Digital Trends: Apple might be sending your browsing data to China’s Tencent by default. “A safe browsing feature, intended to increase online security within Apple’s Safari app, has instead raised privacy concerns as it has been recently discovered that the app is sending user browsing data to a company headquartered in China.”
security
Ars Technica: Activists’ phones targeted by one of the world’s most advanced spyware apps
Ars Technica: Activists’ phones targeted by one of the world’s most advanced spyware apps. “Mobile phones of two prominent human rights activists were repeatedly targeted with Pegasus, the highly advanced spyware made by Israel-based NSO, researchers from Amnesty International reported this week.”
ZDNet: Brazilian government to create single citizen database
ZDNet: Brazilian government to create single citizen database. “The Brazilian government will create a single citizen database that will contain a wide range of personal information about the country’s population of over 200 million people, to be fully shared across departments.”
Washington Post: Chinese app on Xi’s ideology allows data access to 100 million users’ phones, report says
Washington Post: Chinese app on Xi’s ideology allows data access to 100 million users’ phones, report says. “The Chinese Communist Party appears to have ‘superuser’ access to all the data on more than 100 million cellphones, owing to a back door in a propaganda app that the government has been promoting aggressively this year.”
Ars Technica: Attackers exploit an iTunes zeroday to install ransomware
Ars Technica: Attackers exploit an iTunes zeroday to install ransomware. “Attackers exploited a zeroday vulnerability in Apple’s iTunes and iCloud programs to infect Windows computers with ransomware without triggering antivirus protections, researchers from Morphisec reported on Thursday. Apple patched the vulnerability earlier this week.”
Online anonymity is a lie: Research challenges privacy protection frameworks (BetaNews)
BetaNews: Online anonymity is a lie: Research challenges privacy protection frameworks. “The research, recently published in Nature Communications, has demonstrated that it is possible to reconstruct the real identities of individuals from sampled and anonymized information in datasets. using a combination of only fifteen basic demographic attributes such as age, ethnicity, marital status, number of children etc.”
Ars Technica: Forum cracks the vintage passwords of Ken Thompson and other Unix pioneers
Ars Technica: Forum cracks the vintage passwords of Ken Thompson and other Unix pioneers. “As one of the original versions of Unix, BSD is an ancient operating system. So it shouldn’t come as a surprise that it used what are, by today’s standards, strange, even ridiculous security. For one, the hashing function protecting passwords, though state of the art 40 years ago, is now trivial to crack. Stranger still, the password hashes of some BSD creators were included in publicly available source code. And then, there are the passwords people chose.”
