Category: Privacy

June 10, 2019 Off

Wire collaborates with EY for on-premise end-to-end encrypted messaging app

By Jill T Frey

End-to-end encrypted messaging app and service Wire announced a partnership with accounting and consulting company EY. Essentially, Wire is providing an on-promise version of its messaging service so that EY can control the servers and use it for their communication needs.

Both companies announced the deal a few weeks ago, and I talked with Wire and EY executives about the thinking behind this implementation.

“It’s very hard to monetize [Wire] on the consumer market,” Wire CEO Morten Brøgger told me. The company thinks it'll never become a big messaging app with hundreds of millions of users — that ship has sailed. That's why the company launched a team messaging product a couple of years ago.

Teams can sign up to Wire and use it as a sort of Slack replacement with end-to-end encryption on messages, files, calls, etc. The company uses a software-as-a-service approach and charges €4 to €6 per … Read the rest

June 7, 2019 Off

Why identity startup Auth0’s founder still codes: It makes him a better boss

By Jill T Frey

If you ask Eugenio Pace to describe himself, “engineer” would be fairly high on the list.

“Being a CEO is pretty busy,” he told TechCrunch in a call last week. “But I’m an engineer in my heart — I am a problem solver,” he said.

Pace, an Argentinan immigrant to the U.S., founded identity management company Auth0 in 2013 after more than a decade at Microsoft. Auth0, pronounced “auth-zero,” has been described as like Stripe for payments or Twilio for messaging. App developers can add a few lines of code and it immediately gives their users access to the company’s identity management service.

That means the user can securely log in to the app without building a homebrew username and password system that’s invariably going to break. Any enterprise paying for Auth0 can also use its service to securely logon to the company’s internal network.

“Nobody cares about authentication, but … Read the rest

June 3, 2019 Off

iOS 13 will let you limit app location access to ‘just once’

By Jill T Frey

Apple will soon let you grant apps access to your iPhone’s location just once.

Until now, there were three options — “always,” “never,” or “while using,” meaning an app could be collecting your real-time location as you’re using it.

Apple said the “just once” location access is a small change — granted — but one that’s likely to appeal to the more privacy-minded folk.

“For the first time, you can share your location to an app — just once — and then require it to ask you again next time at wants,” said Apple software engineering chief Craig Federighi at its annual developer conference on Monday.

That’s going to be helpful for those who download an app that requires your immediate location, but you don’t want to give it persistent or ongoing access to your whereabouts.

On top of that, Apple said that the apps that you do grant location … Read the rest

May 31, 2019 Off

Targeted ads offer little extra value for online publishers, study suggests

By Jill T Frey

How much value do online publishers derive from behaviorally targeted advertising that uses privacy-hostile tracking technologies to determine which advert to show a website user?

A new piece of research suggests publishers make just 4% more vs if they were to serve a non-targeted ad.

It’s a finding that sheds suggestive light on why so many newsroom budgets are shrinking and journalists finding themselves out of work — even as adtech giants continue stuffing their coffers with massive profits.

Visit the average news website lousy with third party cookies (yes, we know, it’s true of TC too) and you’d be forgiven for thinking the publisher is also getting fat profits from the data creamed off their users as they plug into programmatic ad systems that trade info on Internet users’ browsing habits to determine the ad which gets displayed.

Yet while the online ad market is massive and growing — … Read the rest

May 31, 2019 Off

Security startup Bugcrowd on crowdsourcing bug bounties: ‘Cybersecurity is a people problem’

By Jill T Frey

For a cybersecurity company, Bugcrowd relies much more on people than it does on technology.

For as long as humans are writing software, developers and programmers are going to make mistakes, said Casey Ellis, the company’s founder and chief technology officer in an interview TechCrunch from his San Francisco headquarters.

“Cybersecurity is fundamentally a people problem,” he said. “Humans are actually the root of the problem,” he said. And when humans made coding mistakes that turn into bugs or vulnerabilities that be exploited, that’s where Bugcrowd comes in — by trying to mitigate the fallout before they can be maliciously exploited.

Founded in 2011, Bugcrowd is one of the largest bug bounty and vulnerability disclosure companies on the internet today. The company relies on bug finders, hackers, and security researchers to find and privately report security flaws that could damage systems or putting user data at risk.

Bugcrowd acts as … Read the rest

May 30, 2019 Off

Maine lawmakers pass bill to prevent ISPs from selling browsing data without consent

By Jill T Frey

Good news!

Maine lawmakers have passed a bill that will prevent internet providers from selling consumers’ private internet data to advertisers.

The state’s senate unanimously passed the bill 35-0 on Thursday following an earlier vote by state representatives 96-45 in favor of the bill.

The bill, if signed into law by state governor Janet Mills, will force the national and smaller regional internet providers operating in the state to first obtain permission from residents before their data can be sold or passed on to advertisers or other third parties.

Maine has about 1.3 million residents.

The Republican-controlled Federal Communications Commission voted in 2017 to allow internet providers to sell customers’ private and personal internet data and browsing histories — including which websites a user visits and for how long — to advertisers for the biggest buck. Congress later passed the measure into law.

At the time, the ACLU explainedRead the rest

May 30, 2019 Off

Google announces new privacy requirements for Chrome extensions

By Jill T Frey

Google today announced two major changes to how it expects Chrome extension developers to protect their users’ privacy. Starting this summer, extension developers are required to only request access to the data they need to implement their features — and nothing more. In addition, the company is expanding the number of extension developers who will have to post privacy policies.

The company is also announcing changes to how third-party developers can use the Google Drive API to provide their users access to files there.

All of this is part of Google’s Project Strobe, an effort the company launched last year to reconsider how third-party developers can access data in your Google account and on your Android devices. It was Project Strobe, for example, that detected the issues with Google+’s APIs that hastened the shutdown of the company’s failed social network. It also extends some of the work on Chrome extensions … Read the rest

May 30, 2019 Off

Why ICS security startup Dragos’ CEO puts a premium on people not profits

By Jill T Frey

Written in its company’s handbook, there’s one rule for working at Dragos. “Don’t be an asshole.”

“The first key to our success is our people and that we hire good people,” said Robert Lee, the company’s founder and chief executive, in an interview with TechCrunch. “I think building a successful team is about having a standard and saying that I expect you all to be adults and not need a million HR policies,” he said.

Lee’s management approach revolves around his company’s greatest asset — his staff. With 125 employees, the company has seen rapid growth since its founding in 2016 but puts great importance on maintaining the company’s relaxed but productive culture.

Lee said he doesn’t want to change its culture dynamics by growing too fast, micromanaging, or burdening his staff with strict expense policies. “If you’re stuck laid over at night, but you see there’s one seat left … Read the rest

May 29, 2019 Off

Amazon adds ‘Alexa, delete what I said today’ command

By Jill T Frey

Buried in this morning’s Echo Show 5 announcement are a couple of new security features worth highlighting. In addition to the inclusion of a built-in camera shutter on the new smart display are a pair of Echo commands that let users delete voice recordings with an Alexa command.

“Alexa, delete what I said today” rolls out to Alexa users starting today. “Alexa, delete what I just said” will be arriving in the U.S. in the coming weeks and other countries where the smart assistant is available in the next month. Amazon has offered the ability to delete recordings via the app for some time now, but this brings the functionality to the front with a simple via command.

The process works similarly to deleting recordings via the app, starting the deletion process immediately.

While the company has long contended that it doesn’t actively record conversations and protects records on encrypted … Read the rest