Attackers can bypass fingerprint authentication with an ~80% success rate

Posted on April 9, 2020 by Robin Edgar

For decades, the use of fingerprints to authenticate users to computers, networks, and restricted areas was (with a few notable exceptions) mostly limited to large and well-resourced organizations that used specialized and expensive equipment. That all changed in 2013 when Apple introduced TouchID. Within a few years, fingerprint-based validation became available to the masses as Read more about Attackers can bypass fingerprint authentication with an ~80% success rate[…]

NSO Group: Facebook tried to license our spyware to snoop on its own addicts – the same spyware it’s suing us over

Posted on April 5, 2020 by Robin Edgar

NSO Group – sued by Facebook for developing Pegasus spyware that targeted WhatsApp users – this week claimed Facebook tried to license the very same surveillance software to snoop on its own social-media addicts. The Israeli spyware maker’s CEO Shalev Hulio alleged in a statement [PDF] to a US federal district court that in 2017 Read more about NSO Group: Facebook tried to license our spyware to snoop on its own addicts – the same spyware it’s suing us over[…]

WPA Cracking from Kismet sensors

Posted on March 25, 2020 by Robin Edgar

During a recent event I decided to setup a passive monitoring station to check for any attempts to impersonate, hi-jack, or deny service to our WiFi . For this task I decided to use an Alpha card, and Kismet (which comes already installed on Kali linux). To deploy for wireless intrusion detection (WIDS) Kismet worked Read more about WPA Cracking from Kismet sensors[…]

Two Senators Dumped Stock After Being Briefed About COVID-19; While Telling The World Things Were Going To Be Fine

Posted on March 20, 2020 by Robin Edgar

Senator Richard Burr is a real piece of work. In 2012 he was one of only three Senators to vote against the STOCK Act. This was a law put in place following a 60 Minutes expose about how Congress was getting filthy stinkin’ rich off of insider trading, since Congress was exempt from insider trading Read more about Two Senators Dumped Stock After Being Briefed About COVID-19; While Telling The World Things Were Going To Be Fine[…]

Theranos vampire lives on: Owner of failed blood-testing biz’s patents sues maker of actual COVID-19-testing kit

Posted on March 18, 2020 by Robin Edgar

Remember Theranos? The blood-testing company worth billions whose CEO Elizabeth Holmes became a celebrity right up until the point when it became clear its revolutionary testing machines didn’t actually work as described? Well, Theranos is dead, and Holmes is still dealing with the legal repercussions, but her vampire company has come alive again – and Read more about Theranos vampire lives on: Owner of failed blood-testing biz’s patents sues maker of actual COVID-19-testing kit[…]

Why are workers getting smaller pieces of the pie?

Posted on March 12, 2020 by Robin Edgar

It’s one of the biggest economic changes in recent decades: Workers get a smaller slice of company revenue, while a larger share is paid to capital owners and distributed as profits. Or, as economists like to say, there has been a fall in labor’s share of gross domestic product, or GDP. A new study co-authored Read more about Why are workers getting smaller pieces of the pie?[…]

DuckDuckGo Made a List of Jerks Tracking You Online

Posted on March 9, 2020 by Robin Edgar

DuckDuckGo, a privacy-focused tech company, today launched something called Tracker Radar—an open-source, automatically generated and continually updated list that currently contains more than 5,000 domains that more than 1,700 companies use to track people online. The idea behind Tracker Radar, first reported by CNET, is to share the data DuckDuckGo has collected to create a Read more about DuckDuckGo Made a List of Jerks Tracking You Online[…]

Unfixable vulnerability in Intel CSME allows crypto key stealing and local access to files

Posted on March 5, 2020 by Robin Edgar

An error in chipset read-only memory (ROM) could allow attackers to compromise platform encryption keys and steal sensitive information. Intel has thanked Positive Technologies experts for their discovery of a vulnerability in Intel CSME. Most Intel chipsets released in the last five years contain the vulnerability in question. By exploiting vulnerability CVE-2019-0090, a local attacker Read more about Unfixable vulnerability in Intel CSME allows crypto key stealing and local access to files[…]

EU Commission to staff: Switch to Signal messaging app

Posted on March 5, 2020 by Robin Edgar

The European Commission has told its staff to start using Signal, an end-to-end-encrypted messaging app, in a push to increase the security of its communications. The instruction appeared on internal messaging boards in early February, notifying employees that “Signal has been selected as the recommended application for public instant messaging.” The app is favored by privacy Read more about EU Commission to staff: Switch to Signal messaging app[…]

The Paywalled Garden: iOS is Adware

Posted on February 19, 2020 by Robin Edgar

Over the years, Apple has built up a portfolio of services and add-ons that you pay for. Starting with AppleCare extended warranties and iCloud data subscriptions, they expanded to Apple Music a few years ago, only to dramatically ramp up their offerings last year with TV+, News+, Arcade, and Card. Their services business, taken as Read more about The Paywalled Garden: iOS is Adware[…]

How Big Companies Spy on Your Emails

Posted on February 17, 2020 by Robin Edgar

The popular Edison email app, which is in the top 100 productivity apps on the Apple app store, scrapes users’ email inboxes and sells products based off that information to clients in the finance, travel, and e-Commerce sectors. The contents of Edison users’ inboxes are of particular interest to companies who can buy the data Read more about How Big Companies Spy on Your Emails[…]

FTC finally wakes up: American watchdog to probe decade of Big Tech takeovers

Posted on February 12, 2020 by Robin Edgar

An American biz watchdog has stepped up its probe into possible market abuse by Big Tech – Amazon, Apple, Facebook, Google and Microsoft – by demanding information on all acquisitions not reported to antitrust authorities in the past decade. The FTC issued “special orders” to the big five on Tuesday requesting “the terms, scope, structure, Read more about FTC finally wakes up: American watchdog to probe decade of Big Tech takeovers[…]

Facial recognition fails in China as people wear masks to avoid coronavirus – Face ID fails users as the China coronavirus outbreak sparks widespread adoption of surgical masks

Posted on February 7, 2020 by Robin Edgar

Residents donning surgical face masks while venturing outside their homes or meeting strangers have found themselves in an unfamiliar conundrum. With their faces half-covered, some are unable to unlock their phones or use mobile payments with their faces. People wearing protective masks to help stop the spread of a deadly virus, which began in Wuhan, Read more about Facial recognition fails in China as people wear masks to avoid coronavirus – Face ID fails users as the China coronavirus outbreak sparks widespread adoption of surgical masks[…]

Wacom tablet drivers phone home with names, times of every app opened on your computer

Posted on February 6, 2020 by Robin Edgar

Wacom’s official tablet drivers leak to the manufacturer the names of every application opened, and when, on the computers they are connected to. Software engineer Robert Heaton made this discovery after noticing his drawing board’s fine-print included a privacy policy that gave Wacom permission to, effectively, snoop on him. Looking deeper, he found that the Read more about Wacom tablet drivers phone home with names, times of every app opened on your computer[…]

Brave, Google, Microsoft, Mozilla gather together to talk web privacy… and why we all shouldn’t get too much of it. Only FF and Brave will give you some.

Posted on January 29, 2020 by Robin Edgar

At the USENIX Enigma conference on Tuesday, representatives of four browser makers, Brave, Google, Microsoft, and Mozilla, gathered to banter about their respective approaches to online privacy, while urging people not to ask for too much of it. Apple, which has advanced browser privacy standards but was recently informed that its tracking defenses can be Read more about Brave, Google, Microsoft, Mozilla gather together to talk web privacy… and why we all shouldn’t get too much of it. Only FF and Brave will give you some.[…]

An Open Source eReader That’s Free of Corporate Restrictions Is Exactly What I Want Right Now

Posted on January 23, 2020 by Robin Edgar

The Open Book Project was born from a contest held by Hackaday and that encouraged hardware hackers to find innovative and practical uses for the Arduino-based Adafruit Feather development board ecosystem. The winner of that contest was the Open Book Project which has been designed and engineered from the ground up to be everything devices Read more about An Open Source eReader That’s Free of Corporate Restrictions Is Exactly What I Want Right Now[…]

These VIPs May Want to Make Sure Mohammed bin Salman Didn’t Hack Them

Posted on January 23, 2020 by Robin Edgar

In early 2018, Saudi Crown Prince Mohammed bin Salman took a sweeping tour of the U.S. as part of a strategy to rebrand Saudi Arabia’s ruling monarchy as a modernizing force and pull off his “Vision 2030” plan—hobnobbing with a list of corporate execs and politicians that reads like a who’s who list of the Read more about These VIPs May Want to Make Sure Mohammed bin Salman Didn’t Hack Them[…]

PopSockets CEO calls out Amazon’s ‘bullying with a smile’ tactics, shows how monopolies are bad for competition

Posted on January 18, 2020 by Robin Edgar

Amazon has a “bullying” problem. So insisted PopSockets CEO and inventor David Barnett today while describing his company’s relationship with the e-commerce and logistics giant. Barnett was addressing members of the House Subcommittee on Antitrust, Commercial, and Administrative Law and, over the course of the hearing, laid out how the Jeff Bezos-helmed corporate behemoth had Read more about PopSockets CEO calls out Amazon’s ‘bullying with a smile’ tactics, shows how monopolies are bad for competition[…]

Nikon Is Killing Its Authorized Repair Program

Posted on December 11, 2019 by Robin Edgar

Nikon is ending its authorized repair program in early 2020, likely leaving more than a dozen repair shops without access to official parts and tools, and cutting the number of places you can get your camera fixed with official parts from more than a dozen independent shops to two facilities at the ends of the Read more about Nikon Is Killing Its Authorized Repair Program[…]

Bad news: ‘Unblockable’ web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much

Posted on November 25, 2019 by Robin Edgar

Developers working on open-source ad-blocker uBlock Origin have uncovered a mechanism for tracking web browsers around the internet that defies today’s blocking techniques. A method to block this so-called unblockable tracker has been developed by the team, though it only works in Firefox, leaving Chrome and possibly other browsers susceptible. This fix is now available Read more about Bad news: ‘Unblockable’ web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much[…]

Thousands of hacked Disney+ accounts are already for sale on hacking forums, technical problems, people driven to bittorrenting again.

Posted on November 17, 2019 by Robin Edgar

Hackers didn’t waste any time and have started hijacking Disney+ user accounts hours after the service launched. Many of these accounts are now being offered for free on hacking forums, or available for sale for prices varying from $3 to $11, a ZDNet investigation has discovered. A stream of user complaints The Disney+ video streaming Read more about Thousands of hacked Disney+ accounts are already for sale on hacking forums, technical problems, people driven to bittorrenting again.[…]

All the tech companies are into finance now – so Google is going into banking. They want to know what you spend your money on.

Posted on November 14, 2019 by Robin Edgar

Google will soon offer checking accounts to consumers, becoming the latest Silicon Valley heavyweight to push into finance. The Wall Street Journal: The project, code-named Cache, is expected to launch next year with accounts run by Citigroup and a credit union at Stanford University, a tiny lender in Google’s backyard. Big tech companies see financial Read more about All the tech companies are into finance now – so Google is going into banking. They want to know what you spend your money on.[…]

Facebook bug shows camera activated in background during app use – the bug being that you could see the camera being activated

Posted on November 12, 2019 by Robin Edgar

When you’re scrolling through Facebook’s app, the social network could be watching you back, concerned users have found. Multiple people have found and reported that their iPhone cameras were turned on in the background while they were looking at their feed. The issue came to light through several posts on Twitter. Users noted that their Read more about Facebook bug shows camera activated in background during app use – the bug being that you could see the camera being activated[…]

Use a laser to command voice assistants such as lexa, google assistant, siri

Posted on November 5, 2019 by Robin Edgar

Light Commands is a vulnerability of MEMS microphones that allows attackers to remotely inject inaudible and invisible commands into voice assistants, such as Google assistant, Amazon Alexa, Facebook Portal, and Apple Siri using light. In our paper we demonstrate this effect, successfully using light to inject malicious commands into several voice controlled devices such as Read more about Use a laser to command voice assistants such as lexa, google assistant, siri[…]

Best Buy’s Insignia ‘smart’ home gear will become very dumb this Wednesday – showing you why ‘cloud’ products are not a great plan

Posted on November 5, 2019 by Robin Edgar

US mega-retailer Best Buy will switch off the “smart” portion of its Insignia-branded smart home gadgets this coming Wednesday, rendering them just plain old dumb gear. Folks who’ve bought these soon-to-be-internet-less Internet-of-Things gizmos can apply for some money back in the form of a gift card, though a full refund is off the cards, literally. Read more about Best Buy’s Insignia ‘smart’ home gear will become very dumb this Wednesday – showing you why ‘cloud’ products are not a great plan[…]