Sorry, class, you don't get any extra credit for predicting this one. After some heated responses from consumers following the reveal of a controversial "supercookie" web traffic monitoring system, Verizon Wireless has announced that it will allow its customers to opt out of the lucrative and potentially dangerous advertising practice. Verizon Wireless spokeswoman Debi Lewis told The New York Times, "We have begun working to expand the opt-out to include the identifier referred to as the UIDH, and expect that to be available soon."
The system isn't technically using a "cookie" in the conventional browsing sense; UIDH stands for "unique identification header," a customized version of a standard HTTP header, in this case tailored specifically for Verizon.
Not long after British Prime Minister David Cameron did the same, President Obama said Friday that he opposes encryption methods that are inaccessible to law enforcement. Rather naively, he advocated that the technology should still exist, but with methods of access for approved entities like police and preferred spy agencies. This is his first clear issue stance on the matter, though it is not necessarily out of step with his previous actions and statements.
If you are using data as a Verizon Wireless customer, Verizon is tracking you. Not only that, but their method to ensure that you can't navigate around it makes your unique identifier visible to every website you visit. The injected data has been called a "supercookie," a term that reflects the fact that it is not removable like a tracking cookie. Now, recent reports show that at least one third-party ad agency has been using Verizon's supercookie to track users after they have deleted cookies or opted out of data collection.
Reddit user Ponkers posted an interesting find to /r/Android today, pointing out a significant privacy hole in Skype that essentially allows users to force an Android device to answer a call, making eavesdropping nearly effortless.
Ponkers drew a diagram below, which I feel compelled to include based on its artistic merits, but here's the gist of how the process works.
Assume you have three devices, device 1, device 2, and device 3.
Who better to learn encryption from than the people who have actively tried to build vulnerabilities into encryption? Nobody, says the GCHQ, the British NSA equivalent that has released a free Android app called Cryptoy to teach children the basics of encryption. The app, designed for tablets, focuses on four basic techniques and allows users to create encrypted messages for sharing to friends to decode.
The internet is a mysterious and magical place full of Wikipedia rabbit holes, animated GIFs of Ron Paul, and cat videos as far as the eye can see. There are also plenty of ads watching which of those things you are looking at. If that makes you uncomfortable, maybe Ghostery is the browser for you.
Writing for Android Police from my home office in Virginia, it's not every day that I get to report on something somewhat close to home. But here it is. A Virginia Circuit Court judge has ruled that while police officers cannot compel a person to give up their passcode, they can demand someone use their fingerprint to unlock their phone.
Judge Steven C. Frucci made the ruling this week, saying that giving a police officer your fingerprint is similar to providing a DNA or handwriting sample, something the law permits.
There's a certain permanence to most instant messaging apps. The second you hit send, that's it, the message is out of your hands. You better hope you sent it to the right contact, fixed those embarrassing typos, or spelled their name correctly. Unless you're using the latest version of BBM, in which case you can call take backsies.
Now when you send a message by mistake, you can simply tap the retract button.
Handing over your phone to a friend or acquaintance who "just needs to make a call" can be a little nerve-wracking. Sure, this person probably won't poke around in your email or secretly send your private pictures to their Dropbox account, but you would feel better if you could be certain. Lollipop has just the feature to keep your phone secure in the hands of your friends: Screen Pinning. Now you can lock a single app into the foreground, and nobody will be able to sneak a peek at your web history.
Say it with me now: piracy is bad. There are ways to get free copies of just about everything online, but even setting aside the legal and moral aspects of it, doing so can come with the risk of infecting your computer with something icky or falling victim to a phishing attempt. People who know their way around the woods will continue to be able to take advantage of things, but Google's working on reducing the likelihood that the average user will end up in a place they don't want to be.