Tech Friday

posted by Brian Thomas -

  • The many ways your smartphone can track you:
    • Your smartphone is jammed packed with a wide variety of sensors including: accelerometer, gyroscope, magnetometer, GPS, barometer, and ambient light sensor
    • These sensors enable your device and the apps on it to capture an amazing amount of detailed information about you
    • Both Google and Apple track a wide variety of information directly from the hardware in the device as do OEMs like Samsung. Google captures most of that information in their cloud, while Apple keeps most of it on the phone
    • The apps on the your device also collect massive amounts of data
    • The privacy policy of each app and the permissions it requests controls what information is collected
    • And what's tracked is not always clear. For example, granting permissions to access photos can expose location information due to the geotags in the photos
    • Then there's more devious examples, for example, when Uber was secretly recording activity on iPhones
    • Some apps like Facebook and Chrome will track you across devices
    • You can read Google's privacy policy here: https://www.google.com/policies/privacy/
    • You can read Apple's privacy policy here: https://www.apple.com/legal/privacy/en-ww/
    • Learn more about the sensors in your phone and their capabilities here: https://fieldguide.gizmodo.com/all-the-sensors-in-your-smartphone-and-how-they-work-1797121002
  • Facebook reports a record number of secret government requests for data:
    • Facebook recently reported that the U.S. government is making a record number of secret requests for user data
    • According to the Facebook semi-annual Transparency Report, the government made 32,716 requests for data from January through June 2017, a 25.7 percent increase from the last six months of 2016
    • 57 percent of those requests included a demand for confidentiality
    • These requrests included information about 52,280 users
    • Facebook provided data for 85 percent of the requests
    • Data requested include "basic subscriber information, such as name, registration date and length of service." Other data often requested includes IP address logs and account content
    • Facebook reported "the vast majority of these requests relate to criminal cases"
    • The requests include data from all of Facebook's products, including Messenger, WhatsApp and Instagram
    • Chris Sonderby, Facebook’s deputy general counsel wrote "We continue to carefully scrutinize each request we receive for account data — whether from an authority in the U.S., Europe, or elsewhere — to make sure it is legally sufficient" 
    • Sonderby also said "If a request appears to be deficient or overly broad, we push back, and will fight in court, if necessary."
    • Requests for data from other tech titans like Google have also increased
    • You can read the Facebook Transparency Report here: https://newsroom.fb.com/news/2017/12/reinforcing-our-commitment-to-transparency/
  • Bitcoin mining software steals your device's power and CPU time:
    • Bitcoin mining malware allows someone to surreptitiously use the resources of your device to mine bitcoins
    • This technique is known as Cryptojacking
    • According to a new report from Adguard, 2.2 percent of the top 100,000 websites are mining using visitor's PCs
    • These sites can reach an audience of nearly 500 million people
    • Crooks are hiding JavaScript miners in webpages and some even use pop-under windows to continue mining on your PC even after you have closed the infected page
    • Cryptojacking malware has grown at an exponential rate as the value of Bitcoin and other cryptocurrencies has risen. 
    • Attackers are also targeting devices other than PCs
    • Pirate Bay is one of first known sites to use this approach and it's estimated that they make about $12,000 per month
    • Security firm Trend Micro has identified three Android apps on with two different miners that use the Coinhive JavaScript in-browser Monero miner
    • The third uses a hacked the cpuminer library
    • On these Android apps, the miner runs with no indication
    • Coinhive is a legitimate mining service that a website can use as an alternative to ads for revenue generation
    • The makers of the Opera web browser wrote "Your CPU suddenly working at 100 percent capacity, the fan is going crazy for seemingly no reason, and your battery quickly depleting might all be signs that someone is using your computer to mine for cryptocurrency."
    • The beta version of Opera 50 comes with an ad blocker that now features "No Coin" to block Cryptojacking 
    • There is an browser extension for Chrome called "minerBlock" that will block Cryptojacking in Chrome
    • There are some websites that use this technique as a revenue generating model and are upfront and honest about using the resources of your device. You can decide for yourself if you want to allow it

Comments

Brian Thomas

Brian Thomas

Based in Cincinnati, OH, the Brian Thomas Morning Show covers news and politics, both local and national, from a conservative point of view. Read more

title

Content Goes Here

This ad will close in X seconds.