https://www.nrk.no/norge/nordmenn-overvakes-av-mobilen_-_-pill-rattent-system-1.17208691

Norsk-amerikanske Unacast har blitt utsatt for omfattende datainnbrudd. Nå går Forbrukerrådet i strupen på selskapet.

– Det er fullstendig uansvarlig, sier fagdirektør Finn Myrstad i Forbrukerrådet.

Han snakker om selskaper som lever av å samle inn informasjon om hvor folk har vært, for å bruke det til markedsføring.

Store mengder private data om mobilbrukere over hele verden ble lagt ut på et russisk nettforum. Dataene som hackerne skal ha stjålet, skal være alt fra kundelister til folks lokasjonsdata. De publiserte det de kalte en «smakebit» av informasjonen de stjal.

I disse dataene kan det ligge informasjon om 146.000 nordmenns fysiske plassering.

[…]

Det er en trussel i seg selv at kommersielle selskaper sitter på så mye data om mobilbrukere, mener Forbrukerrådet.

– Det er en gigantisk svakhet. Det burde ikke vært lov å samle dem inn.

Forbrukerrådet har bedt om et forbud mot markedsføringen basert på dataene.

– Jeg tenker det ligger noe ansvar på politikerne her, sier Myrstad.

I 2022 anbefalte Personvernkommisjonen i en rapport en utredning av et generelt forbud mot atferdsbasert markedsføring.

Stortinget har bedt om det samme. Men ennå har det ikke dukket opp noen utredning. Langt mindre et lovforslag.

https://www.wired.com/story/subaru-location-tracking-vulnerabilities/

Now-fixed web bugs allowed hackers to remotely unlock and start any of millions of Subarus. More disturbingly, they could also access at least a year of cars’ location histories—and Subaru employees still can.

[…]

Most disturbing for Curry, though, was that they found they could also track the Subaru’s location—not merely where it was at the moment but also where it had been for the entire year that his mother had owned it. The map of the car’s whereabouts was so accurate and detailed, Curry says, that he was able to see her doctor visits, the homes of the friends she visited, even which exact parking space his mother parked in every time she went to church.

“You can retrieve at least a year’s worth of location history for the car, where it’s pinged precisely, sometimes multiple times a day,” Curry says. “Whether somebody’s cheating on their wife or getting an abortion or part of some political group, there are a million scenarios where you could weaponize this against someone.”

[…]

Curry argues that Subaru’s extensive location tracking is a particularly disturbing demonstration of the car industry’s lack of privacy safeguards around its growing collection of personal data on drivers. “It’s kind of bonkers,” he says. “There’s an expectation that a Google employee isn’t going to be able to just go through your emails in Gmail, but there’s literally a button on Subaru’s admin panel that lets an employee view location history.”

https://blog.lukaszolejnik.com/biggest-privacy-erosion-in-10-years-on-googles-policy-change-towards-fingerprinting/

https://www.404media.co/elon-musk-uses-cybertruck-explosion-to-show-tesla-can-remotely-unlock-and-monitor-vehicles/

Surveillance capabilities used and justified by extreme circumstances often trickle down to be used on lesser crimes.

https://www.theverge.com/2024/12/30/24332181/volkswagen-data-leak-exposed-location-evs

The leak also included the emails, addresses, and phone numbers of drivers in some cases, Der Spiegel reports.

[…]

If anything, this leak serves as yet another reminder of the immense amount of data collected by modern-day vehicles, which Mozilla has called a “privacy nightmare.”

https://www.technologyreview.com/2024/12/17/1108883/the-8-worst-technology-failures-of-2024/

Vertical farms, woke AI, and 23andMe made our annual list of failed tech.

https://spectrum.ieee.org/jailbreak-llm

Researchers induced bots to ignore their safeguards without exception.

AI chatbots such as ChatGPT and other applications powered by large language models (LLMs) have exploded in popularity, leading a number of companies to explore LLM-driven robots. However, a new study now reveals an automated way to hack into such machines with 100 percent success. By circumventing safety guardrails, researchers could manipulate self-driving systems into colliding with pedestrians and robot dogs into hunting for harmful places to detonate bombs.

https://pxlnv.com/linklog/siri-invented-calendar-event/

I saw a suggestion from Siri that I turn on Do Not Disturb until the end of an event in my calendar – a reservation at a restaurant from 8:30 until 10:00 this morning. No such matching event was in Fantastical. It was, however, shown in the Calendar app as a Siri Suggestion.

https://www.nbcnews.com/tech/security/us-officials-urge-americans-use-encrypted-apps-cyberattack-rcna182694

Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers.

The hacking campaign, nicknamed Salt Typhoon by Microsoft, is one of the largest intelligence compromises in U.S. history, and it has not yet been fully remediated. Officials on a news call Tuesday refused to set a timetable for declaring the country’s telecommunications systems free of interlopers. Officials had told NBC News that China hacked AT&T, Verizon and Lumen Technologies to spy on customers.

https://www.nrk.no/innlandet/ekspert-advarer-mot-kinesiske-elbiler-_-forsvaret-har-ingen-begrensninger-1.17138704

Mange tusen kinesiske biler ruller nå på norske veier. Sikkerhetsekspert advarer om potensialet for overvåkning som finnes i disse bilene.

[…]

I prosjektet de kaller «Lion Cage», som har fått omtale både internasjonalt og i Norge, har de gått grundig gjennom hvordan bilen fungerer, hva slags data den samler inn og hvor den sender dem.

– Vi finner forbausende mye datatrafikk mellom bilen og Kina. Det var en overraskelse. Vi hadde ikke forventa det, sier han.

Prosjektet har funnet ut at bilen kommuniserer med USA, Canada, Kina, men også Russland og Australia.

– Og så ser vi også hvor mye data som sendes. Det er ganske interessant. Selv om bilen er slått av, så vil bilen kommunisere.

[…]

Årsaken til at sikkerhetsekspertene har sett så grundig på de kinesiske bilene er den kinesiske etterretningsloven.

Den tolkes av mange som at ethvert kinesisk selskap må samarbeide med myndighetene når de blir bedt om det.