Is There Privacy with Wearables? Case Oura Ring

Is There Privacy with Wearables? Case Oura Ring

Out of all the information we generate (willingly or unwillingly) out there, nothing gets more personal than health data. Traditionally, health data has been collecting dust in some public healthcare sector’s file cabinet, but thanks to fitness and wellness gadgets and services, that data is now scattered across the world.

Workout heatmaps reveal secret military bases left and right, DNA testing services get breached and fitness trackers go bankrupt leaving data who knows where. Is there any hope for privacy left in this field?

After 8 months of waiting since preorder, I’m now an owner of a new Oura ring – one of the most advanced wellness and sleep trackers on the market. Among other things, Oura gives its user (wearer?) every day an overall score for Sleep, Readiness and Activity. I decided to return the favor and go through Oura’s Privacy Policy with a fine comb and give Oura a Privacy score. This is how it went down.

Continue reading “Is There Privacy with Wearables? Case Oura Ring”

Advertisements

The Inconvenient Truths about the Cambridge Analytica Files

The Inconvenient Truths about the Cambridge Analytica Files

I reluctantly joined Facebook back in December 2011. During the couple of years I had the account, I learned more and more about the shadowy monster that provided us with our daily hourly doses of dopamine in the forms of likes, shares and status updates.

This brings us to the first inconvenient – and most obvious – truth about the so-called Cambridge Analytica case: there’s absolutely nothing new in any of it.

Continue reading “The Inconvenient Truths about the Cambridge Analytica Files”

Perceived Privacy vs. Revealing Reality – Case Vero

Perceived Privacy vs. Revealing Reality – Case Vero

After my previous blog post got some unexpected publicity, there were some curious instances of Vero apologists defending the platform. Two main cases they presented were:

  1. No matter how shadily Vero might treat your privacy, it’s fine since it’s covered in their Privacy Policy
  2. Every other social media platform does the same thing anyway

I’ll give it to them, the second point is almost 100% accurate, but it simply doesn’t make it any more OK to invade users’ privacy. However, it’s the first point that really grinds my gears, especially when it comes to Vero.

Continue reading “Perceived Privacy vs. Revealing Reality – Case Vero”

PSA: Vero App Stores Your Phone Contacts Even After You’ve Disabled Its Access to Them

PSA: Vero App Stores Your Phone Contacts Even After You’ve Disabled Its Access to Them

TL;DR: if you allow Vero to access your phone’s Contacts even for a brief moment, instead of one-time reading them, it quietly stores them all, links them to your account and uses to shape the user experience. It also gives users who have given access to their Contacts a way of connecting with users who have explicitly denied Vero’s access to their respective phone’s contact list. As an icing on the cake, there’s no way you can delete that info from the service afterwards. This blog post examines how this works.

Continue reading “PSA: Vero App Stores Your Phone Contacts Even After You’ve Disabled Its Access to Them”

10 OPSEC Tips That Everyone Should Follow

10 OPSEC Tips That Everyone Should Follow

Following in the footsteps of two great guides, “10 Commandments for a Safer Internet” and “0x0A Hack Commandments”, I was inspired to give something back to the community. For the average Joe, operational security – or OPSEC for short – is basically just about risk management through identifying specific pieces of information requiring protection, and employing measures to protect them. Sounds intimidating? Don’t worry, because you’re already doing it.

Continue reading “10 OPSEC Tips That Everyone Should Follow”

How Google & Android Track Your Location – And How to Opt-Out 

How Google & Android Track Your Location – And How to Opt-Out 

There’s a lot of details on how Google and specifically Android tracks your location, that most people aren’t aware of. And if you ask me, that’s cluelessness by design. For most people, turning on “location” on their devices, seeing that little 📍-icon popping up, means that the device is now “connected to the GPS”. In reality however, that usually means that the device is scanning Wi-Fi, mobile networks and even Bluetooth in some cases to improve the results – in battery saving mode Android isn’t actually using GPS at all to locate the device!

So why’s this a big deal? Because every Wi-Fi sharing device is automatically mapped by Google, and they’re using your devices as a tool of doing so. In a nutshell:

  1. Google knows the location of your device (i.e. you), even if you’re using a VPN and your IP would be pointing elsewhere.
  2. Your device is basically enslaved to Google, providing location data regarding its surroundings, and thus improving Google’s services with the cost of your device’s battery life, performance, and your privacy.
  3. Every Wi-Fi hotspot, router and such is unwillingly acting as a location beacon for Google.

Luckily there are few ways to opt-out of these things. In this blog post, I’m going to show you how to do just that.

Continue reading “How Google & Android Track Your Location – And How to Opt-Out “

Make Twitter Non-Personalized Again

Make Twitter Non-Personalized Again

Many of you have probably heard about Twitter’s new privacy policy which was sold to you the same way these things always are: “to bring you a more personalized experience”. Obviously, this meant that more of your data is getting analyzed and sold to the highest bidder. I immediately encouraged my followers to opt-out of it, and since then also the great folks at EFF have written a guide on how to do so.

But what many Twitter users don’t know is that there are other ways that Twitter is already (and by default) doing to “enhance” your timeline. This is how you can opt-out from the rest of those settings: Continue reading “Make Twitter Non-Personalized Again”