Privacy News
Carole Cadwalladr and Emma Graham-Harrison:
Facebook used its apps to gather information about users and their friends, including some who had not signed up to the social network, reading their text messages, tracking their locations and accessing photos on their phones, a court case in California alleges.
[…]
Facebook has not fully disclosed the manner in which it pre-processes photos on the iOS camera roll, meaning if a user has any Facebook app installed on their iPhone, then Facebook accesses and analyses the photos the user takes and/or stores on the iPhone, the complainant alleges.
Brian Krebs (via John Gruber):
Craig Young, a researcher with security firm Tripwire, said he discovered an authentication weakness that leaks incredibly accurate location information about users of both the smart speaker and home assistant Google Home, and Chromecast, a small electronic device that makes it simple to stream TV shows, movies and games to a digital television or monitor.
Young said the attack works by asking the Google device for a list of nearby wireless networks and then sending that list to Google’s geolocation lookup services.
Jon Brodkin (via John Gruber):
“After my investigation and follow-up reports revealed that middlemen are selling Americans’ location to the highest bidder without their consent or making it available on insecure Web portals, Verizon did the responsible thing and promptly announced it was cutting these companies off,” Wyden said. “In contrast, AT&T, T-Mobile, and Sprint seem content to continuing to sell their customers’ private information to these shady middle men, Americans’ privacy be damned.”
AT&T changed its stance shortly after Wyden’s statement.