privacy
- Advice on building an online portfolio of work while balancing privacy?
Technically, I have some online activity I could try to refer to for work purposes, but it would mean sharing content tied to usernames/profiles I think of more as casual and personal. I could delete those profiles and move the relevant work to usernames/profiles I'm willing to share, but then I'm less likely to use those as much for portfolio building as I wouldn't want to contribute/do things online under a more public-facing profile, or link my personal ones to said profile.
Any which way I think about it involves crossing private/public streams I'd prefer to keep uncrossed, but I'm thinking I may be overlooking some compromises that could work, so what might those be?
- Your smart TV (probably) sends screenshots to advertisers
There was another thread with a paywalled article, but here's the actual study that found that smart TVs use "automatic content recognition" to build an ad profile for you based on what's on your screen... including HDMI content streamed from a laptop, game console, etc. Yikes.
> At a high level, ACR works by periodically capturing the content displayed on a TV’s screen and matching it against a content library to detect the content being viewed on the TV. It is essentially a Shazam-like technology for audio/video content on the smart TV [38]. ACR is implemented by all major smart TV manufacturers, including Samsung [9] and LG [55 ].
> Our findings indicate that (1) ACR operates even when it is used as a “dumb” display via HDMI; (2) opt-out mecha- nisms stop ACR traffic; (3) ACR works differently in the UK as com- pared to the US.
So it seems like you're opted-in by default, but you can stop ACR traffic by simply configuring six different options on Samsung, or eleven different options on LG.
Oh, and this doesn't seem to happen when you're using native streaming apps like Netflix or Disney+, because hey, they wouldn't want to infringe on those companies' rights by spying on them, right?
- What do you think of free credit monitoring they offer after a breach?
So here is the thing. Given the Eqifax breach I kinda feel like giving yet another agency to much information for them to monitor your credit is just another source of a possible future data breach.
- Patrick Breyer: Leak on latest #ChatControl attempt - no blocking minority! Only 5 days to next discussiondigitalcourage.social Patrick Breyer (@echo_pbreyer@digitalcourage.social)
Angehängt: 1 Bild 🇬🇧Leak on latest #ChatControl attempt (in German): https://netzpolitik.org/2024/interne-dokumente-sperrminoritaet-gegen-chatkontrolle-wackelt/ +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal...
cross-posted from: https://lemm.ee/post/42694373 >Leak on latest #ChatControl attempt (in German): https://netzpolitik.org/2024/interne-dokumente-sperrminoritaet-gegen-chatkontrolle-wackelt/ +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal experts confirm violation of our fundamental rights +++ Only 5 days to next discussion +++ > > Help pressure our governments into defending our #privacy of correspondence and secure #encryption now: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/
- 7 Things You Should Know Before Switching to GrapheneOSwww.howtogeek.com 7 Things You Should Know Before Switching to GrapheneOS
GrapheneOS has been around for a while, and it's a pretty neat piece of software.
- How do you filter ads and trackers outside of a browser while still using a VPN service?
This is straightforward with browser addons like uBlock Origin where you can add and choose blocklists, but I did searches for doing so system wide and using a VPN but didn’t find clear answers. I could use a DNS service that provides blocklists but isn’t it best practice to leave DNS to the VPN provider? I looked up blocklists and VPNs but didn’t find relevant results.
On Android, I didn’t find any apps that let you filter blocklists and using your own VPN other than Rethink, but the blocklists feature requires using Rethink’s DNS.
So what’s the best way to filter ads and trackers on both 3rd party apps and on OS’s like Android (specific Samsung phones) while still using a VPN?
- Patrick Breyer: New EU #ChatControl proposal leaked +++ Governments to position themselves by 23 September, will be very tight... +++digitalcourage.social Patrick Breyer (@echo_pbreyer@digitalcourage.social)
🇬🇧New EU #ChatControl proposal leaked +++ Governments to position themselves by 23 September, will be very tight... +++ Will messenger services be blocked in Europe? https://www.patrick-breyer.de/en/new-eu-push-for-chat-control-will-messenger-services-be-blocked-in-europe/ Help pressure your gove...
New EU #ChatControl proposal leaked +++ Governments to position themselves by 23 September, will be very tight... +++ Will messenger services be blocked in Europe? https://www.patrick-breyer.de/en/new-eu-push-for-chat-control-will-messenger-services-be-blocked-in-europe/
Help pressure your government now to defend privacy and secure encryption: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/
- Patrick Breyer: #ChatControl is back on the agenda: As soon as next Wednesday representatives of EU governments will resume work based on a secret documentdigitalcourage.social Patrick Breyer (@echo_pbreyer@digitalcourage.social)
🇬🇧🚨#ChatControl is back on the agenda: As soon as next Wednesday representatives of EU governments will resume work based on a secret document. https://www.consilium.europa.eu/en/documents-publications/public-register/public-register-search/?DocumentNumber=12319%2F24 This is what you can do now ...
🇬🇧🚨#ChatControl is back on the agenda: As soon as next Wednesday representatives of EU governments will resume work based on a secret document. https://www.consilium.europa.eu/en/documents-publications/public-register/public-register-search/?DocumentNumber=12319%2F24
This is what you can do now to help: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/
- Only 843? /s
#ALTtext: A screenshot capture shows the cookies settings popup window of a current website. The first sentence of the popup starts: "We and our 843 partners store and access personal data..." The screenshot is annotated. "843 partners" is highlighted with "Is that all?" written beside it
- Mobile operators in Kazakhstan will officially collect personal data and Face IDbes.media Операторы сотовой связи в Казахстане официально будут собирать персональные данные и Face ID
Доступ к услугам связи без предоставления биометрии хотят ограничить.
The original article is in Russian, so here is the translation from Firefox's built-in translator:
> In Kazakhstan, users will be required to provide biometric data, such as images of individuals to connect to cellular services and access to the Internet. This data must be provided by every subscriber who wishes to conclude a contract for the provision of cellular services. The changes governing the provision of communication services are posted on the "Open NPA" portal.
> #### How it will work > * Connecting to services: to conclude a contract with the operator, users will have to provide their biometric data (for example, a photo of the person). > * Termination of the contract: If you decide to stop using the services, you will need to send the operator a statement with biometric data. The termination of the services will occur from the date specified in the application, but not before its submission. > * Transfer number: when transferring the number to the new operator will also need to provide biometric data. The services of the old operator will stop when the new operator begins to provide its own.
> #### Access to the Internet in public areas > To access the Internet through public points (for example, at a cafe or airport), users will enter disposable passwords that they will receive by SMS or call. It will also be possible to log in to the network using identity documents scanned by the operator's application.
> The amendments to the order "On approval of the rules for the provision of communication services" as additional authorization methods are indicated: > * communication with the eGov; > * the biometrics; > * confirmation through the bank card number; >* scanning the document through the operator's application; > * accounts of social networks; > * e-mail with its confirmation.
> These measures are aimed at enhancing security and simplifying the user identification process. However, it should be borne in mind that with the expansion of the collection of biometric data, the need to protect personal information is also increasing.
> #### Why do you need it? > The explanatory note to the changes indicates that confirmation of the identity by biometrics is necessary to combat fraudsters. The project was agreed by the Ministry of National Economy, the National Economy, the National Security Service and the Ministry of Internal Affairs of the Republic of Kazakhstan. The public discussion will last until 10 September 2024.
- Founder and CEO of Telegram messaging service arrested in Francewww.tf1info.fr INFO TF1/LCI : le fondateur et PDG de la messagerie Telegram interpellé en France | TF1 INFO
[VIDÉO] Selon nos informations, le fondateur et PDG de la messagerie sécurisée Telegram a été interpellé ce samedi soir à l'aéroport du Bourget. Pavel Durov, franco-russe de 39 ans, était accompagné de son garde du corps et d'une femme. - INFO TF1/LCI : le fondateur et PDG de la messagerie Telegram ...
Some significant news for Telegram users!
See this article for some interesting backstory context on Pavel Durov and Telegram: https://www.spiegel.de/international/world/the-telegram-billionaire-and-his-dark-empire-a-f27cb79f-86ae-48de-bdbd-8df604d07cc8
Since the post article is in French, here's an auto-translation:
>Pavel Durov, the founder and CEO of the encrypted messaging service Telegram, was arrested around 8 p.m. on Saturday evening as he got off his private jet on the tarmac of Le Bourget airport. The 39-year-old Franco-Russian was accompanied by his bodyguard and a woman. > >The arrest was carried out by the gendarmes of the GTA (Air Transport Gendarmerie). Registered in the RPF (wanted persons file), Pavel Durov came straight from Azerbaijan. He had over his head a French search warrant issued by the OFMIN of the National Directorate of the French Judicial Police, issued on the basis of a preliminary investigation. > >Why was he under threat of a search warrant? > >The Justice considers that the lack of moderation, cooperation with the police and the tools offered by Telegram (disposable number, cryptocurrencies, etc.) makes it complicit in drug trafficking, paedophile offences and fraud. > >This search warrant ran if, and only if, Pavel Durov was on national territory. "He made a mistake tonight. We don't know why... Was this flight just a step? In any case, he's locked up!" a source close to the investigation told TF1/LCI. Since he knew he was persona non grata in France, Pavel Durov used to travel to the Emirates, the countries of the former USSR, South America... He travelled very little in Europe and avoided countries where Telegram is under surveillance. > >And now? > >Investigators from the ONAF (National Anti-Fraud Office attached to the Customs Directorate) notified him and placed him in police custody. He is expected to be presented to an investigating judge this Saturday evening before a possible indictment on Sunday for a multitude of offences: terrorism, drugs, complicity, fraud, money laundering, concealment, paedophile content... > >"Pavel Durov will end up in pre-trial detention, that's for sure," comments an investigator to TF1/LCI. "On his platform, he allowed an incalculable number of misdemeanours and crimes to be committed for which he does nothing to moderate or cooperate," said a source close to the case. > >His pre-trial detention at the end of his indictment is indeed in no doubt. Pavel Durov, a billionaire, has substantial means to flee and his guarantees of representation will hardly convince the judges. > >A net with international resonance > >For the investigators, this international sweep has various objectives. First, it makes it possible to kick the anthill, impress and deter the perpetrators of crimes and offences who exchange, until now, freely on Telegram. Secondly, they aim to put pressure on European countries to step up joint work to make secure messaging on terrorist cases bend. > >Indeed, Telegram is a hive of criminal content. At the moment, the platform is in the news with the illegal broadcasting of Ligue 1 matches. But on this encrypted messaging service, many accounts are used by organized crime. Beyond terrorism, the most dangerous pedophiles communicate on Telegram to exchange content. "It has become for years THE number 1 platform for organized crime," comments an investigator.
- Google sales reps allegedly keep telling advertisers how to target teenswww.theverge.com Google sales reps allegedly keep telling advertisers how to target teens
Google doesn’t allow personalized ads for minors.
Google representatives gave ad buyers tips on how they could reach teens, even though the company bars targeted advertisements to users under the age of 18 based on their demographics, according to a report from Adweek.
Three unnamed ad buyers told Adweek that Google sales reps suggested they might be able to reach teens by targeting a group of “unknown” users, whose “age, gender, parental status, or household income” Google doesn’t know. Adweek said it also reviewed written documents backing up the sources’ claims. A Google spokesperson told Adweek that the unknown category can include users who aren’t signed in to their accounts or who’ve turned off personalized ad targeting.
Google’s stated policy is to “block ad targeting based on the age, gender, or interests of people under 18.” The Adweek story is yet another example of Google reportedly helping ad buyers target teens through the use of its unknown user category, after the Financial Times recently reported on a similar situation.
- Every American's Social Security number, address may have been stolen in hackwww.fox5dc.com Every American's Social Security number, address may have been stolen in hack
Hackers claimed to have stolen more than 2 billion records containing sensitive information including Social Security numbers, with some data reportedly leaked online.
- Is google really behind the search.app domain?
Recently links shared to me from IOS users using the google app have been obfuscated with search.app/SOMEUNIQUECODE where the app redirects to the originally intended website, but, of course, the person clicking the link is revealed to the owners of search.app.
Does anyone have IOS + google and can confirm this behavior? search.app has no home page and no documentation or reporting about it that I could find (other than that it's a firebase app). The domain was registered to MarkMonitor Inc. in September of last year. But It's not clear to me what MarkMonitor's business actually is–it seems like they could just have registered it on behalf of someone.
- A tool for testing effectiveness of Faraday bags
cross-posted from: https://lemmy.world/post/18532772
> https://github.com/umutcamliyurt/FaradayTester
- GrapheneOS's post on Mastodon discusses the flaws with Google's Play Integrity APIgrapheneos.social GrapheneOS (@GrapheneOS@grapheneos.social)
https://arstechnica.com/gadgets/2024/07/loss-of-popular-2fa-tool-puts-security-minded-grapheneos-in-a-paradox/ The article unfortunately leaves out most of the points we made in the thread. GrapheneOS supports hardware-based attestation and it's entirely possible for Google to allow it as part of ...
The post is in the link, the article with more background info is here (it cites the mastodon post): https://www.androidauthority.com/custom-roms-vs-google-3469378/
I originally saw the article on this post on !android@lemdro.id and went looking for links.
- What should I do when I see headlines about personal data getting breached? How do I keep such info off the internet?
Like when I read 3 Billion National Public Data Records with SSNs, Addresses Dumped Online, am I supposed to access that data dump or something to see if I got pwned? Are there equivalents to haveibeenpwned.com for this type of stuff? Any guides on what to do when these happen? I feel like I'm doomscrolling or watching the news, and feeling depressed about the world as a result because I should be doing something but I can't or it seems like I can't.
Even though I know better than to put such personal info online, but that doesn't eliminate the odds of them getting into breaches like these, and having started to be careful about digital privacy has opened my eyes to the sad state of privacy.
- Judge rules that Google ‘is a monopolist’ in US antitrust casewww.theverge.com Judge rules that Google ‘is a monopolist’ in US antitrust case
The DOJ and Google faced off in a 10-week trial.
- Automakers Sold Driver Data for Pennies, Senators Saywww.nytimes.com Automakers Sold Driver Data for Pennies, Senators Say
Ron Wyden and Edward Markey urged the F.T.C. to investigate how car companies handled the data from millions of car owners.
cross-posted from: https://lemux.minnix.dev/post/426028
> https://archive.is/tc2xB
- Predictive Policing and the Paris 2024 Olympic Games: Security vs. Freedomunicornriot.ninja Predictive Policing and the Paris 2024 Olympic Games: Security vs. Freedom - UNICORN RIOT
As Paris prepares to host the 2024 Olympic Games, the French government is implementing unprecedented surveillance measures to ensure safety.
- Google is ditching its plan to kill third-party cookies after ad industry pushbackwww.businessinsider.com Google is ditching its plan to kill third-party cookies after ad industry pushback
Google Chrome won't phase out third-party cookies after all, as the company plans opt-out option for users.
- Google no longer plans to banish third-party cookies from Chrome.
- The company will instead let users opt into having the trackers in their browser.
- Google wrote in a blog post that it's still discussing the plan with regulators.
- Paris 2024 Olympics: Concern over French plan for AI surveillancewww.bbc.com Paris 2024 Olympics: Concern over French plan for AI surveillance
CCTV will use algorithms to detect fights and abandoned bags - but not everyone is happy about it.
Abandoned luggage and unexpected crowds - real-time cameras will use artificial intelligence (AI) to detect suspicious activity on the streets of Paris during next summer's Olympics. But civil rights groups say the technology is a threat to civil liberties, as the BBC's Hugh Schofield reports.
"We are not China; we do not want to be Big Brother," says François Mattens, whose Paris-based AI company is bidding for part of the Olympics video surveillance contract.
Under a recent law, police will be able to use CCTV algorithms to pick up anomalies such as crowd rushes, fights or unattended bags.
The law explicitly rules out using facial recognition technology, as adopted by China, for example, in order to trace "suspicious" individuals.
But opponents say it is a thin end of the wedge. Even though the experimental period allowed by the law ends in March 2025, they fear the French government's real aim is to make the new security provisions permanent.
- What's worse than thieves hacking into your bank account? When they steal your phone number, tooapnews.com What's worse than thieves hacking into your bank account? When they steal your phone number, too
What’s worse than thieves hacking into your bank account? When they steal your phone number, too. Associated Press writer Fatima Hussein recently fell victim to a type of fraud known as port-out hijacking, also called SIM-swapping.
One Monday morning in May, I woke up and grabbed my cell phone to read the news and scroll through memes. But it was out of cell service. I couldn’t make calls or texts.
That, though, turned out to be the least of my problems.
Using my home Wi-Fi connection, I checked my email and discovered a notification that $20,000 was being transferred from my credit card to an unfamiliar Discover Bank account.
I thwarted that transfer and reported the cell phone issues, but my nightmare was just starting. Days later, someone managed to transfer $19,000 from my credit card to the same strange bank account.
I was the victim of a type of fraud known as port-out hijacking, also called SIM-swapping. It’s a less-common form of identity theft. New federal regulations aimed at preventing port-out hijacking are under review, but it’s not clear how far they will go in stopping the crime.
- USPS shared customer postal addresses with Meta, LinkedIn and Snaptechcrunch.com Exclusive: USPS shared customer postal addresses with Meta, LinkedIn and Snap
The U.S. Postal Service confirmed it took action to "remediate" the data sharing following a TechCrunch investigation.
- Google accused of misleading consumers to grab more data for adstechcrunch.com Google accused of misleading consumers to grab more data for ads | TechCrunch
Italy's competition watchdog is investigating how Google gets user consent in order to link their activity across different services for ad profiling.
Italy’s competition and consumer watchdog has announced an investigation into how Google gets users’ consent in order to link their activity across different services for ad profiling, saying it suspects the adtech giant of “unfair commercial practices.”
At issue here is how Google obtains consent from users in the European Union to link their activity across its apps and services — like Google Search, YouTube, Chrome and Maps. Linking user activity lets it profile them for ad targeting, the company’s main source of revenue.
- How I Got a Truly Anonymous Signal Accounttheintercept.com How I Got a Truly Anonymous Signal Account
Yes, you can use Signal without sharing your personal phone number. Here’s how I did it.
- Google presents method to circumvent automatic blocking of tag manager
cross-posted from: https://lemmy.smeargle.fans/post/200646
- Safari Private Browsing 2.0webkit.org Private Browsing 2.0
When we invented Private Browsing back in 2005, our aim was to provide users with an easy way to keep their browsing private from anyone who shared the same device.
- Vulnerabilities in VPNs: Paper presented at the Privacy Enhancing Technologies Symposium 2024citizenlab.ca Vulnerabilities in VPNs: Paper presented at the Privacy Enhancing Technologies Symposium 2024 - The Citizen Lab
On July 16, former Citizen Lab Open Technology Fund (OTF) Information Controls Fellowship Program fellow Benjamin Mixon-Baca will be presenting “Attacking
- Presenting our DIY Dead Man Switch @ DEF CON 32www.buskill.in BusKill goes to DEF CON 32 - BusKill
Join BusKill at DEF CON 32 for our presentation titled "Open Hardware Design for BusKill Cord" in the Demo Lab
We're happy to announce that BusKill is presenting at DEF CON 32.
What: Open Hardware Design for BusKill Cord When: 2024-08-10 12:00 - 13:45 Where: W303 – Third Floor – LVCC West Hall
| [!BusKill goes to DEF CON 32 (Engage)](https://www.buskill.in/defcon32/) | |:--:| | BusKill is presenting at DEF CON 32 |
What is BusKill?
BusKill is a laptop kill-cord. It's a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.
| [!What is BusKill? (Explainer Video)](https://www.buskill.in/#demo) | |:--:| | Watch the BusKill Explainer Video for more info youtube.com/v/qPwyoD_cQR4 |
If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys -- thus keeping your encrypted data safe from thieves that steal your device.
What is DEF CON?
DEF CON is a yearly hacker conference in Las Vegas, USA.
| [!DEF CON Documentary](https://www.buskill.in/defcon32/) | |:--:| | Watch the DEF CON Documentary for more info youtube.com/watch?v=3ctQOmjQyYg |
What is BusKill presenting at DEF CON?
I (goldfishlaser) will be presenting Open Hardware Design for BusKill Cord in a Demo Lab at DEF CON 32.
What: Open Hardware Design for BusKill Cord When: Sat Aug 10 12PM – 1:45PM Where: W303 – Third Floor – LVCC West Hall
Who: Melanie Allen (goldfishlaser) More info
Talk Description
BusKill is a Dead Man Switch triggered when a magnetic breakaway is tripped, severing a USB connection. I’ve written OpenSCAD code that creates a 3D printable file for plastic parts needed to create the magnetic breakaway. Should anyone need to adjust this design for variations of components, the code is parameterized allowing for easy customization. To assemble a BusKill Dead Man Switch cord you will need:
- a usb-a extension cord,
- a usb hard drive capable of being attached to a carabiner,
- a carabiner,
- the plastic pieces in this file,
- a usb female port,
- a usb male,
- 4 magnets,
- 4 pogo pins,
- 4 pogo receptors,
- wire,
- 8 screws,
- and BusKill software.
| [!Image of the Golden BusKill decoupler with the case off](https://www.buskill.in/defcon32/) | |:--:| | Golden DIY BusKill Print |
Full BOM, glossary, and assembly instructions are included in the github repository. The room holds approx. 70 attendees seated. I’ll be delivering 3 x 30 min presentations – with some tailoring to what sort of audience I get each time.
Meet Me @ DEF CON
If you'd like to find me and chat, I'm also planning to attend:
- ATL Meetup (DCG Atlanta Friday: 16:00 – 19:00 \| 236),
- Hacker Kareoke (Friday and Sat 20:00-21:00 \| 222),
- Goth Night (Friday: 21:00 – 02:00 \| 322-324),
- QueerCon Mixer (Saturday: 16:00-18:00 \| Chillout 2),
- EFF Trivia (Saturday: 17:30-21:30 \| 307-308), and
- Jack Rysider’s Masquerade (Saturday: 21:00 – 01:00 \| 325-327)
I hope to print many fun trinkets for my new friends, including some BusKill keychains.
| [!Image shows a collection of 3D-printed bottle openers and whistles that say "BusKill"](https://www.buskill.in/defcon32/) | |:--:| | Come to my presentation @ DEF CON for some free BusKill swag |
By attending DEF CON, I hope to make connections and find collaborators. I hope during the demo labs to find people who will bring fresh ideas to the project to make it more effective.
- Gemini AI platform accused of scanning Google Drive files without user permissionwww.techradar.com Gemini AI platform accused of scanning Google Drive files without user permission
Gemini users may want to up their privacy
Google’s Gemini AI has been accused of scanning PDF files hosted on Google Drive without active permission or initiation, sparking yet another discussion around AI safety and privacy concerns.
Senior Advisor on AI Governance Kevin Bankson took to X to share concerns over an automatically generated AI summary in a private and confidential tax return.
Bankston’s thread detailed his experience with Gemini AI reading private documents without consent and the subsequent troubles in disabling the functionality on the cloud storage platform.
- Chromium browsers have been quietly sending user information to Googlewww.techspot.com Chromium browsers have been quietly sending user information to Google
An API provided by a preinstalled extension called "hangout_services" in Chromium browsers is quietly sending information about users' CPU and GPU usage to Google when visiting Google...
- Airbnb host secretly recorded over 2,000 images of guests with his security camera, authorities saidwww.businessinsider.com Airbnb host secretly recorded over 2,000 images of guests with his security camera, authorities said
The case is just one facet of an long-running debate about the appropriateness of security cameras in short-term rentals.
- Nearly all AT&T cell customers’ call and text records exposed in a massive breachwww.cnn.com Nearly all AT&T cell customers’ call and text records exposed in a massive breach | CNN Business
The call and text message records of hundreds of millions of AT&T cellphone customers in mid-to-late 2022 were exposed in a massive data breach, the telecom company revealed Friday.
- Pakistan allows powerful spy agency to tap phone calls and messageswww.independent.co.uk Pakistan allows powerful spy agency to tap phone calls and messages
Government claims authorisation for ISI, which is run by military, is limited to tracking criminal and terrorist activities
Pakistan has authorised its powerful spy agency to tap phone calls and messages, tightening the army’s grip on the South Asian nation.
Citizens and human rights advocates have criticised the move amid fears it could be weaponised to suppress political opponents and throttle dissent.
The ISI, which is run by the military, will be able to legally intercept and trace phone calls and messages in the interest of "national security".
Federal law minister Azam Nazeer Tarar told the parliament that the Ministry of Information Technology and Telecommunications has been advised of the authorisation in an 8 July notice.
”Anyone who misuses the law will face action," he said on Tuesday while claiming that the authorisation is limited to tracking criminal and terrorist activities and that the government will ensure it doesn’t infringe people's lives and privacy.
- Peloton headed to court over AI chat snooping complaintwww.theregister.com Peloton headed to court over AI chat snooping complaint
Chat widget allegedly fed data to third party, which used it to train AI without telling customers
- Selfie-based ID raises eyebrows among infosec expertswww.theregister.com Selfie-based ID raises eyebrows among infosec experts
Vietnam now requires it for some purchases. It may be a fraud risk in Singapore. Or ML could be making it safe
The use of selfies to verify identity online is an emerging trend in some parts of the world since the pandemic forced more business to go digital. Some banks – and even governments – have begun requiring live images over Zoom or similar in order to participate in the modern economy. The question must be asked, though: is it cyber smart?
Just last Monday the Southeast Asian nation of Vietnam began requiring face scans on phone banking apps as proof of identity for all digital transactions of around $400 and above.
The nation's residents are not able to opt out of the banking rules, despite Vietnam regularly finding itself ranked poorly when it comes to internet privacy or cyber security.
Local media has weighed in to suggest that selfies will not improve security. And just days into the new regime, some apps have already been called out for accepting still photos instead of a live image of the individual.
- Exclusive: Microsoft Bing’s censorship in China is even “more extreme” than Chinese companies’restofworld.org Exclusive: Microsoft Bing’s censorship in China is even “more extreme” than Chinese companies’
New Citizen Lab study comes as U.S. lawmakers scrutinize Microsoft’s willingness to comply with demands from Beijing.