Category Archives: Privacy

Edward Snowden Asked: Do You Want to be Watched?

This question applies to everyone, inclusive of those watching and ultimately a future for their children being watched and grandchildren having no privacy.

These days I always notice the cameras in lights. I am aware of the monitoring of Smart Meters.  I am conscious of cyber security used as a means of accessing people’s data and breaching privacy and justifying this intrusion by utilizing threats as bonifide reasons.  I am conscious of mass data gathering and I see it as a much greater threat than the cold war or nuclear postures.

I am monitoring government and business who may not be holding the public interest above all interests.  I am in service to humanity.

This video is on Edward Snowden who has risked his life to expose criminality and breaches of civilians privacy and indeed security.

My concern is the lack of empathy, human wellbeing and basic respect of a human’s right to privacy and safety through anonymity.

Hacking Legal or Illegal Breaks-in the Backdoor

In the public interest.

Edward Snowden the NSA whistleblower says that governments use the same techniques as hackers to take over your device. They launch exploit on your device they can do anything you do. They can look at emails, location services etc. He says they don’t need to hack devices they can ask Google, as they have a copy he says. Everything you have done Google keeps a permanent record. It is available to this private company and government. If you can do it they can do it, he says. The device is talking all the time, 10’s, 100’s, thousands of times a minute to a number of companies who have apps installed on your phone. He says, we have not created the tools for people to see this activity. It is the invisibility that is important, if you don’t know they are gathering data from you, you will not say anything.

Here is some information on Hacking.

Hackers Can Control Your Phone Using a Tool That’s Already Built Into It

One of the vulnerable phones: the HTC One M7.Ariel Zambelich/WIRED

A lot of concern about the NSA’s seemingly omnipresent surveillance over the last year has focused on the agency’s efforts to install back doors in software and hardware. Those efforts are greatly aided, however, if the agency can piggyback on embedded software already on a system that can be exploited.

Two researchers have uncovered such built-in vulnerabilities in a large number of smartphones that would allow government spies and sophisticated hackers to install malicious code and take control of the device.

The attacks would require proximity to the phones, using a rogue base station or femtocell, and a high level of skill to pull off. But it took Mathew Solnik and Marc Blanchou, two research consultants with Accuvant Labs, just a few months to discover the vulnerabilities and exploit them.

The vulnerabilities lie within a device management tool carriers and manufacturers embed in handsets and tablets to remotely configure them. Though some design their own tool, most use a tool developed by a specific third-party vendor—which the researchers will not identify until they present their findings next week at the Black Hat security conference in Las Vegas. The tool is used in some form in more than 2 billion phones worldwide. The vulnerabilities, they say, were found so far in Android and BlackBerry devices and a small number of Apple iPhones used by Sprint customers. They haven’t looked at Windows Mobile devices yet.

The researchers say there’s no sign that anyone has exploited the vulnerabilities in the wild, and the company that makes the tool has issued a fix that solves the problem. But it’s now up to carriers to distribute it to users in a firmware update.

Carriers use the management tool to send over-the-air firmware upgrades, to remotely configure handsets for roaming or voice-over WiFi and to lock the devices to specific service providers. But each carrier and manufacturer has its own custom implementation of the client, and there are many that provide the carrier with an array of additional features.

To give carriers the ability to do these things, the management tool operates at the highest level of privilege on devices, which means an attacker who accesses and exploits the tool has the same abilities as the carriers.

The management tools are implemented using a core standard, developed by the Open Mobile Alliance, called OMA device management. From these guidelines, each carrier can choose a base set of features or request additional ones. Solnik says they found that some phones have features for remotely wiping the device or conducting a factory reset, altering operating system settings and even remotely changing the PIN for the screen lock.

They’ve also found systems that allow the carrier to identify nearby WiFi networks, remotely enable and disable Bluetooth or disable the phone’s camera. More significantly, they’ve found systems that allow the carrier to identify the applications on a handset, as well as activate or deactivate them or even add and remove applications. The systems give the carrier the option of making these changes with our without prompting the consumer. Carriers also can modify settings and servers for applications pre-installed by the carrier—something hackers could exploit to force the phone to communicate with a server of their choosing.

Furthermore, some of the systems can monitor the web browser’s home page and in some cases retrieve synced contacts. Others include a call redirect function that can direct the phone to a specific phone number. Carriers typically use this feature to program shortcuts to their own phone numbers. For example, Verizon might program its phones so “299” dials customer service. But Solnik found this feature can be used to redirect any number; phone numbers also can be programmed to launch an application.

“Pretty much whatever number … if we programmed it, when you dial it, it would do whatever functionality we programmed it to do,” Solnik says. “Whether you have the number 1 programmed for your mother, it would then do what we choose.”

The more features the management tool offers the carrier, the more an attacker can do as well. But at a minimum, every device they examined would allow an attacker to change all of the cellular network functionality. In many cases, they could also control firmware updates.

And even the phones that use only the most basic management system have memory corruption vulnerabilities that would still allow a hacker to execute code or install malicious applications, they found.

Two phones that provided the highest level of exploitation were the HTC One M7 and the Blackberry Z10. Among iOS devices, they found that only iPhones offered by Sprint and running an operating system prior to version 7.0.4 were vulnerable. The 7.0.4 version of the software, which Apple released in November, partially solved the issue.

The Blackberry Z10. Blackberry

Carriers recognize the risk these management tools present, and many have added encryption and authentication to bolster security. Accessing the management system in the device, for example, often requires a password. And the researchers found every carrier in the US encrypts communication between a device and the carrier’s server. But these protections are so poorly implemented that the researchers could undermine them.

“Pretty much all the safeguards put into place to protect the clients in nearly all major devices we found can be bypassed,” Solnik says.

In the case of the authentication, for example, they found that the systems use passwords that are generated in part using a public identifier—that is, the IMEI, or the cell phone’s serial number. That number is readily available by any base station that communicates with the phone. Solnik says that although each carrier’s system uses a slightly different method for generating passwords, they’re all based on the same core.

“They’re all taking a certain public identifier and a certain pre-shared token or secret and using that to derive the password,” he says. “There is some secret sauce added, but because it’s derived from this token that is already public knowledge, that can be reverse-engineered and reproduced…. We can more or less pre-calculate all passwords for any device in order to manage the client.”

They also found many ways to undermine the encryption. “It does require a deep understanding of what it’s doing, but once you understand how it works, you can pretty much turn off or just bypass or man-in-the-middle the encryption itself,” Solnik says.

Although the vulnerabilities are basic from a security perspective, exploiting them is not. Each requires extensive knowledge of the OMA-DM standard implementation and how cellular networks work. A successful hack also requires setting up a cellular base transceiver station or finding a vulnerability in a femtocell to take it over and use it for the attack. And cracking the encryption is also not trivial. Nonetheless, anyone with the same level of knowledge and skill as the researchers could conduct the attacks.

That said, the researchers don’t believe anyone has exploited the vulnerabilities so far.

“During our disclosure with the vendors, different vendors have processes to look through to see if there are any traces of someone exploiting the vulnerabilities and we haven’t heard that there are any traces that anyone has seen so far,” says Ryan Smith, chief scientist at Accuvant.

Solnik and Blanchou have notified the firm that makes the management tool used by so many, and the company has already issued a fix. They also notified baseband manufacturers, who have written code that would implement that fix. Carriers are in the process of distributing a fix to existing phones.

“It’s important that all users … stay up to date with all the latest patches,” Solnik says. “Users should contact their carrier to see if an update is already available.”

Facebook Users in US could get up to $5,000 for AI photo scanning breaching Privacy

In the public interest.

This could open the way for citizen class actions on any organisation that uses facial recognition or other privacy breaching technology.

US Facebook users could get up to $5,000 compensation for EVERY picture tagged by the company’s photo-scanning AI as judge rules the app stole biometric data

  • A US federal judge has found that Facebook AI breached user privacy 
  • Automatically generating tags in pictures broke biometric law in Illinois 
  • Affected users could be entitled to between $1,000 to $5,000 per tagged photo
  • Facebook could be set to pay out billions of dollars in compensation  

Facebook will face a class action law suit in the wake of its privacy scandal, a US federal judge has ruled.

Allegations of privacy violations emerged when it was revealed the app used a photo-scanning tool on users’ images without their explicit consent.

The facial recognition tool, launched in 2010, suggests names for people it identifies in photos uploaded by users.

Under Illinois state law, the company could be fined $1,000 to $5,000 (£700 – £3,500) each time a person’s image was used without consent.

The technology was suspended for users in Europe in 2012 over privacy fears but is still live in the US and other regions worldwide.  

Scroll down for video 

Facebook's facial recognition tool, launched in 2010, suggests names for people it identifies in photos uploaded by users. A judge has ruled this broke Illinois state law and people could be entitled to up to $5,000 (£3,500) in compensation for every image used 

Facebook’s facial recognition tool, launched in 2010, suggests names for people it identifies in photos uploaded by users. A judge has ruled this broke Illinois state law and people could be entitled to up to $5,000 (£3,500) in compensation for every image used 

It is believed that the function runs afoul of Illinois state law on protecting biometric privacy. 

Judge James Donato ruled the claims by Illinois residents Nimesh Patel, Adam Pezen, and Carlo Licata were ‘sufficiently cohesive to allow for a fair and efficient resolution on a class basis.

‘Consequently, the case will proceed with a class consisting of Facebook users located in Illinois for whom Facebook created and stored a face template after June 7, 2011,’ he said, according to the ruling. 

June 2011 was the date on which Facebook rolled out its ‘tag suggestions’ feature. 

The feature is not available to users in most countries, including the UK – and can be turned off in settings for US users. 

Facebook believe that the lawsuit should be pursued by individual as the total amount of damages could ‘amount to billions of dollars,’ U.S. District Judge James Donato wrote in the ruling.

The judge has ruled that the Illinois law is clear: Facebook has collected a ‘wealth of data on its users, including self-reported residency and IP addresses,’ reports Bloomberg.  

Facebook has acknowledged that it can identify which users who live in Illinois have face templates, he wrote.

A face template can be generated from ten or more photos and is used to generate a profile on Facebook’s database.

‘Although many individuals may not have had enough tagged photos to generate a face template in Facebook’s database, in January 2011 [when Facebook implemented tag suggestions for all users] the average user was tagged in 53 photos, far more than the 10 needed to generate a face template,’ according to a December court filing. 

Facebook believe that the lawsuit should be pursued by individual as the total amount of damages could 'amount to billions of dollars,' U.S. District Judge James Donato wrote in the ruling

Facebook believe that the lawsuit should be pursued by individual as the total amount of damages could ‘amount to billions of dollars,’ U.S. District Judge James Donato wrote in the ruling

A Facebook spokeswoman said the company was reviewing the decision, adding: ‘We continue to believe the case has no merit and will defend ourselves vigorously.’

Facebook also contends it has been very open about the tool since its inception.

The Mark Zuckerberg-owned app allows users to turn the feature off and prevent themselves from being suggested in photo tags.

Also on Monday, Facebook confirmed that it collected information from people beyond their social media use.  

‘When you visit a site or app that uses our services, we receive information even if you’re logged out or don’t have a Facebook account,’ product management director David Baser said in a post on the social network’s blog.


News that Trump-affiliated company Cambridge Analytica used data mined from Facebook user’s to try and influence the US presidential election may trigger a wave of lawsuits, according to experts. 

Vanessa Barnett, a commercial lawyer and data protection expert at Keystone Law, believes it’s ‘very likely’ we will see a slew of legal cases against the firms in the wake of the scandal.

Speaking to MailOnline, she said: ‘In the UK, users can take direct action for damages caused to them by a data breach – and that includes damages for distress. 

‘How that translates into a “pounds, shillings, pence” type number for each person would depend on the nature of the damage.’ 

‘We have case law where the Home Office revealed personal data of asylum seekers, including potentially where they lived. Some of those individuals were awarded £12,500 ($14,000) in damages.

‘It remains to be seen if the damage caused by the Cambridge Analytica scandal is comparable.’

Ms Barnett says that a number of consumer rights focused groups are looking at the possibility of a class action lawsuit, a more regular feature of the US legal system than in the UK.

A class action lawsuit filed against the firm in America is now seeking compensation for the roughly 70 million US users who were affected.

Ms Barnett added: ‘Years ago we just had Max Schrems vs Facebook, and he didn’t do too bad, but now it’s much more in the public consciousness. 

‘If the mechanics to participate in a class action are easy, I can see many users joining in.’ 


Mr Baser said ‘many’ websites and apps use Facebook services to target content and ads, including via the social network’s Like and Share buttons.

When people use their Facebook account to log into another website or app and Facebook ads and measurement tools.

But he stressed the practice was widespread, with companies such as Google and Twitter also doing the same.

The company has used a program it calls DeepFace to match other photos of a person.

 Google faces a lawsuit in Chicago like the one against Facebook in San Francisco federal court. 

The ruling comes as the social network is snared in a scandal over the mishandling of 87 million users’ data ahead of the 2016 US presidential election.beyond their social network use. 

Cambridge Analytica, run by former White House senior adviser Steve Bannon and billionaire campaign benefactor Robert Mercer, was hired by the Trump campaign during the 2016 president election. 

The social network was forced to post a warning message to users who  had their private data harvested by political data company Cambridge Analytica

Messenger communications may be among the data harvested by Cambridge Analytica, a disclosure buried in a new ‘Protecting Your Information’ (pictured) tool on the social network has revealed

It is believed that the data taken from people via the app was used to assist in the propaganda and electing of Donald Trump to president of the US.  

Mark Zuckerberg, founder and CEO of Facebook, admitted that his own information was taken in the scandal. 

The admission came in front of US congress as he was quizzed about his role in the pilfering of information from his social media site.

Recently, the social media conglomerate has implemented a variety of updated privacy controls and settings. 

Last week, Facebook launched a new tool that lets you check whether your data was harvested by Cambridge Analytica. 

Facebook slipped the previously unknown information into the fine print (highlighted in red) of the app created to address concerns over the scandal. MailOnline reporter Joe Pinkstone is among those to have had personal information shared with Cambridge Analytica 

Facebook slipped the previously unknown information into the fine print (highlighted in red) of the app created to address concerns over the scandal. MailOnline reporter Joe Pinkstone is among those to have had personal information shared with Cambridge Analytica 

As a result, Facebook’s 2.2 billion users began to receive a notification on their newsfeed.

Titled ‘Protecting Your Information,’ it contains a link to let you see what apps you use and what information you have shared with them.

A separate tool lets you manually check whether you or your friends logged into the ‘This Is Your Digital Life’ quiz responsible for the data grab.  

As well as the information provided on a person’s Facebook profile, there were concerns that personal messages were also jeopardised. 

Cambridge Analytica has denied the claims that it accessed private message data. 


Facebook users could get up to $5,000 compensation for EVERY picture used without their consent


  View all

The comments below have not been moderated.

How much of that will poor Zuckerberg get?

Click to rate

The people may see 2 or 3 dollars of that, lawyers will get the rest.

Click to rate

And the lawyers will charge you the 2-3 dollers to post you a blank cheque.

Click to rate

be sure to dump your facebook stock now, while it’s still worth something.

Click to rate

Man, I wish I had a Facebook, now. Oh, wait. No I dont…

Click to rate

I’ll sure be enjoying my $.17 cents

Click to rate

Facebook? Don’t you mean Lifelog (DARPA)? Oh yeah – you aren’t supposed to know about that. Just a wiki away….

Click to rate

Do not get your hopes up. The political power is owned by facebook.

Click to rate

wait… let me re-open my facebook account so that I can get in on the action. I had thousands of pics on Facebook back in the day!!!

Click to rate

My God Zuckerberg looks just like a little Troll in that picture.

Click to rate

That’s because he is!!

Click to rate

Class action lawsuit, each user will get st most $5.00.