GitHub blocks Google FLoC tracking
Yesterday, GitHub announced rolling out a mysterious HTTP header on all GitHub Pages sites.
GitHub Pages enables users to create websites right from within their GitHub repository.
And it turns out, this header, now being returned by GitHub sites, is actually meant for website owners to opt-out of Google FLoC tracking.
BleepingComputer also noticed the entire github.com domain had this header set, indicating GitHub did not want its visitors to be included in Google FLoC's "cohorts" when visiting any GitHub page.
https://www.bleepingcomputer.com/news/security/github-blocks-google-floc-tracking/
#github #goolag #FLoC #tracking
Yesterday, GitHub announced rolling out a mysterious HTTP header on all GitHub Pages sites.
GitHub Pages enables users to create websites right from within their GitHub repository.
And it turns out, this header, now being returned by GitHub sites, is actually meant for website owners to opt-out of Google FLoC tracking.
BleepingComputer also noticed the entire github.com domain had this header set, indicating GitHub did not want its visitors to be included in Google FLoC's "cohorts" when visiting any GitHub page.
https://www.bleepingcomputer.com/news/security/github-blocks-google-floc-tracking/
#github #goolag #FLoC #tracking
BleepingComputer
GitHub disables Google FloC user tracking on its website
GitHub has announced rolling out a mysterious HTTP header on all GitHub Pages sites to block Google FLoC tracking.
Forwarded from BlackBox (Security) Archiv
Facebook and Instagram overlays in iOS stoke fears about apps being free of charge
Through grinding teeth, the social media market leader is implementing iOS 14's new privacy requirements. But it can't refrain from a warning finger in the process.
Facebook originally intended to use "educational screens" to reveal details about data usage. Now they seem to be part of a scaremongering campaign. The message: help keep Facebook and Instagram free, and give us access to your data! The hints seem to be a new way to fight back against Apple's tracking protection in iOS 14.5. Meanwhile, the company is enjoying great business, turning over $26.2 billion between January and March alone. The company had already announced that it will expect users to read page-long data protection declarations.
#facebook #DeleteFacebook #instagram #overlays #ios #ad #tracking
📡 @nogoolag 📡 @blackbox_archiv
Through grinding teeth, the social media market leader is implementing iOS 14's new privacy requirements. But it can't refrain from a warning finger in the process.
Facebook originally intended to use "educational screens" to reveal details about data usage. Now they seem to be part of a scaremongering campaign. The message: help keep Facebook and Instagram free, and give us access to your data! The hints seem to be a new way to fight back against Apple's tracking protection in iOS 14.5. Meanwhile, the company is enjoying great business, turning over $26.2 billion between January and March alone. The company had already announced that it will expect users to read page-long data protection declarations.
#facebook #DeleteFacebook #instagram #overlays #ios #ad #tracking
📡 @nogoolag 📡 @blackbox_archiv
#Google sued by DC and three states for ‘deceptive’ Android #location #tracking
https://www.theverge.com/2022/1/24/22898760/google-dc-washington-texas-indiana-attorneys-general-lawsuit-location-data-tracking
https://www.theverge.com/2022/1/24/22898760/google-dc-washington-texas-indiana-attorneys-general-lawsuit-location-data-tracking
The Verge
Google sued by DC and three states for ‘deceptive’ Android location tracking
Android’s interface is full of "misleading pressure tactics."
Apple is Still Tracking You Without Consent
In the current version of macOS, Monterey, on every system update on a system containing an M1 chip, such as all the new shiny/fast ARM (“Apple Silicon”) macs, the update process phones home to Apple to obtain a special boot signature, known in Apple jargon as a “ticket”.
It does this in a totally unencrypted fashion, over standard plaintext port 80 HTTP (the exact same protocol they banned for use by third party app developers in the App Store when transmitting private data like unique identifiers that serve as PII) to the host gs.apple.com. The HTTP request includes unchangable hardware unique identifiers (chip serial numbers known as ECIDs) that function as a supercookie, and it is visible to your local LAN, your ISP (or hotel or coffee shop), anyone monitoring the network backbones, and of course Apple.
This permits anyone listening to see the approximate location of the device, even if they are not proximate to it, because they can observe the client IP (which is equivalent to approximately city-level geolocation) and the serial number of the device.
Anyone watching the internet backbones and internet exchanges can see in which city each chip serial number (ECID) is located, and can see where they travel, as these updates are released several times per quarter. A new request is made on each system update, and users are prompted to enable automatic updates, enabling unattended tracking.
https://sneak.berlin/20220409/apple-is-still-tracking-you-without-consent/
#apple #tracking
In the current version of macOS, Monterey, on every system update on a system containing an M1 chip, such as all the new shiny/fast ARM (“Apple Silicon”) macs, the update process phones home to Apple to obtain a special boot signature, known in Apple jargon as a “ticket”.
It does this in a totally unencrypted fashion, over standard plaintext port 80 HTTP (the exact same protocol they banned for use by third party app developers in the App Store when transmitting private data like unique identifiers that serve as PII) to the host gs.apple.com. The HTTP request includes unchangable hardware unique identifiers (chip serial numbers known as ECIDs) that function as a supercookie, and it is visible to your local LAN, your ISP (or hotel or coffee shop), anyone monitoring the network backbones, and of course Apple.
This permits anyone listening to see the approximate location of the device, even if they are not proximate to it, because they can observe the client IP (which is equivalent to approximately city-level geolocation) and the serial number of the device.
Anyone watching the internet backbones and internet exchanges can see in which city each chip serial number (ECID) is located, and can see where they travel, as these updates are released several times per quarter. A new request is made on each system update, and users are prompted to enable automatic updates, enabling unattended tracking.
https://sneak.berlin/20220409/apple-is-still-tracking-you-without-consent/
#apple #tracking
sneak.berlin
Apple is Still Tracking You Without Consent
The personal website of Jeffrey Paul.
https://www.forbes.com/sites/bernardmarr/2018/09/16/smart-dust-is-coming-are-you-ready/
#smartdust #surveillance #stalking #tracking #iob
#smartdust #surveillance #stalking #tracking #iob
Forbes
Smart Dust Is Coming. Are You Ready?
Wireless devices that can monitor just about any environment, as well as store and transmit data are now the size of a grain of salt. These devices have plenty of real-world applications. However, there are some challenging issues to resolve before you see…
New documents reveal ‘huge’ scale of US government’s cell phone location data tracking
The Department of Homeland Security (DHS) used mobile location data to track people’s movements on a much larger scale than previously known, according to new documents unearthed by the American Civil Liberties Union (ACLU).
It’s no secret that U.S. government agencies have been obtaining and using location data collected by Americans’ smartphones. In early 2020, a Wall Street Journal report revealed that both Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP) bought access to millions of smartphone users’ location data to track undocumented immigrants and suspected tax dodgers.
However, new documents obtained by the ACLU through an ongoing Freedom of Information Act (FOIA) lawsuit now reveal the extent of this warrantless data collection. The 6,000-plus records reviewed by the civil rights organization contained approximately 336,000 location points across North America obtained from people’s phones. They also reveal that in just three days in 2018, CBP obtained records containing around 113,654 location points in the southwestern United States — more than 26 location points per minute.
https://techcrunch.com/2022/07/18/homeland-security-cell-phone-tracking
#dhs #location #tracking
The Department of Homeland Security (DHS) used mobile location data to track people’s movements on a much larger scale than previously known, according to new documents unearthed by the American Civil Liberties Union (ACLU).
It’s no secret that U.S. government agencies have been obtaining and using location data collected by Americans’ smartphones. In early 2020, a Wall Street Journal report revealed that both Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP) bought access to millions of smartphone users’ location data to track undocumented immigrants and suspected tax dodgers.
However, new documents obtained by the ACLU through an ongoing Freedom of Information Act (FOIA) lawsuit now reveal the extent of this warrantless data collection. The 6,000-plus records reviewed by the civil rights organization contained approximately 336,000 location points across North America obtained from people’s phones. They also reveal that in just three days in 2018, CBP obtained records containing around 113,654 location points in the southwestern United States — more than 26 location points per minute.
https://techcrunch.com/2022/07/18/homeland-security-cell-phone-tracking
#dhs #location #tracking
TechCrunch
New documents reveal ‘huge’ scale of US government’s cell phone location data tracking
In just one three-day span, DHS obtained over 113,000 location points — a fraction of the overall data it acquired without a warrant.