Fresh Off The Block


Apr
11
2017

Privacy Conscious? Don’t Be Too Hasty To Download Windows 10 Creator’s Update

A white Windows 10 Logo on a blue background

The wait is nearly over for Windows users. On April 11th, the long-awaited "Creators Update" will launch for Windows 10, bringing with it such useful features as a new "night light" mode that reduces the amount of blue light emitted by your screen so that you an sleep better; a new Windows Defender Security Centre, where users can tweak their security options in one place; and a Game Mode for better performance while gaming among lots of other tweaks. People who do not want to wait for the update to be offered to them through Windows Update can get ahead of the game by downloading Microsoft's upgrade tool to apply the update right now – but a recent report suggests privacy-conscious users may want to hold off from jumping on the bandwagon early.

According to an article by Tom's Hardware, which has been backed up by numerous less patient users, Microsoft's Windows 10 Update Assistant may not honour your Privacy Settings if you use it to upgrade to the Creators Update yourself. Instead, the Assistant tries to use default settings – whether or not you choose to upgrade or clean install the new version – meaning that if you changed your privacy settings when you installed Windows 10 and subsequently use the Assistant, you may need to keep a close eye on just what is being set, or you may find Windows suddenly gathering more data about you than you originally intended.

Those default settings encourage you to share your location and provide full diagnostic data to Microsoft to fix issues and improve future iterations of Windows 10. The default options also encourage enabling Cortana and receiving targeted ads rather than generic ones. The good news here is that Microsoft is being much more transparent about the data it collects – and when applying the Creators Update, the privacy options offer up clearer descriptions of what they do and the effects enabling or disabling them will have.

If you're not looking forward to going back through all those checkboxes, however, Microsoft state that when the upgrade is made available through Windows Update some time during April 11th, existing privacy settings WILL be honoured. We'll know for sure if this is the case soon enough – but as always, it's wise to look before you leap.

This article first appeared on Sanitarium.FM under the title Windows 10 Creators Edition Available Now – But Keep An Eye On Your Privacy Settings.

Digiprove sealThis informative article has been Digiproved © 2017
Acknowledgements: Windows 10 Logo Courtesy Microsoft / more...
Some Rights Reserved

What Our Visitors are Talking About


Latest CommentsOn Twitter Right Now
  • “Unlock” Dialogue for Clone System tool in Aomei Backupper 2.5 by William Sims
  • Microsoft gets 561 million euro fine for missing browser ballot “oversight” by Gamer Repulic's Dorthea
  • Microsoft gets 561 million euro fine for missing browser ballot “oversight” by Sherman Moya
  • Microsoft gets 561 million euro fine for missing browser ballot “oversight” by Microsoft gets 561 million euro fine for missing browser ballot “oversight” | The Sanitarium.FM
  • Valve’s Steam Gaming Computer: What we know so far by Valve's Steam Gaming Computer: What we know so far | The Sanitarium.FM
  • Tweet to @TMWeb to have your comments appear here!

    Previous Articles


    Aug
    21
    2015

    Spotify Rolling Out New Privacy Policy That’s Anything But

    Spotify Logo

    The Spotify Logo

    Wow, Spotify. How and why does a service mainly geared around music streaming become one of the most intrusive around? With the latest Spotify update, there’s a new privacy policy going into effect – and the TL;DR version is that if you’re at all concerned about data privacy, now may well be the time to jump ship, because this new policy definitely isn't.

    Here are just some examples of the type of snooping Spotify wants to get up to with the latest policy:

    Use Spotify on your mobile? Hope you're okay with sharing your Contacts, Photos and Media…

    With your permission, we may collect information stored on your mobile device, such as contacts, photos, or media files. Local law may require that you seek the consent of your contacts to provide their personal information to Spotify, which may use that information for the purposes specified in this Privacy Policy.

    Tracking Your Location

    Depending on the type of device that you use to interact with the Service and your settings, we may also collect information about your location based on, for example, your phone’s GPS location or other forms of locating mobile devices (e.g., Bluetooth). We may also collect sensor data (e.g., data about the speed of your movements, such as whether you are running, walking, or in transit).

    Third party services – well, at least you can disconnect Facebook…

    You may integrate your Spotify account with Third Party Applications. If you do, we may receive similar information related to your interactions with the Service on the Third Party Application, as well as information about your publicly available activity on the Third Party Application. This includes, for example, your “Like”s and posts on Facebook.

    (To be fair, this is really only saying that Spotify will do what anyone on Facebook can do anyway – look at the things you've posted publicly; as well as anything related to Spotify itself. If you've integrated your Spotify with Facebook, you pretty much already accepted this was going to happen anyway; but if you find it creepy, you might want to disconnect Facebook from Spotify via your Preferences)

    Storing (and Sharing!) Your Credit Card Information

    If you sign up for a Trial (as defined in the Terms and Conditions of Use), purchase any of our Paid Subscriptions (as defined in the Terms and Conditions of Use), or make other purchases through the Service, your credit or debit card information (such as card type and expiration date) and other financial data that we need to process your payment may be collected and stored by us and/or the payment processors with which we work. We may also collect some limited information, such as your postal code, mobile number, and details of your transaction history, all of which are necessary to provide the Service.

    Spotify claim that they collect personal data from users primarily to improve the overall experience for people using the service; but it's clear that not all of the data being gathered is to benefit the service itself. Indeed, if you look more closely at the paragraphs explaining how they intend to use the data, the real purpose becomes clear – advertising:

    We may use the information we collect, including your personal information….to provide, personalise, and improve your experience with the Service and products, services, and advertising (including for third party products and services) made available on or outside the Service (including on other sites that you visit), for example by providing customised, personalised, or localised content, recommendations, features, and advertising on or outside of the Service

    So, if you love music but also love privacy, maybe it's time to ditch Spotify and look for a new streaming service instead.

    [Via Sanitarium.FM]

    Oct
    29
    2011

    Major Privacy Flaws found in Dolphin Browser for iOS and Android

    The below post borrows heavily from a similar article posted on dotTech.org; which was in turn was a more up-to-date post based on a report from Ars Technica. Both sources have received credit for the below works and Technically Motivated makes no claim of ownership for non-original content.

    Dolphin is an extremely popular third party browser that is much loved by many users of modern smart-phones. Available in many forms – Dolphin Browser HD and Dolphin Browser Mini on Android; and Dolphin Browser on iOS – the browser is generally considered to be sleek and feature filled and constantly receives updates. However, one recent new feature introduced to the browser has caused much controversy.
    MoboTap, the developer of Dolphin, were recently discovered to have introduced a major breach of privacy with their Webzine feature.

    Webzine is an attempt by MoboTap to make web browsing on mobile devices more pleasant. What happens is MoboTap teams up with websites to configure them to be Webzine compatible. (Actually I am not sure if MotoTap teams up with websites or if websites do it themselves; the point is websites are made to be Webzine compatible, one way or another.) Then when a user visits a Webzine compatible website in Dolphin, the mobile-friendly Webzine version is shown. That doesn’t sound too bad does it? The privacy issue is not with Webzine itself but rather how Dolphin identifies Webzine compatible websites.

    Reports – thanks to the ever-vigilant people at XDA-Developers – have emerged that on Dolphin Browser HD [Android] and Dolphin Browser [iOS] every website users visit is being sent – in plain text – to Webzine’s server to check to see if the website is Webzine compatible. (If the website is, the Webzine version is shown; if it isn’t, the normal version is shown.) In other words, any URL you visit – may that be HTTP or HTTPS – is being sent to MoboTap’s server to be checked for Webzine compatibility. (These reports are mainly around Dolphin Browser HD [Android] but there has been some confirmation that Dolphin Browser [iOS] also behaves like this; Dolphin Browser Mini [Android] seems to be unaffected.)

    Now, in their defense, MoboTap has come out and clarified Webzine does not store any user data; URLs are transmitted to Webzine server only to make a check for Webzine compatible websites, nothing more nothing less. However, even if what MoboTap says is true, stealthily introducing such functionality is a major breach of user trust and a huge privacy issue. Many people have mentioned there are better ways to check for Webzine compatible websites (such as storing hashes locally of compatible URL and doing local checks instead of sending URLs to Webzine’s server); but even if MoboTap wants to continue this method of checking of Webzine compatibility, they need to be crystal clear on what is happening and they need to give users a way to opt out. To its credit, MoboTap claim they ARE working on an opt-out feature; and the company also has quickly updated Dolphin Browser HD on Android to temporarily disable Webzine for the present time. (v7.0.2 is the version with Webzine disabled — update if you use Dolphin Browser HD but don’t have v7.0.2.)

    Since there wasn’t as much noise about Dolphin Browser on iOS behaving like this, it appears Dolphin Browser on iOS has not yet been updated to disable this behavior. (Someone correct me if I am wrong.) However, if I were a Dolphin user – which I am not and now never will be – my confidence in MoboTap would now be eroded thanks to this incident. What’s to keep them from doing something similar – or worse – in the future?

    Apr
    05
    2011

    Symantec: Targeted computer attacks almost doubled in 2010

    Antivirus software maker Symantec said Tuesday that attacks increased some 93 percent from 2009 to 2010, with a staggering 286 million new threats reported last year alone. An increase in the number of attacks on enterprise systems was noted, as well as the use of social networks as an attack vector. Read the rest of this entry »

    Digiprove sealThis informative article has been Digiproved © 2011
    Acknowledgements: http://www.betanews.com/article/Syman more...
    Some Rights Reserved
    Jan
    26
    2011

    Zuckerberg’s Facebook page hacked

    In what can only be described as irony on a high level, Mark Zuckerberg – owner of Facebook – had his own Facebook page hacked on Tuesday, to promote an alternative business plan for the social network site.

    Unknown pranksters defaced the page with a message suggesting that Facebook ought to allow ordinary users to invest in the site in a “social way”, rather than getting its financing from the banks. The message suggested the idea of using “micro-payments”, which is a system that allows people to make small regular payments to a service, which can add up to a substantial amount when others join in. The post, which was appended with the hacker tag #hackercup2011, gained the thumbs up (“like”) of more than 1800 people before the social network restored the boy-droid page to normal.

    It’s unclear how the hack took place, but weak password security by the team of minions maintaining the page is the most likely explanation – and suggestions that this may have been the case have caused mass ridicule and laughter all across the internet. Screenshots of the Zuckerberg hack can be found in a blog post by net security firm Sophos here.

    The incident follows a similar hack on the profile of French President Nicolas Sarkozy earlier this week. A badly worded update posted by miscreants falsely suggested Mr Carla Bruni would not seek re-election next year.

    Digiprove sealThis informative article has been Digiproved © 2011
    Jan
    09
    2011

    US wants Twitter data of “Wikileaks activists”

    Ever since Wikileaks caused drama by leaking United States diplomatic cables – something I’m sure most people have heard about by now, and if not just look it up on the net – the US government has started an investigation to try to bring Wikileaks “to justice”. I put “to justice” in quotes not because I am taking the side of Wikileaks (I am neither pro or anti Wikileaks), but rather because not everyone agrees on this matter.

    Anyway, apparently as part of this investigation, the US Attorney’s office has convinced a District Court judge data held by Twitter is “relevant and material to [the] ongoing criminal investigation”; as a result, Twitter was earlier in the year served a subpoena, and now is forced to give over data related to various Twitter accounts believed to be related to either Julian Assange (the founder of Wikileaks) or Wikileaks itself – including Julian Assange’s own Twitter, plus those of Birgitta Jonsdottir, an Icelandic MP; and Bradley E. Manning, a militant supposedly responsible for the leaking of some of the cables; among others.

    The reason we are aware of this subpoena is because Twitter was recently able to overturn a gagging order originally served with it. A gagging order prevents a person from revealing information under penalty of law. After getting the gag, Twitter fought back and successfully got the gagging order lifted; so Twitter is now legally allowed to let the public – and the respective account holders – know about the US Attorney’s Office’s demand to hand over data.

    According to the BBC, the data demanded from Twitter by the US Attorney’s office includes “mailing addresses and billing information, connection records and session times, IP addresses used to access Twitter, email accounts, as well as the ‘means and source of payment'”.

    It will be interesting to see how this all plays out. Feel free to discuss in the comments below (consider this an open politics discussion thread), but keep it civil.

    [Many thanks to BBC News for breaking this news!]

    Digiprove sealThis informative article has been Digiproved © 2011
    Jan
    01
    2011

    New virus threatens Android devices

    A new virus, apparently originating from China, has recently been discovered in the wild, and can allow a hacker to gain access to personal data and force the details to be saved to remote servers. But this virus doesn’t affect Windows, Mac OS, or any similar operating system. Instead, this is a virus that targets Google Android platforms!

    A report this week from Lookout Mobile Security said the new Trojan affecting Android devices has been dubbed “Geinimi” and “can compromise a significant amount of personal data on a user’s phone and send it to remote servers.” The firm Read the rest of this entry »

    Digiprove sealThis informative article has been Digiproved © 2011
    Nov
    29
    2010

    Free O&O SafeErase 4!

    If you’re a long-time visitor to Technically Motivated, you may remember that one of the first posts I made on the blog was a discussion about what “deleting” a file on a computer actually does, in which I made clear that the only real way to get rid of files permanently was through use of a Secure Erasing tool. If you’re a slightly less long-time visitor, you may remember my review of Eraser, which is one such tool that is available for free on the net, and one of my personal favourites. But there are other tools available out there as well, and I think it’s time to discuss another. Read the rest of this entry »

    Digiprove sealThis informative article has been Digiproved © 2010 Join the forum discussion on this post