WordPress Tavern: WordPress 5.1.1 Patches Critical Vulnerability

WordPress Tavern: WordPress 5.1.1 Patches Critical Vulnerability. “WordPress 5.1.1 was released yesterday evening with an important security update for a critical cross-site scripting vulnerability found in 5.1 and prior versions. The release post credited Simon Scannell of RIPS Technologies for discovering and reporting the vulnerability.”

TorrentFreak: YouTube is Not Liable for Copyright Infringing Videos, Appeal Court Rules

TorrentFreak: YouTube is Not Liable for Copyright Infringing Videos, Appeal Court Rules. “The Higher Regional Court of Vienna, Austria, has ruled that YouTube can’t be held liable for infringing videos uploaded by users. The Court overturned a previous verdict which held that YouTube takes an “active role,” which disqualifies it from safe harbor protection. Rightsholder Puls 4 is disappointed with the outcome and will take the case to the Supreme Court.”

TechCrunch: Gearbest security lapse exposed millions of shopping orders

TechCrunch: Gearbest security lapse exposed millions of shopping orders. “Gearbest, a Chinese online shopping giant, has exposed millions of user profiles and shopping orders, security researchers have found. Security researcher Noam Rotem found an Elasticsearch server leaking millions of records each week, including customer data, orders and payment records. The server wasn’t protected with a password, allowing anyone to search the data.”

ABC 12: MSP database contains millions of photos of Michigan residents

ABC 12: MSP database contains millions of photos of Michigan residents. “You might expect the police to have access to your driver’s license photo, but what about your social media photos as well? It’s called the Statewide Network of Agency Photos or Snap. Michigan State Police’s database of photos. Millions of them, possibly of you, me and a whole lot of other people in the state of Michigan. Photos you had no idea law enforcement had access to.”

New Scientist: Home DNA-testing firm will let users block FBI access to their data

New Scientist: Home DNA-testing firm will let users block FBI access to their data. “One of the biggest home DNA-testing companies seems to have bowed to a backlash over its decision to allow the FBI access to its database, by announcing a new way for customers to stop law-enforcement agencies accessing their data.”

TechCrunch: ICE has a huge license plate database targeting immigrants, documents reveal

TechCrunch: ICE has a huge license plate database targeting immigrants, documents reveal. “Newly released documents reveal Immigration and Customs Enforcement is tracking and targeting immigrants through a massive license plate reader database supplied with data from local police departments — in some cases violating sanctuary laws.”

Schneier on Security: Judging Facebook’s Privacy Shift

Schneier on Security : Judging Facebook’s Privacy Shift. “There is ample reason to question Zuckerberg’s pronouncement: The company has made — and broken — many privacy promises over the years. And if you read his 3,000-word post carefully, Zuckerberg says nothing about changing Facebook’s surveillance capitalism business model. All the post discusses is making private chats more central to the company, which seems to be a play for increased market dominance and to counter the Chinese company WeChat. In security and privacy, the devil is always in the details — and Zuckerberg’s post provides none. But we’ll take him at his word and try to fill in some of the details here. What follows is a list of changes we should expect if Facebook is serious about changing its business model and improving user privacy.”