This podcast covers backing up data owned by others, including online photo albums and cloud documents. It also discusses European politicians' personal data exposure, Proton's transition to non-profit, Microsoft tracking sex toy purchases, online ID verification service breaches, Mac info-stealer via Google Ads, mail surveillance by law enforcement, ALPR vulnerabilities, UK hospital hack, Kaspersky software ban, Sonos data selling removal, and privacy-centric ad firm acquisition by Mozilla.
Backup shared online data to ensure important files availability offline.
ALPRs pose privacy risks due to data collection of drivers' details without consent.
US bans Kaspersky software amid concerns over Russian exploitation of personal data.
Law enforcement's surveillance of mail raises privacy concerns without court orders.
Deep dives
Privacy and Security Risks of ALPRs
Automated License Plate Readers (ALPRs) pose significant privacy and security risks, collecting vast amounts of sensitive data on drivers without their consent. The Cybersecurity and Infrastructure Security Agency (CISA) highlighted seven vulnerabilities in Motorola solutions Vigilant ALPRs, raising concerns about data protection. ALPR data, capturing personal travel patterns and relationships, can be exploited by malicious actors for harassment or stalking.
US Bans Sale of Kaspersky Software
The US government has banned the sale of Kaspersky antivirus software over national security and privacy concerns due to its Russian origin. Kaspersky users are urged to switch to alternative providers before the ban takes full effect in July. The ban stems from fears that Kaspersky may be used by Russia to exploit and weaponize personal information of Americans, escalating tensions between the US and the Moscow-based cybersecurity company.
US Postal Service's Mail Covers Program
The US Postal Service's Mail Covers Program, utilized by law enforcement, allows the surveillance of mail without a court order, raising privacy concerns. Records show that data from thousands of letters and packages has been shared with federal agents without proper oversight. This surveillance tactic, collecting detailed information from mail, can raise questions about privacy infringements and abuse of data.
ALPRs Vulnerabilities and Data Collection
Automated License Plate Readers (ALPRs) have faced cybersecurity vulnerabilities, with CISA disclosing issues in Motorola solutions Vigilant ALPRs. The vast data collected by ALPRs, storing sensitive travel and personal information, poses risks of exploitation and data breaches. The revelation of vulnerabilities underscores the need for stringent data protection and oversight in the use of ALPR systems.
Concerns Over Government Surveillance Tools
Government surveillance tools such as ALPRs and automated license plate readers are under scrutiny for their potential privacy infringements and security vulnerabilities. Recent disclosures of vulnerabilities in surveillance technologies emphasize the importance of safeguarding individuals' data against misuse and unauthorized access. Efforts to strengthen data protection and enhance oversight of such surveillance tools are crucial to upholding privacy rights and national security interests.
Effect of Company Origin on Bans
The podcast delves into the potential implications of bans on companies based on their country of origin. The discussion highlights the controversy surrounding bans on products from Russian and Chinese companies, emphasizing the need for caution in implementing such measures. It raises concerns about the impact of retaliatory bans on international relationships, warning against a potential fragmentation of the global economy.
Privacy Concerns with Sonos User Agreement Change
Another key focus is on Sonos' alteration of its US user agreement to remove a promise against selling users' personal information, sparking negative responses from vigilant users. The revision, unnoticed until spotted by users on a Reddit forum, reignited discontent following a recent app redesign. This shift in user agreement by Sonos, coupled with the lack of an opt-out option, raises questions about privacy and user data protection in the tech industry.
We've talked about how to backup your local device data and how to back up data that is primarily stored in the cloud. But there's a lot of important, irreplaceable data we take for granted: data owned by others. This might be shared online photo albums, cloud document collaborations, eBooks and other digital media, and even websites you frequently rely on. Today we'll talk about how you can make local copies of these files in case they should ever go offline.
In other news: European politicians' personal details exposed online; Proton transitions to non-profit corporate structure; lawsuit claims Microsoft tracked sex toy purchases; online ID verification service exposed drivers licenses; new Mac info-stealer served up by Google Ads; law enforcement is spying on Americans' mail; new ALPR vulnerabilities prove it's a public safety threat; UK hospital hack leaks 300M patient records; US bans Kaspersky software; Sonos removes promise not to sell its users' data; Mozilla buys a 'privacy-centric' ad firm.
Article Links
[proton.me] Cyber house of cards – Politicians’ personal details exposed online https://proton.me/blog/politicians-exposed-dark-web
[proton.me] Proton is transitioning towards a non-profit structure https://proton.me/blog/proton-non-profit-foundation
[404media.co] Lawsuit Claims Microsoft Tracked Sex Toy Shoppers With 'Recording in Real Time' Software https://www.404media.co/lawsuit-claims-microsoft-tracked-sex-toy-shoppers-with-recording-in-real-time-software/
[404media.co] ID Verification Service for TikTok, Uber, X Exposed Driver Licenses https://www.404media.co/id-verification-service-for-tiktok-uber-x-exposed-driver-licenses-au10tix/
[Ars Technica] Mac users served info-stealer malware through Google ads https://arstechnica.com/security/2024/06/mac-info-stealer-malware-distributed-through-google-ads/
[The Washington Post] Law enforcement is spying on thousands of Americans’ mail, records show https://www.washingtonpost.com/technology/2024/06/24/post-office-mail-surveillance-law-enforcement/
[Electronic Frontier Foundation] New ALPR Vulnerabilities Prove Mass Surveillance Is a Public Safety Threat https://www.eff.org/deeplinks/2024/06/new-alpr-vulnerabilities-prove-mass-surveillance-public-safety-threat
[TechCrunch] US bans sale of Kaspersky software citing security risk from Russia https://techcrunch.com/2024/06/20/us-bans-kaspersky-software-security-risk-russia/
[AppleInsider] Sonos removes a promise to not sell personal data, gets busted by users https://appleinsider.com/articles/24/06/15/sonos-removes-a-promise-to-not-sell-personal-data-gets-busted-by-users
[theregister.com] What's up with Mozilla buying ad firm Anonym? It's all about 'privacy-centric advertising' https://www.theregister.com/2024/06/18/mozilla_buys_anonym_betting_privacy/
Tip of the Week: Backing Up Other Data https://firewallsdontstopdragons.com/how-to-backup-other-data/
Further Info
Send me your questions! https://fdsd.me/qna
Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book
Subscribe to the newsletter: https://fdsd.me/newsletter
Become a patron! https://www.patreon.com/FirewallsDontStopDragons
Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch
Give the gift of privacy and security: https://fdsd.me/coupons
Support our mission! https://fdsd.me/support
Generate secure passphrases! https://d20key.com/#/
Table of Contents
Use these timestamps to jump to a particular section of the show.
0:00:25: Book blitz coming soon
0:00:55: Dear Carey reminder
0:01:38: Bitwarden bug fixed
0:02:28: News rundown
0:04:22: EU politicians’ personal details exposed online
0:10:37: Proton adopts non-profit structure
0:15:15: Lawsuit Claims Microsoft Tracked Sex Toy Shoppers
0:19:28: ID Verification Service Exposed Driver Licenses
0:27:38: Mac users served info-stealer malware through Google ads
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
