TikTok Used Privacy Loophole to Track Android Users’ Data

Google limits how Android apps track users, and it appears that TikTok violated this policy by collecting unique identifiers — called MAC addresses — from millions of mobile devices. In fact, TikTok seemed to have concealed this action via an added layer of encryption. TikTok, which has publicly declared it doesn’t share data with the Chinese government, ended the collection of MAC addresses in November. An AppCensus 2018 analysis found that about 1 percent of Android apps collect MAC addresses. Continue reading TikTok Used Privacy Loophole to Track Android Users’ Data

Prominent Twitter Accounts Hacked for Cryptocurrency Fraud

On Wednesday, scammers launched one of the most audacious attacks in recent memory, posting messages from the Twitter accounts of Joe Biden, Barack Obama, Kanye West, Bill Gates and Elon Musk that if people sent Bitcoin, the famous person would send back double the money. The first attack targeted high-profile cryptocurrency leaders and companies, but soon broadened to include a list of prominent U.S. politicians and entertainment and tech executives. It appears that an internal Twitter account was involved in the attacks, but it has yet to be determined whether an employee was willfully complicit. Continue reading Prominent Twitter Accounts Hacked for Cryptocurrency Fraud

Comcast Inks Deal to Adopt Mozilla’s Firefox DNS Encryption

In a new partnership, Comcast will be the first Internet Service Provider (ISP) to offer users of Mozilla’s Firefox browser with private and secure encrypted Domain Name System (DNS) services via Mozilla’s Trusted Recursive Resolver (TRR) Program. Comcast’s DNS over HTTPS (DoH) will be activated by default for Firefox over Comcast’s Xfinity broadband network. Users will be able to switch to Cloudflare or NextDNS, which were already included in Mozilla’s program. No date of availability was released. Continue reading Comcast Inks Deal to Adopt Mozilla’s Firefox DNS Encryption

PACT Act Intends to Update Section 230, Protect Consumers

Senators Brian Schatz (D-Hawaii) and John Thune (R-South Dakota) introduced the Platform Accountability and Consumer Transparency (PACT) Act, which would hold Internet platforms such as Facebook and Google responsible for hosting illegal content and require them to reveal their moderation practices. The Act would change parts of Section 230 of the Communications Decency Act of 1996 that shield such platforms from liability for the content their users post, and is intended to require platforms to quickly remove offending content. Continue reading PACT Act Intends to Update Section 230, Protect Consumers

Use of Messaging App Signal Skyrockets During Civil Unrest

In May, according to App Annie, the encrypted messaging app Signal was downloaded one million times worldwide, a result of both the COVID-19 pandemic and the more recent protests over George Floyd’s death and police brutality. Sensor Tower reports that Signal currently has 32.4 million installs. Privacy advocates have always been attracted to Signal’s ability to limit the information it can give to authorities. Signal’s end-to-end encryption is considered more secure than what is offered by Facebook’s WhatsApp and Apple’s iMessage. Continue reading Use of Messaging App Signal Skyrockets During Civil Unrest

Zoom Clarifies its Relationship with Law Enforcement and FBI

Zoom founder and chief executive Eric Yuan said his company will assist the FBI and law enforcement by providing end-to-end encryption only to paying customers, but not for the majority of those who use its free version, “in case some people use Zoom for a bad purpose.” During widespread U.S. protests over the death of George Floyd, Yuan’s comments did not go over well, with some users threatening to switch to rival services. But his words were misinterpreted and taken out of context. “We plan to provide end-to-end encryption to users for whom we can verify identity, thereby limiting harm to vulnerable groups,” explained Yuan. Continue reading Zoom Clarifies its Relationship with Law Enforcement and FBI

German Firms Plan to Build Their Own Secure 5G Networks

Although Germany’s carriers plan to launch 5G networks, large companies including BASF, BMW, Bosch, Lufthansa and Volkswagen have applied to set up local private 5G networks. The German network regulator reported that, so far, 33 companies have bought licenses, which became available last November. Experts observe that private 5G networks are useful for industrial applications that require speedy, reliable connectivity with low latency for real-time critical jobs such as driverless vehicles and robots. Continue reading German Firms Plan to Build Their Own Secure 5G Networks

‘Zoombombing’ on the Rise, Zoom Works to Improve Security

As use of Zoom Video Communications’ conferencing services have soared, the company’s chief executive Eric Yuan has had issues scaling up the popular app. The nine-year-old tool, once a favorite in the business world, is now ubiquitous among a wide swathe of consumers, educators and others. Issues with privacy and hacking have arisen, and Yuan admitted he “messed up” on security, especially with the claim — proven false — that Zoom offered end-to-end encryption. Yuan said the full encryption feature will be available in a few months. Meanwhile, some users are switching to other platforms. Continue reading ‘Zoombombing’ on the Rise, Zoom Works to Improve Security

Zoom Use Skyrockets, Revealing Privacy and Security Issues

Remote conferencing services company Zoom Video Communications has become an overnight success as more Americans stay home during the coronavirus pandemic. Zoom, once mainly used by businesses, is now being used for everything from yoga courses to happy hours, but is also stretching the tool’s limits to serve both those who pay for the premium service and consumers who gravitate to the free version. There’s also a dark side to Zoom’s uptick: online trolls who “Zoombomb” meetings, and concerns about the San Jose-based company’s privacy policies. Continue reading Zoom Use Skyrockets, Revealing Privacy and Security Issues

Intel Issues a Patch to Address Concerns About Chip Security

According to researchers at security firm Positive Technologies, Intel chips that were released during the past five years contain a flaw that may allow hackers to overcome built-in security measures. The flaw is in the Converged Security and Management Engine (CSME), described as a subsystem inside CPUs and chipsets similar to AMD’s Platform Security Processor. Intel has issued a patch, but Positive Technologies said it may not be enough to protect systems containing the flawed products. Intel’s 10th generation processors are reportedly not among those affected. Continue reading Intel Issues a Patch to Address Concerns About Chip Security

Law Could Stoke Battle Between Congress and Silicon Valley

Senate Judiciary Committee chair Lindsey Graham and senator Richard Blumenthal plan to introduce a law that could interfere with Big Tech’s ability to provide end-to-end encryption. The Eliminating Abuse and Rampant Neglect of Interactive Technologies Act of 2019 (EARN IT Act) targets the distribution of child sexual abuse material on platforms such as Facebook and Google, making them liable for state prosecution and civil lawsuits for user-posted content currently protected by Section 230. Continue reading Law Could Stoke Battle Between Congress and Silicon Valley

HPA Tech Retreat: Evolving Security for Media & Entertainment

An increasing concern over content security was the subject of HBO/WarnerMedia productions and content security head Marc Zorn’s talk on “Why Traditional Information Security Doesn’t Fit in Most of Media & Entertainment.” “Film security was based on physical controls,” he said. “Post production began after photography, and threats were primarily from post onwards.” Once the workflow became digital, he added, threats to digital media looked like IT security, “from an IT security professional’s perspective.” Continue reading HPA Tech Retreat: Evolving Security for Media & Entertainment

HPA Tech Retreat: ETC Outlines Adaptive Production Projects

ETC’s director of adaptive production Seth Levenson described the USC think tank’s array of projects under this umbrella, which include archiving, blockchain, and visual effects standards. The working group on archiving, co-chaired by Paramount Pictures senior vice president asset management Andrea Kalas, is developing best practices for cloud preservation. Levenson pointed to the white paper on “Guidelines for Digital Audio-Visual Assets in the Cloud,” which in part focused on fixity, or getting out the same assets that were uploaded. Continue reading HPA Tech Retreat: ETC Outlines Adaptive Production Projects

WhatsApp Chief Pledges to Safeguard Messaging Encryption

WhatsApp head Will Cathcart revealed that the app now has more than two billion active users; numbers were last released two years ago. Cathcart also emphasized that he will continue to defend the messaging app’s encryption, noting that, “for all of human history, people have been able to communicate privately with each other … and we don’t think that should go away in a modern society.” Facebook, which acquired WhatsApp for $21.8 billion, finds encryption a barrier to recuperating its investment. Continue reading WhatsApp Chief Pledges to Safeguard Messaging Encryption

Trump Administration Plans to Fund AI, Quantum Computing

Artificial intelligence and quantum computing would be awarded increased funding under the Trump administration’s proposed $4.8 trillion budget. The Defense Department and the National Science Foundation would receive more funds for AI research, and $25 million would go towards the creation of a national “quantum Internet,” aimed at making it more difficult to hack into digital communications. The proposed funding comes at a time that China has prioritized both new technologies, and the U.S. seeks to catch up. Continue reading Trump Administration Plans to Fund AI, Quantum Computing