Privacy

There's a meme that every person has a U.S. government agent assigned to read their text messages. That’s not true. But government agencies, from the National Security Administration to local police departments, can potentially read the conversations on many text messaging applications. Fortunately, this is not always the case, and there are many ways you can protect your privacy.

I want to keep a list of my contacts on my phone so I can call them, but I never want the list of contacts to leave the device, through contact sync or similar. I'm using the Android built-in Contacts app.

On my old phone I used an F-droid app called 'local contacts' or 'offline contacts', but I can't find it with my new phone. It would create a new account, separate from your gmail account, to associate the contacts with. Something like that might be nice to have, although I don't know how effective it is.

I see in my settings under "Google Contacts sync" that "Sync is off" and "Also sync device contacts" is off. "Device contacts" sounds like maybe some Android built-in version of the offline contacts app I mentioned before. Does anyone know if this is the case?

I'm worrying that if I use a builtin features, Google will ask me about backup for photos or something at a later point, I'll reflexively click 'proceed' without realizing what I'm doing, and this will activate all Google-related sync features, including contact sync, updating my Xkeyscore (NSA) profile with my social graph before I know what's happening.

Perhaps it's best to assume my social graph is already known by Google? Then maybe I should focus on limiting others from getting access to it? I believe apps have to ask before accessing any contacts so I guess I could just deny access for apps I don't trust.

There are few questions above, but I'm really mostly looking for a discussion about what good security practices are when it comes to phone contacts. It seems like one of the more sensitive sets of information on a phone.

Does that mean that other apps like signal for example have back doors?

Do criminals have a knowledge of exploits in the recommended messaging apps?

This paper investigates the feasibility of a proactive DeepFake defense framework, {\em FacePosion}, to prevent individuals from becoming victims of DeepFake videos by sabotaging face detection. The motivation stems from the reliance of most DeepFake methods on face detectors to automatically extract victim faces from videos for training or synthesis (testing). Once the face detectors malfunction, the extracted faces will be distorted or incorrect, subsequently disrupting the training or synthesis of the DeepFake model. To achieve this, we adapt various adversarial attacks with a dedicated design for this purpose and thoroughly analyze their feasibility. Based on FacePoison, we introduce {\em VideoFacePoison}, a strategy that propagates FacePoison across video frames rather than applying them individually to each frame. This strategy can largely reduce the computational overhead while retaining the favorable attack performance. Our method is validated on five face detectors, and extensive experiments against eleven different DeepFake models demonstrate the effectiveness of disrupting face detectors to hinder DeepFake generation.

This article is the best answer to people who say that they have "nothing to hide".

China’s Communist Party is stepping up the use of big data to predict people’s behavior in a bid to identify “social risks” and prevent violent attacks on members of the public in the wake of the car killings in Zhuhai earlier this month.

A New Jersey federal judge on Tuesday denied data brokers’ requests to dismiss a case brought by state law enforcement officers who sued the companies for failing to take their home addresses and phone numbers off the web.

India’s telecommunications regulator has rolled out rules designed to protect the country’s critical infrastructure networks from cyberthreats, but experts warn that the new guidelines have inadequate safeguards for users' fundamental privacy rights.

Disable JavaScript, to bypass paywall.

Abstract

Browser fingerprinting is a growing technique for identifying and tracking users online without traditional methods like cookies. This paper gives an overview by examining the various fingerprinting techniques and analyzes the entropy and uniqueness of the collected data. The analysis highlights that browser fingerprinting poses a complex challenge from both technical and privacy perspectives, as users often have no control over the collection and use of their data. In addition, it raises significant privacy concerns as users are often tracked without their knowledge or consent.

Methods of Browser Fingerprinting

• A. HTTP Header Attributes
• B. Enumeration of Browser Plugins
• C. Canvas Fingerprinting
• D. WebGL Fingerprinting
• E. Audio Fingerprinting
• F. Font Fingerprinting
• G. Screen Fingerprinting
• H. WebRTC Fingerprinting
• I. CSS Fingerprinting
• J. Additional JavaScript Attributes
• K. Advanced Techniques Using Machine Learning

Italy’s data privacy regulator on Friday announced that it has levied a €5 million ($5.2 million) fine against an Italian GPS-based food delivery service for tracking the geolocation of its drivers, including outside of working hours.

Disable JavaScript, to bypass paywall.

Chinese black market operators are openly recruiting government agency insiders, paying them for access to surveillance data and then reselling it online—no questions asked.