Pressure from Facebook staff is continuing to mount on Mark Zuckerberg over his policies towards posts by Donald Trump, with moderators joining those criticizing their boss for his stance. From a report: The moderators penned an open letter to their colleagues in support of virtual walkouts that have broken out at the company, after Zuckerberg refused to take down posts by…
Tag: disclosure
Finding Serious ‘Sign In with Apple’ Hole Earns Security Researcher a $100,000 Bug Bounty
An anonymous reader quotes Forbes: When Apple announced Sign in with Apple at the June 2019 worldwide developers conference, it called it a “more private way to simply and quickly sign into apps and websites.” The idea was, and still is, a good one: replace social logins that can be used to collect personal data with a secure authentication system backed…
As Coronavirus Hospitalizations Rise in the US, Many States Hide Their Data
In America, “Federal and state officials across the country have altered or hidden public health data crucial to tracking the coronavirus’ spread, hindering the ability to detect a surge of infections as President Donald Trump pushes the nation to reopen rapidly,” reports Politico: In at least a dozen states, health departments have inflated testing numbers or deflated death tallies by changing…
New ‘Spectra’ Attack Breaks the Separation Between Wi-Fi and Bluetooth
An anonymous reader quotes a report from ZDNet: Academics from Germany and Italy say they developed a new practical attack that breaks the separation between Wi-Fi and Bluetooth technologies running on the same device, such as laptops, smartphones, and tablets. Called Spectra, this attack works against “combo chips,” specialized chips that handle multiple types of radio wave-based wireless communications, such as…
Adobe Issues Patches For 36 Vulnerabilities In DNG, Reader, Acrobat
An anonymous reader quotes a report from ZDNet: Adobe has released security patches to resolve 36 vulnerabilities present in DNG, Reader, and Acrobat software. On Tuesday, the software giant issued two security advisories (1, 2) detailing the bugs, the worst of which can be exploited by attackers to trigger remote code execution attacks and information leaks. The first set of patches…
Apple Sued Over 2016 MacBook Pro ‘Stage Lighting’ Issue
An anonymous reader quotes a report from AppleInsider: Apple has been hit with a class-action lawsuit claiming that the company concealed the so-called “stage lighting” issue experienced by some 2016 MacBook Pro owners. Dubbed “stage lighting” due to abnormal backlighting patterns emanating from the bottom of an impacted MacBook Pro’s display, the problem was tied to stress or tearing on the…
Judge Orders FCC to Hand Over IP Addresses Linked to Fake Net Neutrality Comments
Before it rolled back net neutrality protections in 2017, America’s Federal Communications Commission requested public comments online. But they’re still facing criticism over how they handled them, Gizmodo reports: A Manhattan federal judge has ruled the Federal Communications Commission must provide two reporters access to server logs that may provide new insight into the allegations of fraud stemming from agency’s 2017…
WD Sets the Record Straight: Lists All Drives That Use Slower SMR Tech
News emerged last week that WD, Seagate and Toshiba are all shipping hard drives using Shingled Magnetic Recording (SMR), a slower form of HDD technology that can result in reduced performance in some types of workloads, but without disclosing that critical bit of information in marketing materials or specification sheets. The backlash has been swift, and now WD is striking a…
Stripe Is Silently Recording Your Movements On Its Customers’ Websites
Michael Lynch, blogger and former software engineer at Microsoft and Google, discovered that the payment processing platform Stripe and its official JavaScript library records all browsing activity on its customers’ websites and reports it back to the company. Lynch says this data includes the following: 1. Every URL the user visits on my site, including pages that never display Stripe payment…
US Defense Agency That Secures Trump’s Communications Confirms Data Breach
An anonymous reader quotes a report from Forbes: The Department of Defense agency responsible for securing the communications of President Trump has suffered a data breach. Here’s what is known so far. The U.S. Defense Information Systems Agency (DISA) describes itself as a combat support agency of the Department of Defense (DoD) and is tasked with the responsibility for supporting secure…