MONEY

You’ll Be Freaked Out to Learn How Often Your Apps Share Your Location

using smartphone at night
Alamy

Most of us are unaware of just how much location sharing is going on with our smartphones.

Even for researchers experienced at examining technology that might be invasive, this warning was alarming: “Your location has been shared 5,398 times with Facebook, Groupon, GO Launcher EX and seven other apps in the last 14 days.”

The warning was sent to a subject as scientists at Carnegie Mellon University were studying the impact of telling consumers how often their mobile phones shared their location and other personal data. Software was installed on users’ phones to better inform them of the data being sent out from their gadgets, and to offer a “privacy nudge” to see how consumers reacted. Here’s how one anonymous subject responded when informed a phone shared data 4,182 times:

“Are you kidding me?… It felt like I’m being followed by my own phone. It was scary. That number is too high.”

Mobile phone users are told about the kinds of things that might be shared when they install apps on their phones, but they have a tendency to “set and forget” the options. That means a single privacy choices, usually made in haste when clicking “install,” governs thousands of subsequent privacy transactions.

“The vast majority of people have no clue about what’s going on,” said Norman Sadeh, a professor in the School of Computer Science’s Institute for Software Research, who helped conduct the study.

But when consumers are reminded about the consequences of choices they make, “they rapidly act to limit further sharing,” the researchers found.

The study covered three weeks. During week one, app behavior data was merely collected. In week two, users were given access to permissions manager software called AppOps. In week three, they got the daily “privacy nudges” detailing the frequency at which their sensitive information was accessed by their apps.

Researchers found that the privacy managing software helped. When the participants were given access to AppOps, they collectively reviewed their app permissions 51 times and restricted 272 permissions on 76 distinct apps. Only one participant failed to review permissions. The “set and forget” mentality continued, however. Once the participants had set their preferences over the first few days, they stopped making changes.

But privacy reminders helped even more. During the third week, users went back and reviewed permissions 69 times, blocking 122 additional permissions on 47 apps.

Nudges Lead to Action

“The fact that users respond to privacy nudges indicate that they really care about privacy, but were just unaware of how much information was being collected about them,” Sadeh said. “App permission managers are better than nothing, but by themselves they aren’t sufficient … Privacy nudges can play an important role in increasing awareness and in motivating people to review and adjust their privacy settings.”

Of course, it’s hard to say if the research participants would have kept futzing with their privacy settings, even inspired by nudges, as time wore on. Sadeh suspected they would not: Privacy choices tend to wear people down. Given the new types and growing numbers of apps now in circulation, “even the most diligent smartphone user is likely to be overwhelmed by the choices for privacy controls,” the study’s authors said.

The findings will be presented at the Conference on Human Factors in Computing Systems in Seoul, South Korea, next month. The research is supported by the National Science Foundation, Google, Samsung and the King Abdulaziz City for Science and Technology.

For now, what can smartphone users do to better protect themselves? It’s not easy. For example: A study by IBM earlier this year found that roughly two-thirds of dating apps were vulnerable to exploitation, and in many cases, would give attackers location information. The AppOps software used in the Carnegie Mellon study used to be available to Android users, but was pulled by Google in 2013. The firm said the experimental add-on to the Android operating system had a tendency to break apps. So Android users are left to manually review app permissions one at a time — not a bad way to spend time the next time you are waiting for a bus. It’s always a good idea to turn off location sharing unless you know the software really needs it, such as map applications. IPhone users have the benefit of privacy manager software, but it doesn’t offer great detail on how data is used, and it doesn’t offer privacy nudges or any other kinds of reminders. A manual review is best for iPhone users, too.

More from Credit.com

This article originally appeared on Credit.com.

TIME privacy

Twitter Rolls Out ‘Quality Filter’ to Combat Abuse

Feature targets spam and threatening tweets

Some lucky Twitter users soon won’t have to see tweets that are spammy or abusive.

The social network is rolling out a new feature called the “quality filter,” which will automatically screen out Twitter mentions that come from suspicious accounts, are abusive or threatening or contain duplicate content. The tweets won’t be deleted from Twitter but they will no longer show up in the recipient’s list of notifications. The feature will only be available to verified users, according to Mashable.

The move marks the latest step in Twitter’s campaign to combat abuse on the social network. In December the company introduced new tools to let users more easily report instances of abuse.

[Mashable]

 

TIME privacy

Privacy Group: ‘Eavesdropping’ WiFi Barbie is Seriously Creepy

Check In Barbie
Douglas Graham—CQ-Roll Call,Inc. Check In Barbie greets visitors to the Senate Gallery Check In in the Capitol Visitors Center of the U.S. Capitol on January 15, 2014.

The Internet-connected doll collects children's voice patterns on the web

An advocacy group protested on Wednesday a so-called “eavesdropping” Barbie, which records children’s speech and sends that data over the Web.

Calling the Barbie “creepy,” Campaign for a Commercial-Free Childhood launched a petition Wednesday urging the doll’s maker, Mattel to stop the doll from being sold, the Washington Post reports.

The Doll records children’s speech with an embedded microphone and sends it over the web, which leaves kids vulnerable to stealth advertising tactics, the group said.

Chief executive Oren Jacob of ToyTalk, the San Francisco-based startup that created the technology in the doll, told the Journal that the captured audio files is “never used for anything to do with marketing or publicity or any of that stuff. Not at all.” Instead, the technology is used to improve speech recognition, Jacob said.

Children press a button to chat with Hello Barbie, which “listens” to their speech and sends the audio recording over a WiFi connection to ToyTalk’s cloud-based servers, where that speech is recognized and processed. The Barbie can then make a response.

For example, in a Mattel demonstration, “Welcome to New York, Barbie” elicited the response, “I Love New York! Don’t you?”

The doll is set to hit stores this fall.

[Washington Post]

Read next: The Barbie Doll’s Not-for-Kids Origins

Listen to the most important stories of the day.

TIME 2016 Election

Everything We Know About Hillary Clinton’s Email

And what we don't know

The new political headache afflicting Hillary Clinton is all about email.

The New York Times reported Monday that the presumptive Democratic presidential candidate had exclusively used a private email account for her government business during her tenure as Secretary of State, rather than a government email account. And an Associated Press report Wednesday said Clinton used her own email servers, rather than a third-party provider like Gmail or Yahoo Mail. That’s raised questions about whether Clinton was making a deliberate attempt to prevent her messages from being disclosed by open records requests or subpoenas.

Clinton’s campaign has said she followed both “letter and spirit of the rules,” but the snafu has played into Republican criticisms of her as secretive and politically calculating. Clinton tried to contain the damage in a tweet late Wednesday saying she supports the release of more emails.

Here’s everything to know about the controversy.

Wait. What’s the big deal?

A top U.S. diplomat working only on a personal email account raises an obvious question: Did Clinton stay off government email to hide something? Federal regulations are meant to prevent a situation in which officials, by keeping emails “off the record,” could thwart information requests made by the public or the government. When Clinton took office in 2009, federal rules required that government employees using a non-government email account “must ensure that Federal records sent or received on such systems are preserved in the appropriate agency recordkeeping system.” (It was only last year, one year after Clinton’s tenure had ended, that President Obama signed a explicitly limiting U.S. officials’ use of private email accounts for business matters.) But Clinton aides are the only ones who have determined what amounts to official correspondence and what doesn’t, and others might come to different conclusions.

Did Clinton break the law?

Probably not, but we’re still in a legal grey area. The Federal Records Act—passed in November, after Clinton left the State Department—requires government officials’ emails that are sent from personal account to be forwarded to an official account within 20 days. But during Clinton’s tenure, it was never explicitly required that top-level officials like Clinton use government-issued accounts. “What she did was not technically illegal,” Patrice McDermott, a former National Archives staffer and the head of the transparency group Open The Government coalition, told The Hill newspaper. But, she said, “it was highly inappropriate and it was inappropriate for the State Department to let this happen.”

Because her official emails were sequestered on her private email address, much of her correspondence was not openly available via the Freedom of Information Act (FOIA), which gives the public right to access information from the federal government.

Will we ever see Clinton’s official emails? Or have they simply disappeared?

Clinton’s team turned over more than 50,000 pages of emails from her personal email account to the State Department late last year, when the Federal Records Act was passed, at the department’s request.

How do we know that she turned over all required emails?

We don’t. For several years, media outlets have filed requests for Clinton’s official correspondences during her tenure under FOIA. These requests have remained unreturned or unfulfilled, though the State Department has acknowledged their receipt. Theoretically, all of Clinton’s emails concerning government matters during her tenure fall under FOIA’s domain—but they are inaccessible if they were sent between Clinton’s private account and a third-party agency, such as a nonprofit foundation or a private consultancy. Clinton would need to provide these emails herself.

Have other U.S. officials used private email accounts?

Yes. Several officials in the Bush Administration, such as Karl Rove, were heavily criticized for using personal e-mail accounts to send emails from the White House. While Clinton herself has not commented on the situation, Nick Merrill, a Clinton spokesman, noted that former Secretaries of State in both parties had also used their own email accounts when engaging with U.S. officials.

Were they punished?

We don’t know. There haven’t been reports outlining specific repercussions against those officials who used private accounts for business emails. The White House has repeatedly made its e-mail policy clear each time the issue arises. “Very specific guidance has been given to agencies all across the government, which is specifically that employees in the Obama administration should use their official e-mail accounts when they’re conducting official government business,” White House Press Secretary Josh Earnest said Wednesday.

How much do high-ranking officials like Clinton really use email?

It varies. Janet Napolitano, the former Secretary of Homeland Security, was known for never using email at all. It’s unclear exactly how often Clinton emailed, but certainly enough for her team to turn over 50,000 pages worth of emails. During her time as Secretary of State she was often spotted looking down at her BlackBerry—the image of her doing so in sunglasses inspired a Texts from Hillary meme.

So what Internet service did she use?

Clinton used a private email server registered back to her family’s home in Chappaqua, N.Y., the AP reports. That means she or someone working for her physically ran her own email, giving her wide-ranging control over her message archives. It also could have made her emails more vulnerable to hackers or physical disasters like fires or floods. The Secret Service would have been able to protect an email server in Clinton’s home from physical theft, however.

Clinton reconfigured her email account in November 2012 to use Google servers as a backup . Five months after she resigned as Secretary of State, her email server was reconfigured again, switching her backup provider to a Denver-based email provider called MX Logic.

Who’s this Eric Hoteham figure?

Eric Hoteham is the mysterious name associated with Clinton’s private server account. But no public records of “Eric Hoteham” appear to exist, and the name wasn’t found in campaign contribution records or elsewhere, the AP reports. Politico reported on Wednesday that Hoteham is a Washington stockbroker and former aide to the Clintons.

What email address did she use?

One of her private email addresses was hrd22@clintonemail.com. HRD appears to stand for her premarital initials (Hillary Diane Rodham, as opposed to now Hillary Rodham Clinton). But it’s unclear what the 22 is for. She was sworn in on Feb. 2—or 2/2.

Read next: 5 Things You Didn’t Know About Using Personal Email at Work

Listen to the most important stories of the day.

MONEY privacy

5 Things You Didn’t Know About Using Personal Email at Work

Former Secretary of State Hillary Rodham Clinton
Jason DeCrow—AP Former Secretary of State Hillary Rodham Clinton

Hillary Clinton is in trouble for mixing up her personal and business accounts—and you could get in trouble too.

Hillary Clinton has come under scrutiny for exclusively using her personal email account for all of her work communications when she was secretary of state, according to a report in the New York Times. That’s actually a huge problem. Under federal law, Clinton was required to preserve all of her communications.

But you don’t have to be a former secretary of state and favorite for the Democratic presidential nomination for your work emails to be preserved for posterity, and someone might be interested in their contents: your boss.

Here’s what you should know about the privacy of your work emails—namely, that you don’t have any.

1) Your employer can monitor pretty much anything you access on the company’s computer system, even your personal email account.

In most cases, courts have taken the position that employers have the right to monitor what employees do on the employer’s computer systems and equipment, says Catherine E. Reuben, employment lawyer at the firm Hirsch Roberts Weinstein LLP.

To start, that means your boss can see any messages you send using your work email. But that’s not all. “When you send an email from work, the company server doesn’t know or care whether this email is on your company email account or your personal Yahoo account—it monitors everything,” says Lewis Maltby, president of the National Workrights Institute. And that’s completely legal.

One gray area: A recent National Labor Relations Board case ruling found that employees have a presumptive right to use their employer’s email system for union organizing, although labor laws restrict employers from surveillance of union organizing activities. That means the NLRB may eventually conclude that employers are not able to monitor emails related to union organizing, even if they are sent using the employer’s server or equipment. “That is an unsettled issue,” Reuben says.

2) Assume any email, text message, or other electronic communication you send on your employer’s system can be used against you.

“In my personal experience, employers will monitor email when there is a business reason to do so,” Reuben says. “For example, if an employee accuses another employee of sending sexually harassing emails, the employer would naturally want, as part of its investigation, to review all of the email communications between the two employees.”

Adverse consequences are not uncommon. In 2007, a survey by the American Management Association found that 28% of employers had fired employees over “e-mail misuse.” The most common kinds of misuse: violation of company policies, inappropriate language, excessive personal use, or breaking confidentiality. (“Internet misuse” was even more common; another 30% of employers said they had terminated employees for excessive personal use of the Internet at work, viewing inappropriate content at work, or other violations of the employer’s electronic use policy.)

And your emails could cause a problem long after you send them. “Remember that emails, text messages, other electronic documents can live on forever, even if you delete them,” Reuben says.

3) Beware of “George Carlin software.”

You probably assume your boss doesn’t have time to monitor every email you send. That’s true, Maltby says, but you’re forgetting about the IT department. “People in IT can look at anything, anytime they want to, for any reason they want to,” Maltby says. “They are agents of the employer, and it’s the employer’s system.”

One very common practice: Some employers have keyword software to detect sexual harassment. Maltby calls it “George Carlin software” (note: that link is NSFW) because it can flag certain inappropriate words. But the software can pick up false positives. “If a female employee sends an email with the word ‘breast’ to her oncologist through the company system, it’s going to be read,” Maltby says.

The simple solution: Send any sensitive, personal messages from your own device.

4) Emailing company documents to your personal account could get you in trouble.

You have more work to do, but you just want to go home—and accessing your employer’s email remotely is a huge hassle. So you just forward your files from your work email account to your personal account and finish your work at home.

The problem? That could later create the impression that you are trying to steal the company’s confidential information.

“Make sure you read and understand your employer’s policies, and don’t download company information without permission,” Reuben says. “Do your best to protect the company’s trade secrets, confidential information, and data.”

5) When you set up your company’s email on your personal phone, you often give your employer the right to delete all of your personal data.

Want to check your work email on your personal iPhone? Your employer probably asked you to sign a “bring-your-own-device” agreement. If you didn’t read it, do that now—you likely waived some of your rights.

There’s good reason for that: Companies need to secure their information systems. “What the policy is essentially saying is, if you want the privilege of accessing our proprietary, confidential systems and the convenience of accessing those systems on your personal device, you’ve got to waive your right to privacy,” Reuben says. “Many employers in such a policy will reserve the employer’s right to monitor the employee’s activities on the device and to remote-wipe the device if there is a security risk, for example, if the device is lost or stolen.”

You read that right: You probably gave your employer permission to delete all of your personal data. Your company might want to do that if your device could be compromised—or if you just no longer work there. “When you leave the company, the company will probably wipe your cell phone, and they’ll probably wipe everything,” Maltby says. “Pictures of your kids, bank records, and God knows what else have been erased forever.”

The takeaway: Actually read your employer’s electronic use and BYOD policies. And back up those photos somewhere else.

TIME Smartphones

This Is the Kind of Phone Edward Snowden Might Buy

Blackphone 2
Blackphone 2

The Blackphone 2 is all about privacy over whiz-bang features

Privacy-focused smartphone and software maker on Monday revealed the Blackphone 2, the company’s second shot at making the most secure mobile device on the market.

The Blackphone 2’s hardware is similar enough to other modern phones: A 5.5-inch screen, eight-core processor, 3GB of RAM and expandable memory. But the Blackphone 2’s true raison d’etre lies at the software level. It’s running Silent Circle’s new and improved PrivatOS 1.1 on top of Google’s Android operating system, designed from the ground up to be ultra-secure. The Blackphone 2 also packs the company’s suite of privacy apps, which are essentially more secure versions of phone, text and productivity software.

“While the rest of the market is going one way, with selfie sticks and curved screens, we’re going down another, to the heart of problems, sticking with privacy and security,” Silent Circle Executive Chairman Mike Janke said at the Blackphone 2’s launch at Mobile World Congress in Barcelona, Spain, Gizmodo reports.

Silent Circle’s clear aim with the second iteration of the Blackphone is to break into the Apple-dominated enterprise market. Another new feature called Spaces, for example, allows users to essentially partition their Blackphone, keeping separate profiles for work and personal use. The work profile can then be administered by employers’ IT departments.

Still, Silent Circle will have to prove just how secure the Blackphone 2 really is before corporate buyers hop on board. Silent Circle attracts plenty of attention from hackers just by advertising its devices as super-secure — security researchers made headlines last year when they were able to hack the Blackphone, though one flaw they exploited was already fixed with a software patch and the others required settings no security-minded user would enable.

The Blackphone 2 should be out by the end of the year.

MONEY Passwords

Skin-Implanted Chips Will Replace Passwords in the Future

NFC chip on pad of thumb
Sarina Finkelstein (photo illustration)—Getty Images (2)

It's not science fiction anymore — a chip implant can hold your passwords, credit card numbers and health information.

It was a moment out of science fiction. All eyes were on Kaspersky Lab researcher Povel Torudd as he sat center stage at the Kaspersky Security Analyst Summit in Cancun, Mexico, recently, waiting to become a cyborg.

Torudd volunteered to have a Near Field Communications (NFC) chip implanted in his hand by a professional body piercer using sterilized tools, a marker to show where the chip would be inserted, a scalpel and an imposing-looking insertion syringe.

Within minutes, Torudd was done. No hysterics (except for a few of us in the audience) and lots of curiosity.

NFC implants, such as the one now in Torudd’s hand, can be used for a variety of digital age tasks.

The chip can be used as a form of authentication in a multi-factor authentication scheme. It can store digital logins or manage public encryption keys, according to Hannes Sjoblad of the Swedish Biohacking Association.

NFC implants can also be used for personalization and user configuration. Sjoblad outlined how the chip implanted in his hand can automatically reset his car’s seat and mirror settings to account for his larger physique after his smaller-framed wife drives the family vehicle.

Sjoblad also stores information about his gym memberships and rebate memberships for retailers he frequently shops with in Sweden. “It’s made my life easier and interesting,” he said.

Torudd agreed to let the audience watch the implanting of a chip about the size of a grain of rice under his skin between his thumb and forefinger. It is powered by a tiny battery, but don’t worry about chip running out of juice too quickly. The chip is “asleep” most of the time, and wakes up only when the associated Android app attempts to read the stored data. And removing the chip is as simple as the insertion process, Sjoblad said, requiring a small scalpel cut over the insertion point.

Implants may soon supplant basic items in our pockets, such as car keys, proximity cards, and other forms of authentication, Sjoblad said, noting they can “replace all silly passwords.”

While biohacking has the potential for solving different types of authentication issues, there are unique security challenges posed by the technology. Privacy is always a concern when data can be accessed remotely, but the fact that healthcare is one of the big drivers for implants exacerbates privacy concerns.

These chips can potentially store years of data, which can be highly valuable for the attacker, as well as highly detrimental to user privacy if leaked.

More than just privacy, this kind of technology may potentially affect the person’s physical safety, Sjoblad said. Consider that researchers have already identified potential risks associated with existing human implant technology, such as insulin pumps, pacemakers, and cochlear implants. Past demonstrations have shown how insulin pumps and pacemakers can be manipulated maliciously to potentially harm the person using these medical devices.

More from Credit.com

This article originally appeared on Credit.com.

MONEY privacy

Your Embarrassing Online Searches About Health Problems Aren’t Private

camera aimed at laptop
Thomas Jackson—Getty Images

A new study found that 91% of health-related web pages reveal potentially sensitive information to third parties like data brokers and online advertisers.

Hypochondriacs beware: That Google search for “STD symptoms” could go into your digital dossier.

A new study has found that health-related web pages often leak information about you and the information you access to third parties, raising concerns about online privacy.

To conduct the study, University of Pennsylvania PhD student Timothy Libert analyzed the top 50 search results for 1,986 common diseases, some 80,000 web pages. He found that on 91% of the pages, third parties like social networks, advertisers, and data brokers could access information about who was viewing the page, like the user’s IP address. On 70% of the pages, those third parties could see information about specific “conditions, treatments and diseases” viewed.

Altogether, 78% of the health-related web pages sent information about you to Google, 31% sent information to Facebook, and 5% sent information to Experian, a credit bureau and data broker.

What’s the big deal? Libert has two major concerns about these practices. The first is that the third parties could match you with your medical search results, a problem he calls “personal identification.” This isn’t a totally imaginary scenario—data brokers routinely collect information about you from your online activity, shopping habits, and public records, then turn around and sell that information to advertisers. That already includes sensitive medical information: One data broker was caught hawking lists of “rape sufferers,” “domestic abuse victims” and “HIV/AIDS patients.”

Second, advertisers could discriminate against you based on your medical searches, regardless of whether your search results are ever connected to you personally. That’s called “blind discrimination.” In other words, advertisers could serve you certain ads and offer you certain promotions based on the websites you read. Again, this practice can be innocuous, but it can also have a dark side. “It’s like any other form of discrimination,” Libert says. “If you’re going to extend a favorable offer to somebody, your best client probably isn’t somebody with terminal cancer.”

The tech-savvy might think their searches are private because they delete cookies or use a private browser, like Google Chrome’s “incognito mode.” Sorry, but no.

That’s because of the way websites work. Libert explains that a web page is like a recipe. The code says, “display an image from this file” or “play this video from Youtube.” To pull in content from another website’s server—like a video from Youtube—your server makes a “request” to that third-party server, and reveals information about you in the process. For example, the third party can see the name of the webpage you’re visiting, which may sound harmless, but can reveal a lot. You might not, for example, want advertisers and data brokers to know that you recently read “www.cdc.gov/hiv”.

“Even if you’re using incognito mode or something, the HTTP requests, at the very basic level, are still being made,” Libert says.

And you usually don’t even know it’s happening. While you can see evidence of some third-party requests, like Youtube videos and Facebook “like” buttons, Libert says most requests are bits of code invisible to the non-programmer’s eye.

Legally, this is all aboveboard. The HIPAA law protecting medical privacy only applies to medical services like insurance claims, not other businesses.

So while Libert wants lawmakers to beef up online privacy protections, he says in the meantime, your best bet is to install a browser extension like Ghostery or Adblock Plus.

“They don’t catch everything, but they catch a lot,” Libert says.

TIME privacy

Revenge Porn Mastermind Pleads Guilty to Hacking and ID Theft

TIME.com stock photos Computer Keyboard Typing Hack
Elizabeth Renstrom for TIME

The "Most Hated Man on the Internet" ran a huge website featuring nude photos of ex lovers

The founder and operator of a notorious revenge porn site has pleaded guilty to charges including unauthorized access to a computer and identity theft.

Hunter Moore, 28, has been called “the most hated man on the Internet” for his role in the website IsAnybodyUp.com, which posted nude and sexually explicit photos of people without their permission. The site brought in a purported $10,000 in ad revenue per month, Ars Technica reports.

Many of the photos came from spurned ex-lovers who submitted nude images of their former partners. An ex’s full name, profession, social media profile and city of residence were posted, ensuring the pictures would appear on Google and allowing family members and co-workers to access lewd pictures. Moore also pleaded guilty to paying for stolen nude photos from victims.

Each of the three charges against Moore carries a maximum penalty of two to five years in jail. Moore will likely be sentenced within the next several months.

TIME privacy

Lenovo Under Fire for Potentially Exposing Users to Hackers

Inside A Lenovo Group Store As Company Reports 25 Percent Jump In Fourth-Quarter Profit
Bloomberg/Getty Images Lenovo Group Ltd. signage is displayed near laptops in an arranged photograph at a Lenovo store in the Yuen Long district of Hong Kong on May 23, 2014.

The computer manufacturer's laptops were being sold with invasive adware

Computer manufacturer Lenovo is getting flak for selling laptops with marketing software that experts say opens up a door for hackers.

The software, called Superfish, analyzes users’ Internet habits and displays third-party ads based on that activity, The Next Web reports.

Troublingly, Superfish also impersonates certificates for encrypted websites in order to monitor users’ behavior even on protected sites. That can open a door for hackers targeting sensitive information like passwords or banking details, because users’ data isn’t being protected as well as it ought to be.

In a statement Thursday, Lenovo said it stopped preloading the software in January, and won’t preload it in the future. Lenovo also defended itself from criticism over installing Superfish in the first place, arguing the software doesn’t pose a security risk despite what several experts have said.

“We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns,” Lenovo said. “But we know that users reacted to this issue with concern, and so we have taken direct action to stop shipping any products with this software.”

Your browser is out of date. Please update your browser at http://update.microsoft.com