Connect with us

Technology

Intel accused of wiretapping because it uses analytics to track keystrokes, mouse movements on its website • The Register

Voice Of EU

Published

on

Intel is among the growing list of companies being sued for allegedly violating American wiretapping laws by running third-party code to track interactions, such as keystrokes, click events, and cursor movements, on its website.

Last week, a lawsuit [PDF] against the chip maker that was filed in February was removed from a Florida state court and shifted to a federal district court in Orlando.

The plaintiff, Holly Londers, claims she visited Intel’s website approximately a dozen times in the twelve months to January 2021, and during those visits the chip maker “utilized tracking, recording, and/or ‘session replay’ software to contemporaneously intercept [her] use and interaction with the website, including mouse clicks and movements,” and information that she input, pages visited and viewed, and dates and times of visits.

facebook

America’s Supremes give Facebook nothing but heartaches: Top court won’t stop ‘$15bn wiretap’ lawsuit

READ MORE

The lawsuit has been brought under the 2020 Florida Security of Communications Act, which makes it a crime to intentionally intercept another person’s electronic communications without prior consent.

Londers’s complaint does not specify the session replay software involved but The Register understands from a conversation with one of the attorneys involved that it’s believed to be Clicktale, which was acquired in 2019 by Contentsquare, a maker of similar analytics software.

As Jonathan Cherki, founder and CEO of Contentsquare, described the deal at the time, “The combination of Clicktale and Contentsquare heralds an unprecedented goldmine of digital data that enables companies to interpret and predict the impact of any digital element – including user experience, content, price, reviews and product – on visitor behavior.”

Non-profit org The Markup’s Blacklight web inspector warns that the Intel website contains a Clicktale script with “a session recorder, which tracks user mouse movement, clicks, taps, scrolls, or even network activity.” The privacy scanner further notes that no keystroke logging was detected and that it cannot say how the session data is being used.

But other folks can

Session replay software saw increased attention from the privacy community in 2017 when researchers from Princeton’s Center for Information Technology Policy published a study in which they looked at the prevalence of the seven most popular session replay services at the time – Yandex, FullStory, Hotjar, UserReplay, Smartlook, Clicktale, and SessionCam – and found their scripts being used on 482 of the Alexa top 50,000 websites.

The following year, session replay scripts were discussed at a US Federal Trade Commission event, FTC PrivCon 2018. During the session [PDF], Gunes Acar, who at the time was a postdoctoral researcher with the Princeton CITP project and is currently with the COSIC research group of KU Leuven, described the privacy risk posed by session replay services.

incognito

Google fails to neutralize lawsuit that complains Chrome’s incognito mode isn’t very private at all

READ MORE

Session replay scripts, Acar said, are no worse than any other analytics scripts until it comes to web input forms. There’s risk, said Acar, that sensitive information like email addresses, credit card numbers, and passwords will get captured by these replay scripts – the Princeton researchers found replay service providers often fail to keep sensitive data safe.

However, the attorney on the Florida case who spoke with The Register said the central issue is whether website visitors gave informed consent. And he voiced optimism that the Florida cases will survive motions to dismiss because Florida’s wiretapping law is a strong consumer protection statute.

Since Cohen v. Casper Sleep (2017) in New York, there have been at least two dozen such wiretapping privacy claims, mostly in California and Florida – both states with applicable privacy statutes. Those who have been sued over this include Banana Republic, Blizzard, CVS, Fandango, Foot Locker, Frontier Airlines, General Motors, Home Depot, Old Navy, Nike, Norton, Ray-Ban, T-Mobile, and WedMD, among others.

The New York case was dismissed in 2018 for failure to properly state a claim [PDF]. But most of the California and Florida cases continue to plod along and may yet make it to trial, or more likely, settlement.

These claims got a boost from the 2020 Ninth Circuit Court of Appeals decision [PDF] that refused to dismiss wiretapping claims against Facebook for tracking people even when they’ve logged out of the social networking service. A week ago, the US Supreme Court declined to hear Facebook’s appeal to undo that decision.

The Register asked Intel and Contentsquare to comment on the wiretapping lawsuit, and both companies declined. ®

Source link

Technology

Johnson & Johnson Ireland moves to 100pc renewable electricity

Voice Of EU

Published

on

The move comes following a power purchase agreement between Johnson & Johnson and Ørsted, which has windfarm sites in Clare and Kerry.

Johnson & Johnson has revealed plans to move to 100pc renewable electricity across its Irish operations.

The company has entered into an eight-year corporate power purchase agreement in Ireland with Danish company Ørsted. The agreement will help to ensure that the company’s entire Irish operations will be powered by electricity from 100pc renewable sources from now on.

Ørsted will supply the company with more than 1TWh of renewable energy during this period from two windfarms located in Kerry and Clare. The agreement will also help Ørsted as it invests in its strategy to construct more renewable generation in the future.

Taoiseach Micheál Martin, TD, praised the move in the context of Ireland’s climate action plans.

“Johnson & Johnson has embraced its environmental responsibilities globally, but also here in Ireland, and this agreement will help the company to achieve its wider climate goals. We are at a crucial point in the global fight against climate change and initiatives like this should become the benchmark for all companies to aspire to,” he said.

Towards net zero

Last year, Johnson & Johnson’s worldwide VP of environmental health, safety and sustainability, Paulette Frank, spoke at Silicon Republic’s Future Human event about the company’s “bold” climate goals. From her base in the US, Frank told attendees of the virtual event that her colleagues viewed the pandemic as “inspiration to propel” its climate action “further faster.”

Sourcing electricity from 100pc renewable sources is a goal the company set to achieve by 2025. By 2030, it wants to achieve carbon neutrality in its global operations.

John Lynch, plant leader at Johnson & Johnson Vision Care Ireland, said the company was proud to have met its targets in its Irish operations.

“Across our 10 sites and workforce of more than 5,000 here in Ireland, we are committed to supporting Johnson & Johnson’s climate action goals. In the last decade we have invested more than €60m in over 80 carbon footprint reduction projects.

“Today is a major landmark on our journey in Ireland to achieve net zero carbon emissions by 2030 and underlines our commitment to ensuring a better, healthier world.”

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading

Technology

‘At once intolerable and addictive’: five wellbeing courses and apps, road-tested | Health & wellbeing

Voice Of EU

Published

on

Australians are the world’s biggest consumers of health and wellness apps, punching well above our per capita weight in our quest for peak physical and mental condition, according to research from telecommunications company Uswitch. In recent years we have also been making them – with everyone from fitness influencers to mental health advocacy groups launching digital products.

I’m partial to a bit of mobile-based movement and mindfulness myself, but I have a complex relationship with wellness. While I love green juices, pilates and my “ness” being “well”, I can’t abide many contemporary uses of the word. In the diet, fitness, fashion and other industries, “wellness” can feel like a barely repackaged “weight loss”, while “healthy” has replaced “slim” as companies respond superficially to the body positivity movement without really changing their ways.

Despite wholesome beginnings in the 1950s, wellness is often framed as a goal for the financially and genetically privileged – and don’t get me started on the pseudoscience.

So I choose cautious cynicism when engaging with wellness and wellbeing products – but I’ve also been alone in my house for the greater part of two years, so I’ll try pretty much anything.

Sweat

Cost: $19.99 a month

Screen shot of the Sweat app from Kayla Itsines.

Sweat is a women’s health app co-founded by Australian fitness influencer Kayla Itsines, who boasts a worldwide social media following of more than 40 million. It offers over 30 programs for training at home or the gym, including high-intensity interval training (Hiit), low-intensity training, yoga and barre.

I did sessions from the PWR Zero Equipment program and it was all easy to follow and very doable. Audio and written instructions and onscreen demonstrations are clear, and self-accountability is super easy. It’s perfect for lockdown and for busy people cramming in exercise wherever and whenever they can. Plus, I can report that burpees are still the merciless work of Satan herself.

Itsines has created an app that exists in the wellness space with little of the self-congratulatory, quasi-spiritual hoopla other influencers lean so heavily into. Sweat isn’t pretending to be something it’s not. It’s a workout app, you do workouts on it. Yes, there are recipes and lifestyle tips but they aren’t offered as miracle pathways to a higher plane of being.

Is it my preferred mode of exercise? No. But it’s convenient and flexible and I can see myself using it when I travel. If that’s a thing that ever happens again.

Worry Time

Cost: Free

ReachOut’s WorryTime app
ReachOut’s WorryTime app. Photograph: Reach Out

ReachOut’s WorryTime is an anxiety management app from the online youth mental health service that uses cognitive behavioural therapy (CBT) techniques to disrupt and manage repetitive thinking.

I am by no definition a youth, but I have mild anxiety and WorryTime’s methodology appealed to me. You nominate a daily time to do all your worrying and when you feel anxious, you note why in the app; every day at the designated time, you worry about what’s still plaguing you and delete what’s not. Easy!

I used WorryTime diligently for a while, noting my fears, my troubles and doubts and reassessing them every 24 hours. All was going well until I got busy with work, stressed about work and scared I’d stop getting work. Where the app had been a welcome task, it became a bugbear.

I was trying not to think about things that made me anxious and knowing the app contained a list of them created a classic avoidance paradigm. I skipped a day. And the next day. And the day after that. Soon the WorryTime alarm was causing me the very anxiety it was engaged to minimise. After a few weeks of this mental chicken-egg dance, I deleted the app. I may have been in the foetal position at the time.

I’m not advocating against WorryTime. It could be a great tool for others. There are no one-size-fits-all mental health salves. It would be nice if there were though.

Bibliotherapy with State Library Victoria

Cost: Free

Dr Susan McLaine, host of State Library Victoria’s Bibliotherapy podcast
Dr Susan McLaine, host of State Library Victoria’s Bibliotherapy podcast. Photograph: Supplied

My favourite discovery from this whole exercise is bibliotherapy or book therapy, an age-old practice that uses literature to support better mental health and wellbeing. Basically, you read or are read aloud a prescribed text, specifically chosen to raise questions, uncover truths and encourage healing. It’s also fun to say.

In response to the pandemic, a new podcast called Bibliotherapy with State Library Victoria was launched. Hosted by bibliotherapy practitioner Dr Susan McLaine, it offers to help people “stay calmer in this fragile time”. In each episode, McLaine reads a short story and a poem and poses questions for listeners. Texts range from emerging and obscure writers to Tolstoy, Donne and Kipling.

I love this podcast. There’s something so intimate and soothing about being read to, no doubt embedded in childhood nostalgia. McLaine’s voice takes some getting used to, though to be fair I find this with most podcast hosts, but her choice of texts is excellent and she reads everything slowly and deliberately, “savouring every word and offering space between words”. It’s the closest thing to a hug I’ve had in months.

The only bad thing about it is that there are only two short seasons. After a brief search for similarly soporific, story-based podcasts and apps, I found the excellent Dreamy podcast, a collection of beautiful sleep stories by First Nations storytellers like Jazz Money and Aurora Liddle-Christie. Bringing tens of thousands of years of oral tradition into the digital world, Dreamy is “helping people of all walks of life to quiet their minds, drift into dreams, and disconnect from their devices”.

I also found Sleep Stories on the Calm app ($14.99 a month). It’s full of grown-up tales and mindful nonsense to soothe or bore you into slumber. There are even equally terrible and amazing celebrity cameos: Matthew McConaughey, Cillian Murphy and the hot duke from Bridgerton will read to you like you’re a child. Last night Harry Styles read me the worst poem I’ve ever heard – for 40 minutes. Five stars. Would listen again.

The Resilience Project

Price: $4.49 one time fee

The Resilience Project Wellbeing App.
Photograph: Supplied

The Resilience Project app is a “daily wellbeing journal” for all ages from a Melbourne-based organisation of the same name, providing evidence-based mental health strategies and “sharing the benefits of gratitude, empathy and mindfulness” to schools, sports clubs and businesses.

Users are encouraged to log on every day, note how they feel, record who or what they’re grateful for, perform acts of kindness and do a short guided meditation. This nice daily ritual only takes a few minutes but proves a small antidote to the current news cycle.

I don’t see myself using it long-term, because of repetitiveness and the world’s shortest attention span, but during this lockdown I’ve appreciated the nightly reminder to acknowledge my blessings and privilege and to reach out to friends.

Though it can’t do the heavy lifting where mental health is concerned, I’ll put it in my arsenal of chronic depression coping mechanisms, and try to use it in bad times. It won’t soothe what only drugs and Great British Bake Off can, but it might provide a few minutes respite.

The Class

Cost: $40 a month

The Class Digital Studio is a mat-based exercise program, with elements of yoga, pilates, cardio, free-style dance, expansion, and release.
The Class Digital Studio is a mat-based exercise program, with elements of yoga, pilates, cardio, free-style dance, expansion, and release. Photograph: The Class Digital Studio

The Class is an American exercise methodology-slash-mindfulness practice with semi-cult vibes, taught by a host of ridiculously hot and relentlessly cool twentysomethings who can pull off white Lycra and blend in on a Girls set.

In fortuitous timing, founder Taryn Toomey launched online classes in late 2019, taking the Class into locked down homes around the world from 2020. Australians can access a wide selection of on-demand and live online classes, and there’s even an Australian teacher. Timezone differences narrow live options quite a bit, but most live classes become on-demand classes, so it doesn’t really matter.

Frequented by celebrities including Alicia Keys, Naomi Watts and Emma Stone, the Class is a mat-based, music-driven “cathartic workout experience” designed to “strengthen the body and balance the mind”. It’s yoga meets Les Mills meets clubbing. Movements are simple, repetition is key and loud exhales are encouraged. You may do squats for a whole song, free dance for another and star jumps for the next. In between, there’s stillness.

Teachers speak a kind of motivational psychobabble that is at once intolerable and addictive. It verges on the spiritual and flirts with cultural appropriation but remains just secular enough that I don’t turn it off. “Be in your power”; “You are enough”; “Softness is your birthright” and so on. Many teachers end their sessions with “I love you” which I somehow don’t hate.

At first, I struggled to put aside my prejudices against self-indulgent, pseudo-mystical wellness fads and find peace with beautiful women telling me to accept myself while making me do burpees. But the more I did it, the more I was able to just let go and roll with the theatre. Plus, it’s actually a very good workout.

I am now willingly paying for the Class. Let’s never speak of this again. I love you.

Source link

Continue Reading

Technology

NFTs not annoying enough? Now they come with wallet-emptying malware • The Register

Voice Of EU

Published

on

In brief Whether or not non-fungible tokens are a flash in the pan or forever, malware operators have been keen to weaponise the technology.

An investigation was triggered after a number of cryptowallets belonging to customers of the largest NFT exchange OpenSea got mysteriously emptied. Researchers at security shop Check Point found a nasty form of NFT was in circulation, one that came with its own malware package.

People were receiving free NFTs from an unknown benefactor, but when they accepted the gift the attackers got access to their wallet information in OpenSea’s storage systems. The code generated a pop-up, that if clicked, allowed wallets to be emptied.

After disclosing the issue Opensea had a fix sorted within an hour – we wish others took such prompt action – and the platform appears to be secured. But beware of “free” gifts, particularly where money is involved.

Crime doesn’t pay? really?

A US Treasury report has said that in the last three years ransomware operators using over 60 different variants have siphoned off $5.3bn in Bitcoin payments.

The Financial Crimes Enforcement Network report [PDF], first spotted by The Record, said that the ransoms taken in the the first six months of this year amounted to $590m, up from $416m for 2020, and the problem is getting worse, according to ten years of 2,184 Suspicious Activity Reports (SARs) analysed by the agency.

“If current trends continue, SARs filed in 2021 are projected to have a higher ransomware-related transaction value than SARs filed in the previous 10 years combined, which would represent a continuing trend of substantial increases in reported year-over-year ransomware activity,” the Treasury team warned.

Arming robots with sniper rifles, not worrying at all

US-based Ghost Robotics showed off an unusual new gadget this week at a meeting of the Association of the United States Army – a sniper rifle robot.

The robotics firm already has unarmed robot dogs acting as sentries at Tyndall Air Force Base but mounted a 6.5mm sniper rifle with a range of up to 1,200 meters (3937 feet) with both day and night vision cameras. The manufacturers were at pains to point out that this is not autonomous in any way and a human always controls the trigger, the robot just gets into position to keep its human operator safe.

The robot caused something of a storm, and Ghost Robotics CEO Jiren Parikh attributed this to the emotional connection robot dogs evoke and decades of movies about killer robots.

US warns critical water systems under attack

American online watchdogs at the Cybersecurity and Infrastructure Security Agency has issued a security advisory following a spate of attacks against water and waste management facilities.

Since 2019 CISA said it had recorded five attacks against water systems, mostly ransomware but also aa former employee at Kansas-based water company who tried to tamper with drink water quality using credentials that should have been revoked when they left the biz.

For ransomware operators such businesses are tempting targets. Since water is such an essential service, it’s no-doubt thought that they’d be more likely to pay up rather than cause widespread disruption and panic.

Ukrainian cops cuff botnet suspect

The Security Service of Ukraine announced this week that they had arrested a man accused of running a massive botnet and charging for its use.

The man, a resident of Ivano-Frankivsk region in the west of the country, is said to have been running a botnet made up of over 100,000 infected systems. His opsec wasn’t great, he used telegram to tout for customers and, police say, made use of “electronic payment systems banned in Ukraine.”

A search of the suspect’s premises revealed computer equipment used to operate the botnet, and data stolen from botnet participants. Police say the suspect was also a representative of legitimate Russian payment service Webmoney, which is however under sanctions from the Ukrainian government.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!