Wie prft man als Laie, wohin ein Android-Smartphone oder einzelne Apps Verbindungen aufbauen
Im Beitrag zeige ich einfache Einstiege mit Exodus Privacy, RethinkDNS und PCAPdroid. Das ist kein vollstndiger App-Test, aber ein brauchbarer Selbstcheck: Welche App funkt wohin, was wird blockiert, was luft im Hintergrund
Zum Schutz der
Diese Brillen sorgen jetzt sogar fr neue Freibad-Regeln
Just one of the many dangerous things the T...p regime is doing quietly in the background while distracting us with ballrooms and reflecting ponds. There is no justification for the creation of "shadow" govenment web sites for existing sites that citizens MUST USE for required interactions with their federal government.
Jo & Reaves found mobile apps and mobile ad networks were still tracking health data.
Their paper shows the high specificity which these events are tracked ...
Rest of my blog post & AppGoblin links (to see which apps using which ad networks currently) to the apps in paper:
Wen die Cookie-Banner nerven, aber nicht allen Verwendungen zustimmen will: Das Plugin Consent-o-Matic der Universitt von Aarhus beantwortet viele Cookie-Banner automatisch, natrlich ablehnend. Mehr zu Tracking und Gegenmassnahmen hier bei .
Duidelijk artikel van over hoe politieke partijen nog steeds te veel gebruik maken van Google's trackers, Cloudflare, of andere buitenlandse diensten die je data proberen te vergaren, zelfs zonder dat er eerst om toestemming is gevraagd.
Ook PRO is hier schuldig aan, en dan gaat het in de eerste plaats puur om een lettertype wat gebruikt wordt!
Dit kan anders en moet toch eens goed aangepakt worden.
Trackingruling guts governments use of
The protects a users location history, the Supreme Court ruled Monday.
The same logic already applied to a cellphones , and the high court found no good reason exists to reach a different result for Location History collected by third parties like .
Split 6-3, the majority agreed that the government needs a and must show reasonable cause to turn a phone's location-tracking services into a government tool.
Stimmt das, komme von Twitter
Wetter ist gerade ja Thema. Dass ausgerechnet wetter.com aktuell ganz oben in den Play-Store-Charts steht, sagt leider viel ber Android-Apps: 10 Tracker, 37 Berechtigungen - fr Wetter.
In der Datenschutzerklrung: genaue Standortdaten auch fr ortsbezogene Werbung, auch durch Dritte. Nach WetterOnline und Databroker-Files sollte eigentlich klar sein, wohin so etwas fhren kann.
Nehmt DWD WarnWetter, Kleine Wettervorschau Deutschland, Cirrus oder Breezy Weather aus F-Droid.
Weg mit dem berwachungsmist.
We lost power last night. The Internet connection apparently had trouble reconnecting. So when I fixed it this morning, I get a new public IP!
I haven't had a new IP in like 8 years. Maybe I should disconnect during each holiday and pull a fresh one
Come funziona davvero la localizzazione GPS su uno smartphone
Scopri:
Come funziona il GPS
Perch il GPS da solo non basta
Il ruolo di Wi-Fi e celle telefoniche
Cos' l'A-GPS
Geofence, storico degli spostamenti e aggiornamenti della posizione
Leggi l'articolo e scopri come il tuo smartphone riesce a localizzarti in tempo reale!
Its dangerous and its going to erode : redesign of US government websites stokes fears administration The Guardian
The National Design Studio, staffed by veterans, installed visitor-tracking software on vital federal websites
"Verboten werden mssen Schulen, die Medienkonsum vermitteln!" - Bosetti
The White House's National Design Studio has also built or taken control of websites that belong,
by law or by convention,
to other federal agencies.
The sites handle some of the most sensitive personal information Americans give to the government.
Passports.gov is now run from inside the White House,
not from the state department.
The state department operates US passport services through its existing site at travel.state.gov.
The studios version collects identity information from people applying for passports.
It carries no privacy notice.
Developer test code was left running on the live page.
In response to a request for comment,
a state department spokesperson wrote:
The Department of State is working closely with the White House to deliver the best possible service for our passport customers
while safeguarding US national security.
They added:
US passport books and passport cards
and the programs and websites that support them
represent the gold standard in secure international travel documents,
underpinned by state-of-the-art security and technology.
They referred additional questions to the White House.
Trumpaccounts.gov is the federal website for the childrens investment programme created in last summers tax legislation.
The treasury department, which administers the programme,
is the registrant of record for the site.
But the site itself runs through the same White House-controlled commercial account as the studios own sites:
ndstudio.gov,
the prescription-drug site trumprx.gov,
the food-policy site realfood.gov
and others.
The treasury department did not respond to a request for comment.
Login.gov is the federal sign-in gateway that more than 150 million Americans use to access services from social security to tax filing.
The studios preview of vote.gov,
described in the previous post,
uses Login.gov to verify the identities of visitors.
The Guardian contacted the General Services Administration (GSA), which operates Login.gov, for comment.
A spokesperson replied in an email:
Login.gov is committed to the highest standards of privacy, transparency, and security.
Our Privacy Impact Assessment was most recently reviewed in March 2026.
All personnel supporting Login.gov,
including detailees,
are required to comply with applicable GSA policies, security requirements, privacy controls, and governance processes.
The NDS, meanwhile, seems to be expanding its footprint across more government websites.
In late May, three new addresses tied to the NDS appeared in the public records:
chat.staging.ndstudio.gov,
onboarding.ndstudio.gov
and upload.ndstudio.gov.
Some of the NDSs work is even more opaque,
including an apparent redesign of the federal governments voting registration hub.
A sign-in page run by the studio on a White House-controlled web address carries the title
Log in to vote.gov preview.
Above the password field is a notice: For official use only. Actions will be recorded in accordance with applicable law.
Vote.gov is a federal voter registration website.
By law it belongs to the Election Assistance Commission (EAC),
an independent, bipartisan body that Congress established in 2002 after the disputed 2000 election.
Congress created the commission specifically so no sitting president would control the federal voter-registration system.
The studios version has been live on White House systems since
17 September 2025, according to public records of secure web addresses.
Late last year, the NDS began presenting its system to state election directors.
The first such briefing, on 17 October, was on a call of the National Association of State Election Directors (NASED).
Call notes summarising the meeting record members representing states of both parties expressing
serious concerns with this project not complying with state law
and noting that
the developers do not seem to want to spend the time to understand election official concerns.
Brianna Schletz,
the Election Assistance Commissions executive director,
reportedly told state directors on the same call that the conversations were informal,
and that commissioners would later vote on whether to stay involved.
No record of any such vote has since appeared in the commissions public proceedings.
Asked for comment by the Guardian,
a NASED spokesperson, Amy Cohen,
confirmed by email that
NASED held a call in October joined by representatives from the National Design Studio and members of the EAC leadership team.
Cohen added:
NASED does not have a position on this project.
NASED has had no further communication with the National Design Studio on this or any other project
both NASED as an organization and our members in their individual capacities engage with the EAC regularly about a variety of different topics and projects.
Six days after the
17 October meeting,
on 23 October,
a National Design Studio engineer, Akash Bobba,
reportedly briefed the system on a recorded conference call organised by the
National Association of Secretaries of State.
Under the studios design, voters would be required to verify their identity through Login.gov,
the federal sign-in gateway,
and to have their citizenship checked against a database run by the Department of Homeland Security.
Asked on the call what the federal government would retain of the personal information voters entered into the system,
Bobba reportedly said that
clear data retention policies would be given to states ahead of implementation,
but conceded:
I dont know what they retain and what they are logging.
The Election Assistance Commission has been part of the discussions.
Its chair, Donald Palmer, reportedly said the commission was
facilitating discussion with state election officials on modernizing an accessible tool to provide a verifiable digital registration option.
The Guardian contacted the Election Assistance Commission for comment but received no response.
The EPICs Davisson said:
With vote.gov, thats the province of the Election Assistance Commission.
But if youre centralizing that in the White House, the White House is going to have sort of access to that backbone of data.
He added:
Doing that outside of the appropriate channels,
I think, is definitely going to
its dangerous
and its going to erode trust.
The Help America Vote Act of 2002 put
voter-registration administration under an independent bipartisan commission,
structurally outside the reach of any sitting president.
The studios version appears to collapse this arms-length arrangement.
The Guardian has not seen what is on the other side of the sign-in,
but published Cisa records show who runs the system it lives on,
which is under White House control.
The commission Congress put in charge of vote.gov has not decided to formally participate in the initiative.
The build itself is on White House systems.
A 2002 federal law,
the E-Government Act,
requires any federal agency that collects personal information through a website to first publish a written privacy impact assessment
explaining what it collects and where the information goes.
The Privacy Act of 1974 requires a separate, parallel public notice,
a system of records notice,
describing the records the agency keeps.
A 2010 office of management and budget memorandum extended both requirements to federal agencies use of commercial
web-tracking tools, including the kind that PostHog provides.
The Guardian could find no such filings for the studios web-tracking layer.
None of the four sites carry a privacy impact assessment naming PostHog or describing the IP addresses and on-site activity the tool collects.
None of the four are covered by a system of records notice that addresses what is collected or where it goes.
The one published privacy instrument that relates to any of the four programmes,
a treasury notice for the Trump Accounts programme,
describes how the childrens-investment programme is administered
but does not name PostHog and does not describe the tracking on trumpaccounts.gov at all.
Davisson, the EPIC attorney,
called the studios failure to publish such a notice
a pretty clearcut violation of section 208 of the E-Government Act,
adding: Theres just no suggestion that theyre trying to comply in good faith with any of their obligations when it comes to the collection of personal information.
Its not known what data was collected from users of the government websites while the tools were live,
whether it was retained
and who has custody of the data.
The use of commercial tools on the sites departs from federal web-team conventions.
Davisson, the senior counsel at the EPIC, described the studios work as
trying to establish their own sort of fly-by-night version of what federal agencies normally do with added tracking technologies
and less oversight.
This is most apparent in the NDSs employment of user tracking prior to outreach from the Guardian,
such that when a member of the public visited one of the studios federal websites,
a commercial tool called PostHog recorded what they did on the page.
PostHogs session-recording feature,
which can replay every click, scroll and keystroke of a visitors time on a webpage,
is installed in the code of all four sites and enabled on two of them.
On the remaining two, the recording is held inactive only by a single setting inside PostHogs dashboard,
which can be changed by whoever controls the website at any time.
The Guardian emailed PostHog for comment on its apparent provision of tracking tools to the NDS, but received no response.
Adblockers and similar privacy tools are used by millions of people to limit what third parties can learn about them as they browse.
Most of them work by intercepting requests that a visitors browser makes to known tracking services
and blocking them before any data leaves the device.
Website source code shows that PostHog has been configured on
NDS-run sites to route analytics requests through an address on the federal website itself,
rather than through PostHogs own servers.
Because the request appears to go to the site the user is already visiting, rather than to a recognisable third-party address, adblockers dont flag it.
As PostHog explains in its own documentation,
this works because ad blockers havent visited your domain to catalog your setup.
They dont know what to block.
In other words, the technique is specifically designed to evade privacy tools
by presenting commercial tracking as ordinary website activity.
Serge Egelman, research director of the Usable Security and Privacy Group at the International Computer Science Institute (ICSI), explained:
The issue there is that over the last several years,
due to abuses relating to this type of data collection,
theres basically an arms race with tools being released to allow consumers to try and exert some control over what data gets collected.
Egelman said that he had not looked specifically at the PostHog tool or its deployment on federal websites,
but he did point to a lawsuit involving the addition of commercial tracking technology to a state government website.
I testified on Meta where the Meta Pixel was put on the California DMV website.
And Meta was able to obtain information about when people are requesting, say, disability placards,
reinstating a suspended license, things like that
sensitive information thats actually protected by federal law.
He added: Its not like someone going to the DMV website expects a private company to receive their personal data and then be allowed to use that however they want.
PostHog comes with a separate feature called session recording,
which plays back every click, scroll and keystroke a visitor makes,
like a video recording of their entire visit.
Princeton University researchers who first documented the technology in 2017 wrote that watching such a recording was as if someone is looking over your shoulder.
On the Trump Accounts and TrumpRX websites, the feature has been built into the page code and is held inactive only by a single setting inside PostHogs dashboard.
The NDS can turn it on at any time, on either site, without making changes in the underlying website code.
Separately, until the Guardian sought comment on this reporting, the NDSs own website, ndstudio.gov,
ran a 539-line piece of bespoke code that recorded visitors clicks, form entries and navigation
assigned each visitor a session identifier
and forwarded the captured data to an address that does not appear anywhere on the public internet.
The scripts source code refers to it as AutoMonitor.
Chrome's next update will kill your adblocker - and make the web less safe - ZDNET
Its dangerous and its going to erode trust: redesign of US government websites stokes surveillance fears The Guardian "The NDS built and now operates four public federal websites: ndstudio.gov, trumprx.gov, realfood.gov and trumpaccounts.gov. All four ran commercial visitor-tracking software, configured to evade the privacy tools many web users install, and none carry the public filings federal privacy law requires under laws including the Privacy Act of 1974 and the E-Government Act of 2002."
Analysis of the underlying source code for four of the websites written by the secretive National Design Studio (NDS)
found that on at least two of them,
the studio installed a commercial tool called PostHog
that closely tracks what every visitor does on the site.
Another tool, apparently made in-house, sends user data to a destination that is not visible on the public internet.
The NDS apparently removed this tracking software after the Guardian reached out to the White House with a detailed series of questions on the NDSs operations on 4 June.
On 17 June, White House spokesperson Liz Huston responded:
All National Design Studio personnel comply with all legal requirements in their important work to improve how citizens interact with their government.
The studio has also built versions of services legally assigned to other agencies,
including a passports website,
and a copy of
Login.gov,
the gateway more than 150 million Americans use to sign in to federal services,
-- the latter reportedly being overseen by a former Doge engineer who moved to the studio.
The NDS has also apparently built a copy of
vote.gov,
the federal voter-registration site that by law belongs to an independent bipartisan commission
inside a website site only accessible with a White House login.
A federal voter-registration system run from inside the White House,
with identity and citizenship checks routed through systems the administration controls,
could let an incumbent see who is registering,
or check their registration, in the weeks before an election.
Public ownership records maintained by the Cybersecurity and Infrastructure Security Agency (Cisa)
list the executive office of the president as the registrant of the studios sites,
including passports.gov and the vote.gov copy,
meaning that the office controls the domains.
Questions remain about the sort of access that this could give the White House to voter registration data.
John Davisson, senior counsel at the Electronic Privacy Information Center (EPIC),
said the studios approach risked creating a second version
a whole sort of second skunk-works version of the federal government
with all these shady tracking technologies
and outside of the parameters of normal federal privacy laws.
A skunk works is a figurative term for an experimental department within a larger organization with freedom to operate outside normal procedure.
The Guardian sent a detailed list of questions about the NDS to the White House Press Office for the attention of Gebbia and the White House chief of staff, Susie Wiles,
who has oversight of the studio.
Separately, the Guardian sent a request to Gebbias presumed email at the NDS
(no addresses are publicly listed).
There was no response.
An opaque White House office staffed largely by veterans of Elon Musks
department of government efficiency
(Doge) has quietly rebuilt some of the federal governments most sensitive websites
for passport applications, voter registration, prescription-drug pricing and childrens savings
in ways critics say appear to violate federal law.
The National Design Studio (NDS)
was established by a Donald Trump executive order last August,
and is led by Trump-aligned Airbnb co-founder Joe Gebbia and staffed by Doge veterans.
A Guardian investigation has found the office has apparently been developing or redeveloping sensitive federal websites,
including those connecting Americans with prescription drugs, childrens savings accounts, passports and voter registration.
The investigation corroborates and advances earlier reporting by the Drey Dossier, a YouTube investigative outlet.
The NDS built and now operates four public federal websites:
ndstudio.gov,
trumprx.gov,
realfood.gov and
trumpaccounts.gov.
All four ran commercial visitor-tracking software,
configured to evade the privacy tools many web users install,
and none carry the public filings federal privacy law requires under laws including the Privacy Act of 1974 and the E-Government Act of 2002.
Separately, none of the NDSs spending or its arrangements with outside vendors appears in USAspending,
the federal contracting database,
raising questions about how it is funded and overseen.
Separately, the NDS has also built and runs White House-controlled versions of services the US Congress assigned to other federal agencies,
including a passport-application portal that bypasses the state departments existing site,
and a copy of voter-registration site vote.gov.
Combined, the sites route sensitive interactions Americans have with their government through infrastructure the White House apparently controls,
and outside the reporting and accountability systems that normally cover federal agencies.
Bloquer le protocole
Pour bloquer le protocole Utiq, je vous recommande d'ajouter quelques filtres Origin une ne fonctionnant pleinement que sur .
G7-Datenschutzgipfel: Ruf nach Regeln fr Alterskontrollen und Smart Homes
Die Aufsichtsbehrden der G7-Staaten verlangen einen strikten Grundrechtsschutz bei der Online-Altersberprfung und nehmen vernetzte Kinderzimmer ins Visier.
G7 Data Protection Summit: Call for rules on age verification and smart homes
The G7 supervisory authorities demand strict protection of fundamental rights in online age verification and are targeting connected children's rooms.
Heimliche : Regierung bricht ihr Schweigen bei stillen SMS heise online
From $135 to $154: Tracking SpaceX's Stock Volatility in Its First Weeks as a Public Company
Breaking: <p>Space Exploration Technologies (NASDAQ
Online-Tracking: Deutschland und Google wollen Cookie-Banner retten - netzpolitik.org
Das muss man sich auf der Zunge zergehen lassen:
Die EU-Kommission will endlich die Cookie-Banner abschaffen, aber Google und einige EU-Mitgliedsstaaten wollen sie nun unbedingt behalten, kommentiert Datenschutz-Aktivist Max Schrems von der Organisation noyb den Vorgang. Jahrzehntelang wurde sich ber EU-Brokratie beschwert, aber in Wirklichkeit frchtet sich die -Industrie dermaen vor einer Mglichkeit, dass Verbraucher:innen einfach Nein sagen knnen, dass nach etwas Lobbying alle umfallen.
> Mit dem Digitalen Omnibus will die EU nach der KI-Verordnung auch den schleifen. Das Gesetzespaket enthlt einen einzigen Vorschlag, der nicht primr Unternehmen, sondern auch Nutzer:innen das Leben erleichtern soll. Er knnte das europische Internet von -Bannern befreien, doch nach intensiver -Arbeit will der Rat den Artikel nun streichen.
1739 partners... Well I didn't want to read it anyway.
TikTok collects keystroke patterns, clipboard contents, and device identifiers beyond what most users realize when they agree to its terms.
TikTok collects keystroke patterns, clipboard contents, and device identifiers beyond what most users realize when they agree to its terms.
Path Tracer Test
With the new 's powerfull path tracing engine v2 for TD.
Meta Pauses Employee Tracking AI Program After Internal Data Exposure
DNT wird durch GPC abgelst. Aber ja, es wre so einfach, wenn die Werbelobby nicht so aktiv wre
"Unlike the now-deprecated Do Not Track header, which was unsuccessful as it was ignored by third parties, GPC is intended to have legal force under privacy laws."
Theories that might do a have been around for years, but now a says an Apple "iRing" is actually in for and . Look out, and !
Pro Tip: When you email a story suggestion to a , don't put elements in your hyperlinks or other email parts.
As always, reduce to the max.
Nicht zu glauben ..
WAS fr ein Aufwand getrieben wird, um die Norwendigkeit der Cookies zu erhalten: Der Datenschutz wre gefhrdet
Max Schrems von noyb:
"Cookie-Banner seien keine Erfindung des Datenschutzes, sondern der Tracking-Industrie, denn ohne Einwilligung gebe es kein Online-Schnffeln.
Jetzt hat man Angst, dass eine einfachere Mglichkeit, Ja oder Nein zu sagen, Umsatzeinbuen bei Google und Co zur Folge hat.
Daher lobbyiere die Tracking-Industrie, was das Zeug hlt, um das Cookie-Banner zu behalten."
Google warnt
"vor drastischen Folgen der Privacy-Signal-Lsung fr die Online-Wirtschaft"
Google behauptet "diese Regelung, wrde Europa 40 bis 50 Milliarden Euro kosten"
DIe Bundesregierung betreibt Interessenvertretung zugunsten
der Adtech- und Verlagsindustrie und auf Kosten der Verbraucher:innen, schreibt
Verbraucherzentrale
"Der digitale Omnibus als Geschenk an Big Tech
The tiny tracking gadgets that keep tabs on our luggage are also being used in some unusual ways in Australia.
Nach Meta stoppt berwachungsprogramm fr Mitarbeiter.
M8, you slept for 14 years
SignalTrace is neither new nor surprising.
Any Skiddie could do that with one of chose cheap AWUS036 dongles in promiscious mode and a Raspberry Pi!