Comcast has agreed to be the first home broadband internet provider to handle secure DNS-over-HTTPS queries for Firefox browser users in the US, Mozilla has announced. This means the ISP, which has joined Moz’s Trusted Recursive Resolver (TRR) Program, will perform domain-name-to-IP-address lookups for subscribers using Firefox via encrypted HTTPS channels. That prevents network eavesdroppers Read more about Talk about the fox guarding the hen house. Comcast to handle DNS-over-HTTPS for Firefox-using subscribers[…]

Names, adresses and mobile numbers have been sold for fraud using WhatsApp. Most of these numbers come from callcentres, mainly those selling energy contracts. The fresher a lead is, the more they are worth: betwween 25 cents and 2 euros. The money is usually transferred through mules, who keep a percentage of the proceeds. Source: Read more about tens of thousands of mobile numbers of 50+ year olds sold for whatsapp fraud[…]

In the case of Firefox users, some discovered that the new default Windows 10 browser, which is shipped to their devices via Windows Update, sometimes imports the data from Mozilla’s application even if they don’t give their permission. Some of these Firefox users decided to kill the initial setup process of Microsoft Edge, only to Read more about Microsoft Edge Accused of Sneakily Importing Firefox Data on Windows 10[…]

Google has introduced “continuous match mode” for apps on its voice-powered Assistant platform, where it will listen to everything without pausing. At the same time it has debuted related developer tools, new features, and the ability to display web content on its Smart Display hardware using the AMP component framework. The Chocolate Factory has big Read more about Google isn’t even trying to not be creepy: ‘Continuous Match Mode’ in Assistant will listen to everything until it’s disabled[…]

If you’re a free Zoom user, and waiting for the company to roll out end-to-end encryption for better protection of your calls, you’re out of luck. Free calls won’t be encrypted, and law enforcement will be able to access your information in case of ‘misuse’ of the platform. Zoom CEO Eric Yuan today said that the Read more about Zoom won’t encrypt free calls because it wants to comply with law enforcement[…]

The GSM Association, the body that represents mobile carriers and influences the development of standards, has suggested its members bake virus contact-tracing functionality into their own bundled software. The body today popped out a paper [PDF] on contact-tracing apps. After some unremarkable observations about the need for and operations of such apps, plus an explanation Read more about GSMA suggests mobile carriers bake contact-tracing into their own apps – if governments ask for it[…]

Apple may still be recording and transcribing conversations captured by Siri on its phones, despite promising to put an end to the practice nine months ago, claims a former Apple contractor who was hired to listen into customer conversations. In a letter [PDF] sent to data protection authorities in Europe, Thomas Le Bonniec expresses his Read more about Hey Siri, are you still recording people’s conversations despite promising not to do so nine months ago?[…]

The US Senate has voted to give law enforcement agencies access to web browsing data without a warrant, dramatically expanding the government’s surveillance powers in the midst of the COVID-19 pandemic. The power grab was led by Senate majority leader Mitch McConnell as part of a reauthorization of the Patriot Act, which gives federal agencies Read more about Senate Votes to Allow FBI to Look at US citizen Web Browsing History Without a Warrant[…]

You can’t make access to your website’s content dependent on a visitor agreeing that you can process their data — aka a ‘consent cookie wall’. Not if you need to be compliant with European data protection law. That’s the unambiguous message from the European Data Protection Board (EDPB), which has published updated guidelines on the Read more about No cookie consent walls — and no, scrolling isn’t consent, says EU data protection body[…]

This Guide has been developed by experts from IAB Europe’s Programmatic Trading Committee (PTC) to prepare brands, agencies, publishers and tech intermediaries for the much-anticipated post third-party cookie advertising ecosystem. It provides background to the current use of cookies in digital advertising today and an overview of the alternative solutions being developed. As solutions evolve, Read more about IAB Europe Guide to the Post Third-Party Cookie Era[…]

Researchers have created a new a new system that helps Internet users ensure their online data is secure. The software-based system, called Mitigator, includes a plugin users can install in their browser that will give them a secure signal when they visit a website verified to process its data in compliance with the site’s privacy Read more about Researchers create a new system to protect users’ online data by checking if data entered is consistent with the privacy policy[…]

Britons will not be able to ask NHS admins to delete their COVID-19 tracking data from government servers, digital arm NHSX’s chief exec Matthew Gould admitted to MPs this afternoon. Gould also told Parliament’s Human Rights Committee that data harvested from Britons through NHSX’s COVID-19 contact tracing app would be “pseudonymised” – and appeared to Read more about UK COVID-19 contact tracing app data may be kept for ‘research’ after crisis ends, MPs told[…]

Browser maker Mozilla is working on a new service called Private Relay that generates unique aliases to hide a user’s email address from advertisers and spam operators when filling in online forms. The service entered testing last month and is currently in a closed beta, with a public beta currently scheduled for later this year, Read more about New Firefox service will generate unique email aliases to enter in online forms[…]

Brave, a maker of a pro-privacy browser, has lodged complaints with the European Commission against 27 EU Member States for under resourcing their national data protection watchdogs. It’s asking the European Union’s executive body to launch an infringement procedure against Member State governments, and even refer them to the bloc’s top court, the European Court Read more about Brave accuses European governments of GDPR resourcing failure[…]

When he looked around the Web on the device’s default Xiaomi browser, it recorded all the websites he visited, including search engine queries whether with Google or the privacy-focused DuckDuckGo, and every item viewed on a news feed feature of the Xiaomi software. That tracking appeared to be happening even if he used the supposedly Read more about Surprise surprise, Xiaomi web browser and music player are sending data about you to China[…]

The design of Australia’s COVIDSafe contact-tracing app creates some unintended surveillance opportunities, according to a group of four security pros who unpacked its .APK file. Penned by independent security researcher Chris Culnane, University of Melbourne tutor, cryptography researcher and masters student Eleanor McMurtry, developer Robert Merkel and Australian National University associate professor and Thinking Security Read more about Australian contact-tracing app leaks telling info and increases chances of third-party tracking, say security folks. That’s OK says maker, you download worse stuff as games.[…]

It has been called the “most extreme surveillance in the history of Western democracy.” It has not once but twice been found to be illegal. It sparked the largest ever protest of senior lawyers who called it “not fit for purpose.” And now the UK’s Investigatory Powers Act of 2016 – better known as the Read more about Why should the UK pensions watchdog be able to spy on your internet activities? Same reason as the Environment Agency and more than 50 more[…]

Among startups and tech companies, Stripe seems to be the near-universal favorite for payment processing. When I needed paid subscription functionality for my new web app, Stripe felt like the natural choice. After integration, however, I discovered that Stripe’s official JavaScript library records all browsing activity on my site and reports it back to Stripe. Read more about Stripe Payment Provider is Silently Recording Your Movements On its Customers’ Websites[…]

As Rolling Stone reported, the app is now playing host to virtual sex parties,  “play parties,” and group check-ins which have become, as one host said, “the mutual appreciation jerk-off society.” According to Zoom’s “acceptable use” policy, users may not use the technology to “engage in any activity that is harmful, obscene, or indecent, particularly Read more about Zoom sex party moderation: app uses machine-learning to patrol nudity – will it record them to put up on the web?[…]

Apple has released a set of “Mobility Trends Reports” – a trove of anonymised and aggregated data that describes how people have moved around the world in the three months from 13 January to 13 April. The data measures walking, driving and public transport use. And as you’d expect and as depicted in the image Read more about Apple: We respect your privacy so much we’ve revealed a little about what we can track when you use Maps[…]

The EFF’s staff technologist — also an engineer on Privacy Badger and HTTPS Everywhere, writes: Twitter greeted its users with a confusing notification this week. “The control you have over what information Twitter shares with its business partners has changed,” it said. The changes will “help Twitter continue operating as a free service,” it assured. Read more about Twitter Obliterates Its Users’ Privacy Choices[…]

Observant Firefox users on Windows who have updated the web browser to Firefox 75 may have noticed that the upgrade brought along with it a new scheduled tasks. The scheduled task is also added if Firefox 75 is installed on a Windows device. The task’s name is Firefox Default Browser Agent and it is set Read more about Mozilla installs Scheduled Telemetry Task on Windows with Firefox 75 – if you had put telemetry on[…]