Privacy

Lately there has been an increase in discussions about the use of end-to-end encryption for consumers. The most blatant attack on privacy I have read about is the so-called EU Chat Control. But there are other regulations as well, such as the UK Online Safety Bill. Chat Control (EU) Let’s begin with the European Union, and what is usually called Chat Control. This regulation aims to protect children from abuse by forcing both hosting and communications services to reduce the risk of the service being used for Child Sexual Abuse Material (CSAM) by ...

I’ve previously written about the difficulties of keeping up to date with the current privacy policies of products one is using. Not only are they updated regularly, they are also long and complex. Here Mozilla, the non profit organisation behind Firefox among other things, have created Privacy not Included to help. Privacy not included is a tool where experts investigates the privacy of different products, and gives clear information both what is said in the policy and what data it collects (permissions, sensors on the device etc.). In addition to pure privacy related analysis, information about the basic security of the product as well as the use of AI is investigated. Even though Privacy not Included does not contain all products around the world, there are lots of them and some of the results are surprising. Enough so to get me to get stuck just reading the analysis while reading up for this post. And if there is a product missing that you would love to see investigated, there is an easy form to request products to be analysed in the future. ...

The end of the year draws closer, and for many so does the stress of preparing for the holidays. Many are buying gifts, and the companies know it, and therefore the amount of pure ads in my inbox sky rocket at this time. But there are also other communications, I’m talking about the many updates to terms from companies. ...

Apple has recently released their plans for on device detection of Child Sexual Abuse Material (CSAM). For me as well as many others this has raised some flags, since it have the potential to greatly impact the privacy of Apple users. I will not comment on the overall security of the solution put forward by Apple, just summarize the description on how it works, as well as highlighting my concerns with the solution. Apple intends to roll out the detection in three stages. Firstly images shared through the messages app (AKA iMessage) will be screened for CSAM content. If it is detected (being either sent or received) the user and in applicable cases their parent will be warned about the detection. The second stage includes iCloud photos, where any photo will be matched against known CSAM (on device matching) before being uploaded. If there is a number of matches that meets a threshold Apple will be notified and after manual validation it will be forward to the relevant (American) authorities. The last step is to improve Siri and search, adding better support for reporting CSAM, or where to get support if you, or you think someone else is subject to sexual abuse. ...

In a previous post I shared my experience with moving my page from Github pages to Cloudflare. It is now time to follow up that post and comment on my experiences after approximately a quarter. The experience of publishing new posts is about the same as when hosting on Github, you just push an update to the specified branch and then a build is triggered that will be published upon completion. The main difference is that the build process is somewhat slower in Cloudflare than on Github. This means that a build can take about 5 minutes, instead of the previous 1. This is most likely due to the fact that Cloudflare pulls everything and builds locally, instead of using Jekyll remote themes. ...