Your smartphone contains a massive amount of information - photos, contacts, access to online accounts, and much more. Even though Android itself is a fairly secure platform, some data about your phone's settings and usage is sent to Google's servers. If you want to limit data collection and make your phone more secure, here are some tips you can try. Read More
News broke earlier this year that several firms with access to carrier location data were providing access to it with little or no safeguards. In fact, you could access the some of these tools to track a phone as a demo of the service. AT&T and Verizon now say they will stop selling data to these third-party brokers. That does not mean, however, they won't sell your location data at all. Read More
Google announced several changes coming in Android P on its Developers Blog today. Among them is an important change to the way phone permissions work that aims to stop apps from having unnecessary access to your phone activity. Read More
If you own an Arlo security camera, listen up: Netgear is asking its Arlo customers to change their passwords after observing suspicious activity involving attackers trying to get access to user accounts. The forum post notes that Arlo has no evidence of a security breach of its own systems. Read More
T-Mobile customers, your data has been put at risk by your carrier, once again. In what seems like copypasta at this point, a security researcher recently found a bug in a publicly discoverable subdomain on T-Mobile's website that gave anyone access to customer data using just a phone number. It's almost like T-Mobile wants to award those bug bounties. Read More
Securus Technologies is a Texas-based company, specializing in providing and monitoring calls to prison inmates. Securus came into the spotlight earlier this month, when a former Missouri sheriff was found using the company's service to repeatedly track people without a warrant. The New York Times reports that between 2014 and 2017, former sheriff Cory Hutcheson used the service at least 11 times, allegedly tracking a judge and members of the State Highway Patrol.
Securus obtains tracking information through a company called LocationSmart, which in turn has agreements with most U.S. carriers. Earlier this month, Senator Ron Wyden of Oregon wrote a letter to various carriers asking them to independently verify that these requests are made lawfully. Read More
Unbeknownst to most users (myself included until recently), Android apps on current and previous versions of the OS get unrestricted access to your network activity. There's no permission for you to accidentally say okay to, it's just allowed for all. This means that any app can detect when another app is connecting to an external server, and while the content is not visible, even just the source of the connection could be used for a nefarious purpose.
With a renewed focus on privacy and data collection, not least in the wake of the recent Facebook scandals, this type of potential security flaw clearly needs to be addressed. Read More
Blu has reached a settlement with the Federal Trade Commission over allegations that it afforded Adups, a Chinese device management firm, inordinate access to personally identifiable user information. The FTC's complaint said that Blu misled its customers when the company claimed it had taken appropriate measures to protect user privacy. Read More
Google's speech recognition technology is insanely good - perhaps the best in the industry. But did you know Google stores all your voice searches? Every time you say "Ok Google" or "Hey Google," a snippet of audio containing the command is sent to the company's servers, where it is deciphered. These audio snippets are stored indefinitely (to improve accuracy), unless you delete them and opt out of future collection. Read More