Why Reddit Is Losing It Over Samsung’s New Privacy Policy – it’s an incredible data grab

Posted on October 4, 2022 by Robin Edgar

Samsung recently updated it privacy policy for all users with a Samsung account, effective Oct. 1. One Redditor read the policy, did not like what they saw, and shared it to r/android, highlighting what they consider to be the doc’s worst policy points. The thread blew up, with Android users aplenty decrying Samsung’s new policy. Read more about Why Reddit Is Losing It Over Samsung’s New Privacy Policy – it’s an incredible data grab[…]

Somehow This Video Game Belly Button Was Too Sexy For Google

Posted on September 23, 2022 by Robin Edgar

Just a few weeks after Hook Up: The Game released on Android, developer Sophie Artemigi was surprised to see the visual novel flagged for inappropriate sexual content. By the game’s own description, you play as Alex, “a sex positive twenty-something” who matches with her old high school bully on a dating app, so of course, Read more about Somehow This Video Game Belly Button Was Too Sexy For Google[…]

Meta sued for allegedly secretly tracking iPhone users

Posted on September 23, 2022 by Robin Edgar

Meta was sued on Wednesday for alleged undisclosed tracking and data collection in its Facebook and Instagram apps on Apple iPhones. The lawsuit [PDF], filed in a US federal district court in San Francisco, claims that the two applications incorporate use their own browser known as a WKWebView that injects JavaScript code to gather data Read more about Meta sued for allegedly secretly tracking iPhone users[…]

Cory Doctorow Launches New Fight against Copyrights, Creative Chokepoints, and Big Tech’s ‘Chokepoint Capitalism’

Posted on September 9, 2022 by Robin Edgar

“Creators aren’t getting paid,” says Cory Doctorow. “That’s because powerful corporations have figured out how to create chokepoints — that let them snatch up more of the value generated by creative work before it reaches creative workers.” But he’s doing something about it. Doctorow’s teamed up with Melbourne-based law professor Rebecca Giblin, the director of Read more about Cory Doctorow Launches New Fight against Copyrights, Creative Chokepoints, and Big Tech’s ‘Chokepoint Capitalism’[…]

Google tests alternative payment methods in Play store, still takes 4% cut

Posted on September 6, 2022 by Robin Edgar

The move comes in response to growing pressure on app store operators to give developers options, as Epic Games sought in its dispute with Apple and the government of South Korea required with legislation. The EU’s Digital Markets Act also seeks to limit Big Tech’s gatekeeping powers and was designed to stop Google prioritizing its Read more about Google tests alternative payment methods in Play store, still takes 4% cut[…]

How bad the problem with John Deere Tractors really is, how not being open leads to incredibly bad security

Posted on August 18, 2022 by Robin Edgar

Last Saturday, I sat in a crowded ballroom at Caesar’s Forum in Las Vegas and watched Sickcodes jailbreak a John Deere tractor’s control unit live, before an audience of cheering Defcon 30 attendees (and, possibly, a few undercover Deere execs, who often attend Sickcodes’s talks). The presentation was significant because Deere – along with Apple Read more about How bad the problem with John Deere Tractors really is, how not being open leads to incredibly bad security[…]

Samsung adds ‘repair mode’ to smartphone

Posted on August 1, 2022 by Robin Edgar

When activated, repair mode prevents a range of behaviors – from casual snooping to outright lifting of personal data – by blocking access to photos, messages, and account information. The mode provides technicians with the access they require to make a fix, including the apps a user employs. But repairers won’t see user data in Read more about Samsung adds ‘repair mode’ to smartphone[…]

how I Hacked My Car – completely pwn a 2021 Hyundai Ioniq head unit – a story in 3 parts

Posted on July 20, 2022 by Robin Edgar

The Car Last summer I bought a 2021 Hyundai Ioniq SEL. It is a nice fuel-efficient hybrid with a decent amount of features like wireless Android Auto/Apple CarPlay, wireless phone charging, heated seats, & a sunroof. One thing I particularly liked about this vehicle was the In-Vehicle Infotainment (IVI) system. As I mentioned before it Read more about how I Hacked My Car – completely pwn a 2021 Hyundai Ioniq head unit – a story in 3 parts[…]

X.Org Server Hit By New Local Privilege Escalation, Remote Code Execution Vulnerabilities

Posted on July 14, 2022 by Robin Edgar

[…] CVE-2022-2319 and CVE-2022-2320 were made public this morning and both deal with the X.Org Server’s Xkb keyboard extension not properly validating input that could lead to out-of-bounds memory writes. Hopefully though in 2022 you aren’t relying on your xorg-server running as root. Fixes for these XKB vulnerabilities have been patched in X.Org Server Git Read more about X.Org Server Hit By New Local Privilege Escalation, Remote Code Execution Vulnerabilities[…]

Google files a lawsuit that could kick Tinder out of the Play Store because Match refuses to pay illegally forced fees

Posted on July 14, 2022 by Robin Edgar

Google has counter-sued Match seeking monetary damages and a judgement that would let it kick Tinder and the group’s other dating apps out of the Play Store, Bloomberg has reported. Earlier this year, Match sued Google alleging antitrust violations over a decision requiring all Android developers to process “digital goods and services” payments through the Read more about Google files a lawsuit that could kick Tinder out of the Play Store because Match refuses to pay illegally forced fees[…]

BMW Heated Seats Subscription Is Real And It Costs $18 Per Month. Also heated steering wheel, paid separately. In a car you own and paid for the heated seats and wheel.

Posted on July 13, 2022 by Robin Edgar

[…] On its ConnectedDrive Store in South Korea, BMW owners can pay a monthly fee to have a creature comfort such as heated seats. It costs ₩24,000 or approximately $18 at current exchange rates. Alternatively, you can get a one-year plan for $176 or a three-year subscription for $283. The BMW ConnectedDrive Store is a Read more about BMW Heated Seats Subscription Is Real And It Costs $18 Per Month. Also heated steering wheel, paid separately. In a car you own and paid for the heated seats and wheel.[…]

European Union passes landmark laws to rein in big tech, but worres about enforcement

Posted on July 6, 2022 by Robin Edgar

[…] the European Union has passed a pair of landmark bills designed to rein in Big Tech’s power. The Digital Markets Act and Digital Services Act are intended to promote fairer competition, improve privacy protection, as well as banning both the use of some of the more egregious forms of targeted advertising and misleading practices. Read more about European Union passes landmark laws to rein in big tech, but worres about enforcement[…]

FreeYourMusic Transfers Your Music Library and Playlists Among Any Streaming Services

Posted on July 2, 2022 by Robin Edgar

[…] FreeYourMusic is a paid app available for Android, iOS, Windows, Mac, and Linux that will transfer your data between Apple Music, Spotify, YouTube Music, Deezer, Pandora, Tidal, Soundcloud, and at least a dozen other streaming apps. It also lets you back up and store some of your data locally on your device. Image: FreeYourMusic Read more about FreeYourMusic Transfers Your Music Library and Playlists Among Any Streaming Services[…]

Google to pay $90m to settle Play Store lawsuit

Posted on July 1, 2022 by Robin Edgar

Google is to pay $90 million to settle a class-action lawsuit with US developers over alleged anti-competitive behavior regarding the Google Play Store. Eligible for a share in the $90 million fund are US developers who earned two million dollars or less in annual revenue through Google Play between 2016 and 2021. “A vast majority Read more about Google to pay $90m to settle Play Store lawsuit[…]

New EU rules would require chat apps to scan private messages for child abuse

Posted on May 16, 2022 by Robin Edgar

The European Commission has proposed controversial new regulation that would require chat apps like WhatsApp and Facebook Messenger to selectively scan users’ private messages for child sexual abuse material (CSAM) and “grooming” behavior. The proposal is similar to plans mooted by Apple last year but, say critics, much more invasive. After a draft of the Read more about New EU rules would require chat apps to scan private messages for child abuse[…]

Hackers are reportedly using emergency data requests to extort women and minors

Posted on April 27, 2022 by Robin Edgar

In response to fraudulent legal requests, companies like Apple, Google, Meta and Twitter have been tricked into sharing sensitive personal information about some of their customers. We knew that was happening as recently as last month when Bloomberg published a report on hackers using fake emergency data requests to carry out financial fraud. But according Read more about Hackers are reportedly using emergency data requests to extort women and minors[…]

Brave’s De-AMP feature bypasses harmful Google AMP pages

Posted on April 22, 2022 by Robin Edgar

Brave announced a new feature for its browser on Tuesday: De-AMP, which automatically jumps past any page rendered with Google’s Accelerated Mobile Pages framework and instead takes users straight to the original website. “Where possible, De-AMP will rewrite links and URLs to prevent users from visiting AMP pages altogether,” Brave said in a blog post. Read more about Brave’s De-AMP feature bypasses harmful Google AMP pages[…]

Fraudsters use ‘fake emergency data requests’ to steal info

Posted on April 3, 2022 by Robin Edgar

Cybercriminals have used fake emergency data requests (EDRs) to steal sensitive customer data from service providers and social media firms. At least one report suggests Apple, and Facebook’s parent company Meta, were victims of this fraud. Both Apple and Meta handed over users’ addresses, phone numbers, and IP addresses in mid-2021 after being duped by Read more about Fraudsters use ‘fake emergency data requests’ to steal info[…]

Browser In The Browser (BITB) Attack

Posted on March 22, 2022 by Robin Edgar

This article explores a phishing technique that simulates a browser window within the browser to spoof a legitimate domain. Introduction For security professionals, the URL is usually the most trusted aspect of a domain. Yes there’s attacks like IDN Homograph and DNS Hijacking that may degrade the reliability of URLs but not to an extent Read more about Browser In The Browser (BITB) Attack[…]

Yet Another Israeli Malware Manufacturer Found Selling To Human Rights Abusers, Targeting iPhones

Posted on February 11, 2022 by Robin Edgar

[…] Candiru — another Israeli firm with a long list of questionable customers, including Uzbekistan, Saudi Arabia, United Arab Emirates, and Singapore. Now there’s another name to add to the list of NSO-alikes. And (perhaps not oddly enough) this company also calls Israel home. Reuters was the first to report on this NSO’s competitor’s ability Read more about Yet Another Israeli Malware Manufacturer Found Selling To Human Rights Abusers, Targeting iPhones[…]

Automakers Can’t Give Up The Idea Of Turning Everyday Features Into Subscription Services With Fees

Posted on February 9, 2022 by Robin Edgar

At the same time car companies are fighting the right to repair movement (and the state and federal legislation popping up everywhere), they’re continuing the quest to turn everyday features — like heated seats — into something users have to pay a recurring fee for. In 2019, BMW had to abandon a plan to charge Read more about Automakers Can’t Give Up The Idea Of Turning Everyday Features Into Subscription Services With Fees[…]

The Alternative to Web Scraping. The “lazy” programmer’s guide to… | by Doug Guthrie

Posted on February 7, 2022 by Robin Edgar

One of the better sites for financial data is Yahoo Finance. This makes it a prime target for web scraping by finance enthusiasts. There are nearly daily questions on StackOverflow that reference some sort of data retrieval (oftentimes through web scraping) from Yahoo Finance. Web Scraping Problem #1 trying to test a code that scrap Read more about The Alternative to Web Scraping. The “lazy” programmer’s guide to… | by Doug Guthrie[…]

LG Announces New Ad Targeting Features for TVs – wait, wtf, I bought my TV, not a service!

Posted on January 31, 2022 by Robin Edgar

[… ] there are plenty of cases where you throw down hundreds of dollars for a piece of hardware and then you end up being the product anyway. Case in point: TVs. On Wednesday, the television giant LG announced a new offering to advertisers that promises to be able to reach the company’s millions of Read more about LG Announces New Ad Targeting Features for TVs – wait, wtf, I bought my TV, not a service![…]

Finnish diplomats were targeted by NSO Pegasus spyware

Posted on January 31, 2022 by Robin Edgar

Finland’s government says the mobile devices of its diplomats have been hacked using Pegasus spyware. The Finnish foreign ministry stated on Friday that some of its officials abroad had been targeted by the sophisticated software. “The highly sophisticated malware has infected users’ Apple or Android telephones without their noticing and without any action from the Read more about Finnish diplomats were targeted by NSO Pegasus spyware[…]

How to Download Everything Amazon Knows About You (It’s a Lot)

Posted on January 25, 2022 by Robin Edgar

[…]To be clear, data collection is far from an Amazon-specific problem; it’s pretty much par for the course when it comes to tech companies. Even Apple, a company vocal about user privacy, has faced criticism in the past for recording Siri interactions and sharing them with third-party contractors. The issue with Amazon, however, is the Read more about How to Download Everything Amazon Knows About You (It’s a Lot)[…]