Privacy

Meta has come out swinging following the European Commission's decision that its pay-or-consent model falls foul of the Digital Markets Act (DMA).

In a post, the company stated: "This decision is both incorrect and unlawful, and we are appealing it." It then cites previous judgments to support its argument that it should be permitted to display personalized ads to users who don't want a paid subscription.

"Meta," it said, "is the only company in Europe unable to offer both a subscription-based and a free ad-supported service. Instead, Meta is required to offer a free, reduced-ad service – less personalized ads – that leads to poorer outcomes for users, advertisers, and platforms."

According to Meta, national courts and data protection authorities, including in France, Denmark, and Germany, have given "consistent support" for "business models that provide a paid subscription alternative to consent for personal data use for personalized ads."

But not the European Commission, which handed down a €200 million ($228 million) fine for the Meta's "consent or pay" ad model in April.

Gemini AI needs to be disabled on Android or it will override your privacy settings and gain full access to your texts, calls, and WhatsApp - even if you’ve turned off Gemini Apps Activity. But what does this Android update really mean, and how can you stop it? Check out

A lot has happened in the past month: the EU Commission (the executive branch of the EU) publicly attacked the three largest porn sites — including us — over our supposed obligation to prevent minor access, while completely ignoring far larger mainstream platforms.

AV implementation was also scheduled to begin in France in June 2025, but was later halted — though only temporarily. However, it is set to come into effect next month in the UK — July 2025.

And just yesterday — June 27 — the U.S. Supreme Court (SCOTUS) issued a devastating decision that opens the door to broad state regulation of adult content, effectively allowing AV laws with minimal constitutional constraint.

cross-posted from: https://programming.dev/post/33269684

Exciting News! We're thrilled to announce the release of CoMaps to Google Play Store, Apple App Store, and F-Droid!

CoMaps Highlights

· Offline Search and Route: Plan and navigate your trips without internet

· Saves battery: Efficient design that does not drain your battery

· Privacy-respecting: no identify people, no tracking, no data collection

· Free and No Ads: completely free, your journey is smooth

What makes CoMaps special?

CoMaps is a community-driven open-source navigation app · Open & Transparent: All decisions are made in public, with full transparency.

· Community Empowerment: You have a voice in how the app evolves.

· Free & Not-for-Profit: Our focus is on creating value for the community, not generating profit.

Download CoMaps Today

• Google Play Store: https://play.google.com/store/apps/details?id=app.comaps.google
• Apple App Store: https://apps.apple.com/app/comaps/id6747180809
• F-Droid: https://f-droid.org/packages/app.comaps.fdroid/

Powered by the community

Good afternoon all my fellow netizens. I have a question for y’all.

To preface this, I’m not the most tech savvy. I know a little about tech and I know the recommended “sailing techniques” but for more in-depth stuff I rely on those smarter than I.

So, for piracy how does a Trojan Proxy Server(like the ones anonymous-proxies offer) compare to a traditional VPN?

From my reading I know that the Trojan Proxy Server is harder to detect, and is able to be used in nations who actively target VPNs, like China. And it apparently hides behind the https so your data looks like normal web traffic (please correct me if I’m wrong or mistaken). So if correctly bound to a torrent client it should offer even greater protection and anonymity than a vpn.

Just curious for some input from tech people before I make mistakes. Especially if the US continues to go down this authoritarian road I’d like a back up in case they target vpns

If you own a Samsung A or M series phone and live in the Middle East or North Africa, you are likely being monitored, with data collected through your device by the South Korean tech giant on behalf of “Israel.”

This follows revelations that Samsung allowed the installation of a covert application developed by an Israeli company, IronSource, which harvests personal data, posing significant risks, especially if you are a potential target of Israeli surveillance.

The latest disclosure comes in the wake of the pager explosion in Lebanon, and now, attention has turned to Samsung phones, used by millions of Arab consumers, which have been found to contain Israeli software that leaks sensitive information.

Samsung entered into an agreement with IronSource, an Israeli firm, to pre-install this hidden app on Samsung phones sold exclusively in the Arab world (the MENA region), without the knowledge of the device owners.

This controversial partnership raises serious concerns about possible espionage or cyberattacks, with experts warning that the software could compromise the security of these devices.

The spyware could allow future attacks targeting communication networks or disrupt critical infrastructure in the region.

Adding to the alarm, tech specialists have highlighted that the Israeli app is particularly difficult to remove; once deleted, it reinstalls itself automatically, making it nearly impossible for users to protect their privacy.

This marks the fourth revelation of Israeli espionage tactics being used against Lebanese and Arabs, following the discovery of bombs in Pager devices, the infiltration of Walkie-Talkie communication systems used by Hezbollah, and the jamming of aviation navigation systems and GPS devices.

Spyware Deal The Lebanese digital rights platform, Social Media Exchange (SMEX), which advocates for human rights in digital spaces across West Asia and North Africa, was the first to reveal that Samsung had signed a partnership agreement with the Israeli company IronSource back in 2022.

The deal allows IronSource to pre-install its AppCloud application on Samsung’s A and M series phones before they reach consumers.

On October 29, 2024, SMEX disclosed that the South Korean tech giant, Samsung, and the Israeli firm IronSource had agreed to load this app onto phones sold in the Middle East and Africa, including Lebanon.

The app, according to SMEX, provides access to personal information from the phone's owner, as well as other sensitive data.

The AppCloud application, in turn, installs another program called Aura, which secretly downloads additional software without the user’s knowledge, particularly affecting devices distributed in Lebanon and across the Arab region.

The app in question allows access to users' data, including sensitive information such as IP addresses, device fingerprints, and personal details, enabling the identification and geographical location of the phone’s owner — potentially facilitating surveillance or even targeting for assassination.

This could also help explain the mystery behind Israeli ability to easily track and target Hezbollah figures across Lebanon, Syria, and other regions, even after the dismantling of explosive pager devices.

It underscores the urgent need for the Middle East to develop independent communication systems.

495590693.webp (1200×630) A report by SMEX highlights the alarming reality that the Israeli app can be installed on Samsung phones without the owner's knowledge, with removal proving nearly impossible due to the complex technical hurdles involved.

Even those who manage to disable the app find it reappears automatically, confirming its nature as high-tech spyware.

The app in question, AppCloud, which has been surreptitiously embedded in Samsung devices for over a year, was first flagged by a user in an August 2023 post on the company’s support forum, titled "How can I remove AppCloud?"

Spyware installation raises concerns that the app has been silently present in phones long before Operation al-Aqsa Flood and the ongoing war.

Data Harvesting or Assassination? The Israeli war on Lebanon has brought renewed focus on the issue of espionage and electronic interference, with the bombing of pager devices used by thousands of Lebanese citizens, marking yet another chapter in the ongoing conflict.

This raises critical questions: Is the installation of spyware on Samsung devices aimed at collecting data, or is it a more sinister effort, akin to the Pager incident, to facilitate targeted killings?

Abed Kataya, media program director at the Lebanese digital rights platform SMEX, confirmed that “the Israeli application is often pre-installed on [Samsung] devices,” before purchase, and updates occur without the user’s consent.

Kataya explained that this practice extends to over 50 markets in the Middle East and North Africa, indicating that the data harvesting operation is not limited to Lebanon alone.

The AppCloud app installs another program called Aura, which prompts users to download additional apps, all of which contribute to collecting personal data, including device information and biometric identifiers like fingerprints.

Data harvesting makes it easier to track and identify the device's owner.

Perhaps most concerning, says Kataya, is that the app’s activities cannot be stopped or any permissions it requests are denied.

While AppCloud claims to uphold privacy policies by allowing users to opt out of data collection, in practice, trying to delete it from the device reveals an impossible-to-find form that must be completed.

Deleting the app, according to Kataya, requires technical expertise well beyond the average user’s capacity.

1734517000.webp (770×513) Kataya explained that users can access their device settings, navigate to the Apps section, search for the AppCloud app, and press the disable button.

However, they may still be unable to completely remove the app from the device, even after disabling it.

The app may seem disabled on the surface but continues to run covertly in the background.

Kataya argues that Samsung's partnership with the Israeli company IronSource—a deal restricted to regions marked by geopolitical tensions and instability—suggests the South Korean giant may have knowingly or unknowingly facilitated Israeli espionage against Arabs.

The exposure of this spyware raises critical questions about how “Israel” could exploit the collaboration between Samsung and IronSource to carry out cyberattacks, or perhaps, these attacks have already occurred—similar to the Pager incident—in what are known as supply chain attacks.

These attacks typically involve infiltrating trusted systems, such as widely used devices and software, to gather intelligence or implant surveillance tools.

As reported by Al-Estiklal, the Israeli military has consistently sought technological advantages, preparing for future conflicts in Lebanon and the wider region through proactive cyber and technological advancements.

The partnership with IronSource allowed “Israel” to collect valuable intelligence on Lebanese citizens long before the current conflict erupted, including gaining access to communication devices used by Hezbollah operatives.

The Israeli use of the AppCloud app to target Samsung’s A and M series phones—models marketed primarily to middle and lower-income populations—was likely strategic.

Their lower price point made these devices more accessible, thus facilitating the spread of spyware and widening the scope of data collection.

Could “Israel” resort to detonating devices that have been infected with malicious software, especially given that these phones are connected to the internet, unlike the pagers and walkie-talkies?

A tech expert ruled out the possibility of “Israel” resorting to a mass detonation of mobile phones carrying this app or similar software in the Arab region.

The expert cited economic concerns, noting the potential fallout on international trade should such an action occur, as well as Israeli commercial ties with global companies, including its American allies.

He argues that if “Israel” were to somehow detonate Samsung, Huawei, or iPhone devices, it would trigger a global trade crisis that could destabilize the smartphone industry, one that neither the United States, China, nor South Korea could afford to tolerate.

There are other intelligence-related reasons as well: the purpose of implanting spyware and surveillance programs is to gather information, and detonating the phones would deprive the Israeli Occupation of a crucial communication tool, one that allows it to infiltrate and eavesdrop on its targets.

Companies supporting Israeli Occupation The infiltration of Israeli spyware into global tech products raises troubling questions about how and why multinational companies continue to allow their devices and technologies to be manipulated in ways that may harm their economic interests.

The truth is that many of these companies, most of them American or heavily aligned with the U.S., are complicit in supporting the Israeli occupation, often out of economic considerations or due to pressure from powerful pro- “Israel” lobbies.

These firms, some argue, cooperate with “Israel” to benefit from its advancements in programming and technology, or because they fear the influence of global Israeli networks.

According to foreign reports, Israeli cyber operations infiltrate global tech companies—sometimes through employees who leak sensitive data or through direct collaborations with firms that support “Tel Aviv.”

One prominent case involved a protest in 2021 by 300 Google employees and 90 Amazon workers who signed an internal letter demanding their companies withdraw from Project Nimbus, a controversial deal to supply the Israeli Occupation Forces with dangerous technology used to target Palestinians.

Rather than halting the project, these workers faced retaliation and were fired, as The Intercept reported in November 2023.

The $1.2 billion Nimbus deal, which provides cloud services to the Israeli military and government, has been a point of contention among tech workers and human rights advocates alike.

The most recent incident occurred in April 2024, when 28 Google employees were dismissed after staging a protest against the project, further fueled by revelations that the technology was being used in war crimes committed in Gaza.

This marks a growing trend where tech giants, rather than reevaluating their complicity, continue to back the Israeli military-industrial complex, despite rising moral and legal concerns.

1319699190.jpg (1600×1066) A report by Time magazine on April 12, 2024, revealed an internal document confirming that Google provides cloud computing services to the Israeli Ministry of Defense, deepening its partnership despite the ongoing genocide in Gaza.

“The Israeli Ministry of Defense, according to the document, has its own “landing zone” into Google Cloud—a secure entry point to Google-provided computing infrastructure, which would allow the ministry to store and process data, and access AI services,” as reported by Time.

The contract shows that Google invoices “the Israeli Ministry of Defense over $1 million for the consulting service.”

On April 5, 2024, The Intercept reported protests against Google for supplying technology to the Israeli military to carry out "robotic crimes" — namely, the killing of Gaza’s civilians.

Protesters lay down on the ground wrapped in white sheets with a modified Google logo reading "Genocide," demanding an end to the company’s collaboration with the Israeli government.

According to The Intercept, the Israeli military used Google's programs for facial recognition to track Palestinians attempting to flee airstrikes or search for food to feed their families.

“Many of those arrested or imprisoned, often with little or no evidence, later said they had been brutally interrogated or tortured,” as reported by The Intercept.

An Israeli official told The New York Times that Google’s facial recognition worked better than any alternative technology, helping “Israel” compile a “hit list” of Hamas fighters.

Furthermore, Google Maps and Waze were used by the Israeli military to disable live traffic updates in the occupied Palestinian territories ahead of the Israeli ground invasion of Gaza, according to Bloomberg.

In addition, an investigative report by +972 magazine highlighted that “Israel” uses artificial intelligence to target and kill Palestinians.

Interviews with six Israeli military intelligence officers revealed that AI programs in Unit 8200 — responsible for cyber security and espionage — have been used to target and assassinate Palestinians.

Since the war began in Gaza, two AI-driven programs have been developed for this purpose.

One, "Lavender," helped prepare a "kill list" of nearly 37,000 Palestinians for targeting without confirming their identities.

The other additional automated system, “Where’s Daddy?”, scanned Gaza’s population using big data, identifying names, identities, and addresses, leading to the mass extermination of Palestinian families.

Additionally, on April 11, 2023, Citizen Lab, a Canadian research organization, revealed a new Israeli spyware program similar to the notorious Pegasus.

The software, bought by governments including Saudi Arabia, the UAE, and Morocco, was used to target journalists and political opponents across multiple countries.

The program, developed by an Israeli company called Quadream Ltd — founded by a former Israeli military officer and ex-NSO Group employees — has already been linked to espionage activities.

Citizen Lab identified the victims “include journalists, political opposition figures, and an NGO worker,” confirming its widespread use in surveillance.

I found out about the Zen web browser and was wondering

Original question by @[email protected]

Do you guys have any recommendations for more privacy respecting YouTube frontend for iOS? YouTube Lite Plus has been good so far but I'm not sure how effective that no tracking thing is. I've also seen on Reddit Yattee and BluePlayer. Anything else? I can sideload it if it's not avaliable in the App Store. It would be nice if it also had features like SponsorBlock.

In case it's not obvious, this indicates that Comcast now has the ability to detect/track physical activity in the homes of people with Xfinity equipment.

Bumble sends people's personal profile information to OpenAI to create AI generated messages - without ever asking for consent

OC by @[email protected]

This is a bit dated, but the case it not yet resolved. If you search it its still pending and in mediation. Life360 is looking to limit who it sells the info to in order to resolve the case. There is no debate that they were selling the info.

https://www.classaction.org/news/life360-secretly-sells-users-geolocation-data-to-third-parties-class-action-claims

Curious since I found out about NoScript's shady past and Tor comes bundled with it, would it be safer to tweak uBlock Origin for the same purpose of NoScript?

I've been fairly successful at getting people to get on Signal of recent. However, I cannot find them in Signal to send a message. I'm on GrapheneOS, have them saved in the default contacts app (not something isolated like Fossify), and I have refreshed the contacts list in Signal. That doesn't work. So I type their number in the "find by phone number" and then all it offers is to "invite to signal".

Does anyone know what the issue is and how to fix it? I'm trying not to lose people from the Signal train but this is a real turn off for normies.

OC text by @[email protected]

So there are lots of ways to figure out who people are, and I am sure I dont know all of them, but I bet I know some you dont.

Lets put together a list of known ones. Ill start.

(If we dont get a big list, which we may not, for bonus points add techniques to ease drop/intercept information)

fingerprinting techniques

• browser (duh)
• encrypted network traffic analysis, see mullvad link here https://mullvad.net/en/vpn/daita
• stylometry, https://en.wikipedia.org/wiki/Stylometry

Mouse movements, typing speed, and typing style can serve as unique identifiers, much like fingerprints. As AI technology advances, it may become increasingly effective at recognizing these patterns, potentially compromising individuals' anonymity. Are there any measures available to protect against this?

cross-posted from: https://rss.ponder.cat/post/216174

The Airlines Reporting Corporation (ARC), a data broker owned by the country’s major airlines which sells travellers’ detailed flight records in bulk to the government, only just registered as a data broker with the state of California, which is a legal requirement, despite selling such data for years, according to records maintained by the California Privacy Protection Agency (CPPA).

The news comes after 404 Media recently reported that ARC included a clause in its contract barring Customs and Border Protection (CBP), one of its many government customers, from revealing where the data came from. ARC is owned by airlines including Delta, American Airlines, and United.

“It sure looks like ARC has been in violation of California’s data broker law—it’s been selling airline customers’ data for years without registering,” Senator Ron Wyden told 404 Media in a statement. “I don’t have much faith the Trump administration is going to step up and protect Americans’ privacy from the airlines’ greedy decision to sell flight information to anyone with a credit card, so states like California and Oregon are our last line of defense.”

A Wyden aide said office staff alerted ARC’s general counsel on June 4 that the company wasn’t enrolled as a data broker in California. By at least Wednesday, ARC had registered with the agency, according to the CPPA website. Searching for Airlines Reporting Corporation on that site now shows the company.

The more than one billion records that ARC sells includes passengers names, full flight itineraries, and financial details. Documents 404 Media previously obtained show the data can be searched by name or credit card. ARC is able to source this information because it acts as the conduit between airlines and travel agencies; whenever someone books a flight through an agency, such as Expedia, ARC gets that information.

ARC’s board of directors includes representatives from Delta, Southwest, United, American Airlines, Alaska Airlines, JetBlue, and European airlines Lufthansa and Air France, and Canada’s Air Canada.

The website of the CPPA, which is California’s data protection authority, explains that a data broker “is a business that consumers don’t directly interact with, but that buys and sells information about consumers from other businesses.” It appears ARC would fit this definition.

💡Do you work at ARC? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at [email protected].

The Wyden aide said office staff have already spoken to the CPPA and Oregon’s Attorney General about ARC’s failure to register.

Failure to register as a broker can incur fines of $200 per day. 404 Media previously found contracts between ARC and agencies such as the IRS, State Department, SEC, DEA, and more stretching back years, although they may not all necessarily be for the sale of data.

On May 1, Immigration and Customs Enforcement (ICE) published details about its own purchase of ARC data, totalling $250,000 according to public procurement records. On May 2, 404 Media filed FOIA requests with a range of other agencies that had contracts with ARC. Shortly after, The Lever covered the ICE contract.

In the CBP documents 404 Media obtained, ARC told CBP to “not publicly identify vendor, or its employees, individually or collectively, as the source of the Reports unless the Customer is compelled to do so by a valid court order or subpoena and gives ARC immediate notice of same.”

ARC did not respond to multiple requests for comment.

From 404 Media via this RSS feed