Usually when talking about personal data in the context of increasing (online) privacy, the discussion is revolving around either one or two of the following subjects:
- Removing as much of your data as possible
- Populating data about you with disinformation
What I see talked about less (or barely at all) is the active management of your online data and the controlled method of data disclosure. Maybe some dismiss this as a no-brainer, but in my opinion there’s some easy and powerful wins to be gained by giving this third subject the attention it deserves.
Continue reading “Controlled Identity Exposure as a Doxxing Countermeasure”
Out of all the information we generate (willingly or unwillingly) out there, nothing gets more personal than health data. Traditionally, health data has been collecting dust in some public healthcare sector’s file cabinet, but thanks to fitness and wellness gadgets and services, that data is now scattered across the world.
Workout heatmaps reveal secret military bases left and right, DNA testing services get breached and fitness trackers go bankrupt leaving data who knows where. Is there any hope for privacy left in this field?
Continue reading “Is There Privacy with Wearables? Case Oura Ring”
I reluctantly joined Facebook back in December 2011. During the couple of years I had the account, I learned more and more about the shadowy monster that provided us with our
daily hourly doses of dopamine in the forms of likes, shares and status updates.
This brings us to the first inconvenient – and most obvious – truth about the so-called Cambridge Analytica case: there’s absolutely nothing new in any of it.
Continue reading “The Inconvenient Truths about the Cambridge Analytica Files”
After my previous blog post got some unexpected publicity, there were some curious instances of Vero apologists defending the platform. Two main cases they presented were:
- Every other social media platform does the same thing anyway
I’ll give it to them, the second point is almost 100% accurate, but it simply doesn’t make it any more OK to invade users’ privacy. However, it’s the first point that really grinds my gears, especially when it comes to Vero.
Continue reading “Perceived Privacy vs. Revealing Reality – Case Vero”
TL;DR: if you allow Vero to access your phone’s Contacts even for a brief moment, instead of one-time reading them, it quietly stores them all, links them to your account and uses to shape the user experience. It also gives users who have given access to their Contacts a way of connecting with users who have explicitly denied Vero’s access to their respective phone’s contact list. As an icing on the cake, there’s no way you can delete that info from the service afterwards. This blog post examines how this works.
Continue reading “PSA: Vero App Stores Your Phone Contacts Even After You’ve Disabled Its Access to Them”
When I started drafting this blog post a while back, the title was “I Have Been Pwned Twice Already”. That number has since risen to five, and I’m assuming it will continue to rise as old breaches come to light and some long forgotten accounts get popped. So far, no immediate harm has been caused to me from these breaches, and I’ll contribute that silver lining to the reactive and since then proactive steps I’ve taken to ensure that’s the case now and in the future. This is how also you can harden your online presence against these (inevitable) breaches.
Continue reading “I Have Been Pwned… Five Freaking Times and Counting!”
Following in the footsteps of two great guides, “10 Commandments for a Safer Internet” and “0x0A Hack Commandments”, I was inspired to give something back to the community. For the average Joe, operational security – or OPSEC for short – is basically just about risk management through identifying specific pieces of information requiring protection, and employing measures to protect them. Sounds intimidating? Don’t worry, because you’re already doing it.
Continue reading “10 OPSEC Tips That Everyone Should Follow”