TunnelBear completes industry’s first public security audit

TunnelBear has been my VPN service of choice for just over a year. I was excited to read that TunnelBear has undergone a public security audit by Germany-based penetration testing company Cure53. This gives confidence I’ve chosen the right VPN provider and that TunnelBear isn’t scraping and selling my browsing data.

TunnelBear Blog, 07 August 2017

Consumers and experts alike have good reason to question the security claims of the VPN industry. Over the last few years, many less reputable VPN companies have abused users’ trust by selling their bandwidth, their browsing data, offering poor security or even embedding malware.

Being within the industry, it’s been hard to watch. We knew TunnelBear was doing the right things. We were diligent about security. We deeply respected our users’ privacy. While we can’t restore trust in the industry, we realized we could go further in demonstrating to our customers why they can, and should, have trust in TunnelBear.​

Today, we’d like to announce TunnelBear has completed the Consumer VPN industry’s first 3rd party, public security audit. Our auditor, Cure53, has published their findings on their website and we’re content with the results.

However, the recent crisis of trust in the VPN industry showed us we needed to break the silence and share Cure53’s findings publicly. Today we’re sharing a complete public audit which contains both the results from last year and the results from the current audit.

You can read the full report on Cure53’s website.

Tip – How to re-open recently closed tabs in Safari for Mac the easy way

Have you ever accidentally closed a tab in Safari and wanted to get it back? I have. This usually happens when I’m doing research and have several tabs open at the same time. Sometimes I close one thinking I’m done with it and then realize I need it again. Other times I close one by accident.

Safari’s ⌘ + Z to the rescue. From Safari on the Mac, I can simply hit ⌘ + Z and the last closed browser tab or window will reopen. If I hit the ⌘ + Z keystroke again I can open the next most recently closed browser tab or window. If I do it 20 times, the 20 most recently closed browser tabs and windows will reopen.

I can also do it this way. From any active Safari browser window on the Mac, click and hold on the “+” plus button in the Safari tab bar and then select the tab to reopen from the drop down list of recently closed tabs.

Did you hear? Google is going to stop scanning your Gmail for ad personalization

Google has announced in a blog post that later this year the content of free Consumer Gmail will not be used or scanned for any ad personalization.

G Suite’s Gmail is already not used as input for ads personalization, and Google has decided to follow suit later this year in our free consumer Gmail service. Consumer Gmail content will not be used or scanned for any ads personalization after this change. This decision brings Gmail ads in line with how we personalize ads for other Google products. Ads shown are based on users’ settings. Users can change those settings at any time, including disabling ads personalization. G Suite will continue to be ad free.

G Suite customers and free consumer Gmail users can remain confident that Google will keep privacy and security paramount as we continue to innovate. As ever, users can control the information they share with Google at myaccount.google.com.

This is good news for Privacy. Unfortunately Gmail users will still see ads in there Gmail.

Two years of Fastmail and how it replaced Gmail
Google now knows when its users go to the store and buy stuff
Google’s Pixel Phone and other AI enabled devices are a privacy nightmare

Google now knows when its users go to the store and buy stuff

According to an article by the Washington Post, Google has now devised a new way to further violate user privacy. Google now knows when their users go to a brick and mortar store and buy stuff.

Elizabeth Dwoskin and Craig Timberg, Writing for the Washington Post May 23

Google has begun using billions of credit-card transaction records to prove that its online ads are prompting people to make purchases – even when they happen offline in brick-and-mortar stores, the company said Tuesday.

The advance allows Google to determine how many sales have been generated by digital ad campaigns, a goal that industry insiders have long described as “the holy grail” of online advertising. But the announcement also renewed long-standing privacy complaints about how the company uses personal information.

The new credit-card data enables the tech giant to connect these digital trails to real-world purchase records in a far more extensive way than was possible before. But in doing so, Google is yet again treading in territory that consumers may consider too intimate and potentially sensitive. Privacy advocates said few people understand that their purchases are being analyzed in this way and could feel uneasy, despite assurances from Google that it has taken steps to protect the personal information of its users.

What we have learned is that it’s extremely difficult to anonymize data,” he said. “If you care about your privacy, you definitely need to be concerned.”

You can read the full article here.

Related Posts:
Google’s Pixel Phone and other AI enabled devices are a privacy nightmare


Apple releases security updates for iPhone and Mac. Update now and be safe online.

On Monday Apple released security updates iOS 10.3.2 (for iPhone and iPad users), MacOS, and OS X. They also released updates for watchOS 3.2.2, iTunes, Safari, tvOS and iCloud for Windows 6.2.1.

Looking at the list of fixes it is clear that scores of security vulnerabilities have been addressed for iPhones, iPads and Macs.

US-CERT encourages users and administrators to apply the necessary updates.

Privacy Tip – How to know when your Mac’s webcam or microphone is spying on you.

If you are like me and stick a piece of tape over your Macs webcam then Objective-See’s Oversight is for you.

Once installed, Oversight sits in your menu bar and runs in the background monitoring your Mac’s mic and webcam, alerting you when the internal mic is activated, or whenever a process accesses your webcam.

The developer of Oversight explains why a tool like Oversight might be beneficial to you:

One of the most insidious actions of malware, is abusing the audio and video capabilities of an infected host to record an unknowing user. Macs, of course, are not immune; malware such as OSX/FruitFly, OSX/Crisis, OSX/Mokes, and others, all attempt to spy on Mac users. OverSight constantly monitors a system, alerting a user whenever the internal microphone is activated, or the built-in webcam is accessed. And yes, while the webcam’s LED will turn on whenever a session is initially started, new research has shown that malware can surreptitious piggyback into such existing sessions (FaceTime, Sykpe, Google Hangouts, etc.) and record both audio and video – without fear of detection.

I run Oversight on both my Macs. You can download and get more information about Oversight here. Oh yes, and by the way it’s free so there’s no reason to not install Oversight to better protect your privacy.

Related Posts:
Google’s Pixel Phone and other AI enabled devices are a privacy nightmare
The rising cost of cracking iPhone security and privacy
Did you know Facebook is buying sensitive data, about you, from data brokers?


Tip – Search sites with DuckDuckGo !Bangs

I’ve been using DuckDuckGo search for a few years and I just recently discovered searching with !Bangs.

Bangs allow me to search on thousands of sites, directly. I do a lot of research for my stories so bangs have allowed me to search specific sites for the result I’m looking for. For example, if I’m looking for a specific story on TechCrunch I can type “!tc” followed by the content of my search. This would take me to the search results on TechCrunch.com.

I use “!g” a lot because I don’t always get the result I’m looking for with a DuckDuckGo search. The bang “!g” runs a google search with an encrypted Google search result as if I were searching on Google itself.

There are thousands of !Bangs. Go here and give it a try.

Two years of Fastmail and how it replaced Gmail

Twenty-four months ago I moved all my email from Gmail to FastMail. The reason? I was tired of paying for Gmail and other Google services with my privacy. You know the saying “If it’s free you’re the product. “. I chose FastMail for their simple business model and privacy policy. FastMail provides email hosting. I pay them money. They host my email. No spam and no scanning my email for showing me ads.

In two years I’ve had no problems with the service. It’s rock solid! I was able to import my contacts, calendar and migrate all my email from Gmail to Fastmail with the help of the Fastmail Migration Guide.

Continue reading “Two years of Fastmail and how it replaced Gmail”