Your own personalised stalker
It always seemed slightly creepy that your computer shows advertising that is strangely accurately targeted at things you might have been interested in. On the surface, that seems quite useful. If you have to tolerate ads on your screen, at least having them show things you were interested in seems helpful.
Instead, we wonder how the system knows. It feels like a breach of our privacy.
It all starts when you install an app, and it pops up a question asking for permission to use your location, and/or your camera and/or your microphone.
This is useful for advertisers. For example, they can use your location. If the app reports this back to the content provider, they can match up your location and compare you to other people nearby. If you tend to go to the same places as other people, you are probably interested in the same things, so an advertiser might use that assumption to present advertising to you, or other people that you spend time with.
That does sound a bit overreaching, but we reluctantly agree to the presented terms simply because we want to use the app. If that is a condition of use, and we want to use the app, then we agree.
So, now we are seeing consumers getting the choice to push back.
Apple
Now, with iOS15, Apple are saying that you will get to see what apps are accessing your data. You will be able to see when an app used that permission, and there it was sent to. Whether that list of third party sites is any use or not is meaningful is unclear.
Not quite as advanced but following quickly behind is Google Android. With Android 12, you will have the option to de-personalise your data. They will still track usage, but won’t link it back to you.
Is there any truth to the rumour that your phone or TV is listening to you, and presented content based on private conversations it overhears?
Given how poor the voice recognition is on phones , cars, or tools like Alexa or Siri, its pretty evident this can’t be reality. If it, is, then heaven only knows what it thinks it’s hearing. The voice recognition tools are getting better all the time, but there is a long way to go.
Real world Cyber-Security stories from the battlefront.
Every day we’re seeing more and more hacking attempts against clients. Cyber security attacks are getting more frequent, more threatening, and much more sophisticated. But for all that, and for all the associated risks, we’re astounded by the number of organisations...
Have you heard about “typosquatting”?
"Typosquatting" is the name given to criminals pretending to be someone they aren't - taking a domain name that uses a clever combination of legitimate-looking original sender email addresses, with spoofed display sender addresses that contain the target usernames and...
Preparing for a sudden Covid19 Delta Lockdown in New Zealand
Every week that we don't go into lockdown seems like a blessing. It can only be a matter of time before NZ is thrown back to a tight, restrictive lockdown. If, as we read yesterday, every Covid case coming in through the New Zealand border right now is infected with...
Cyber-war Seminar
Stories from the Cyber-war The simple reality is that cyber-crime is now a mega-business. The cost and effort to combat it grows all the time. "Is it worth it?" Good question. Every organisation needs to choose a level of security and resulting cost, effort and...
What you need to know about the massive global ransomware cyber-attack over the weekend
The Risk Is Real. Over the weekend, thousands of businesses were caught up in a global cyber-attack that is being blamed on a Russian hacker group called Revil. It is disappointing when geo-politics impacts everyday business, and the reports talk about President Biden...
(yet) another reason Why paying ransomware demands hurts. (The FBI agrees)
We don't negotiate with terrorists Recently, we asked the question if organisations should pay ransomware demands. There is a balance between desperation and the uneasy knowledge that you might be funding further criminal attacks on the community. We’ve just read a...
Pretending to be you or your colleagues
Just because it seems safe, doesn't mean it is. On some emails, you might see a warning that marks them as being ‘external’. This gets added as the email comes into your organisation. The idea is a simple one – if you see an email marked as external, then you will be...
Phishing emails are getting smarter every day
In the old days (ie last year!!), a dodgy email had a whiff to it – there was something that triggered your subconscious. That’s because some phishing emails were really badly written with terrible English. But others just had a sniff about them- something that made...
A cyber-criminal only needs to get lucky once. You have to stay ahead of them all day, every day
"A cybercriminal only has to be lucky once, while a defender has to be lucky every minute of every day.” - Combating Ransomware - A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force. The message we hear from governance boards over...
Do you know where all your organisations data is? You don’t know what you don’t know
What is 'Shadow IT'? Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general. They are often used for all the very best reasons. Your colleagues have work...