Wish List: Better anti-spam tools for Messages

From Six Colors:

In the war against spam, it often feels like we’re waging an uphill battle. While our email tools have improved and evolved over the last few years, the battlefield has started to shift from our inbox to our phones.

Recently, I’ve ended up on the receiving end of spammy text chains. Usually these are links, texted from a local number, to roughly 20 different phone numbers, many of them within the same area code as my own (or adjacent ones).

I can totally relate to an influx of text spam in the past few months.

I think that in general Apple needs to focus on privacy when it comes to messaging and email. I appreciate the fact that Messages are technically E2E encrypted but things like blocking tracking pixels in the Mail app as well as better contacts privacy settings are high on my wish list. If Apple were able to tell a cohesive story around blocking spam texts and calls, protecting your email privacy and giving you more control over your contacts list at this summer’s WWDC, I’d be thrilled.

Graham, Cotton, Blackburn Introduce Balanced Solution to Bolster National Security, End Use of Warrant-Proof Encryption that Shields Criminal Activity

From the United States Senate Committee on the Judiciary:

The Lawful Access to Encrypted Data Act is a balanced solution that keeps in mind the constitutional rights afforded to all Americans, while providing law enforcement the tools needed to protect the public from everyday violent crime and threats to our national security. The bill would require service providers and device manufacturers to provide assistance to law enforcement when access to encrypted devices or data is necessary – but only after a court issues a warrant, based on probable cause that a crime has occurred, authorizing law enforcement to search and seize the data.

I don’t expect our elected officials to understand every little detail of how something like encryption work, but legislating that companies keep backdoors defeats the purpose of encryption and privacy.

Tech companies are already helping when a warrant is provided. As an example, Apple already provides a ton when asked to by law enforcement. Eliminating encryption is a bridge too far.

Craig Federighi on Apple’s WWDC privacy news

From Michael Grothaus at Fast Company:

“We think we’re showing the way to the industry, to the customer, that they can demand more–they should expect more–about the protection of their privacy, and that we can help move the industry into building things that better protect privacy.”

[…]

“I think the protections that we’re building in, to intimately say that the customer’s device is in service of the customer, not of another company or entity–the customer is the one who is in control of their data and their device–is what’s most compatible with human rights and the interest of society,” Federighi says. “And so that’s what we’re going to keep trying to support–our customers being in control of their privacy.”

Glad this is getting more mainstream attention. The biggest features mentioned in this article are:

  • Approximate location, sharing which quadrant of a worldwide grid you’re in, not your exact location. This is something that’s gotten more attention lately, and I’m really pleased they’re doing this.
  • Cross-tracking prevention. Advertisers and data brokers have used these techniques to build a profile on all of us over the years.
  • Categorized data that’s being tracked, broken up by “type” (up to 31 types!) in the App Store.
  • Better password security notifications
  • Enhanced tracker blocking in Safari
  • Enhanced Safari extension support and security controls around permissions
  • Camera and mic notifications to let users know when either are active
  • Photo selection security

I believe that Apple’s stance on this has moved Google and Facebook in a better direction when it comes to security and privacy. Regardless of your opinion on their products, you should be thankful they’re pushing so hard on this.

The Senate just voted to let the government keep surveilling your online life without a warrant

From Recode:

the Senate voted on Wednesday not to protect Americans’ internet browsing and search history data from secret and warrantless surveillance by law enforcement. The measure needed 60 votes to pass. It got 59.

I barely recognize this country anymore.

It’s also worth noting, this is yet another reason to use DuckDuckGo as your search engine (they don’t save your searches or track you), and reconsider using browser history sync. A VPN will also help if you’re worried about your ISP selling or otherwise turning your data over.

Alphabet’s Sidewalk Labs scraps its ambitious Toronto project

From Ars Technica:

But Sidewalk Labs’ vision was in trouble long before the pandemic. Since its inception, the project had been criticized by progressive activists concerned about how the Alphabet company would collect and protect data, and who would own that data. Conservative Ontario premier Doug Ford, meanwhile, wondered whether taxpayers would get enough bang from the project’s bucks. New York-based Sidewalk Labs wrestled with its local partner, the waterfront redevelopment agency, over ownership of the project’s intellectual property and, most critically, its financing. At times, its operators seemed confounded by the vagaries of Toronto politics. The project had missed deadline after deadline.

I’m always torn when I see these sorts of smart city initiatives pop up. In reality, it’s about how I feel about smart home stuff in general. On one hand, I’m excited about the promise of an efficient and “always learning” city that can help planners optimize. In a world that will be increasingly affected by climate change, finding ways to squeeze every bit of efficiency out of the existing infrastructure is obviously a win.

However, rarely do these things come without hidden complexity or tradeoffs. In this case it’s cost overruns, privacy implications and half-baked solutions.

Apple’s Ad-Targeting Crackdown Shakes Up Ad Market

From Tom Dotan, The Information:

“Apple users are more valuable [to advertisers] based on demographics, being higher income, et cetera,” said Jason Kint, CEO of industry trade group Digital Content Next. He argues that Safari users have been “wrongly devalued” in the short term and says marketers just need to find better ways to reach them online. As an example, Kint points to ads that relate to the articles someone is reading—contextual advertising—as a format that doesn’t run afoul of privacy issues. He says the format is growing and credits Apple’s clampdown for one reason.

Amen. Targeted advertising, for me, has never really provided any amazing value over your more standard ad placement. As much as I love seeing ads on every page I visit for the thing I already bought on Amazon, I’d prefer to see ads the publishers stand by on some level.

Zoom quickly fixes ‘malware-like’ macOS installer with new update

Zoom is playing fast and loose with our privacy but like Google, they get away with it because they build such a doggone good product. I’m hopeful they’ll learn their lesson and start to operate in a fashion that’s more respectful of their customers but seems like they’re still in the “ask for forginevess rather than permisson” stage.

Twelve Million Phones, One Dataset, Zero Privacy

The New York Times:

EVERY MINUTE OF EVERY DAY, everywhere on the planet, dozens of companies — largely unregulated, little scrutinized — are logging the movements of tens of millions of people with mobile phones and storing the information in gigantic data files. The Times Privacy Project obtained one such file, by far the largest and most sensitive ever to be reviewed by journalists. It holds more than 50 billion location pings from the phones of more than 12 million Americans as they moved through several major cities, including Washington, New York, San Francisco and Los Angeles

One easy solution on the phone maker side would be new granular location permission levels. For example, most apps just need to know what city you’re in to offer weather, restaurant or event info. The default could report back a fuzzy location. Other than mapping apps, not many iOS apps really need my precise coordinates.

How do I protect my online privacy from ‘surveillance capitalism’?

A great overview of what you should be worried about on the web when it comes to your data and what folks can do with it. If you really want to dive in on this, the linked article from the EFF really expands on the ideas. As the author states above, I’m also not opposed to advertising in principle. What I’m opposed to is the massive amount of personalized data companies gather about me to deliver mediocre ads that are not any better than those you might get in a non-targeted way.

How Ring Went From ‘Shark Tank’ Reject to America’s Scariest Surveillance Company

Source: How Ring Went From ‘Shark Tank’ Reject to America’s Scariest Surveillance Company – VICE

Amazon’s Ring started from humble roots as a smart doorbell company called “DoorBot.” Now it’s surveilling the suburbs and partnering with police.

I’m definitely more interested in what HomeKit Secure Video will look like …. from iMore:

When you have security cameras in your home, the footage captured by these cameras will be highly personal and sensitive. You wouldn’t want these recordings to fall into the wrong hands. With HomeKit Secure Video enabled, all of your security camera footage gets end-to-end encryption before it is securely uploaded and stored in iCloud.