Facebook’s data scandal: A time for everyone to be humble and self-critical

In the early years of the existence of Facebook’s platform, app developers were able to access the data of friends of a user who installed the app and gave the necessary permissions. That’s the method Cambridge Analytica used for allegedly accumulating personal data of 50 million Facebook users.

In a trenchant blog post, James Allworth describes the dramatic extent to which the Facebook platform through its Graph API allowed third party apps to harvest data from in theory every user registered and active on Facebook, until the rules were changed in 2015. “What was Facebook thinking?”, he rightly wonders.

But here is another, equally astonishing question: Why did no one else see this coming? Continue Reading

Apple vs FBI: The possible end of encryption

Here is a German version of this article.

It’s still completely open how the conflict between Apple and the US government about unlocking encrypted iPhones will end. But eventually, one of two outcomes will become reality:

  1. Apple will legitimately be freed from the demands to unlock encrypted iPhones through backdoors, even if this means that particular investigations involving criminal or terrorist acts will not be provided with the requested data access.
  2. Apple will be forced to obey investigators who in specific cases demand access to encrypted data by building a backdoor into its software.

If Apple manages to establish a legal or political right to protect user data through encryption as well as to fend off demands for backdoors (which could compromise the safety of millions), this would lead to at least some sort of legal certainty, not only for Apple but for every other tech company in the business of hosting and storing encrypted user data. In addition, Apple would manifest its increasingly thoroughly crafted image as defender of civil rights and might be rewarded with new sales records. Continue Reading

The “privacy activist” Tim Cook’s criticism gets uncomfortable for Google and Facebook

A fascinating debate is going on between the consumer technology giants Apple, Facebook and Google. For a while Apple CEO Tim Cook has been emphasizing privacy as an important feature of Apple products. Several times he referred to the practices of major Internet firms such as Facebook and Google as the opposite of how his company would act (usually without mentioning their name). And no matter how much hypocrisy one might believe to find in Cook’s words, there indeed is a fundamental difference between Apple and the two Internet juggernauts: Apple generates the lion share of its revenue with selling high-margin premium gadgets. Google’s and Facebook’s revenue streams are almost exclusively based on advertising. Google and Facebook need to know as much as possible about their users to be able sell more ads at higher prices. There is no way to deny this. Apple is much less depended on knowing each and every user action and preference. No matter how you slice it – and Apple’s security-related privacy issues aside – Tim Cook has a point.

Most recently he used this argumentation in an interview with The Telegraph. Cook said things like this: Continue Reading

Public WI-FI is not safe, but Internet providers could change that

A couple of weeks ago a lengthy article on Medium described how easy it is for somebody to collect data from users connected to a public WI-FI network. If you have not read it yet you should do it.

It has been an open secret for a long time that public WI-FI networks, where you do not need a unique username and password for access, are a safety hazard. Yet most people do not seem to worry at all to use them without any safety precautions. And that despite the fact that basic protection is pretty easy to accomplish, with the help of a VPN (virtual private network). As Wikipedia explains, a VPN “extends a private network across a public network”. It lets a computer or mobile device create a secure connection to a dedicated server, thus encrypting traffic that is being sent in between. While, as always, no guaranteed security exists, it is a good way to make sure your chat conversations, photo uploads and WordPress login data is not being compromised while you are connected to the open airport, hotel or café WI-FI (An increasing number of apps and sites use the TLS protocol which encrypts your data as well, but it’s not always supported).

Continue Reading