Tag Archives: privacy

Location Apps on Smartphones

Posted on by
Reply

A techy article about the wonders of location apps in our smartphones—if “properly shared”—in Sunday’s Wall Street Journal caught my eye. The author’s piece centered on the alleged benefits of automatically sharing your personal location data with a selected audience (usually family members) and the app providers’ directions for how to achieve “proper sharing,” supposedly limiting the location sharing to that selected audience.

The author missed the larger problem, though: the intrinsic lack of security on those apps, especially given the historical disdain for personal information security on the part of some of those providers.

I won’t share my location, ever. It wasn’t necessary before such apps became available, and it isn’t necessary today. My smartphone has a—wait for it—telephone app that I can use to check in with and/or check on the ones about whom I care.

The location data in these apps simply aren’t as secure as the touters make them out to be. Data that are held anywhere but on my personal devices are vulnerable to exposure, whether by “mistake”—last week’s IRS release of tax records (which is all too routine for this government agency) comes to mind—or programming mistakes, or cloud or providers’ servers being hacked, or the receivers’ devices being hacked, or location history being vulnerable to government information demands, or….

Location data that aren’t in the cloud or on those other servers and that aren’t being transmitted to a supposedly limited audience aren’t available to exposure.

Along those lines, a commenter in the comment thread for that article had this:

I checked FindMy to see if my wife was lost coming to an appointment at the bank (she was). The banker gasped, “Does she know you’re tracking her?” Her reaction? “It’s a sign of a secure marriage.”
She once missed where I-26 turns and followed the connector straight ahead into downtown Columbia, SC. I was able to guide her through town back to I-26 by a convenient route. I had been tracking her anticipating that very thing.
Very useful app, but one has to be careful with it.

Leaving aside the Banker’s intrusion into a family matter having nothing to do with the family business being conducted, I had this reaction:

Before location apps were available, my wife had a similar missed-turn-now-lost experience trying to get to a location in a large city in Texas hours away from the large city in Texas in which we live, and where I still was.
Her solution? She exercised the telephone app that happened be on her smartphone and called me. I brought up the map function on my laptop, and from her description of the landmarks she was seeing, I quickly located her and then talked her back onto her route. She finished her trip with no further trouble.

Telephone apps. What will Big Tech think of next?

California Progressive-Democrats Strike Again

Posted on by
Reply

This time, it’s the California’s Attorney General, the Progressive-Democrat Rob Bonta, who released the personally identifiable information of thousands of California’s firearm owners and concealed carry permit holders.

In the name of transparency, he claims. Oh, and that much transparency was an accident, he claims.

The information “accidentally” released includes

the person’s full name, race, home address, date of birth, and date their permit was issued. The data also shows the type of permit issued, indicating if the permit holder is a member of law enforcement or a judge.

This is what Bonta said in his Press Release, put out last Monday, regarding his “transparency” move:

The dashboard [Bonta’s 2022 Firearms Dashboard Portal] is accessible though DOJ’s OpenJustice Data Platform. The announcement will improve transparency and information sharing for firearms-related data and includes broad enhancements to the platform to help the public access data on firearms in California, including information about the issuance of Concealed Carry Weapons (CCW) permits….

You bet he broadly enhanced public access to data about firearm ownership and concealed carry permit holders.

This sort of thing doesn’t happen by accident. Bonta knows who is in the IT section of the California DoJ that he runs. He knows who did the software adjustment to release the data from the department’s concealed carry permit holder database. That those folks have not been fired for cause, much less arrested by his California Bureau of Investigation or Bureau of Firearms agents, speaks volumes about Bonta’s role in this attack on honest American citizens, who also are citizens of California.

That Bonta hasn’t resigned now that his release (yes, his release—he’s the one in charge; he’s the one who authorized the release) has been exposed says volumes about his continued approval of the release.

This is a continuation of the Progressive-Democratic Party’s attack on our 2nd Amendment rights, just a few days after the Supreme Court upheld them, explicitly, in striking down New York’s law requiring a citizen to get government permission to exercise his right by satisfying a government bureaucrat that he has a “need” and is a proper—in the bureaucrat’s eyes—citizen.

Update: Corrected the opening sentence, which had mistakenly omitted the first half due to a copy/paste fit of sloppiness.

Voice Mimicry

Posted on by
Reply

Amazon is bragging about a new capability it’s developed for its Alexa service. It’s bad enough that Amazon can eavesdrop on private, often highly personal, conversations through its Alexa device.

Now the device can mimic voices—including those of deceased persons—and Amazon says, with a straight face, that this is so cool.

On the other hand, so much for voice recognition as part of a two- (or more) factor authentication regime.

And, here’s another forger’s tool brought to market.

I suppose this might be an improvement in certain circles….

Companies Tracking Customers

Posted on by
Reply

It turns out this isn’t limited to cookies through browsers and overt tracking software.

There’s another software package that businesses use to track their users activities. Log4j

is used on computer servers to keep records of users’ activities so they can be reviewed later by security or software development teams.

Businesses are secretly tracking our activities as we interact with them digitally, not just quietly through cookies and tracking tools. Maybe not only those teams, either. It wouldn’t surprise me if marketing teams were using our data, and if other teams were putting together packages of our data to peddle to other companies.

It’s widespread, too.

The nonprofit Apache Software Foundation, a group that distributes the open-source tool at no cost, has said [Log4j] has been downloaded millions of times.

Nice.

And just to add a floatie to that puddle, Log4j has a serious security flaw.

The flaw is particularly dangerous given the widespread use of Log4j on corporate networks and the ease with which hackers could exploit the vulnerability, security experts say.

And

Attackers could use the bug to break into computer networks to steal sensitive data, prepare for ransomware attacks, or create backdoors that will allow them to maintain access to corporate systems even after the flawed software has been patched.

That exposure isn’t limited to personal information, either, or to the nefarious uses to which businesses put out personal information.  It ranges up to the technologies of businesses, including defense contractors.

Grassroots Infiltration

Posted on by
Reply

Bill Melugin (@BillFOXLA), of FOXLA, known also for his reporting from our border along the Rio Grande Valley, had this Twitter thread concerning the close ties the Los Angeles County Board of Supervisors has with the People’s Republic of China, especially as concerns Americans’ DNA records. I’ve reproduced the thread below, absent the tweeting headers for easier reading.

One other thing: the Los County County Supervisor at the end of the thread that Melugin tried to contact, Hilda Solis, is the same Hilda Solis (D) who sat in ex-President Barack Obama’s (D) Secretary of Labor chair and did so much damage during his first term.

***

NEW: The L.A. County Sheriff has notified L.A. County that LASD will not work w/ a genetics firm the County hired for mandatory COVID-19 testing/registration of County employees after he received a recent briefing from the FBI warning him about the firm’s links to China.Over the last several weeks, I’ve been contacted by multiple L.A. County employees who are furious about Fulgent Genetic’s disclaimer about sharing their medical information outside the United States. All 100,000+ L.A. County employees mandated to register with Fulgent.

On August 4th, the L.A. County Board of Supervisors issued an executive order mandating all County employees provide proof of vaccination against COVID-19, or face potential termination. L.A. County awarded a no-bid contract to Fulgent to provide testing/registration services.

I’m told some L.A. County departments have already started registering with Fulgent. An employee in the D.A.’s office sent me this letter showing he has already been threatened with disciplinary action & termination for failing to register his information with Fulgent.

Fulgent Genetics was also awarded a contract to provide COVID-19 testing for New York City public schools through the 2021 school year.

ir.fulgentgenetics.com: https://ir.fulgentgenetics.com/news-releases/news-release-details/fulgent-genetics-extends-partnership-new-york-city-test-and/

Fulgent Genetics Extends Partnership with New York City Test and Trace for COVID-19 Testing,…

Following a competitive process, Fulgent was selected to extend its support of the NYC DOE public school testing managed by the NYC Test and Trace Corps with on-site staffing and RT-PCR tests through…

UPDATE: FBI Los Angeles spokesperson tells me:

“While we routinely provide briefings to partners, I decline to comment on the letter tonight.”

I have also reached out to LA County Supervisor Hilda Solis’ office for a response to the Sheriff’s letter. Waiting to hear back.

****

This is how deeply the People’s Republic of China is penetrating even our local government jurisdictions.