data protection Archives

Winsage

March 24, 2025

New Browser-Based RDP for Secure Remote Windows Server Access

Cloudflare has launched a clientless, browser-based Remote Desktop Protocol (RDP) solution that enhances its Zero Trust Network Access (ZTNA) capabilities for secure access to Windows servers. This solution eliminates the need for traditional RDP clients and utilizes IronRDP, a high-performance RDP client developed in Rust, which operates within the browser. The implementation secures RDP sessions using TLS-based WebSocket connections and integrates with Cloudflare Access for authentication through JSON Web Tokens (JWT). The system supports modern security standards, including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and device posture checks. Cloudflare plans to add session monitoring, data loss prevention features, and pursue FedRAMP High certification for compliance with government standards.

Winsage

March 17, 2025

Streamline your Windows 11 upgrade with these versatile yet compact mini PCs

The end-of-support for Windows 10 is set for October 14, 2025, prompting businesses to upgrade to Windows 11 to maintain security and functionality. MSI offers commercial desktops optimized for Windows 11, featuring powerful processors and enhanced security. Selected models come with Windows 11 Pro pre-installed, which includes IT management tools and improved productivity features, such as faster multitasking and better malware resilience. MSI's desktops, including the compact MSI Cubi NUC and the MSI Pro DP21 14MQ, provide extensive connectivity options and commercial-grade security features. These systems are designed to meet various business needs and enhance productivity while ensuring data protection.

AppWizard

March 14, 2025

The Digital Privacy Paradox: Encrypted Messaging App ‘Session’ Solves What Others Won’t

Instant messaging has become a crucial part of global communication, connecting billions of users while raising concerns about privacy and security. Many popular messaging apps, despite encryption, still expose users to privacy threats through metadata collection, which can reveal personal information. Session is a messaging platform that aims to address these issues by minimizing metadata usage and ensuring user anonymity through anonymous sign-ups, a decentralized infrastructure, and advanced encryption techniques. Session does not require personal details like phone numbers or emails for registration and operates on a network of over 2,200 nodes, making it difficult for any single entity to access or censor user data. The app is open-source, allowing for transparency and independent audits, and employs onion routing to enhance security. Session is particularly beneficial for journalists and activists who need secure communication in surveillance-prone environments. The platform is governed by the non-profit Session Technology Foundation, which prioritizes user privacy over profit. Session's upcoming token, $SESH, will incentivize individuals to operate nodes, contributing to the decentralized nature of the network and enhancing security through staking mechanisms. The transition from Oxen to Session Token on Arbitrum aims to improve efficiency and scalability while planning for a future where privacy-first messaging competes with mainstream platforms.

Tech Optimizer

March 8, 2025

The Best Antivirus Apps to Keep Your Data Safe in 2025

Cybersecurity is essential as digital lives become more integrated into daily routines, with personal devices storing sensitive information. Cyber threats have evolved, necessitating robust antivirus software for data protection in 2025. Norton 360 offers real-time threat detection, a built-in VPN, and dark web monitoring. Bitdefender Total Security is noted for its minimal impact on system performance and AI-powered threat detection. McAfee Total Protection focuses on identity theft protection with real-time malware protection and identity theft monitoring. Kaspersky Security Cloud provides adaptive security tailored to user behavior and includes webcam protection. Avast One is a reliable free antivirus option covering essential threats, while Trend Micro Maximum Security emphasizes online privacy with features like a social media privacy scanner and anti-phishing protection.

AppWizard

March 6, 2025

Google Silently Tracks Android Device Even No Apps Opened by User

Recent research by Professor D.J. Leith from Trinity College Dublin reveals that Google collects significant amounts of user data on Android devices, even when users do not engage with Google applications. The study shows that pre-installed Google apps can track users without consent or opt-out options. Measurements were taken using a Google Pixel 7 with Android 14. Findings indicate that Google servers store multiple tracking identifiers immediately after a factory reset, before any user interaction. Collected identifiers include advertising analytics cookies and persistent device identifiers. This data collection raises concerns about compliance with EU data privacy regulations, such as the e-Privacy Directive and GDPR. Specific tracking technologies identified include the Google Android ID, DSID cookies, and NID cookies. User interaction data is also transmitted to Firebase Analytics servers. Users have limited control over the data stored on their devices, with disabling Google Play Services or the Google Play Store being impractical options.

AppWizard

March 4, 2025

Google’s ‘consent-less’ Android tracking probed by academics

Research by Doug Leith, a professor at Trinity College Dublin, shows that Android users are subjected to advertising cookies and tracking mechanisms that start collecting data before any app is launched, without user consent or the option to opt out. The study identifies systems within Android that send user data to Google via pre-installed apps like Google Play Services and the Google Play Store. One such mechanism is the "DSID" cookie, which is created shortly after logging into a Google account and is used for personalized advertising, lasting two weeks. Another tracker, the Google Android ID, is generated upon first interaction with Google Play Services and continues to transmit data even after the user logs out, with removal only possible through a factory reset. Leith's findings raise concerns about potential violations of data protection laws, particularly regarding the classification of the Android ID as personally identifiable information under GDPR. Google responded to the findings, emphasizing user privacy and compliance with privacy laws, while also stating disagreement with Leith's legal analysis. Additionally, the introduction of the Android System SafetyCore feature, which scans photo libraries for explicit content without user consent, has sparked user discontent, with many reviews criticizing the lack of consent during its installation.

AppWizard

March 1, 2025

Cincinnati Reds announce new 2025 theme days, including Harry Potter, anime, Minecraft and more

Many businesses are temporarily restricting website access to users in most European nations due to GDPR compliance. The GDPR, effective since May 2018, mandates strict guidelines on personal data handling, prompting companies to reassess digital strategies. Organizations are investing in technology solutions, such as consent management systems, to balance compliance with user experience. Businesses are encouraged to prioritize transparency and user trust, implement user-friendly consent mechanisms, and leverage data analytics to tailor offerings while remaining compliant.

Winsage

February 28, 2025

Microsoft’s latest bit of nagging in Windows 11 might come from a good place, but it’s seriously annoying some people

Windows 11 users are receiving persistent reminders in the Settings app to back up their PCs, promoting Microsoft’s Backup app and OneDrive for cloud storage. This notification is particularly directed at users who have opted out of cloud syncing and backup settings, leading to frustration among those who manage their backups independently. Users have expressed a desire for a way to dismiss these reminders, as many already use third-party backup solutions. Discussions on platforms like Reddit indicate that some users are looking for workarounds to disable the notifications.

Tech Optimizer

February 24, 2025

Did Avast Sell Your Data Here’s How to Get a Piece of the FTC Settlement

Consumers who purchased Avast's antivirus software between 2014 and 2020 will receive compensation from a .5 million settlement due to allegations that Avast secretly collected and sold personal information. The FTC will notify approximately 3,690,813 affected consumers via email, with notifications expected between now and March 7, 2025. Claims must be filed by June 5, and payments are anticipated to be mailed out next year. Each eligible consumer could receive about [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: Consumers who purchased Avast's antivirus software between 2014 and 2020 will soon see some financial relief, as the company has agreed to a substantial settlement of .5 million. This decision comes in response to allegations that Avast secretly collected and sold personal information to third-party clients, a practice that has raised significant privacy concerns. FTC Takes Action The Federal Trade Commission (FTC) is now poised to distribute compensation to those affected, following a settlement announcement made a year ago. In a recent statement, the FTC revealed that it will be sending email notifications to approximately 3,690,813 consumers who purchased Avast's antivirus software during the specified timeframe. Eligible consumers can expect to receive these notifications between now and March 7, 2025. To facilitate the claims process, the FTC has established a dedicated website aimed at assisting users in obtaining their compensation. However, it’s important to manage expectations; if all affected consumers file claims, each individual could receive a mere .47 from the settlement fund. The deadline for filing claims is set for June 5, with payments anticipated to be mailed out next year. Uncovering Privacy Violations The FTC's scrutiny of Avast was prompted by investigative reports from PCMag and Motherboard, which revealed that the company's antivirus products were potentially exposing users' internet browsing histories to third-party companies. Despite Avast's assurances of user security, it was discovered that the company had been sharing browsing data through its subsidiary, Jumpshot, without adequately stripping personal identifiers. Internal documents indicated that this data could be traced back to individual users, particularly when cross-referenced with other data sources. The FTC's investigation confirmed that Jumpshot had been selling users' browsing data to over 100 clients, including various advertising firms, from 2014 until January 2020. Consequences and Changes In light of these findings, Avast took steps to terminate its browser data harvesting practices and shut down Jumpshot. However, the FTC's actions did not stop there; the agency alleged that Avast had violated U.S. fair trade laws by failing to inform users about the potential sale of their browsing data. The resulting order mandated that Avast pay .5 million and prohibited the company from selling or licensing any web-browsing data for advertising purposes in the future. Interestingly, while Avast also sold data from its free users, the settlement fund is exclusively available to those who paid for the antivirus software. In a significant shift, Avast has since merged with NortonLifeLock, forming a new security entity known as Gen. Under the terms of the FTC's order, Avast is required to delete all data collected through its Jumpshot operations, marking a pivotal moment in the ongoing conversation about user privacy and data protection in the digital age." max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"].47 if all claims are filed. The FTC's investigation revealed that Avast's subsidiary, Jumpshot, sold users' browsing data to over 100 clients without adequately stripping personal identifiers. Avast has since terminated its data harvesting practices and shut down Jumpshot, and the company is prohibited from selling or licensing web-browsing data for advertising purposes in the future. The settlement fund is only available to paying customers, and Avast is required to delete all data collected through Jumpshot operations.

Tech Optimizer

February 24, 2025

Millions of Avast antivirus software customers are getting a refund. Here’s why.

Millions of Americans who purchased antivirus software from Avast may be eligible for compensation following a .5 million settlement with the Federal Trade Commission (FTC). Approximately 3.7 million customers who acquired Avast products between August 2014 and January 2020 are affected. The FTC claims Avast collected extensive personal information from users, including religious beliefs, health concerns, political leanings, locations, and financial status, and sold this data without user consent to over 100 third parties through a subsidiary called Jumpshot. Affected consumers will receive emails about their eligibility to apply for compensation, and claims can be submitted online until June 5. Payments are expected to be distributed in 2026, with the amount depending on the total number of claims filed.