Tag: privacy

Windows 11’s Sneaky OneDrive Sync

Those still using Microsoft Windows (now in version 11) as their operating system in 2024 have a lot of experience being left out of the “decision-making process” concerning their own computer and their own data.

This is what closed-source, proprietary software gets you (in addition to a lack of innovation and overall technical quality); but there are even more ways to avoid transparency, and, frankly, disrespect paying customers.

And one is introducing questionable features without even announcing them.

OneDrive – Microsoft’s cloud service – is also available to back up Windows folders like Desktop, Documents, Music, Pictures, Videos… and as it turns out, users don’t even have to agree to this – or even know it’s happening.

Namely, if you are installing Windows 11 (signed into the Microsoft account, as Microsoft prefers), the default is now to upload content from those folders to Microsoft’s cloud. And Microsoft didn’t bother informing their users about this change, compared to the previous installation process, Neowin reported.

“Informing” here means, not with a press release, and not even with prompts during installation and setup.

The backup, i.e., the syncing of the files is now already ongoing or done as soon as a fresh install is finished, and users are reportedly only (slowly) becoming aware of the change because of new visual indicators on their desktop shortcuts and folder icons (showing that the backup is in progress or done).

Windows users can still be grateful there are several ways to deal with the situation. One is to go to the OneDrive settings, and then go through several steps (Sync and Backup>Manage Backup…) and uncheck whatever folders should not sync with the Microsoft cloud service.

(But there are also older versions of OneDrive, where the way is, Manage Backup>StopBackup.)

Keep reading

Adobe to start spying on all your images and videos to enforce new content censorship rules

Photoshop maker Adobe recently changed its terms of service to give itself the power to look through your files and existing projects for so-called “content moderation” purposes.

The new policy notes that they “may access your content through both automated and manual methods, such as for content review.”

They are justifying this blatant invasion of privacy by claiming their intention is to detect and remove illegal content such as child sexual abuse material as well as behavior like spam and phishing. They also say that advancements in artificial intelligence technology mean it has become easier than ever to “create realistic images and human-sounding text and audio,” so these checks are necessary for safety reasons.

The new terms will affect more than 20 million global users of Adobe Creative Cloud Site.

Adobe has also made changes to its terms of service that empower it to delete content from accounts that are inactive; they did not specify what length of inactivity would qualify an account for content deletion.

However, one of the biggest concerns is that Adobe can now access work that is generated by people using their platforms, such as Acrobat and Photoshop, and they can do this not only by claiming they’re looking for illegal content but also to train AI platforms. They say that their automated systems could analyze users’ content with machine learning with a view to improving their software, services and user experience.

Keep reading

New York’s “SAFE” Digital ID Act For Kids Threatens Online Free Speech and Privacy

Legislators in the state of New York are pushing two new bills to regulate the internet, specifically as it pertains to the way minors use social media – Assembly Bill A8148A and Senate Bill S7694A.

If it succeeds, the law would be the first of its kind in the US, and likely represent a blueprint for other states.

But both acts, dubbed Stop Addictive Feeds Exploitation (SAFE) for Kids, have drawn criticism for bringing up constitutional issues tied to First Amendment rights.

Meanwhile, Governor Kathy Hochul and state lawmakers are said to be close on agreeing on the text of the bills, which are presented as designed to prohibit tech platforms from providing addictive feeds to minors (replacing them with content shown in chronological order), and monetizing their data, among other things.

But how would these platforms ascertain if somebody’s a minor? By requiring that their parents go through the digital ID age verification before they can provide consent on behalf of their children to use a particular social network in a particular way.

And this is where the legislative intent goes against the First Amendment, critics say, as having all online activity tied to a government-issued ID chills free speech and opens data privacy issues.

Somewhat ironically, given their open disregard of the First Amendment in other scenarios, those critics include some of the biggest tech companies.

Constitution and freedom of expression aside – their bottom lines would suffer if the bills pass, and so they find themselves as (no doubt, for both parties) uneasy bedfellows with those who consistently campaign against age verification, manipulated feeds, and data harvesting.

Keep reading

Ottawa’s Hidden Agenda: Bill C-26 Aims for Secret Surveillance Backdoors

Canada’s Bill C-26, currently making its way through the country’s parliament, includes “secretive” provisions that can be used to break encryption, researchers are warning.

As far as its sponsors are concerned, Bill C-26 is cyber security legislation intended to amend the Telecommunications Act and other related acts.

But the way the Telecommunications Act will be amended is by allowing the government to force companies operating in that industry to include backdoors in networks protected by encryption, a pair of University of Toronto’s Citizen Lab researchers suggest.

In case the government decides its surveillance needs require altering “the 5G encryption standards that protect mobile communications” – then this can also be done, should C-26 become law.

This raises several important questions, such as whether the bill’s purpose might be precisely to undermine encryption, considering that the government decided not to include amendments in the text that would prevent this.

Another worrying aspect is that given the already lacking level of security in the telecommunications space, the government would be expected to try to fix the existing problems, rather than create new ones, the researchers note.

The amendment that could have rectified this situation was proposed last year by the Citizen Lab, while civil society and industry leaders and experts also participated in parliamentary hearings concerning C-26 to recommend restricting what are said to be the draft’s broad powers to prevent “technical changes from being used to compromise the ‘confidentiality, integrity, or availability’ of telecommunication services.”

However, these warnings fell on deaf ears, with the bill now progressing through parliament without the recommended changes, and despite MPs stating that facilitating and broadening mass surveillance in Canada was not the motive behind C-26.

Keep reading

Biden wants U.S. government to scan all images on your phone to comply with new AI rules

To supposedly stop people from exchanging non-consensual artificial intelligence (AI) images of a sexual nature, President Biden wants to probe everyone’s smartphones as part of a sweeping surveillance effort.

press release from the White House explains the Biden regime’s desire for the tech and financial industries to take charge in stopping the creation and spread of abusive sexual imagery created by AI robots.

According to Biden’s handlers, “mobile operating system developers could enable technical protections to better protect content stored on digital devices and to prevent image sharing without consent.”

The plan is to have mobile operating systems such as Android and iOS automatically scan and analyze people’s private photos to determine which ones are sexual or non-consensual. Users would not have the ability to keep any of their images private from government spooks.

It might sound like a good thing until you recognize the privacy implications of such an arrangement. Do we the people really want to allow the government direct access to our photos?

Beyond the search and analysis framework, the Biden regime also wants mobile app stores like Apple’s App Store and Google Play to “commit to instituting requirements for app developers to prevent the creation of non-consensual images.”

(Related: AI is just one component among many of the dystopian present.)

Keep reading

Say Goodbye to Cloud Anonymity? New US Regulations Demand User Identification

The US Department of Commerce is seeking to end the right of users of cloud services to remain anonymous.

The proposal first emerged in January, documents show, detailing new rules (National Emergency with Respect to Significant Malicious Cyber-Enabled Activities) for Infrastructure as a Service (IaaS) providers, which include Know Your Customer (KYC) regulation, which is normally used by banks and financial institutions.

But now, the US government is citing concerns over “malicious foreign actors” and their usage of these services as a reason to effectively end anonymity on the cloud, including when only signing up for a trial.

Another new proposal from the notice is to cut access to US cloud services to persons designated as “foreign adversaries.”

As is often the case, although the justification for such measures is a foreign threat, US citizens inevitably, given the nature of the infrastructure in question, get caught up as well. And, once again, to address a problem caused by a few users, everyone will be denied the right to anonymity.

That would these days be any government’s dream, it appears, while the industry itself, especially the biggest players like Amazon, can implement the identification feature with ease, at the same time gaining a valuable new source of personal data.

The only losers here appear to be users of IaaS platforms, who will have to allow tech giants yet another way of accessing their sensitive personal information and risk losing it through leaks.

Meanwhile, the actual malicious actors will hardly give up those services – leaked personal data that can be sold and bought illegally, including by those the proposal says it is targeting.

Keep reading

After Expanding Warrantless Surveillance The FBI Is Playing Politics With Your Privacy

A bombshell report from WIRED reveals that two days after the U.S. Congress renewed and expanded the mass-surveillance authority Section 702 of the Foreign Intelligence Surveillance Act, the deputy director of the Federal Bureau of Investigation (FBI), Paul Abbate, sent an email imploring agents to “use” Section 702 to search the communications of Americans collected under this authority “to demonstrate why tools like this are essential” to the FBI’s mission.

In other words, an agency that has repeatedly abused this exact authority—with 3.4 million warrantless searches of Americans’ communications in 2021 alone, thinks that the answer to its misuse of mass surveillance of Americans is to do more of it, not less. And it signals that the FBI believes it should do more surveillance–not because of any pressing national security threat—but because the FBI has an image problem.

The American people should feel a fiery volcano of white hot rage over this revelation. During the recent fight over Section 702’s reauthorization, we all had to listen to the FBI and the rest of the Intelligence Community downplay their huge number of Section 702 abuses (but, never fear, they were fixed by drop-down menus!). The government also trotted out every monster of the week in incorrect arguments seeking to undermine the bipartisan push for crucial reforms. Ultimately, after fighting to a draw in the House, Congress bent to the government’s will: it not only failed to reform Section 702, but gave the government authority to use Section 702 in more cases.

Now, immediately after extracting this expanded power and fighting off sensible reforms, the FBI’s leadership is urging the agency to “continue to look for ways” to make more use of this controversial authority to surveil Americans, albeit with the fig leaf that it must be “legal.” And not because of an identifiable, pressing threat to national security, but to “demonstrate” the importance of domestic law enforcement accessing the pool of data collected via mass surveillance. This is an insult to everyone who cares about accountability, civil liberties, and our ability to have a private conversation online. It also raises the question of whether the FBI is interested in keeping us safe or in merely justifying its own increased powers.

Keep reading

Here’s How the CIA Plans To Use Your Ad Tracking Data

For years, the U.S. government has bought information on private citizens from commercial data brokers. Now, for the first time ever, American spymasters are admitting that this data is sensitive—but they’re leaving it up to the spy agencies on how to use it.

Last week, Director of National Intelligence (DNI) Avril Haines released a “Policy Framework for Commercially Available Information.” Her office oversees 18 agencies in the “intelligence community,” including the CIA, the FBI, the National Security Agency (NSA), and all military intelligence branches.

In the 2018 case Carpenter v. United States, the Supreme Court ruled that police need a warrant to obtain mobile phone location data from phone companies. (During the case, the Reason Foundation filed an amicus brief against warrantless snooping.) As a workaround, the feds instead started buying data from third-party brokers.

Haines’ new framework claims that “additional clarity” on the government’s policies will help protect Americans’ privacy. Yet the document is vague about the specific limits. It orders the agencies themselves to come up with “safeguards that are tailored to the sensitivity of the information” and write an annual report on how they use this data.

As national security journalist Spencer Ackerman points out in his Forever Wars newsletter, the framework doesn’t require the feds to delete old purchased data. Earlier this year, Sen. Ron Wyden (D–Ore.) called on the NSA to purge all data that it bought without a warrant and without following the Federal Trade Commission’s privacy policies.

“The framework’s absence of clear rules about what commercially available information can and cannot be purchased by the intelligence community reinforces the need for Congress to pass legislation protecting the rights of Americans,” Wyden tells Reason. “The DNI’s framework is nonetheless an important step forward in starting to bring the intelligence community under a set of principles and policies, and in documenting all the various programs so that they can be overseen.”

Keep reading

Microsoft’s latest Windows update breaks VPNs, and there’s no fix

Microsoft said this week that the most recent Windows security update for Windows 10 and Windows 11 may break VPN connections.

According to Microsoft (via Bleeping Computer), “Windows devices might face VPN connection failures after installing the April 2024 security update, or KB5036893.”

Microsoft has no fix at the current time, the company said. “We are working on a resolution and will provide an update in an upcoming release,” the company said.

Unfortunately, the list of affected clients is rather lengthy: Windows 11 (23H2, 22H2, and 21H2) as well as Windows 10 (22H2 and 21H2). If you’re a consumer and run into this issue, Microsoft advises that you first launch the Windows “Get Help” app to inform Microsoft of the problem and possibly work through a solution.

Keep reading

These States Want You To Show ID To Watch Porn Online

The latest trend in anti-sex action is carding people to watch porn online. After years of passing resolutions to declare porn a “public health crisis,” state lawmakers are coalescing on age-verification measures as a way to address this alleged scourge.

At issue is minors’ ability to access online pornography. Even when porn platforms technically require visitors to be age 18 or older, all minors usually have to do is check a box saying they’re adults and they’re in. Some parents and politicians want more stringent age-verification measures.

Enter laws requiring porn platforms to verify visitor ages. Such laws have already taken effect in at least eight states (Arkansas, Louisiana, Mississippi, Montana, North Carolina, Texas, Utah, and Virginia), and bills to do the same were introduced in at least 11 other states in 2023. So far in 2024, legislators in at least seven states (GeorgiaIdahoIndianaIowaKansasOhio, and Oklahoma) have introduced such porn age-verification bills. While the particulars vary, most would result in all visitors to web-based adult-content platforms having to submit a government-issued ID proving their age, either directly to the platform or through a third-party verification service.

Supporters of such measures say it’s no different than carding people in stores who try to buy age-restricted merchandise. But there’s a big difference between momentarily flashing your ID in front of a store clerk and submitting it to a website or app. The latter creates a record, permanently attaching real identities to online activity that many people would prefer stay private.

From a privacy perspective, there are better and worse ways to verify ages on websites. (And not just porn sites: Some legislators now want to require them for social media.) But even the best verification methods would leave people vulnerable to hackers and snoops—and we can’t count on authorities (or tech platforms, for that matter) to enact online age-verification measures in the best ways. These measures are shaping up to be a giant privacy nightmare.

Keep reading