Group items matching

in title, tags, annotations or url

""Privacy Not Included" is Mozilla's Christmas shopping (anti)-guide to toys and gadgets that spy on you and/or make stupid security blunders, rated by relative "creepiness," from the Nintendo Switch (a little creepy) to the Fredi Baby monitor (very creepy!). Mozilla's reviews include a detailed rationale for each ranking, including whether the product includes encryption, whether it forces a default password change, how easy to understand the documentation is, whether it shares your data for "unexpected reasons," whether it has known security vulnerabilities, whether it has parental controls and more."

"If that data is collected, does the child have a right to get it back? If that data is collected from very early childhood and does not belong to the child, does it make the child extra vulnerable because his or her choices and patterns of behaviour could be known to anyone who purchases the data, for example, companies or political campaigns. Depending on the privacy laws of the state in which the toys are being used, if the data is collected and kept, it breaches Article 16 of the Convention on the Rights of the Child - the right to privacy. (Though, of course, arguably this is something parents routinely do by posting pictures of their children on Facebook). "

"The revelation that encrypted email is vulnerable to a variety of devastating attacks (collectively known as "Efail") has set off a round of soul-searching by internet security researchers and other technical people -- can we save email? One way to think about Efail is that it was caused by a lack of central coordination and control over email-reading programs -- the underlying protocols are strong and robust, but they can be implemented in ways that create real problems. In particular, the ability to show HTML inside a message makes email very hard to secure:"

"The ethics of Facebook's micro-targeted advertising was thrust into the spotlight this week by a report out of Australia. The article, based on a leaked presentation, said that Facebook was able to identify teenagers at their most vulnerable, including when they feel "insecure", "worthless", "defeated" and "stressed"."

"In the last year, Facebook adjusted some of the most fundamental rules about what gets posted on its platform, halting algorithmic recommendations of political groups, banning lies about vaccines and removing a number of high-profile figures for spreading misinformation and hate - including Donald Trump. But researchers say the social media platform is not enforcing those policies as effectively when it comes to misinformation in Spanish - a blind spot that may prove deadly as health lies spread through the most vulnerable populations during the global vaccine effort."

"The disclosure points to a problem security researchers have been warning about for years: that despite its reputation for building what is seen by millions of customers as a secure product, some believe Apple's closed culture and fear of negative press have harmed its ability to provide security for those targeted by governments and criminals. "Apple's self-assured hubris is just unparalleled," said Patrick Wardle, a former NSA employee and founder of the Mac security developer Objective-See. "They basically believe that their way is the best way. And to be fair … the iPhone has had incredible success. "But you talk to any external security researcher, they're probably not going to have a lot of great things to say about Apple. Whereas if you talk to security researchers in dealing with, say, Microsoft, they've said: 'We're gonna put our ego aside, and ultimately realise that the security researchers are reporting vulnerabilities that at the end of the day are benefiting our users, because we're able to patch them.' I don't think Apple has that same mindset.""

"Vast sums are being spent by governments across the industrialized and developing worlds on automating poverty and in the process, turning the needs of vulnerable citizens into numbers, replacing the judgment of human caseworkers with the cold, bloodless decision-making of machines. "

"Now, researchers warn that these "direct to consumer" services could be vulnerable to a sort of genetic hacking. By uploading selected DNA sequences, they say, it may be possible, for example, to pull out the genomes of most people in a database or to identify people with genetic variants associated with specific traits such as Alzheimer's disease."

"Hultquist noted that cyberwarfare evens the battlefield between Iran and the US. "That's why they choose an asymmetric battleground," he said. "We might have this massive advantage with a very sophisticated ability, but we also have this very sophisticated society that makes us very vulnerable to computer attacks.""

"Biden's team is more vulnerable to cyberattacks "

""Critical, user-facing vulnerabilities" were found in the Chinese supplier's fixed-broadband products caused by poor code quality and an old operating system, the Huawei Cyber Security Evaluation Centre Oversight Board said in a report. "U.K. operators needed to take extraordinary action to mitigate the risk.""

"Activists swiftly warned that the policy as it was published would backfire. The policy was vague and had been put together without much input from the communities most vulnerable to harassment and doxxing, the activists argued. They had little faith in Twitter's reporting and appeals process, which they described as unreliable, automated and allowing for little discussion about the enforcement of policies."

"Tristan Harris presents on 1) why humans as a species are vulnerable to technology, 2) why it's so hard to solve the issues of social media algorithms, artificial intelligence, and exponential tech, and 3) what it will take to come together to avoid these existential threats."

"Cybersecurity researchers say the My2022 mobile app - the official app of the Beijing Winter Olympics - has serious security vulnerabilities and that "all Olympian audio is being collected, analyzed and saved on Chinese servers." Why This Matters: The Chinese government is mandating all Olympic athletes, coaches, and attendees use the My2022 app and, as of Thursday morning, the app is still available in the Apple and Android U.S. app stores where Americans can download it too."

"A leading psychologist who advises Meta on suicide prevention and self-harm has quit her role, accusing the tech giant of "turning a blind eye" to harmful content on Instagram, repeatedly ignoring expert advice and prioritising profit over lives. Lotte Rubæk, who has been on Meta's global expert group for more than three years, told the Observer that the tech giant's ongoing failure to remove images of self-harm from its platforms is "triggering" vulnerable young women and girls to further harm themselves and contributing to rising suicide figures."

"AI-generated voices are extremely convincing and can converse without the obvious repetitions and scripted lines, making a dream tool for fraudsters, marketers and political campaigns. The Federal Communications Commission sees the costs of all this coming and is banning their use in robocalls. "Bad actors are using AI-generated voices in unsolicited robocalls to extort vulnerable family members, imitate celebrities and misinform votes," said FCC Chairwoman Jessica Rosenworcel in a press release. "State attorneys general will now have new tools to crack down on these scams and ensure the public is protected from fraud and misinformation.""

"Many of these cameras have no easy, networked means of getting a firmware update, either, making their zeroday bugs into foreverday bugs. Some of these bugs were simple programmer error, but Philips, ah, Philips: they shipped an Internet-connected home spycam whose default root login was admin and /ADMIN/. Security. "

"Cybersecurity experts have warned for years that malfeasance, technical breakdown or administrative incompetence could easily wreak havoc with electronic systems and could go largely or wholly undetected. This is a concern made much more urgent by Russia's cyber-attacks on political party servers and state voter registration databases in 2016 and by the risk of a repeat - or worse - in this November's midterms. "

"These exploits are based on chip engineering flaws, not on software flaws. Apple, Google, Abode, Microsoft, and other software companies didn't write poor software or bad Operating Systems to cause these problems to occur. Rather, the chip manufacturers - Intel, AMD and ARM - designed and then engineered computer chips with flaws built into them. Once discovered, those flaws allow the Meltdown and Spectre exploits to be run. Worse, these chips have been sold with consumer computers, servers and mobile devices since 1995. so the impact is, potentially, both personal and global in scope."