Back in February, in a San Jose courtroom, a bombshell was dropped that could have been erased from the public record. It turns out that Google, which bases its business on collecting and analyzing huge reams of data for advertising purposes, has been scanning users’ emails even before users have a chance to open or read them, including email messages that are deleted without being opened. Google knows what’s in your email before you do.
As a September 2nd article in Bloomberg points out, Apple Inc. (NASDAQ:AAPL)’s terms of service agreement for iCloud is pretty much legally ironclad, so iPhone and iPad users who have had nude selfies or other private files stored in the cloud hacked and stolen have little recourse. The recent controversy over the posting of nude selfies hacked from a number of celebrities’ iCloud accounts just highlights the buyer beware and corporations can do no wrong mentality that pervades the U.S. today.
On Sunday, the Washington Post published an exposé revealing that private companies are peddling surveillance systems to foreign governments that track the location of cellphone users in the United States and abroad. The report raised a basic question: How can this be happening when cellphone companies generally promise not to disclose their customers’ location information without their consent? The main problem is that location information is available on a global network that can be accessed by thousands of companies. And in the wake of the Post story, US cellphone companies are refusing to discuss how this squares with their privacy policies, or say what they are doing to keep their customers’ whereabouts confidential.
It wasn’t long at all after personal and explicit photos of some 100 celebrities started making the rounds when people started attributing the leak to a breach of Apple’s iCloud storage system. After a nearly two day long investigation, Apple has released a statement to try and clear things up — to hear the folks in Cupertino tell it, the incident was a “very targeted attack on user names, passwords and security questions” in which some celebrity accounts were “compromised” and that none of its systems were breached in the process. In other words, we may not be looking at a savvy hack exploiting a Find my iPhone security flaw so much as some very dedicated account brute-forcing and phishing. Of course, that’s not to say that the pictures in question (well, the ones that weren’t taken with Android devices anyway) didn’t come from iCloud, just that hackers apparently didn’t directly crack the sanctity of Apple’s services.
Apple said Monday it was “actively investigating” the violation of several of its iCloud accounts, in which revealing photos and videos of prominent Hollywood actresses were taken and posted all over the Web.
“We take user privacy very seriously and are actively investigating this report,” said Apple spokeswoman Natalie Kerris.
Photos, some real, some said to be fakes, are said to have been taken from the iCloud accounts of several celebrities, such as actress Jennifer Lawrence. They were posted to the Web image-sharing community 4Chan and have since spread across the Web, showing up on social media sites like Twitter, Reddit and elsewhere.
Security experts said the hacking and theft of revealing pictures from the Apple iCloud accounts of a few celebrities might have been prevented if those affected had enabled two-factor authentication on their accounts.
Facebook has revealed plans to give advertisers even more information about its users
Facebook Inc (NASDAQ:FB) is likely rekindling privacy worries with its new plans to study users’ shopping habits across multiple devices. The social network says it will tell advertisers on what device shoppers first viewed the items they bought and then which device they were using when they actually purchased the item.
Google revealed this past June that it was working on a way for users to easily encrypt their emails, but it turns out it’s not alone in its ambitions. Alex Stamos, Yahoo’s Chief Information Security Officer, said at the Black Hat conference in Las Vegas that the company wants to offer end-to-end encryption for Yahoo mail come 2015. What’s more, that PGP-based security system should interact seamlessly with Google’s — should they choose to, people from both sides of the Google-Yahoo divide will be able to send each other secure messages that are totally unintelligible to curious (or malicious) outsiders.