A shipment of laptops supplied to British schoolkids by the Department for Education to help them learn under lockdown came preloaded with malware, The Register can reveal.
The affected laptops, supplied to schools under the government’s Get Help With Technology (GHWT) scheme, which started last year, came bundled with the Gamarue malware – an old remote access worm from the 2010s.
The Register understands that a batch of 23,000 computers, the GeoBook 1E running Windows 10, made by Shenzhen-headquartered Tactus Group, contained the units that were loaded with malware. A spokesperson for the manufacturer was not available for comment.
These devices have shipped over the past three to four weeks, though it is unclear how many of them are infected. It is believed the devices were imaged as they left the factory.
One source at a school told The Register that the machines in question seemed to have been manufactured in late 2019 and appeared to have been loaded with their DfE-specified software last year.
[…]
People familiar with the GHWT rollout told The Register that not all the machines in the batch phoned home, however.
The GeoBook 1Es are intended for use by schoolchildren isolating at home during the pandemic as well as in schools themselves.
The Reg understands that 77,000 GEO units have shipped so far under GHWT, with several thousand left to ship.
[…]
Sources told us reseller XMA sourced the kit but was not asked to configure it. It was among three resellers supplying the GHWT contract. Computacenter initially bagged an £87m contract to supply GHWT last year and was joined by IT resellers SCC UK and XMA later that year. XMA inked a 12-month contract worth £5.7m covering 26,449 devices, in October 2020. The £2.1m SCC deal, also inked that month, covers another 10,000 devices.
[…]
“When first run, W32/Gamarue-BJ connects to a C2 site to download updates and further instructions,” said Sophos.
The malware, well known to antivirus vendors since its inception in 2011, was also distributed in the mid-2010s by the Andromeda botnet. That was KO’d by an international coalition in 2017.
Prostate cancer is one of the most common cancers among men. Patients are determined to have prostate cancer primarily based on PSA, a cancer factor in blood. However, as diagnostic accuracy is as low as 30%, a considerable number of patients undergo additional invasive biopsy and thus suffer from resultant side effects, such as bleeding and pain.The Korea Institute of Science and Technology (KIST) announced that the collaborative research team led by Dr. Kwan Hyi Lee from the Biomaterials Research Center and Professor In Gab Jeong from Asan Medical Center developed a technique for diagnosing prostate cancer from urine within only 20 minutes with almost 100% accuracy. The research team developed this technique by introducing a smart AI analysis method to an electrical-signal-based ultrasensitive biosensor.As a noninvasive method, a diagnostic test using urine is convenient for patients and does not need invasive biopsy, thereby diagnosing cancer without side effects. However, as the concentration of cancer factors is low in urine, urine-based biosensors are only used for classifying risk groups rather than for precise diagnosis thus far.
Elon Musk on Thursday took to Twitter to promise a $100 million prize for development of the “best” technology to capture carbon dioxide emissions.
Capturing planet-warming emissions is becoming a critical part of many plans to keep climate change in check, but very little progress has been made on the technology to date, with efforts focused on cutting emissions rather than taking carbon out of the air.
The International Energy Agency said late last year that a sharp rise in the deployment of carbon capture technology was needed if countries are to meet net-zero emissions targets.
NCC Group and Fox-IT have been tracking a threat group with a wide set of interests, from intellectual property (IP) from victims in the semiconductors industry through to passenger data from the airline industry.
In their intrusions they regularly abuse cloud services from Google and Microsoft to achieve their goals. NCC Group and Fox-IT observed this threat actor during various incident response engagements performed between October 2019 until April 2020. Our threat intelligence analysts noticed clear overlap between the various cases in infrastructure and capabilities, and as a result we assess with moderate confidence that one group was carrying out the intrusions across multiple victims operating in Chinese interests.
In open source this actor is referred to as Chimera by CyCraft.
NCC Group and Fox-IT have seen this actor remain undetected, their dwell time, for up to three years. As such, if you were a victim, they might still be active in your network looking for your most recent crown jewels.
We contained and eradicated the threat from our client’s networks during incident response whilst our Managed Detection and Response (MDR) clients automatically received detection logic.
With this publication, NCC Group and Fox-IT aim to provide the wider community with information and intelligence that can be used to hunt for this threat in historic data and improve detections for intrusions by this intrusion set.
A lengthy antitrust investigation into PC games geo-blocking in the European Union by distribution platform Valve and five games publishers has led to fines totalling €7.8 million (~$9.4 million) after the Commission confirmed today that the bloc’s rules had been breached.The geo-blocking practices investigated since before 2017 concerned around 100 PC video games of different genres, including sports, simulation and action games.In addition to Valve — which has been fined just over €1.6 million — the five sanctioned games publishers are: Bandai Namco (fined €340,000), Capcom (€396,000), Focus Home (€2.8 million), Koch Media (€977,000) and ZeniMax (€1.6 million).The Commission said the fines were reduced by between 10% and 15% owing to cooperation from the companies, with the exception of Valve, which it said chose not to cooperate (a “prohibition Decision” rather than a fine reduction was applied in its case).
Hackers are exploiting a strange bug that lets a simple text string ‘corrupt’ your Windows 10 or Windows XP computer’s hard drive if you extract a ZIP file, open a specific folder, or even click on a Windows shortcut. The hacker adds the text string to a folder’s location, and the moment you open it, bam—hard drive issues.
Or so you might assume when you see a “restart to repair hard drive errors” warning appear in Windows 10. Odds are good that your data is actually fine, but you’ll still have to run chkdsk to be sure.
The bug was first discovered and disclosed by security researcher Jonas L, then Will Doorman of the CERT Coordination Center confirmed those findings. According to Doorman, the flaw is one of many similar issues in Windows 10 that have gone unaddressed for years. Worse, there are more ways to execute the attack beyond just opening a folder.
According to tests by Bleeping Computer, it appears the text string is effective even if a shortcut icon simply points to a location with the corrupting text. You don’t have to click on or open the file, either; just having it visible on your desktop is enough to execute the attack. The text string also works in ZIP files, HTML files, and URLs.
Microsoft is investigating the issue, but there’s no telling if or when a fix could show up. As a company spokesperson told The Verge:
“We are aware of this issue and will provide an update in a future release. The use of this technique relies on social engineering and as always we encourage our customers to practice good computing habits online, including exercising caution when opening unknown files, or accepting file transfers.”
In the meantime, don’t click on suspicious links or open unknown files. That said, this is an unusual bug that can be exploited in numerous ways, and it’s possible the text string could pop up in unexpected places.
n an update and white paper [PDF] released on Tuesday, FireEye warned that the hackers – which intelligence services and computer security outfits have concluded were state-sponsored Russians – had specifically targeted two groups of people: those with access to high-level information, and sysadmins.
But the targeting of those accounts will be difficult to detect, FireEye warned, because of the way they did it: forging the digital certificates and tokens used for authentication to look around networks without drawing much or any attention.
[…]
the paper gives a detailed rundown for how to search logs and what to look for to see if an account has been compromised, complete with step-by-step instructions for how to cut access and provide additional protection in future.
“When a credential that has been added to an application is used to login to Microsoft 365, it is recorded differently than an interactive user sign-in,” the paper notes. “In the Azure Portal these logins can be viewed by navigating to Sign-Ins under the Azure Active Directory blade and then clicking the service principal Sign-ins tab… Note that currently these sign-ins are not recorded in the Unified Audit Log.”
As for mitigation measures, FireEye suggests broadly: a review of all sysadmin accounts in particular to see if there are any “that have been configured or added to a specific service principal” and remove them, and then search for suspicious application credentials and remove them too.
Search and destroy
The biz has also released a free tool on GitHub it’s calling the Azure AD Investigator that will warn organizations if there are signs their networks were compromised via SolarWinds’ backdoored Orion software: there were an estimated 18,000 organizations potentially infected, SolarWinds warned last month; many of them government departments and Fortune 500 companies.
[…]
The report outlined the four “primary techniques” used by the hackers:
Steal the Active Directory Federation Services (AD FS) token-signing certificate and use it to forge tokens for arbitrary users. This bypassed various authentication requirements.
Modify or add trusted domains in Azure AD to add a new federated Identity Provider (IdP) that the attacker controls. This essentially created a backdoor on the network.
Compromise the credentials of on-premises user accounts that are synchronized to Microsoft 365 that have high privileged directory roles, such as Global Administrator or Application Administrator. This is the targeting of sysadmins.
Backdoor an existing Microsoft 365 application by adding a new application or service principal credential in order to use the legitimate permissions assigned to the application, such as the ability to read email, send email as an arbitrary user, access user calendars, etc.
The Indian government has sent a fierce letter to Facebook over its decision to update the privacy rules around its WhatsApp chat service, and asked the antisocial media giant to put a halt to the plans.In an email from the IT ministry to WhatsApp head Will Cathcart, provided to media outlets, the Indian government notes that the proposed changes “raise grave concerns regarding the implications for the choice and autonomy of Indian citizens.”In particular, the ministry is incensed that European users will be given a choice to opt out over sharing WhatsApp data with the larger Facebook empire, as well as businesses using the platform to communicate with customers, while Indian users will not.“This differential and discriminatory treatment of Indian and European users is attracting serious criticism and betrays a lack of respect for the rights and interest of Indian citizens who form a substantial portion of WhatsApp’s user base,” the letter says. It concludes by asking WhatsApp to “withdraw the proposed changes.”IndiaIndia’s top techies form digital foundation to fight Apple and GoogleREAD MOREThe reason that Europe is being treated as a special case by Facebook is, of course, the existence of the GDPR privacy rules that Facebook has repeatedly flouted and as a result faces pan-European legal action.
On Tuesday, privacy-focused browser Brave released an update that makes it the first to feature peer-to-peer protocol for hosting web content.
Known as IPFS, which stands for InterPlanetary File System, the protocol allows users to load content from a decentralized network of distributed nodes rather than a centralized server. It’s new — and much-heralded — technology, and could eventually supplant the Hypertext Transfer Protocol (HTTP) that dominates our current internet infrastructure.
“We’re thrilled to be the first browser to offer a native IPFS integration with today’s Brave desktop browser release,” said Brian Bondy, CTO and co-founder of Brave. “Integrating the IPFS open-source network is a key milestone in making the Web more transparent, decentralized, and resilient.”
The new protocol promises several inherent advantages over HTTP, with faster web speeds, reduced costs for publishers and a much smaller possibility of government censorship among them.
“Today, Web users across the world are unable to access restricted content, including, for example, parts of Wikipedia in Thailand, over 100,000 blocked websites in Turkey and critical access to COVID-19 information in China,” said IPFS project lead Molly Mackinlay told Engadget. “Now anyone with an internet connection can access this critical information through IPFS on the Brave browser.”
In an email to Vice, IPFS founder Juan Benet said that he finds it concerning that the internet has become as centralized as it has, leaving open the possibility that it could “disappear at any moment, bringing down all the data with them—or at least breaking all the links.”
“Instead,” he continued, “we’re pushing for a fully distributed web, where applications don’t live at centralized servers, but operate all over the network from users’ computers…a web where content can move through any untrusted middlemen without giving up control of the data, or putting it at risk.”
While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor. We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments. After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails. We found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments.
[…]
As the US Cybersecurity and Infrastructure Security Agency (CISA) stated, the adversary did not only rely on the SolarWinds supply-chain attack but indeed used additional means to compromise high-value targets by exploiting administrative or service credentials.
In 2019, a security researcher exposed a flaw with Azure Active Directory where one could escalate privileges by assigning credentials to applications. In September 2019, he found that the vulnerability still existed and essentially lead to backdoor access to principals’ credentials into Microsoft Graph and Azure AD Graph.
Third-party applications can be abused if an attacker with sufficient administrative privilege gains access to a tenant. A newly released CISA report reveals how threat actors may have obtained initial access by password guessing or password spraying in addition to exploiting administrative or service credentials. In our particular instance, the threat actor added a self-signed certificate with credentials to the service principal account. From there, they can authenticate using the key and make API calls to request emails via MSGraph.
For many organizations, securing Azure tenants may be a challenging task, especially when dealing with third-party applications or resellers. CrowdStrike has released a tool to help companies identify and mitigate risks in Azure Active Directory.
It’s a process that requires quite some installation and some good reading of the instructions but it can be done.
The trick is to install an older version of WhatsApp, extract the key and then copy the message databases. Then you can decrypt the database file and read it using another program. The hardest bit is extracting the key. Once you have that it’s all pretty fast. Apple IOS users have a definite advantage here because they can easily get to the key file.
You need to download WhatsApp-2.11.431.apk and abe-all.jar Then rename WhatsApp-2.11.431.apk to LegacyWhatsApp.apk and copy it to the tmp/ directory Rename abe-all.jar to abe.jar and copy it to the bin/ directory
Run the script.
Make sure you enable File transfer mode on the phone after you connect it
Also, I needed to open the old version of WhatsApp before making the backup in the script – fortunately the script waits here for a password! First it wants you to update: don’t! I got a phone date is inaccurate error. Just wait on this screen and then continue on with the script. The script goes silent here for quite some time.
The best instructions are to be found here by PIRATA! but miss the above few steps.
** Version 4.7 Updated October 2016 – Supports Android 4.0-7.0 ** SUMMARY: Allows WhatsApp users to extract their cipher key and databases on non-rooted Android devices. UPDATE: This tool was last updated on October 12th 2016. and confirmed… forum.xda-developers.com Good luck!
In 2017, Facebook said it was testing a new way of selling online advertising that would threaten Google’s control of the digital ad market. But less than two years later, Facebook did an about-face and said it was joining an alliance of companies backing a similar effort by Google.Facebook never said why it pulled back from its project, but evidence presented in an antitrust lawsuit filed by 10 state attorneys general last month indicates that Google had extended to Facebook, its closest rival for digital advertising dollars, a sweetheart deal to be a partner.Details of the agreement, based on documents the Texas attorney general’s office said it had uncovered as part of the multistate suit, were redacted in the complaint filed in federal court in Texas last month. But they were not hidden in a draft version of the complaint reviewed by The New York Times.Executives at six of the more than 20 partners in the alliance told The Times that their agreements with Google did not include many of the same generous terms that Facebook received and that the search giant had handed Facebook a significant advantage over the rest of them.The executives, all of whom spoke on condition of anonymity to avoid jeopardizing their business relationships with Google, also said they had not known that Google had afforded such advantages to Facebook. The clear disparity in how their companies were treated by Google when compared to Facebook has not been previously reported.
High-flying and rapidly growing Chinese social media management company Socialarks has suffered a huge data leak leading to the exposure of over 400GB of personal data including several high-profile celebrities and social media influencers.
The company’s unsecured ElasticSearch database contained personally identifiable information (PII) from at least 214 million social media users from around the world, using both populist consumer platforms such as Facebook and Instagram, as well as professional networks such as LinkedIn.
The Elastic instance was discovered as part of Safety Detectives’ cybersecurity mission of discovering online vulnerabilities that could potentially pose risks to the general public. Once the owner of the data is identified, our team then informs the affected parties as soon as possible to mitigate the risk of any cybersecurity breaches and server leaks.
In Socialarks’ case, our team found the ElasticSearch server to be publicly exposed without password protection or encryption, during routine IP-address checks on potentially unsecured databases.
The lack of security apparatus on the company’s server meant that anyone in possession of the server IP-address could have accessed a database containing millions of people’s private information.
According to Anurag Sen, head of the Safety Detectives cybersecurity team, the affected database contained a “huge trove” of sensitive personal information to the tune of 408GB and more than 318 million records in total.
Given the sheer size of the data leak, it has been severely challenging for our team to unravel the full extent of the potential damage caused.
Our research team was able to determine that the entirety of the leaked data was “scraped” from social media platforms, which is both unethical and a violation of Facebook’s, Instagram’s and LinkedIn’s terms of service.
Moreover, it is important to note that Socialarks suffered a similar data breach in August 2020 leading to data from 150 million LinkedIn, Facebook and Instagram users being exposed.
Almost as a carbon-copy, August’s database breach revealed reams of personal data from 66 million LinkedIn users, 11.6 million Instagram accounts and 81.5 million Facebook accounts.
From the leaked data we discovered, it was possible to determine people’s full names, country of residence, place of work, position, subscriber data and contact information, as well as direct links to their profiles.
[…]
The database contained more than 408GB of data and more than 318 million records.
Without any protection whatsoever, our research team discovered the following:
11,651,162 Instagram user profiles
66,117,839 LinkedIn user profiles
81,551,567 Facebook user profiles
a further 55,300,000 Facebook profiles which were summarily deleted within a few hours after our team first discovered the server and its vulnerability.
What was surprising, that the numbers of profiles affected in the data leak found by our team are the same as the numbers mentioned in the August data leak. However, there were big differences, such as size of a database, the companies hosting those servers and the amount of indices.
The affected server, hosted by Tencent, was segmented into indices in order to store data obtained from each social media source. Our team discovered records from 3 major social media platforms: Instagram, Facebook and LinkedIn.
Instagram data
The Instagram index contained various popular personalities and online celebrities.
Our team discovered several high-profile influencers in the exposed database, including prominent food bloggers, celebrities and other social media influencers.
Celebrity Instagram profile including phone number and email address.
Every record contained public data scraped from influencer Instagram accounts, including their biographies, profile pictures, follower totals, location settings as well as personal information such as contact details in the form of email addresses and phone numbers.
The Instagram records exposed the following details:
Full name
Phone numbers for 6+ million users
Email addresses for all 11+ million users
Profile link
Username
Profile picture
Profile description
Average comment count
Number of followers and following count
Country of location
Specific locality in some cases
Frequently used hashtags
Facebook data
As mentioned above, the leak exposed 81.5 million Facebook user profiles with over 40 million exposed phone numbers and a further 32 million email address entries. Notably, most of the phone numbers our team discovered originated from pages and not individuals.
The Facebook records exposed the following details:
Full name
‘About’ text
Email addresses
Phone numbers
Country of location
Like, Follow and Rating count
Messenger ID
Facebook link with profile pictures
Website link
Profile description
LinkedIn data
Finally, our team discovered 66.1 million LinkedIn user profiles with as many as 31 million leaked email addresses (not disclosed in the profile but obtained through other, as yet unknown, sources).
The LinkedIn records exposed the following details:
Full name
Email addresses
Job profile including job title and seniority level
LinkedIn profile link
User tags
Domain name
Connected social media account login names e.g., Twitter
Company name and revenue margin
Database search showing 66 million LinkedIn profile results including personal information such as job title, name and email address.
The chart below shows a sample breakdown of user-profiles, sorted by country, from a sample of 42 million records.
Unexplained presence of Instagram and LinkedIn personal data
Socialarks’ database contained scraped data including personal information, albeit user data was partially completed.
However, according to our findings, Socialarks’ database stored personal data for Instagram and LinkedIn users such as private phone numbers and email addresses for users that did not divulge such information publicly on their accounts. How Socialarks could possibly have access to such data in the first place remains unknown.
Also, the fact that such a large, active, and data-rich database was left completely unsecured (probably for a second time) is astonishing.
It remains unclear how the company managed to obtain private data from multiple secure sources.
Instagram profile showing email and phone number despite information not being provided to Instagram.
It is also worth noting that Socialarks is based in China and was founded with private venture capital in 2014, while the vulnerable server is located in Hong Kong.
Everalbum, a consumer photo app maker that shut down on August 31, 2020, and has since relaunched as a facial recognition provider under the name Paravision, on Monday reached a settlement with the FTC over the 2017 introduction of a feature called “Friends” in its discontinued Ever app. The watchdog agency claims the app deployed facial recognition code to organize users’ photos by default, without permission.
According to the FTC, between July 2018 and April 2019, Everalbum told people that it would not employ facial recognition on users’ content without consent. The company allegedly let users in certain regions – Illinois, Texas, Washington, and the EU – make that choice, but automatically activated the feature for those located elsewhere.
The agency further claims that Everalbum’s use of facial recognition went beyond supporting the Friends feature. The company is alleged to have combined users’ faces with facial images from other information to create four datasets that informed its facial recognition technology, which became the basis of a face detection service for enterprise customers.
The company also is said to have told consumers using its app that it would delete their data if they deactivated their accounts, but didn’t do so until at least October 2019.
The FTC, in announcing the case and its settlement, said Everalbum/Paravision will be required to delete: photos and videos belonging to Ever app users who deactivated their accounts; all face embeddings – vector representations of facial features – from users who did not grant consent; and “any facial recognition models or algorithms developed with Ever users’ photos or videos.”
The FTC has not done this in past privacy cases with technology companies. According to FTC Commissioner Rohit Chopra, when Google and YouTube agreed to pay $170m over allegations the companies had collected data from children without parental consent, the FTC settlement “allowed Google and YouTube to profit from its conduct, even after paying a civil penalty.”
Likewise, when the FTC voted to approve a settlement with Facebook over claims it had violated its 2012 privacy settlement agreement, he said, Facebook did not have to give up any of its facial recognition technology or data.
“Commissioners have previously voted to allow data protection law violators to retain algorithms and technologies that derive much of their value from ill-gotten data,” said Chopra in a statement [PDF]. “This is an important course correction.”
Tesla is an oddity in the business landscape. The company’s stock is so stratospheric that Elon Musk has surpassed Jeff Bezos as the world’s richest person. Now, we have another mind-blowing metric. At Tesla’s current price-to-earnings ratio, it would take the company almost 1,600 years to make what the stock market says it’s worth.The New Statesman put up a startling comparison. In 2020, Tesla delivered 499,550 vehicles. Yet, its market capitalization shot up to $750 billion dollars. Comparatively, General Motors delivered 2.5 million vehicles in the same year, yet its market value is only $62 billion. Tesla’s price-to-earnings ratio — a comparison of current share price to earnings per share — is roughly 128X (the industry average is 15X), according to Zacks Investment Research. Based on that ratio, it would take Tesla 1,600 years to make the kind of money the stock market says it’s worth.
Neighbors is Ring’s online forum where users can share public safety information about what’s going on in their communities. It’s basically a more dystopian version of Nextdoor. Posts on Neighbors are public but supposedly anonymous, with a poster’s full name and location obscured. Yet, due to the recently discovered security bug, a savvy web explorer would’ve been able to access information about the home addresses, as well as the exact latitude and longitude, of a poster’s location, TechCrunch reports.
Similarly, every time a user posted on Neighbors, Ring servers generated a unique number for the post. These numbers increased incrementally with each post, making it easy to tie the identifying number to other information about the poster, including geographical data, according to TechCrunch. All of this was invisible to the app user, however.
Beginning, January 11, 2020, draft surveillance technology impact and use policies will be posted on the Department’s website. Members of the public are invited to review the impact and use policies and provide feedback on their contents. The impact and use policies provide details of: 1) the capabilities of the Department’s surveillance technologies, 2) the rules regulating the use of the technologies, 3) protections against unauthorized access of the technologies or related data, 4) surveillance technologies data retention policies, 5) public access to surveillance technologies data, 6) external entity access to surveillance technologies data, 7) Department trainings in the use of surveillance technologies, 8) internal audit and oversight mechanisms of surveillance technologies, 9) health and safety reporting on the surveillance technologies, and 10) potential disparate impacts of the impact and use policies for surveillance technologies.
Epic Games intends to file a competition lawsuit against Google in the UK as part of the ongoing Fortnite-kicked-off-platforms saga, according to documents lodged with the Competition Appeal Tribunal.The lawsuit will allege that Google, holder of “a dominant position in the Android app distribution market”, has unfairly restricted “competition from alternative app stores and other channels for the distribution of apps” [PDF].The legal action the games dev is taking in the UK is similar to a US lawsuit it filed against Apple, which ejected Epic from its App Store in a commercial spat about cult game Fortnite.The dispute is over exclusivity and how much of a cut Google takes from in-game microtransactions in Fortnite. As we reported back in 2018, Epic launched the Android version of Fortnite through its own website rather than the Google Play Store, the official app repository for Android. This initially deprived Google of its 30 per cent cut of Android app sale prices, though the app was later released through the Play Store.At the time, Epic chief exec Tim Sweeney had a good old spleen-venting session about the “economics of the store ecosystem as it exists right now”.In August 2020, Epic introduced what its Competition Appeal Tribunal (CAT) claim described as “a direct payment option into the Fortnite app on the Google Play Store. This enabled consumers to pay Epic directly for in-app content instead of using Google’s payment processor.” Google responded by ejecting Fortnite from the Play Store altogether.Epic is set to allege that Google is “using its market position to charge unfair prices for the distribution of apps via the Google Play Store and/or in relation to the purchase of digital in-app content within those apps,” breaking section 18 of the Competition Act 1998 and Article 101 of the Treaty on the Functioning of the European Union.
WhatsApp said on Friday that it won’t enforce the planned update to its data-sharing policy until May 15, weeks after news about the new terms created confusion among its users, exposed the Facebook app to a potential lawsuit, triggered a nationwide investigation and drove tens of millions of its loyal fans to explore alternative messaging apps.
“We’re now moving back the date on which people will be asked to review and accept the terms. No one will have their account suspended or deleted on February 8. We’re also going to do a lot more to clear up the misinformation around how privacy and security works on WhatsApp. We’ll then go to people gradually to review the policy at their own pace before new business options are available on May 15,” the firm said in a blog post.
I’m pretty sure there is no confusion. People just don’t want all their data shared to Facebook when they were promised it wouldn’t be. So they are leaving to Signal and Telegram.
Earlier this week, 9to5Mac spotted some iOS and macOS beta code that suggested Apple would prevent users from being able to sideload unsupported apps onto the new M1 Macs. Today, 9to5Mac reported that it’s now no longer possible to sideload apps that aren’t available in the Mac App Store even if they’re available on iOS.
You can run iOS and iPadOS apps on your M1 Mac, but only if a developer supports it. Per the report, users had been sideloading apps with tools like iMazing from their iPhones or iPad and could use them on their Apple Silicon computers whether or not they were technically supported. Now, when attempting to sideload an app not available in the Mac App Store on an M1 Mac running the macOS 11.2 beta, users will see an error message that the application “cannot be installed because the developer did not intend for it to run on this platform,” according to a screengrab from 9to5Mac.
A 70-foot rocket, riding beneath the wing of a retrofitted Boeing 747 aircraft, detached from the plane and fired itself into Earth’s orbit on Sunday — marking the first successful launch for the California-based rocket startup Virgin Orbit.
Virgin Orbit’s 747, nicknamed Cosmic Girl, took off from California around 10:30 am PT with the rocket, called LauncherOne, nestled beneath the plane’s left wing. The aircraft flew out over the Pacific Ocean before the rocket was released, freeing LauncherOne and allowing it to power up its rocket motor and propel itself to more than 17,000 miles per hour, fast enough to begin orbiting the Earth.
“In both a literal and figurative sense, this is miles beyond how far we reached in our first Launch Demo,” the company posted on its Twitter account.
The rocket flew a group of tiny satellites on behalf of NASA’s Educational Launch of Nanosatellites, or ELaNa, program, which allows high school and college students to design and assemble small satellites that NASA then pays to launch into space. The nine small satellites that Virgin Orbit flew on Sunday included temperature-monitoring satellite from the University of Colorado at Boulder, a satellite that will study how tiny particles collide in space from the University of Central Florida, and an experimental radiation-detection satellite from the University of Louisiana at Lafayette.
About four hours after takeoff on Saturday, Virgin Orbit confirmed in a tweet that all the satellites were “successfully deployed into our target orbit.”
Payloads successfully deployed into our target orbit! We are so, so proud to say that LauncherOne has now completed its first mission to space, carrying 9 CubeSat missions into Low Earth Orbit for our friends @NASA. #LaunchDemo2
The successful mission makes Virgin Orbit only the third so-called “New Space” company — startups hoping to overhaul the traditional industry with innovative technologies — to reach orbit, after SpaceX and Rocket Lab. The success also paves the way for Virgin Orbit to begin launching satellites for a host of customers that it already has lined up, including NASA, the military and private-sector companies that use satellites for commercial purposes.
WhatsApp updated its privacy policy at the turn of the new year. Users were notified via a popup message upon opening the app that their data would now be shared with Facebook and other companies come February 8. Due to Facebook’s notorious history with user data and privacy, the new update has since then garnered criticism with many people migrating to alternative messaging apps like Signal and Telegram. Microsoft entered the playing field too, recommending users to use Skype in place of the Facebook-owned WhatsApp.
In the latest, Turkey has now launched an antitrust probe into Facebook and WhatsApp regarding the updated privacy policy. Bloomberg reports that:
Turkey’s antitrust board launched an investigation into Facebook Inc. and its messaging service WhatsApp Inc. over new usage terms that have sparked privacy concerns.
[…]
The regulator also said it was halting implementation of such terms, it said on Monday. The new terms would result in “more data being collected, processed and used by Facebook,” according to the statement.
Mozilla developers plan to remove support for using the Backspace key as a Back button inside Firefox.The change is currently active in the Firefox Nightly version and is expected to go live in Firefox 86, scheduled to be released next month, in late February 2021.ZDNet RecommendsThe best free video streaming servicesThe best free video streaming servicesIs money tight? Have you binge-watched everything on Netflix that you ever wanted to see? Here are ways to find new-to-you, great movies plus TV shows for free.Read MoreThe removal of the Backspace key as a navigational element didn’t come out of the blue. It was first proposed back in July 2014, in a bug report opened on Mozilla’s bug tracker.At the time, Mozilla engineers argued that many users who press the Backspace key don’t always mean to navigate to the previous page (the equivalent of pressing the Back button).”Pressing backspace does different things depending on where the cursor is. If it’s in a text input field, it deletes the character to the left. If it’s not in a text input field, it’s the same as hitting the back button,” said Blair McBride, a senior software engineer for Mozilla at the time.”Whether to keep this behaviour has been argued For A Very Long Time,” McBride said. “It’s confusing for many people, but we’ve assumed it would break muscle memory for many people.”Back in 2014, McBride asked other Mozilla engineers to gather data and see exactly how many people press this key before taking a decision.Subsequent data showed that the Backspace key is, by far, the most pressed keyboard shortcut inside the Firefox user interface, with 40 million monthly active users pressing the key and triggering a “Back” navigation.To put it in perspective, this was well above the 16 million Firefox users pressing the CTRL+F shortcut to search content inside a page and 15 million Firefox users who pressed the page reload shortcuts (F5 and CTRL+R).
In the wake of the violent insurrection at the U.S. Capitol by scores of President Trump’s supporters, a lone researcher began an effort to catalogue the posts of social media users across Parler, a platform founded to provide conservative users a safe haven for uninhibited “free speech” — but which ultimately devolved into a hotbed of far-right conspiracy theories, unchecked racism, and death threats aimed at prominent politicians.
The researcher, who asked to be referred to by her Twitter handle, @donk_enby, began with the goal of archiving every post from January 6, the day of the Capitol riot; what she called a bevy of “very incriminating” evidence. According to the Atlantic Council’s Digital Forensic Research Lab, among other sources, Parler is one of a several apps used by the insurrections to coordinate their breach of the Capitol, in a plan to overturn the 2020 election results and keep Donald Trump in power.
Hoping to create a lasting public record for future researchers to sift through, @donk_enby began by archiving the posts from that day. The scope of the project quickly broadened, however, as it became increasingly clear that Parler was on borrowed time. Apple and Google announced that Parler would be removed from their app stores because it had failed to properly moderate posts that encouraged violence and crime. The final nail in the coffin came Saturday when Amazon announced it was pulling Parler’s plug.
In an email first obtained by BuzzFeed News, Amazon officials told the company they planned to boot it from its clouding hosting service, Amazon Web Services, saying it had witnessed a “steady increase” in violent content across the platform. “It’s clear that Parler does not have an effective process to comply with the AWS terms of service,” the email read.
Operating on little sleep, @donk_enby began the work of archiving all of Parler’s posts, ultimately capturing around 99.9 percent of its content. In a tweet early Sunday, @donk_enby said she was crawling some 1.1 million Parler video URLs. “These are the original, unprocessed, raw files as uploaded to Parler with all associated metadata,” she said. Included in this data tranche, now more than 56 terabytes in size, @donk_enby confirmed that the raw video files include GPS metadata pointing to exact locations of where the videos were taken.
@donk_enby later shared a screenshot showing the GPS position of a particular video, with coordinates in latitude and longitude.
The privacy implications are obvious, but the copious data may also serve as a fertile hunting ground for law enforcement. Federal and local authorities have arrested dozens of suspects in recent days accused of taking part in the Capitol riot, where a Capitol police officer, Brian Sicknick, was fatally wounded after being struck in the head with a fire extinguisher.
[…]
Kirtaner, creator of 420chan — a.k.a. Aubrey Cottle — reported obtaining 6.3 GB of Parler user data from an unsecured AWS server in November. The leak reportedly contained passwords, photos and email addresses from several other companies as well. Parler CEO John Matze later claimed to Business Insider that the data contained only “public information” about users, which had been improperly stored by an email vendor whose contract was subsequently terminated over the leak. (This leak is separate from the debunked claim that Parler was “hacked” in late November, proof of which was determined to be fake.)
In December, Twitter suspended Kirtaner for tweeting, “I’m killing Parler and its fucking glorious,” citing its rules against threatening “violence against an individual or group of people.” Kirtaner’s account remains suspended despite an online campaign urging Twitter’s safety team to reverse its decision. Gregg Housh, an internet activist involved in many early Anonymous campaigns, noted online that the tweet was “not aimed at a person and [was] not actually violent.”
Networking vendor Ubiquiti has written to its customers to advise them of a possible leak of their personal information.
“We recently became aware of unauthorized access to certain of our information technology systems hosted by a third-party cloud provider,” the email opens, before adding: “We have no indication that there has been unauthorized activity with respect to any user’s account.”
But the mail, seen by The Reg and sent out within the past few hours, also says Ubiquiti “cannot be certain that user data has not been exposed,” and admits that if the unauthorized actors did get in, they’ll have been able to access users’ “name, email address, and the one-way encrypted password to your account (in technical terms, the passwords are hashed and salted).”
Customers who stored their physical address and phone number in their account were advised that data may also have been accessed.
“As a precaution, we encourage you to change your password,” the mail states, adding that two-factor authentication is a very fine idea that customers should enable ASAP on their online accounts if it’s not already employed. A warning about password re-use across multiple sites is also offered.
Maybe now these guys will start taking security seriously. The last I looked you could get to the admin password just by telnetting into the boxes password free.
forum.xda-developers.com
