CNET: Supreme Court says warrant necessary for phone location data in win for privacy. “The US Supreme Court has ruled in favor of digital privacy. In a 5-4 decision on Friday, the justices said police need warrants to gather phone location data as evidence for trials. That reversed and remanded a decision by the Sixth Circuit Court of Appeals.”
security
ZDNet: A hacker figured out how to brute force iPhone passcodes
ZDNet: A hacker figured out how to brute force iPhone passcodes. “A security researcher has figured out how to brute force a passcode on any up-to-date iPhone or iPad, bypassing the software’s security mechanisms.”
The Hacker News: Thousands of Mobile Apps Expose Their Unprotected Firebase Hosted Databases
The Hacker News: Thousands of Mobile Apps Expose Their Unprotected Firebase Hosted Databases. “Mobile security researchers have discovered unprotected Firebase databases of thousands of iOS and Android mobile applications that are exposing over 100 million data records, including plain text passwords, user IDs, location, and in some cases, financial records such as banking and cryptocurrency transactions.”
Indivigital: New GDPR Tool Targets Google, Facebook With ‘Automated’ Right To Be Forgotten Requests
Indivigital: New GDPR Tool Targets Google, Facebook With ‘Automated’ Right To Be Forgotten Requests. “…some of the newest GDPR tools have inverted the target market and are helping users partly automate the process of sending erasure requests, colloquially referred to as ‘the right to be forgotten,’ to organizations that store their data. One such tool… allows users to search a database of 5,000 organizations for appropriate contact details of personnel or departments responsible for erasure requests. Upon selecting an organization to contact, the tool also opens a user’s email client and populates a new message with a template email.”
CNET: Google aims to show you how it uses your data
CNET: Google aims to show you how it uses your data. “If you’re tired of hunting aimlessly for privacy information in your Google account settings, this announcement is for you. Google has made account settings easier to navigate and understand, the company said Thursday in a blog post.”
Wired: Millions Of Streaming Devices Are Vulnerable To A Retro Web Attack
Wired: Millions Of Streaming Devices Are Vulnerable To A Retro Web Attack. “IN MARCH, ARTIST and programmer Brannon Dorsey became interested in a retro web attack called DNS rebinding, teaching himself how to illicitly access controls and data by exploiting known browser weaknesses. It’s a vulnerability that researchers have poked at on and off for years—which is one reason Dorsey couldn’t believe what he found.”
Schneier warns of ‘perfect storm’: Tech is becoming autonomous, and security is garbage (The Register)
The Register: Schneier warns of ‘perfect storm’: Tech is becoming autonomous, and security is garbage. “With insecure computers in charge, the healthcare and transportation sectors have become a nexus of security problems, infosec veteran Bruce Schneier warned delegates at Israel Cyber Week. Schneier said that confidentiality attacks, such as leaks of personal information, are being replaced by more dangerous integrity and availability attacks.”
