You need to stop using Chrome NOW. It’s not hyperbole: Google just rolled out a change to Chrome that tracks the sites you visit, builds a profile, and shares that with any page you visit that asks.
Ex: you’re a teenager living in a highly conservative state. You’re visiting sites your ultra religious family don’t want you to. Google tracks you NATIVELY IN THE BROWSER and informs 3rd parties of your interest in LGBTQ sites.
Had a person send me their number as an interested buyer and told me to text them. I did (first mistake), and we arranged a meetup time. Then they asked if, for their safety, they could send me a six digit code (some of you already know where this is going) that I could repeat back to them to verify myself.
I said, "absolutely!" And sure enough, I got a Google Voice verification number. lol
If you're not familiar with the scam, shady people will take your phone number and try to create a Google Voice account with it. If you provide them with the 6-digit code that Google sends you, they can "verify" that they are you, and then basically use your phone number to run scams, commit fraud, etc. It's nasty business.
I called them out, blocked them, then reported them to the marketplace website and to the FTC--though, almost certainly, they were using the phone number of another poor soul to carry this out.
I used to work as a social engineer, running phishing campaigns (ethically, with consent lol), against Fortune 1000 companies to assess their level of vulnerability. Luckily for me, I was super familiar with this, but most of the people I told about it have said, "Oh, I probably would have fallen for that...", and even I set myself up for it.
So that is why I'm posting this. Please be aware of sketchy shit like this. If someone is asking you for a verification code over SMS or email, tread with EXTREME caution. Also, it's usually pretty shady if a stranger you're already chatting with wants to move to a new platform. Not always, but if someone emails or messages you on Facebook to ask you to text them, that's a little weird. I'd had legitimate buyers/sellers do that, so it's not unheard of, but it should put you on guard.
If you buy/sell/trade online frequently, it's a good idea to use a dedicated MySudo number, VOIP number, and/or a burner phone for that.
@ADHDefy every realtor I know gets texts saying they want to buy property and want to connect on WhatsApp. Most agents think it’s safe and connect with them but I always delete. Sometimes even people send messages in WhatsApp but the messages are so vague I don’t connect.
As Smart Search scours your phone, if it finds something it thinks (keyword: think) is CSAM, it can potentially shut down your Google account forever and flag you as a criminal. If you're deeply ingrained in Google’s ecosystem, losing your account would be devastating. (2/3)
The rogue 2FA app that steals scanned secrets is now ranked 18 on the German App Store for the productivity category. No wonder! The app disguises as a Microsoft app. It is the top hit when you search for "Microsoft Authenticator" and the developer has updated the screenshots in the ad card to highlight the word "Microsoft". Surprisingly, the product page of the app shows different screenshots with the word "Microsoft" removed.
The app now has 1.2K reviews, as opposed to 18 when we first addressed the app.
🙏 Boosting this post will help spread the word. Thank you!
@mysk This is extremely disappointing from Apple. The whole justification for their 30% global tax is so they can maintain systems and procedures to prevent apps like this from going on the store.
@mysk I wonder if it’s possible to report this to #microsoft, who could alert #apple through legal channels. It’s ridiculous that Apple can’t take down a reported, malicious app. Some press might help too.
#OrganicMaps is here. Use it while offline and feel good about a #privacy-respecting app that doesn't suck you dry of your personal information. Based on #OpenStreetMap this app is gonna blow #Google#Maps out of the water (hopefully ;)
My local library crew will take any advice I offer them but my challenge here is as described in the article: this is a monopoly and there is no alternative
and the real issue is that at the end of the day the privacy issues are much more abstract than “can I borrow the book I wanted to borrow”
Indulging these abuses may yet be the rational choice for libraries
I feel very powerless and frustrated on how successfully these vultures have enclosed the commons
@josh@jdp23@danilo@eff Yeah this is sort of breaking news and librarians (the bulk of them) get things done at the speed of email and committee meetings so it may take a while to get to an action point on this. The tech-savvy among us are talking about it. We can't stop using Overdrive overnight. But also there are patron privacy laws in 48 of the 50 US states (and strong suggestions from AGs in those other two states) so putting pressure on Overdrive w/r/t this might help in the short term.
The "New Outlook" demands that when adding your #Gmail account, you also give Microsoft a copy of all your Gmail email, contacts, and calendar data.
The "Learn More" link confirms:
"Syncing your account to the Microsoft Cloud means that a copy of your email, calendar, and contacts will be synchronized between your email provider and Microsoft data centers."
Stories like this remind us why being mindful of protecting one's privacy online is important and that "private" messages in the majority of places aren't private at all without end-to-end encryption.
Be mindful of what sensitive data you're relinquishing to companies.
@TiffyBelle Also remember that even if you think whatever you're posting online is fine. Laws will change, and you will change. The corporation you trusted that post with, will still have it. And they'll do whatever they feel like doing with it. You're nothing more than an ant to them.
Consent-O-Matic is a browser extension that auto-responds to all the #GDPR and similar consent popups with optimal user preferences.
Unlike the extension "I don't care about cookies" which just accepts all cookies, Consent-O-Matic clicks the prompts on your behalf to reject most of the cookies. You can also choose what to accept/reject in the preferences.
Available for Firefox, Chrome and others.
I've been using this on Firefox :firefox: for quite sometime now and it works great!
@dsoft we should not entrust automation with our privacy; we need punitive measures immediately for all moronic sites pushing cookie banners and consent popups.
@nixCraft I've switched over to DuckDuckGo for search results integrity. I am interested in academic topics, and Google tweaks queries on the back end for commercialization purposes. I do make frequent use of incognito mode just not to pollute how I carefully curate things. Like if I want to look at a random YouTube video but I don't want Google to keep serving me that content on Youtube.
Privacy tip: When you sell or trade-in a vehicle, remember to erase all of your data from the in-car electronics. The car dealerships will NOT do this, although they should be required to.
This wasn’t done for the last few vehicles I’ve purchased. I know one previous owners name, where she lives, what her taste in music is, where her dad lives (and how often she visited him), and what restaurants she often went to. In the wrong hands, this is dangerous as hell.
@Jeremiah Hence why I’m sticking with my 25 year old truck! 🤯 My car payments just come in the form of regular mechanical repairs, and I would much rather have that than today’s dystopia-mobiles!