014 efforts to allow users more choice on what data got shared, which almost seems quaint considering what took place since then:

For most of its 10-year history, Facebook has pushed and sometimes forced its users to share more information more publicly, drawing fire from customers, regulators and privacy advocates across the globe. That helped make Facebook the world’s largest social network and an advertising behemoth.

But the company recently concluded that its growth depended on customers feeling more confident that they were sharing intimate details of their lives with only the right people.

“What we really want is to enable people to share what they want,” Mark Zuckerberg, Facebook’s co-founder and chief executive, said in a recent interview.

And more sharing means more growth and more opportunities to place ads for Facebook.

Mr. Zuckerberg has also watched the rapid growth of privacy-friendly services like WhatsApp and Snapchat and anonymous sharing apps like Secret and Whisper, which compete for the time of many Facebook users, especially the younger ones. That prompted him to strike a deal this year to buy WhatsApp for as much as $19 billion and take steps to make the Facebook social network more respectful of user privacy.

Ahem. Did anyone really believe that Zuckerberg spent $19 billion to buy up a competitor for the purpose of making Facebook “more respectful of user privacy”? Had WhatsApp continued to be a Facebook competitor, that pressure might have forced both platforms to meet user demands for privacy. Buying Whatsapp eliminated that pressure and enforced Facebook’s social-media platform dominance.

Anyone who thinks these efforts to exploit user data ended in 2015 can send bids on a Big Apple bridge to sendmeallyourmoneysuckers@hotair.com, along with banking data needed for wire transfers. Zuckerberg’s selling a product, which is how he and the rest of the Facebook empire get paid. They may strategize ways in which you look less like a spiral ham getting sliced up for their banquet so you’ll squeal less, but you’re still the glazed ham. Your data is their product, and after one accepts that reality, nothing in this NBC News exposé is at all noteworthy except for the sanctimonious hypocrisy. Even at that, it’s basically a rehash of the Six4Three story from December.


The post NBC: Zuckerberg papers show Soylent Facebook is made of people, or something appeared first on Hot Air.

Westlake Legal Group zuckerberg-congress-300x173 NBC: Zuckerberg papers show Soylent Facebook is made of people, or something The Blog Six4Three Mark Zuckerberg lawsuit facebook data privacy  Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com