AT&T ceases “permacookie” tracking program for the time being, Verizon still enacting its own version

Posted by:
Date: Monday, November 17th, 2014, 04:45
Category: iPhone, News, privacy, wireless

attlogosmall

There are consequences for when a wireless carrier installs something that apparently tracks its user base a little too closely with no convenient means of removal.

Per Macworld and ProPublica, wireless carriers Verizon and AT&T have been caught up in a privacy firestorm over their use of so-called “permacookies,” a method of tracking what their users do while browsing the Web with the intent of sharing that data with advertisers. Verizon’s permacookie program lives on, but AT&T has ceased the practice.

(more…)

iOS 8′s MAC randomization requires cellular data & location services to be disabled

Posted by:
Date: Saturday, September 27th, 2014, 15:36
Category: iOS, iOS 8, iPhone, privacy

You know that we love, cherish and respect your privacy here at The PowerPage, right?

Privacy bugs will be interested in reading Apple’s new “Privacy built in” microsite, which extolls the virtues of some of the new privacy features that are baked into iOS 8. While it’s a huge step in the right directions for the consumer (so much so that the FBI is spreading FUD about it), some industry experts are taking issue with one of the new features.

At issue is what Apple calls Randomized Wi-Fi addresses. In reading that section of Privacy Built In, one could be left to believe that merchants and retailers can no longer track your movements and behavior by scanning your iPhone’s Wi-Fi MAC address. While Apple has taken steps to obscure it in iOS 8, it’s not a simple (or automatic) as Apple leads us to believe.

A new blog post from AirTight Networks’ Bhupinder Misra called “iOS8 MAC Randomization – Analyzed!” (read parts 1 and 2) takes issue with Apple’s claims that iOS 8 uses randomized and locally administrated Wi-Fi MAC addresses in the probing state. For his blog posts Misra used sophisticated packet sniffing gear to dig into the inner workings of randomized MAC addresses.

His conclusions:

On the iPhone 5s, MAC randomization happens only under the following conditions:

  1. Phone is in sleep mode (display off, not being used)
  2. Wi-Fi should be ON but not associated
  3. Location services should be OFF in privacy settings

Then after reading scandalous reports from The Washington Post and Gizmodo stating that “Apple’s new feature to curb phone tracking won’t work if you’re actually using your phone” he decided to dig a little deeper and discovered that location services should be OFF for random MAC addresses to actually show up.

It has to do with the cellular data connection setting. Basically, if the phone’s cellular data connection is ON, there is no MAC randomization! If you now turn OFF the cellular data connection (Settings -> Cellular -> Cellular Data OFF), random MAC addresses show up.

Rups!

iOS8 MAC RandomGate:  Who turns OFF location services AND turns OFF cellular data connection while using their iPhone?

So if both Cellular Data and Location Services have to be switched off to randomize MAC addresses, it’s not really much of a privacy feature then, is it? I think that Apple needs to clarify how this feature really works and it should probably remove it completely from the fancy new Privacy Built In page.

Misra says it best:

Bottom line, this further shrinks the population which is covered by MAC address randomization, perhaps to inconsequential levels and maybe even zero. Who turns OFF location services AND turns OFF cellular data connection while using their iPhone. That is why I now call it “iOS8 MAC RandomGate”.

Apple’s done a lot right with respect to user privacy, but this one seems a tad disingenuous to me.

Samsung’s fingerprint scanner not immune to hackers

Posted by:
Date: Thursday, April 17th, 2014, 08:17
Category: Android, Hacks, privacy, Samsung, security

 

samsung_galaxy_s5_official_1_fingerprint_scanner-crop

It was only a matter of time before someone found a weakness in the fingerprint scanner found on the new Samsung Galaxy S5. Too bad Samsung didn’t learn anything from Apple’s experiences with fingerprint hacking. The very same hack that was used to bypass the iPhone 5S’s scanner, that we reported on last September, has now been used to get past the one on the Galaxy S5. The security blog SRlabs has posted a video of a fake fingerprint, which was copied from a photo image and reproduced, being used to unlock a Galaxy S5.

(more…)

Heartbleed bug hits the Internet

Posted by:
Date: Friday, April 11th, 2014, 08:25
Category: Announcement, Hacks, privacy, security, Websites

heartbleedA newly announced bug, dubbed “Heartbleed” has got online companies on the run as they race to patch the insecurity. In spite of all the current fervor however, the bug has actually been around for about two years. It may also be the first wide-scale bug to have its own web page and logo (heartbleed.com). Heartbleed is based on a fault in functionality in the widely used OpenSSL library. OpenSSL is the cryptographic software that protects information being transferred from server to server throughout the internet. It is meant to stop hackers from intercepting secure information such as logins, usernames, passwords, credit card numbers, and other personal information.

(more…)

Recent security updates make Macs more secure, unless you’re a Snow Leopard user

Posted by:
Date: Monday, March 3rd, 2014, 08:47
Category: Apple, Lion, Mac, privacy, Processors, security, Software

snowleopardEverybody was concerned last week when it was announced that a nasty bug in OS X was leaving Macs vulnerable to attacks that could grab information traveling across shared networks. While it has been confirmed that the bug only affected Mavericks, Apple simultaneously posted security updates for Mountain Lion (10.8) and Lion (10.7), but there was no sign of any security love for Snow Leopard (10.6). This really shouldn’t be a surprise to most people since 10.6 was also skipped when a previous security update was released as well as an update to the Safari browser. The omission of 10.6 from the current update simply confirms that Snow Leopard is no longer on Apple’s radar.

(more…)

If you thought Google+ was a joke, maybe the joke was on us

Posted by:
Date: Monday, February 24th, 2014, 08:25
Category: Google, privacy, security, Services, Social

google_plus_04Are you an avid Google+ user? Yeah, me neither, but there are still a few people who seem to actively use it, if for no other reason than to advertise their blog posts. I think for me personally, it was just one social network too many, too late. I was already on Twitter, Facebook, Path, and occasionally Instagram and Tumblr. There was no room for Google+ and I think it dropped off most people’s radar for similar reasons. There was also that nasty business shortly after the launch of Google Buzz (now buried under a rock somewhere) where ALL your contact data on Google was automatically shared with everybody. That probably didn’t exactly encourage people to use a new, similar service.

(more…)

Chrome bug captures your every word behind your back

Posted by:
Date: Thursday, January 23rd, 2014, 08:37
Category: Announcement, Google, Hack, Opinion, privacy, security, Software, Websites

googlelisten2As if people were not paranoid enough about the amount of data Google captures about them, a recently discovered bug in Google’s Chrome web browser can now capture everything you say in front of your computer without you even knowing about it. And here is the kicker…it’s probably not even Google who is after your voice, it’s random hackers taking advantage of the exploit. According to developer Tal Ater, who discovered the exploit, the bug allows a malicious web site to open another browser window (just like a pop-up ad) behind the main window which continues to record your voice -even after you’ve closed the original site window- and sends the recorded data first through Google for processing, and then on to wherever the hacker wants.

(more…)

Will the next NSA satellite have an Apple logo?

Posted by:
Date: Wednesday, January 1st, 2014, 08:24
Category: Apple, Consumer Electronics, iOS, iPhone, Legal, Mobile, Mobile Phone, News, privacy, security, Services, Software

geoeye-1-satellite-apple-460Well, perhaps that is a stretch, but Apple’s possible connection with the NSA was revealed in a report dating back to 2008. Reuters explains that the report outlined a system that the NSA was developing, called DROPOUTJEEP, which would be software implanted into an iPhone that allows infiltrators to push and pull and retrieve data from iPhones such as contact lists. The report didn’t actually specify any involvement by or with Apple, although the iPhone is referenced in the report.

(more…)

iBeacon rollout in Apple Stores

Posted by:
Date: Thursday, December 12th, 2013, 08:28
Category: Apple, iOS, iPhone, Mobile, News, privacy, retail, Retail Store, Services, Software

apple-store-ibeaconLast week Apple started rolling out iBeacon, Apple’s location based technology that offers a “better user experience”. What they mean is that when you are in a store with an iPhone, they can track your location to the foot, allowing iBeacon to send you notifications with info on the product you are standing in front of, coupons, sales, or general info on the store. It has been pointed out that Apple use coupons and rarely has sales (except Black Friday), but since the iBeacon technology will be sold outside of Apple, it is sure to be used by the likes of Target and Walmart.

 

(more…)

1Password for Mac updated to version 4.1 with new features

Posted by:
Date: Tuesday, December 10th, 2013, 09:18
Category: Announcement, App Store, Apple, Apps, iOS, iPad, iPhone, iPod Touch, Mac, Mavericks, privacy, security, Software

product-1password-4-for-macEveryone’s favorite password keeper (well mine anyway), 1Password, has been updated to version 4.1 and includes some great feature updates. The Agilebits blog introduces the update and gives a quick rundown of some of the key updates;

“1Password 4.1 for Mac is now available for our website customers, and it is waiting for review for Mac App Store customers. “4.1″ may look like a small update, but it packs some great big stuff [...]“

(more…)