As discussed in my last blog post, the scumsuckers at Apollo.io have been giving out my personal details. Not only did they have my email address, they also had a copy of one of my phone numbers. I asked them where they got it from and they said: Your phone number came from Parsely, Inc (wpvip.com) one of our customers who participates in our customer contributor network by sharing their…
Continue reading →
Like all good nerds, I generate a unique email address for every service I sign up to. This has several advantages - it allows me to see if a message is legitimately from a service, if a service is hacked the hackers can't go credential stuffing, and I instantly know who leaked my address. A few weeks ago I signed up for BrowserStack as I wanted to join their Open Source programme. I had a few…
Continue reading →
You're the sort of cool nerd who knows all the weird esoterica which makes up DNS, right? In amongst your A, AAAA, SOA, and MX records, there's a little used NAPTR. Yes, you can use DNS to store Name Authority Pointers! What?! It is yet another of those baroque standards which spits out things like: cid.uri.arpa. ;; order pref flags service regexp replacement IN NAPTR…
Continue reading →
QR codes are brilliant. They're a simple way to allow users to easily and quickly go to the right URl - no matter how complex. No more worrying about typing in long addresses or figuring out if that's a letter O or the number O. Scan and go! The best thing about QR codes is that they're free. It doesn't cost any money to generate one. They're an open standard with no middle-men. Users can go…
Continue reading →
Several years ago, I posted this poll on Twitter. Terence Eden is on Mastodon@edentIf the recent Twitter hack had exposed they way you voted on every Twitter poll, how would you feel?(There is no suggestion that this has happened, I'm just curious about people's relationships to voting and privacy.)Meh. So what?: (167)167Hmph. That's annoying.: (68)68Umm… This could be bad!: (32)32Delete account …
Continue reading →
Heather Burns has an absolutely deft way of turning the sometimes-dull world of digital privacy into entertaining, informative, and actionable prose. Too many of these sorts of books end up being a list of woes and end with "someone should do something, I guess?". Understanding Privacy is different. All the way through the mantra is "You are someone! You do something! And here's how..." …
Continue reading →
One of my most memorable experiences in the Civil Service was discussing link shortening services with a very friendly person from the Foreign and Commonwealth Office. I was trying to explain why link shortners like bit.ly and ow.ly weren't sensible for Government use. They didn't seem to particularly care about the privacy implications or the risk of phishing. I needed to take a different…
Continue reading →
I've recently signed up to the privacy-preserving service Proton. All the email, calendar, drive, VPN, and other services seem to hang off the proton.me domain. I wanted to download the Android apps to my phone - without using the Google Play Store. The VPN app is on F-Droid but none of the others are. So, because I'm lazy, I Googled "Download Proton Mail". I landed on…
Continue reading →
It's always fun keeping your network inspector tab open. While looking around the O2 UK website, I found this page all about eSIMs. For some reason, it wants to know the user's phone number. I put in a random number, and it refused to let me in. Putting in a genuine O2 number let me through. So what is it doing to validate numbers? It is making an API call to this URl: …
Continue reading →
Microsoft loves you and wants to protect you. So every time you receive an email with a link in it, Microsoft Outlook helpfully rewrites it so that it goes through their "safelinks" system. Safelinks allow your administrator, or someone at Microsoft, to stop you visiting a link which is malicious or suspicious. Rather than going to example.com, your link now goes to…
Continue reading →
Privacy is a funny concept, isn't it? Very few people want the whole world to know what medical complaints they have. But most hospitals are open-access buildings, where the waiting rooms have large monitors to tell patients that their doctor is running late. A few years ago I was sat in the proctology waiting room. Anyone who knew me would have seen I was waiting for an bum doctor. They may…
Continue reading →
My good friend Jess wrote this a little while ago: Jessica Rose@jesslynnroseThe function of a system is its output.If you have dog grooming machine that sometimes smashes puppies and you keep running it, you're in the dog smashing business.If you work for a mass surveillance company that keeps enabling genocide and undermining democracy...❤️ 2,323💬 23🔁 013:19 - Thu 07 January 2021 The whole thre…
Continue reading →
