Security News

DuckDuckGo's new email privacy service forwards tracker-free messages
2021-07-20 19:03

DuckDuckGo is rolling out an email privacy feature that strips incoming messages of trackers that can help profile you for better profiling and ad targeting. Currently in private beta, DuckDuckGo's Email Protection service aims at shielding you from hidden trackers that are often embedded in emails from various companies.

Firefox 90 Adds Cross-Origin Protections, Advanced Tracker Blocker
2021-07-13 17:12

Mozilla this week pushed Firefox 90 to the stable channel with several security improvements, including better protections against cross-origin threats and an advanced tracker blocking mechanism. The open-source browser refresh is currently rolling out with support for Fetch Metadata Request Headers, which means that web applications can better protect users against cross-site request forgery, cross-site leaks, and speculative cross-site execution side channel attacks.

Firefox 90 adds enhanced tracker blocking to private browsing
2021-07-13 14:17

Mozilla has introduced SmartBlock 2.0, the next version of its intelligent cross-site tracking blocking tech, with the release of Firefox 90. The SmartBlock mechanism, introduced with Firefox 87 in March, works to ensure that the Tracking Protection feature and Strict Mode will not break websites when blocking tracking scripts.

S3 Ep35: Apple chip flaw, Have I Been Pwned, and Covid tracker trouble [Podcast]
2021-06-03 18:34

The fascinating tale of a bug that's baked into Apple's latest chip. Why the Aussie data breach warning site HIBP is partnering with the FBI. A coronavirus tracking toolkit that fell foul of privacy rules.

Regulator fines COVID-19 tracker for turning contact data into sales leads
2021-05-19 18:53

You've probably assumed, or at least hoped, when you've handed over data during the pandemic "For the greater good of all", that the company collecting it would treat it with more than the usual amount of care. The ICO noted that immediately below the abovementioned consent checkbox was wording that said, "To comply with Government Guidance during the Covid-19 pandemic, we are collecting your name and contact details. We will store these for 21 days only before deleting them in line with GDPR regulations. Your details will not be shared with any other company or organisation."

AdGuard names 6,000+ web trackers that use CNAME chicanery: Feel free to feed them into your browser's filter
2021-03-04 21:18

CNAME tracking is a way to configure DNS records to erase the distinction between code and assets from a publisher's domain and tracking scripts on that site that call a server on an advertiser's domain. As privacy barriers have gone up to prevent marketers from gathering data from web users, CNAME manipulation has become more popular.

Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique
2021-02-27 08:20

With browser makers steadily clamping down on third-party tracking, advertising technology companies are increasingly embracing a DNS technique to evade such defenses, thereby posing a threat to web security and privacy. In other words, CNAME cloaking makes tracking code look like it's first-party when in fact, it is not, with the resource resolving through a CNAME that differs from that of the first party domain.

1Password has none, KeePass has none... So why are there seven embedded trackers in the LastPass Android app?
2021-02-25 18:39

A security researcher has recommended against using the LastPass password manager Android app after noting seven embedded trackers. German infosec bod Mike Kuketz spotted LastPass's trackers in analysis produced by Exodus, which describes itself as "a non-profit organization led by hacktivists [whose] purpose is to help people get a better understanding of the Android applications tracking issues."

1Password has none, KeyPass has none... So why are there seven embedded trackers in the LastPass Android app?
2021-02-25 18:39

A security researcher has recommended against using the LastPass password manager Android app after noting seven embedded trackers. German infosec bod Mike Kuketz spotted LastPass's trackers in analysis produced by Exodus, which describes itself as "a non-profit organization led by hacktivists [whose] purpose is to help people get a better understanding of the Android applications tracking issues."

How to view website trackers in mobile Safari from your iPhone or iPad
2020-10-16 18:02

Learn how to use Apple's Privacy Report in Safari so you can see which websites attempted to track you on your iPhone or iPad. Cross-site trackers operate by tracking you as you surf from one website to another. By default, the mobile version of Safari on your iPhone and iPad tries to prevent cross-site trackers from following you.