privacy risks Archives

AppWizard

January 28, 2026

Gemini keeps asking me to turn on Personal Intelligence, but I’m keeping it off

Gemini has introduced a feature called Personal Intelligence, which allows users to customize the data accessed from Google services like Gmail and Google Photos. This feature is opt-in and was launched on January 14. Users receive prompts to enable it and can choose to defer or start using it. Personal Intelligence replaces the previous feature, Personal Context, which is still active by default. Users can connect various Google apps to Gemini to enhance their experience, with the ability to control which data sources contribute to Personal Intelligence. Google emphasizes that app connections are off by default, and users have control over their data sharing.

Winsage

December 8, 2025

Microsoft’s AI Push in Windows Raises Privacy and Trust Concerns

Microsoft has integrated artificial intelligence (AI) into various components of its ecosystem, including the Windows operating system and productivity applications like Office and Teams. This integration has raised privacy concerns, particularly regarding features like Recall, which captures user activities. Microsoft postponed the rollout of Recall due to backlash over potential security risks. AI-driven advertisements and suggestions have also blurred the line between helpful tools and intrusive marketing, leading to debates about data ownership and ethical implications. Critics argue that Microsoft’s AI efforts do not align with user expectations and amplify privacy risks, especially with data collection practices in Bing and Edge browsers prompting regulatory scrutiny. Despite significant investments in AI, there are challenges in monetizing these advancements, as indicated by adjustments to sales growth targets. Microsoft has faced internal concerns about overbuilding infrastructure and the financial viability of scaling AI resources. While developers find promise in AI tools like Visual Studio and GitHub Copilot, which enhance workflows, there are associated risks such as security vulnerabilities. Microsoft acknowledges these dangers and advises caution among insiders testing new features. The company’s philosophical stance on AI emphasizes ethical development aligned with human values, although critics express concerns about the potential risks of rapid deployment without adequate safeguards. For customers, Microsoft’s focus on AI has led to frustrations due to bugs introduced by AI experiments and the unreliability of AI agents in enterprise settings. The company’s partnership with OpenAI aims for AI dominance, but questions remain about the technology's appeal to the masses. Microsoft must balance innovation with user-centric design while addressing privacy, security, and ethical concerns to maintain its leadership position in the AI landscape.

AppWizard

November 3, 2025

“Whatsapp Killer?” Elon Musk Reveals X Chat, a Bitcoin-Style Encrypted Messaging App

Elon Musk has announced a new messaging platform called X Chat, which prioritizes user privacy and security by utilizing a peer-to-peer encryption system similar to Bitcoin's technology. The app is currently being tested and is expected to launch in the coming months. X Chat will not include advertising hooks or collect user data for targeted advertising, aiming to eliminate privacy risks associated with such practices. It is designed to allow users to send text messages, share files, and conduct audio and video calls. Musk claims it will be more secure than existing messaging platforms like WhatsApp.

AppWizard

November 2, 2025

Tracking whatever you do: IIT study finds Android apps are gathering far more information than users think

A recent investigation by IIT Delhi found that Android applications with precise location access can gather extensive information about users, including whether they are indoors or outdoors, the presence of crowded environments, and details about room layouts and activities, without using the phone’s camera or microphone. The study, led by MTech student Soham Nag and Professor Smruti R Sarangi, utilized a system called AndroCon, which analyzes low-level GPS signals to detect user activity and contextual information. AndroCon achieved up to 99% accuracy in identifying surroundings and over 87% accuracy in recognizing human activities, including subtle gestures. The research highlights significant privacy risks, as applications with fine-grained location permissions can extract sensitive data without user consent. The findings were published in the ACM Transactions on Sensor Networks.

AppWizard

October 30, 2025

IIT study warns of privacy risks from location permissions on Android apps

A study by researchers at the Indian Institute of Technology (IIT) Delhi revealed that Android apps requiring precise location permissions can access extensive information about users' environments and activities. The research introduced AndroCon, a system that uses fine-grained GPS data to determine users' surroundings and activities without the need for cameras or microphones. It analyzes nine GPS parameters to identify whether a person is seated, standing, or lying down, and can recognize specific locations such as being on public transport or in a crowded area. The study demonstrated that AndroCon could achieve up to 99% accuracy in detecting surroundings and over 87% accuracy in recognizing human activities. The findings raise significant privacy concerns regarding the potential for apps to infer sensitive user information.

Tech Optimizer

September 5, 2025

New Malware Exploits Windows Character Map to Evade Defender and Mine Crypto

Darktrace's autonomous detection system identified suspicious activity when a desktop initiated an unusual HTTP connection using a PowerShell user agent. The attack began with the download of a PowerShell script named “infect.ps1” from the IP address 45.141.87[.]195:8000, which dropped both legitimate and malicious binaries into the user’s AppData directory, including a signed version of AutoIt.exe and various encoded payloads. The attackers exploited Windows’ built-in Character Map (charmap.exe) to inject the miner code into its process space, evading antivirus detection. The loader performed checks for task manager presence, user privileges, and antivirus software, and bypassed User Account Control prompts. Once activated, the cryptominer operated discreetly, connecting to external mining pools like asia.ravenminer.com and monerooceans[.]stream. The malware was designed for persistence, re-downloading itself if terminated. Darktrace monitored the infected device, noting DNS requests and connections to Monero mining endpoints, which triggered high-fidelity alerts. Darktrace's Rapid Autonomous Response blocked the device’s outbound communications, preventing the malware from connecting to the mining pool and stopping over 130 attempted calls to external endpoints. The malware exhibited significant obfuscation, utilized legitimate binaries for side-loading, manipulated registry keys for persistence, and injected processes into trusted Windows applications. The incident underscores the threat posed by adaptive cryptojacking malware, which can drain productivity and inflate energy costs. Darktrace's AI-driven detection intercepted the attack early, mapping the kill chain and enabling rapid mitigation. Indicators of Compromise (IoCs) include: - 45.141.87[.]195:8000/infect.ps1 – Malicious PowerShell script - gulf.moneroocean[.]stream – Monero Endpoint - monerooceans[.]stream – Monero Endpoint - 152.53.121[.]6:10001 – Monero Endpoint - 152.53.121[.]6 – Monero Endpoint - https://api[.]chimera-hosting[.]zip/frfnhis/zdpaGgLMav/nbminer[.]exe – NBMiner executable - Db3534826b4f4dfd9f4a0de78e225ebb – NBMiner loader hash

AppWizard

August 9, 2025

Messenger, Pinterest, Lyft, Duolingo, Google Maps, Expedia Become Most Invasive Apps of 2025, Here is a New Update

The 2025 App Privacy Index reveals that Messenger is the most invasive app with a privacy risk score of 100/100, followed by Pinterest (72/100), Lyft (69/100), and Amazon Shopping (68/100). DoorDash ranks 5th (66/100) with its consumer app and 9th (58/100) with its driver app. Duolingo, Google Maps, WhatsApp, and Expedia complete the top ten most invasive apps. Instagram has a privacy score of 57/100 and recently faced criticism over its new Maps feature, which raises concerns about real-time location tracking. Meta's data collection practices are widespread across its platforms, including Messenger, WhatsApp, and Facebook. Some apps, like TeaOnHer (0/100) and ParentSquare (4/100), prioritize user privacy, contrasting with the other invasive apps. Users are advised to review app permissions and consider privacy-friendly alternatives. The public backlash against Instagram's Maps feature indicates a growing demand for transparency regarding data collection practices. As data protection regulations tighten, there is potential for companies in the travel sector to adopt better privacy practices.

Winsage

July 12, 2025

I always disable these 5 Windows 11 features to improve performance and security

Windows 11 has settings that can impact user experience, performance, and security. The following settings are recommended to disable for improved performance and security: 1. Telemetry: Disable the "Send optional diagnostic data" setting in Settings -> Privacy and Security -> Diagnostics and feedback, and set Feedback frequency to Never to limit data sharing. 2. Windows Search: Disable the Windows Search service by searching for Services, locating Windows Search, and changing its Startup type to Disabled. 3. Location Services: Turn off Location Services and "Let apps access your location" in Settings -> Privacy & Security -> Location to enhance privacy and battery performance. 4. Network Discovery: Disable Network Discovery on both Public and Private networks in Settings -> Network & Internet -> Advanced Network Settings -> Advanced sharing settings to minimize security risks. 5. Connect automatically to a Wi-Fi network: Uncheck the "Connect Automatically when in range" option for public networks under Settings -> Network & Internet -> Wi-Fi -> Manage known networks to avoid connecting to potentially unsafe networks.

Winsage

June 9, 2025

Your Windows 10 PC ‘is toast’ – new warning issued ahead of Microsoft deadline

Windows 10 support will end on October 14, 2025, leaving users without updates, features, or security patches. Microsoft is offering Extended Security Updates (ESUs) for a fee, but not all users may qualify for an upgrade to Windows 11. Many users could face vulnerabilities and technical issues as their devices become outdated. KBE warns that while Windows 10 will still function temporarily after the cutoff, it will become obsolete, leading to potential data and privacy risks. New applications may also become inaccessible, pushing users to consider new hardware. KBE suggests transitioning to its Linux-based software solution, Plasma, which can revitalize older computers. Users are advised to back up files and read instructions carefully before switching to Linux.

AppWizard

June 7, 2025

ISKP Magazine Questions Encryption Claims Of Messaging App, Cautions

The latest edition of "Voice of Khurasan" critiques Gem Space, a new social media platform attracting Islamic State Khorasan Province (ISKP) members, highlighting security vulnerabilities. The article warns against migrating from Telegram to Gem Space due to concerns over the platform's closed-source nature, unspecified encryption protocols, lack of end-to-end encryption confirmation, unclear ownership, and absence of transparency reports. It suggests that claims of 40+ million downloads may be exaggerated, pointing to a lack of independent validation of the platform's security. The article emphasizes the importance of informed decision-making regarding digital security.