Access to a critical health service should not hinge on whether or not you have a Google account. https://www.eff.org/deeplinks/2020/03/verilys-covid-19-screening-website-leaves-privacy-questions-unanswered
#Zoom on iOS is sending personal data to #Facebook https://www.vice.com/en_us/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account
🤨 @Whatsapp has failed to respond to our letter on #CloudExtraction - which allows warrantless, broad access to cloud stored data. This is a vital issue for security of Whatsapp's customer data. Help us demand they respond now and retweet. 🔁
We're starting another round of translation workflow improvements for websites working with #Weblate: this time the focus is taking the pain out of translating Markdown texts, this builds upon the work on the @fdroidorg website
@bortzmeyer @Shaft @tania @fdroidorg @exodus @lenaki @Jolivier
And of course, we're contributing back to Exodus as much as possible. My personal view is that Exodus should be the canonical database of all this stuff but I'm not sure they want the noise of this discovery process in their issue tracker.
We are building upon Exodus' work, this is a vast project. Exodus is currently tracking libraries and domain names. Turns out, there are a number of other things that haven't been mapped out yet, like API keys and Broadcast Receivers.
We're looking to map out all technical details for how #Android apps are #tracking people, if you have ideas or more info, please submit them to our issue tracker! https://gitlab.com/trackingthetrackers/wiki/issues #TrackingTheTrackers
#MachineLearning is proving to be quite #exploit-able, humans need to stay in charge, with #AI only as an assistant:
"Hackers stuck a 2-inch strip of tape on a 35-mph speed sign and successfully tricked 2 Teslas into accelerating to 85 mph"
#TrackingTheTrackers I'm digging into tools these days, #faup provides lookups if a string is a known domain name, and #ipgrep returns all strings that resolve to an IP address. The #ipgrep approach seems much more useful since it doesn't need a pre-prepared list of "known domain names", instead #DNS provides that
One murky area of #FreeSoftware is what the #mirrors do with the all the #metadata they inevitably collect. Big mirrors like https://mirrors.kernel.org/ have no apparent public #privacy #policy. Purdue PLUG https://plug-mirror.rcac.purdue.edu/info.html and FAU https://ftp.fau.de/datenschutz post theirs
"Push messages are an essential part of connected mobile devices. They are also one of the critical missing pieces in the #opensource Android ecosystem. Until now, free Android apps would either need to implement their own push notification system, do without any push messaging or use the proprietary Google Cloud Messaging service."
Ich halte am Donnerstag einen Vortag über #FDroid bei der FSFE Berlin.
Wer mag kann vorbeikommen!
Our next #BinaryTransparency log is to monitor all the binaries for #Android SDK components that are #FreeSoftware. Those binaries are central to Android development, and #Google has done some strange things with them in the past. Its implemented as a git repo and has a basic JSON API https://gitlab.com/fdroid/android-sdk-transparency-log#readme
You have the right to obtain legal help and access the justice system when your rights are not respected.
Morgen 2020-01-28 ist internationaler Datenschutztag. Wir veranstalten deswegen einen Workshop wo Du Auskunftsbegeheren nach DSGVO an Unternehmen und Behörden erstellen kannst.
2020-01-28, ab 19:00 Uhr
Rathausstrasse 6, 1010 Wien
Die Teilnahme ist selbstverständlich kostenlos! Komm' einfach hin und mach mit!
People, apps and code you can trust