Always Providing You With Ongoing Information

Posts tagged ‘Privacy’

Facebook’s Bug Made Private Posts Public

Snapshotskirt3_001

Facebook recently announced that a bug made the posts of 14 million users public without their knowledge. A small software bug with big consequences. When you make a post to Facebook, it always asks who should see the post: your posts can be public, only visible to friends, only visible to certain friends, or only visible to you. Usually, Facebook remembers whatever you last set this to, automatically publishing your posts to the same audience you did last time. This bug caused the setting to default to posting publicly, many Facebook users probably didn’t notice.

Although you could still manually change the setting so anything you posted was private, you would have to notice that the default had changed. And since no one knew Facebook was making privacy changes, it was easy to miss. That means you could have made some of your private thoughts public.

The issue only affected posts from May 18 to May 27, 2018, and didn’t affect posts made before or after. But that’s was still enough time for 14 million users to have made public posts — some of which were surely unintentional.

It’s a good idea to browse through your profile and make sure no posts in May were accidentally made public.

Advertisements

Hackers Want 2.6 Million Or Else

Snapshotpurple_001

Equifax was hacked and they have information on 143 million Americans. The supposed hackers have made their demands of Equifax. The hackers are asking for over 600 Bitcoin – that much Bitcoin amounts to $2.66USD million. The hackers claim that if Equifax pay up , they will delete all of the data. Equifax has until September 15th to pay up.

The hackers have told Equifax to request any part of the stolen data and they will show it to them to prove that they’re legitimate.The hackers have given Equifax until September 15 to pay the ransom or the data will be publicized.

A proposed class-action lawsuit was filed against Equifax Inc. late Thursday evening, shortly after the company reported that an unprecedented hack had compromised the private information of about 143 million people.

A complaint was filed in Portland, Ore., federal court, users alleged Equifax was negligent in failing to protect consumer data, choosing to save money instead of spending on technical safeguards that could have stopped the attack. Data revealed included Social Security numbers, addresses, driver’s license data, and birth dates. Some credit card information was also put at risk.

Spyware Apps That Sneaked Its Way Into Google Play & Spy On Users

Snapshotcaramel4_001

Soniac was one of the three apps found on Google Play, according to a blog post published Thursday by a researcher from mobile security firm Lookout. The app, which had from 1,000 to 5,000 downloads before Google removed it.  Soniac had the ability to record audio, take phones, make calls, send text messages, and retrieve logs, contacts, and information about Wi-Fi access points. Google ejected the app after Lookout reported it as malicious. Two other apps—one called Hulk Messenger and the other Troy Chat—were also available in Play but were later removed. It’s not clear if the developer withdrew the apps or if Google expelled them after discovering their spying capabilities.  The apps are all part of a malware family Lookout calls SonicSpy.

Once installed, SonicSpy apps remove their launcher icon to hide their presence and then establish a connection to the control server located on port 2222 of arshad93.ddns[.]net.

The researcher said SonicSpy has similarities to another malicious app family called SpyNote, which security firm Palo Alto Networks reported last year. The name of the developer account—iraqwebservice—and several traits found in the apps’ code suggest the developer is located in Iraq. Additionally, much of the domain infrastructure associated with SonicSpy has references to that country. The phrase “Iraqian Shield” appears constantly. Lookout is continuing to follow leads suggesting the developer is based in that part of the world.

FBI Alerts Parents On Toys With Cloud Backed Features

capri10_001

The FBI say, many toys sporting cloud-backed features such as speech recognition or online content hosting “could put the privacy and safety of children at risk due to the large amount of personal information that may be unwittingly disclosed.

“Security safeguards for these toys can be overlooked in the rush to market them and to make them easy to use,” the FBI warns. “Consumers should perform online research of these products for any known issues that have been identified by security researchers or in consumer reports.”

This comes after a number of kids’ toys were found to be indirectly spying on kids by collecting and storing data, including audio conversations and personal information, without parents’ knowledge.

My Friend Cayla and i-Que robot

Germany’s Federal Network Agency, or Bundesnetzagentur, has banned Genesis Toys’ Cayla doll as an illegal surveillance device.

More Reading 

Elimination Of Internet Privacy Rules

Snapshotlilac3_002

The United States Senate is planning to start the process Today to eliminate rules that would prevent broadband internet providers from collecting sensitive data from subscribers. A vote is expected to take place on Thursday.

The expected vote was confirmed to International Business Times by a spokesperson for Florida Democratic Senator Bill Nelson, who will speak in opposition of the measure on Wednesday, and open internet advocacy group Public Knowledge.

FCC’s Privacy Rules

Stingray Cell Trackers & Warrants

dress2_001

 

Cute Toys Are Being Pulled From The Shelves

 

Norwegian consumer council Forbrukerrådet, says some high-tech toys created by U.S.-based manufacturer Genesis Toys are hazardous to children’s privacy and warranted a complaint to the Federal Trade Commission and the European Union.

The toys in question are My Friend Cayla and i-Que, they both have— a smartphone app that allows kids to talk to their toy and have it respond to what they say. Even though it appears that all communication stays between the app and the product, it actually gets sent to a remote server in the United States, without asking for the user’s permission first.

Parents setting up the product aren’t informed that their kids’ voices are sent to a server called Nuance, which is then free to use the recordings. According to Nuance’s Terms of Service, the data can be used for advertising and marketing and shared to third parties.

Tag Cloud

%d bloggers like this: