Tag: surveillance

University of Melbourne Broke Victoria’s Privacy Law by Using Wi-Fi to Monitor Protesters on Campus

The University of Melbourne’s covert surveillance tactics during a campus protest have been declared unlawful, following a ruling by Victoria’s deputy information commissioner that the institution broke the state’s privacy laws.

The decision condemns the university’s quiet use of digital tracking tools against students and staff involved in a pro-Palestine demonstration, raising serious concerns about the growing use of surveillance technologies in academic settings.

We obtained a copy of the decision for you here.

Prompted by media attention earlier this year, the investigation focused on how the university responded to a May protest held inside the Arts West building.

Rather than relying on open dialogue or standard disciplinary processes, university officials resorted to monitoring individuals through the campus Wi-Fi network, matching connection data with student ID photos and security camera recordings.

A total of 22 students were identified through this process, all without prior warning or a clear legal basis. Staff were surveilled as well, with the contents of ten employees’ email accounts examined to uncover involvement in the demonstration. Three of them later received formal warnings.

Although the commissioner’s office accepted that CCTV footage was used within legal boundaries, it found the use of Wi-Fi tracking in disciplinary investigations to be unjustified.

The monitoring of staff emails was also flagged for breaching expected privacy norms.

Keep reading

Chrome VPN Extension With 100k Installs Screenshots All Sites Users Visit

FreeVPN.One, a Chrome extension with over 100,000 installs and a verified badge on the Chrome Web Store, is exposed by researchers for taking screenshots of users’ screens and exfiltrating them to remote servers.

A Koi Security investigation of the VPN tool reveals that it has been capturing full-page screenshots from users’ browsers, logging sensitive visual data like personal messages, financial dashboards, and private photos, and uploading it to aitd[.]one, a domain registered by the extension’s developer.

Koi Security’s forensic analysis showed that the surveillance mechanism is triggered automatically, within seconds of loading any web page. Using Chrome’s privileged chrome.tabs.captureVisibleTab() API, screenshots are silently taken in the background and bundled with metadata including page URLs, tab IDs, and unique user identifiers. This data is then transmitted to the attacker-controlled server aitd.one/brange.php, without user interaction or visible indication.

The spying behavior is powered by a two-stage architecture:

  1. A content script injected into every visited site using matches (http:///, https:///).
  2. A background service worker that listens for an internal captureViewport message and initiates the screenshot capture.

The extension also promotes an “AI Threat Detection” feature which, when clicked, captures another screenshot and sends it to aitd.one/analyze.php. However, the real issue lies in the fact that screenshots are being taken long before users ever interact with this feature, making the user interface a decoy.

Koi Security further explains that the latest version of the extension, v3.1.4, introduced AES-256-GCM encryption with RSA key wrapping to obfuscate the exfiltrated data, making it harder to detect or analyze with network monitoring tools.

Keep reading

Big Tech Could Soon Use Brain Chips To Read Your Innermost Thoughts: Study

A new study out of Stanford University reveals that neural implants, also known as brain-computer interfaces (BCIs), might not just help paralyzed individuals communicate – they could potentially lay bare your innermost thoughts to Big Tech.

Published in the medical journal Cell, the research shows these devices can decode brain signals to produce synthesized speech faster and with less effort.

BCIs work by using tiny electrode arrays to monitor activity in the brain’s motor cortex, the region controlling speech-related muscles. Until now, the tech relied on signals from paralyzed individuals actively trying to speak. The Stanford team, however, discovered that even imagined speech generates similar, though weaker, signals in the motor cortex. With the help of artificial intelligence, they translated those faint signals into words with up to 74% accuracy from a 125,000-word vocabulary.

“We’re recording the signals as they’re attempting to speak and translating those neural signals into the words that they’re trying to say,” said Erin Kunz, a postdoctoral researcher at Stanford’s Neural Prosthetics Translational Laboratory.

But this technological leap has raised red flags among critics who warn of a dystopian future where your private thoughts could be exposed.

Nita Farahany, a Duke University law and philosophy professor and author of The Battle for Your Brain, sounded the alarm telling NPR, “The more we push this research forward, the more transparent our brains become.”

Farahany expressed concern that tech giants like Apple, Google, and Meta could exploit BCIs to access consumers’ minds without consent, urging safeguards like passwords to protect thoughts meant to stay private.

We have to recognize that this new era of brain transparency really is an entirely new frontier for us,” Farahany said.

While the world fixates on artificial intelligence, some of the tech industry’s heaviest hitters are pouring billions into BCIs. Elon Musk, the world’s richest man, has raised $1.2 billion for his Neuralink venture, which is now conducting clinical trials with top institutions like the Barrow Neurological Institute, The Miami Project to Cure Paralysis, and the Cleveland Clinic Abu Dhabi.

Now, another tech titan is entering the fray.

Keep reading

Thousands Of Grok chats Now Searchable On Google

Hundreds of thousands of conversations that users had with Elon Musk’s xAI chatbot Grok are easily accessible through Google Search, reports Forbes.

Whenever a Grok user clicks the “share” button on a conversation with the chatbot, it creates a unique URL that the user can use to share the conversation via email, text, or on social media. According to Forbes, those URLs are being indexed by search engines like Google, Bing, and DuckDuckGo, which in turn lets anyone look up those conversations on the web. 

Users of Meta‘s and OpenAI‘s chatbots were recently affected by a similar problem, and like those cases, the chats leaked by Grok give us a glimpse into users’ less-than-respectable desires — questions about how to hack crypto wallets; dirty chats with an explicit AI persona; and asking for instructions on cooking meth. 

xAI’s rules prohibit the use of its bot to “promote critically harming human life” or developing “bioweapons, chemical weapons, or weapons of mass destruction,” though that obviously hasn’t stopped users from asking Grok for help with such things anyway.

According to conversations made accessible by Google, Grok gave users instructions on making fentanyl, listed various suicide methods, handed out bomb construction tips, and even provided a detailed plan for the assassination of Elon Musk.

xAI did not immediately respond to a request for comment. We’ve also asked when xAI began indexing Grok conversations.

Late last month, ChatGPT users sounded the alarm that their chats were being indexed on Google, which OpenAI described as a “short-lived experiment.” In a post Musk quote-tweeted with the words “Grok ftw,” Grok explained that it had “no such sharing feature” and “prioritize[s] privacy.”

Keep reading

The Surveillance of Lee Harvey Oswald Involved Six CIA Operations

Why do people say Lee Harvey Oswald was under CIA surveillance at the time of President Kennedy’s assassination?

For six good reasons found in the new JFK files.

The reporters from SpyTalk who have never previously reported on the existence of the CIA’s Oswald file now want you to believe that JFK Facts reporting on the Oswald file “conspiratorial nonsense.” There’s “less here than meets the eye,” they say.

So let’s take a closer look at the six CIA operations that involved the man who would become known the “lone gunman.” What meets the eye when we open the Oswald file?

The CIA’s surveillance of Lee Harvey Oswald while President Kennedy was still alive was persistent and high-level. It involved code-named covert activities conducted or controlled by the CIA’s Counterintelligence Staff, which was headed by James Angleton, one of the top three officials in the clandestine service.

Angleton and his wife Cicely, incidentally, had been personal friends with John and Jackie Kennedy in the 1950s. The Kennedys and Angletons socialized with Wister Janney, a CIA officer, and his wife Mary, and Cord Meyer, a senior CIA official, and his wife Mary Meyer. By the time JFK was president, Mary had divorced her husband and embarked on affair with JFK, which Angleton knew about.

Code named KUDESK, the Counterintelligence Staff was responsible for preventing the penetration of the CIA by the Soviet intelligence service. As the most secretive component of the clandestine service, the Counterintelligence Staff also handled very sensitive assignments, including assassination. In his best-sellling memoir, Spycatcher British spy chief Peter Wright recalled a meeting in 1961 where Angleton and Bill Harvey, the CIA’s assassination chief, asked for advice about how to kill Fidel Castro.

It’s a point worth remembering: the CIA officers most interested in an unknown character named Lee Harvey Oswald also believed in, and practiced, assassination as an instrument of U.S. policy.

Keep reading

AI-powered stuffed animals are coming for your kids

Do A.I. chatbots packaged inside cute-looking plushies offer a viable alternative to screen time for kids?

That’s how the companies selling these A.I.-powered kiddie companions are marketing them, but The New York Times’ Amanda Hess has some reservations. She recounts a demonstration in which Grem, one of the offerings from startup Curio, tried to bond with her. (Curio also sells a plushie named Grok, with no apparent connection to the Elon Musk-owned chatbot.)

Hess writes that this is when she knew, “I would not be introducing Grem to my own children.” As she talked to the chatbot, she became convinced it was “less an upgrade to the lifeless teddy bear” and instead “more like a replacement for me.”

She also argues that while these talking toys might keep kids away from a tablet or TV screen, what they’re really communicating is that “the natural endpoint for [children’s] curiosity lies inside their phones.”

Keep reading

Meta Found Guilty Of Eavesdropping On Period-Tracker App Users: Jury

A San Francisco Jury found on Friday that Meta had eavesdropped on the users of a popular period-tracking app, Flo.

The lawsuit, was filed in 2021 by eight women against Flo and a group of other tech companies including Google and Facebook, now known as Meta. The app asked users about their sex lives, mental health and diets before guiding them through menstruation and pregnancy. The women, who based their claims on a 2019 Wall Street Journal story and a 2021 FTC investigation, allege that Flo then shared some of that data with the tech giants, SFGATE reports.

Google, Flo, and analytics company Flurry all settled with the plaintiffs, however Meta fought through the entire trial and lost. 

The case against Meta focused on its Facebook software development kit, which Flo added to its app and which is generally used for analytics and advertising services. The women alleged that between June 2016 and February 2019, Flo sent Facebook, through that kit, various records of “Custom App Events” — such as a user clicking a particular button in the “wanting to get pregnant” section of the app.

Their complaint also pointed to Facebook’s terms for its business tools, which said the company used so-called “event data” to personalize ads and content.

In a 2022 filing, the tech giant admitted that Flo used Facebook’s kit during this period and that the app sent data connected to “App Events.” But Meta denied receiving intimate information about users’ health. -SFGate

The jury didn’t buy Meta’s argument – ruling against them in a unanimous decision, and finding that Flo’s users had a reasonable expectation that they weren’t being overheard or recorded, and found that Meta did not have consent to eavesdrop or record. The company was found to have violated California’s Invasion of Privacy Act.

According to a June filing about the case’s class-action status, over 3.7 million women in the United States registered for Flo between November 2016 and February 2019 – with potential claimants expected to be notified via email and on a case website. 

Keep reading

Israeli spyware firms are fueling the global surveillance state

Last week another batch of peaceful pro-Palestine protestors were arrested by British police on suspicion of terrorism offenses, including a disabled man in a wheelchair, as the UK continues its descent into authoritarianism on behalf of Israel.

If any of these protestors had their phones on them at the time of arrest, the police will most likely have scraped them for data using sophisticated spy tech software. Protestors not arrested will have been caught on mobile cameras that sit atop police vans in the UK, and their faces, perhaps even their voices, will have been captured, analyzed and cross referenced against a police database.

And in a perverse twist, this spyware technology – technology which now underpins the insidious and growing capabilities of the modern surveillance state – will most likely have been made in Israel by Israeli spies.

But it’s not just in the UK.

Spy tech developed by former Israeli spies is being used on an industrial scale by various agencies in western democracies, from police forces to national security agencies to militaries. Some has been declared illegal, some skirts legal boundaries, and much remains hidden.

The scale of usage, and the range of capabilities provided by this Israeli spy tech, is vast. From face and voice recognition software, to interception and wiretap technology, to covert location tracking, to forced data extraction from smartphones and other devices.

The tech, built by software engineers who cut their teeth writing code to enable and enforce Israeli domination over, and apartheid against Palestinians, is being sold to security services, police forces and immigration agencies across the West.

While much of the information in this article isn’t new, it hasn’t been summarized in one place before. The implications for global civil liberties of Israel’s dominance in spy tech have also not been articulated, and past media coverage has sometimes omitted the Israeli link to these companies. This article will outline the primary players, the sellers and the buyers, and also identify recent contracts, previously undocumented, between Israeli spytech and Western buyers.

Keep reading

Scavino: Google Acknowledges FBI Compelled His Account Information — Kash Patel Issues Shocking Response

During President Trump’s first term, prior to occupying the Oval Office, it is well-known that the FBI under the Obama administration deceived the FISA Court in order to obtain a warrant to spy on Carter Page, a Trump campaign aide in 2016 (Page left the campaign in October 2016). 

In order to obtain that warrant, disgraced FBI attorney Kevin Clinesmith altered an email by changing wording to indicate Page was “not a source” for the CIA when, in fact, he was.

Klinesmith was found guilty of the fabrication and sentenced to 12 months of probation and a suspension of his law license.  But only for one year.

Bear in mind that several attorneys, such as Jeff Clark, Sidney Powell, Rudy Giuliani, Kurt Olsen, John Eastman, among others are facing permanent disbarment or crippling sanctions for simply bringing a case to challenge the 2020 Election and Ed Martin’s nomination for U.S. Attorney of Washington D.C. was disputed by Senator John Thune for simply representing January 6th defendants.

Falsifying evidence to a federal court is a serious offense.  That should be exacerbated when the fabrication is brought before a secret FISA Court where there is no representation for the defendant, no transcripts for accountability, and the impending actions can result in unknowing infringements on U.S. citizen’s Fourth Amendment rights.

To make matters worse, under the “Two-Hop Rule,” FISA warrants can be used to spy not only on the target specifically, but also those associated with the target.  Many have speculated that this could potentially have given the FBI access to spy on President Trump himself.

Keep reading

Drones, cameras, AI: University of Illinois real time crime center raises privacy concerns

Thousands of cameras. A fleet of drones. Gun shot detection devices. Stationary and vehicle-mounted automatic license plate readers.

A major metropolitan city? No, the University of Illinois Urbana-Champaign.

The University of Illinois Urbana-Champaign’s Real-Time Information Center furnishes the institution’s Division of Public Safety with a number of technologically sophisticated tools that have some privacy experts alarmed.

The drones, gunshot detection devices, automatic license plate readers, and campus-wide system of roughly 3,000 security cameras are among the tools currently utilized at the campus, which enrolls about 59,000 students.

Social media monitoring programs and “AI-driven video analytics software” are also among the technologies being evaluated for possible future implementation, according to a document sent by Urbana Police Chief Larry Boone.

He sent it to city officials as they deliberate a proposed city ordinance to establish stricter approval, oversight, and transparency requirements for Urbana’s own acquisition and use of the kinds of surveillance tools being used by the university’s Real-Time Information Center.

According to the document, the Real-Time Information Center provides a wide array of services designed to enhance public safety, streamline operations, and support law enforcement agencies.

Keep reading