Terence Eden. He has a beard and is smiling.

Terence Eden’s Blog

Theme Switcher:

The IAB loves tracking users. But it hates users tracking them.

· 20 comments · 600 words · Viewed ~10,970 times


Logo of the IAB tech lab.

The Interactive Advertising Bureau (IAB) is a standards development group for the advertising industry. Their members love tracking users. They want to know where you are, who you're with, what you're buying, and what you think. All so they can convince you to spend slightly more on toothpaste. Or change your political opinions. Either way, they are your adversaries. The IAB's tech lab is…

ProctorU is dystopian spyware

· 23 comments · 350 words · Viewed ~11,317 times


To take this exam online you will need to borrow a friend or family member's laptop.

As part of my MSc, I have to take an online exam. Obviously, this means I am highly likely to cheat by looking up things on Wikipedia or by having a bit of paper with notes on it. EVIL! So, the exam body requires me to install ProctorU. It's a service which lets someone watch you through your laptop camera while you do the exam. Creepy, but I get it. They also want to see your screen to make…

Alexa leaks your private wishlists

· 9 comments · 500 words · Viewed ~4,279 times


People who access your list will see your recipient name. If you have an Alexa-enabled device, Alexa may alert you when there is a deal for items in your list. Notification Preferences.

This morning, my wife noticed that Alexa was insistently flashing its little blue lights. "Alexa... Notifications?" "You have one notification. An item on your wishlist has dropped in price. The … is now only £…" And that's how my wife found out what I planned to get her for her birthday! What happened to cause this? I maintain several Amazon Wishlists® of things I want to buy. One of those is…

I know how many microphones and cameras you have

· 8 comments · 300 words · Viewed ~394 times


Web browser asking for permission to access microphones. On the page, the number of microphones is displayed.

A curious little data leak, but one I struggle to care about. Perhaps useful for a bit of fingerprinting? Websites can access your system's camera and microphone. That's how modern video conferencing works in the browser. In an effort to retain user privacy, the browser asks the user for permission to use the camera and mics. No audio or video will be sent until the user agrees. But some…

Book Review: Privacy is Power - Carissa Véliz

· 1 comment · 350 words · Viewed ~353 times


Book Cover.

Without your permission, or even your awareness, tech companies are harvesting your location, your likes, your habits, your relationships, your fears, your medical issues, and sharing it amongst themselves, as well as with governments and a multitude of data vultures. They're not just selling your data. They're selling the power to influence you and decide for you. Even when you've explicitly…

Open Data - but not *too* open

· 2 comments · 750 words · Viewed ~224 times


If this address is correct and relates to your enquiry, please confirm that you are entitled to view the gas supply details.

I'm an advocate for open data - both in my professional role and in a personal capacity. One of the hard things is succinctly explaining that "open data" means "non-personally identifiable data at a sufficient granularity to be useful without proving a risk to any individual's (or group's) reasonable expectations of privacy while still being useful to researchers and civic society." What a…

GDPR and common sense

· 3 comments · 400 words


Some giant question marks standing in a field. Photo by https://www.flickr.com/photos/dbrekke/181939582/

Every so often, I get a glimpse into the thought processes of someone who has a very different view of the world to me. I don't deal with people's personal information often. So I was surprised to receive an email with a multi-megabyte spreadsheet called "Pay and Bonuses 2020". The email contained this doozy of a sentence: “Due to GDPR the attached file is password protected, I will send the p…

It's OK to lie to WiFi providers

· 6 comments · 350 words · Viewed ~431 times


Give social networks fake details, advises Whitehall web security official.

Another day, another data breach. The email addresses and travel details of about 10,000 people who used free wi-fi at UK railway stations have been exposed online. The database, found online by a security researcher, contained 146 million records, including personal contact details and dates of birth. It was not password protected. BBC News There's a really easy way to protect yourself from …

Who is Facebook's mysterious "Lan Tim 2"?

· 13 comments · 750 words · Viewed ~146,749 times


Facebook activity page saying they received data from "Lan Tim 2".

Facebook has an interesting feature. It will let you see which companies have associated your off-Facebook activity with your Facebook account. If you visit: https://www.facebook.com/off_facebook_activity/ you'll see what companies are snitching on you to Facebook. Alice St⭕️llmeyer@StollmeyerEU#AirBnB shares your activity with #Facebook ?!Delete that @Airbnb app, folks! Mine didn't even allow …

Bluetooth MAC, K-Anonymity, and Population Privacy

· 4 comments · 900 words · Viewed ~225 times


List of Bluetooth devices.

I recently went to a university hackathon, where students were trying to invent novel ways to help prevent pandemics. This was purely an academic exercise - they were not developing a fully-fledged app, nor were they creating official policies. I spent some time with one group discussing the privacy implications of what they had built. Thesis By monitoring nearby Bluetooth devices, we can…

Bitly finally starts taking privacy seriously

· 450 words · Viewed ~568 times


I've been ranting about Bitly for years! The ubiquitous link shortener had an interesting "feature" - add a + to the end of the URl and you could see all the statistics for the link. How many clicks, referers, location of users. Here's a blog post I wrote about it way back in 2011. I often used this feature to explore how popular companies and scammers were: Terence Eden is on…

Why does my remote control need to know my location?

· 3 comments · 550 words · Viewed ~10,672 times


Allow Pioneer Remote App to access this device's location?

Here's an interesting user-hostile pattern which could easily be avoided if programmers and business-people thought like regular humans. I have a Pioneer / Onkyo sound system. It's pretty nice and comes with a (not too crappy) Android app to let me remote control it. One day, the app updated itself. The changelog was the usual bland "bug fixes and improvements" message, but when I opened it,…