My thoughts on Apple & Google’s COVID-19 contact tracing

From what I’ve read Apple and Google’s COVID-19 contact tracing seems like a good idea and one that I’ll most likely use. It appears to be the best technological solution to date for governmental authorities to partially lift the lockdown orders that are currently in place. That said I do have privacy concerns.

According to the Verge, this is how we’ll use the tracking tool. “Google and Apple are using Bluetooth LE signals for contact tracing. When two people are near each other, their phones can exchange an anonymous identification key, recording that they’ve had close contact. If one person is later diagnosed with COVID-19, they can share that information through an app. The system will notify other users they’ve been close to, so those people can self-quarantine if necessary. Ideally, this means you won’t have to reveal your name, location, or other personal data.”

Apple and Google stress that “user privacy and security is central to the design”. So here’s the best explanation as to how privacy will be protected that I’ve found.

Ars Technica

But while mobile-based contact tracing may be more effective, it also poses a serious threat to individual privacy, since it opens the door to central databases that track the movements and social interactions of potentially millions, and possibly billions, of people. The platform Apple and Google are developing uses an innovative cryptographic scheme that aims to allow the contact tracing to work as scale without posing a risk to the privacy of those who opt into the system.

Privacy advocates—with at least one notable exception—mostly gave the system a qualified approval, saying that while the scheme removed some of the most immediate threats, it may still be open to abuse.

“To their credit, Apple and Google have announced an approach that appears to mitigate the worst privacy and centralization risks, but there is still room for improvement,” Jennifer Granick, surveillance and cybersecurity counsel for the American Civil Liberties Union, wrote in a statement. “We will remain vigilant moving forward to make sure any contact tracing app remains voluntary and decentralized, and used only for public health purposes and only for the duration of this pandemic.”

Unlike traditional contact tracing, the phone platform doesn’t collect names, locations, or other identifying information. Instead, when two or more users opting into the system come into physical contact, their phones use BLE to swap anonymous identifier beacons. The identifiers—which in technical jargon are known as rolling proximity identifiers—change roughly every 15 minutes to prevent wireless tracking of a device.

As the users move about and come into proximity with others, their phones continue to exchange these anonymous identifiers. Periodically, the users’ devices will also download broadcast beacon identifiers of anyone who has tested positive for COVID-19 and has been in the same local region.

In the event someone reports to the system that she has tested positive, her phone will contact a central server and upload identifiers of all the users she has come into contact with over the last 14 days. The server then pushes a notification to the affected users.

Web Finds for October 2, 2018

Web Finds are from my web surfing travels. You’ll find some unique and informative news, apps and websites that you may have never known existed. Enjoy!

Apple, Firefox tools aim to thwart Facebook, Google tracking
New protections in Apple’s Safari and Mozilla’s Firefox browsers aim to prevent companies from turning “cookie” data files used to store sign-in details and preferences into broader trackers that take note of what you read, watch and research on other sites.
Via AP News

National Cybersecurity Awareness Month: Cybersecurity at Home | US-CERT
October is National Cybersecurity Awareness Month (NCSAM), an annual campaign to raise awareness about cybersecurity. The National Cyber Security Alliance (NCSA) has published general tips to help you increase your cybersecurity awareness—including whom to contact if you are the victim of cyber crime—and protect your online activities.

NCCIC encourages users and administrators to review NCSA’s guidance for online safety basicsand the NCCIC Tip on Avoiding Social Engineering and Phishing Attacks for additional information.
Via US-Cert

How to Delete Your Facebook Account: A Checklist
Here’s a guide on how to delete your Facebook account.
Via lifehacker

Previous Web Finds are here.

Facebook gets hacked again. 50 Million users personal information put at risk.

I’m sure you’ve already read or heard about the latest Facebook hack involving the personal information of at least 50 million users. The hack was revealed in a Facebook blog post yesterday. If you haven’t here are the details.

Mike Isaac and Sheera Frenkel, writing for the New York Times

Facebook, already facing scrutiny over how it handles the private information of its users, said on Friday that an attack on its computer network had exposed the personal information of nearly 50 million users.

According to TechCrunch, Instagram and other third-party sites that use Facebook Login may not be out of the woods either.

In a follow-up call on Friday’s revelation that Facebook has suffered a security breach affecting at least 50 million accounts, the company clarified that Instagram users were not out of the woods — nor were any other third-party services that utilized Facebook Login. Facebook Login is the tool that allows users to sign in with a Facebook account instead of traditional login credentials and many users choose it as a convenient way to sign into a variety of apps and services.

As I’ve written before, now is a good time to delete your Facebook account. Between getting hacked and selling your personal data for advertising purposes Zuckerberg and his gang just can’t be trusted.

Facebook is using your 2FA phone number to target you with ads

Facebook has stooped to the lowest possible level. TechCrunch has exposed the fact that Facebook is using 2FA phone numbers to target users with ads. Zuckerberg and his gang are taking the number users are using to additionally secure their accounts and using it for ad targeting.

Some months ago Facebook did say that users who were getting spammed with Facebook notifications to the number they provided for 2FA was a bug. “The last thing we want is for people to avoid helpful security features because they fear they will receive unrelated notifications,” Facebook then-CSO Alex Stamos wrote in a blog post at the time.

I guess the bug wasn’t a bug after all. Just another Facebook lie.

Facebook has confirmed it does in fact use phone numbers that users provided it for security purposes to also target them with ads.

Specifically a phone number handed over for two factor authentication (2FA) — a security technique that adds a second layer of authentication to help keep accounts secure.

Here’s the statement, attributed to a Facebook spokesperson: “We use the information people provide to offer a better, more personalized experience on Facebook, including ads. We are clear about how we use the information we collect, including the contact information that people upload or add to their own accounts. You can manage and delete the contact information you’ve uploaded at any time.”

If you haven’t deleted your Facebook account yet now would be a good time to do so.

Worth reading today – Instagram’s CEO resignations

I found this to be an interesting take on the resignations of Instagram’s co-founders Kevin Systrom and Mike Krieger.

Ben Thompson, writing at Stratechery

Technically speaking, Instagram was a company. In practice, though, Instagram was a product, and its business model was venture capital funding. To be sure, this wouldn’t be the case forever, but on April 9, 2012, the road from popular product to viable company was a long and arduous one. Instagram would not only need to continue growing its user base, it would also have to scale its infrastructure, figure out a business model (ok fine, advertising), build up tools to support that business model (first a sales team, then a self-serve model, plus tracking and targeting capabilities), all while fighting off larger and more established companies — particularly Facebook — that were waking up to the threat Instagram posed to their hold on user attention.

Controlling one’s own destiny, though, takes more than product or popularity. It takes money, which is to say it takes building a company, working business model and all. That is why I mark April 9, 2012, as the day yesterday became inevitable. Letting Facebook build the business may have made Systrom and Krieger rich and freed them to focus on product, but it made Zuckerberg the true CEO, and always, inevitably, CEOs call the shots.

Web Finds for February 1, 2018

Web Finds are from my web surfing travels. You’ll find some unique and informative news, apps and websites that you may have never known existed. Enjoy!

Agenda – A new take on Notes
Agenda for Mac is a date-focused note taking app for planning and documenting your projects. With its unique timeline, Agenda gives you a complete picture of past, present and future, driving your projects forward. The notes in Agenda are beautifully styled, and include powerful features like tags, lists, and links. You can even connect your notes to events in your calendar. Agenda Review by Mac Stories.

Scoop: Apple delays iOS features to focus on reliability, performance
Apple has shaken up its iOS software plans for 2018, delaying some features to next year in an effort to put more focus on addressing performance and quality issues, Axios has learned.

Software head Craig Federighi announced the revised plan to employees at a meeting earlier this month, shortly before he and some top lieutenants headed to a company offsite.
Via Axios

Apple Said to Release New Entry-Level 13-inch MacBook This Year, Likely Replacing MacBook Air
Apple plans to release a new entry-level 13-inch MacBook in the second half of 2018, according to industry sources cited by DigiTimes. The report claims General Interface Solution (GIS) is expected to win more LCD display orders from Apple for the planned new model, after it began supplying the modules for existing MacBooks in the fourth quarter of last year.
Via MacRumors

Amazon, Berkshire Hathaway and JPMorgan Team Up to Disrupt Health Care
Three corporate behemoths — Amazon, Berkshire Hathaway and JPMorgan Chase — announced on Tuesday that they would form an independent health care company for their employees in the United States.

The alliance was a sign of just how frustrated American businesses are with the state of the nation’s health care system and the rapidly spiraling cost of medical treatment. It also caused further turmoil in an industry reeling from attempts by new players to attack a notoriously inefficient, intractable web of doctors, hospitals, insurers and pharmaceutical companies.
Via The New York Times

Strava Fitness App Can Reveal Military Sites, Analysts Say
A fitness app that posts a map of its users’ activity has unwittingly revealed the locations and habits of military bases and personnel, including those of American forces in Iraq and Syria, security analysts say.

The app, Strava, which calls itself “the social network for athletes,” allows millions of users to time and map their workouts and to post them online for friends to see, and it can track their movements at other times. The app is especially popular with young people who are serious about fitness, which describes many service members.
Via The New York Times

Previous Web Finds are here.

“This Is Serious”: Facebook Begins Its Downward Spiral

Nick Bilton, writing for Vanity Fair

There’s another theory floating around as to why Facebook cares so much about the way it’s impacting the world, and it’s one that I happen to agree with. When Zuckerberg looks into his big-data crystal ball, he can see a troublesome trend occurring. A few years ago, for example, there wasn’t a single person I knew who didn’t have Facebook on their smartphone. These days, it’s the opposite. This is largely anecdotal, but almost everyone I know has deleted at least one social app from their devices. And Facebook is almost always the first to go. Facebook, Twitter, Instagram, Snapchat, and other sneaky privacy-piercing applications are being removed by people who simply feel icky about what these platforms are doing to them, and to society.

And then there’s the main reason I think people are abandoning these platforms: Facebook knows us better than we know ourselves, with its algorithms that can predict if we’re going to cheat on our spouse, start looking for a new job, or buy a new water bottle on Amazon in a few weeks. It knows how to send us the exact right number of pop-ups to get our endorphins going, or not show us how many Likes we really have to set off our insecurities. As a society, we feel like we’re at war with a computer algorithm, and the only winning move is not to play.

Facebook only cares about Facebook not it’s users. I’m happy to see folks are starting to delete their Facebook accounts.