Jan 30
“We must all act together now to limit further spread,” said the WHO’s director-general of the virus.
Jan 30
Facebook Will Have To Pay $550 million To Illinois Users In A Privacy Settlement
Posted in: Today's Chili
When it comes to privacy laws, Illinois has the strictest biometric privacy laws in the states.
In case you’re curious, biometric information includes the data from facial, fingerprint, and iris scans.
A federal lawsuit against Facebook explained that Facebook was using its facial tagging feature in the photos to identify users without their consent.
Even though that’s an active feature for most of the people using Facebook, Illinois users complained that it violated their privacy rights and the law – technically.
To end this lawsuit, Facebook decided to pursue a settlement of $550 million to all the users affected by the privacy breach. A federal court judge will have to approve the settlement and the ones eligible (or who claim) will get their share.
Of course, the court will be waiting for a number of claims to approve the settlement. And, when it does, everyone eligible will be notified. Without a doubt, everyone should easily get a couple of hundred dollars out of the settlement but we can only comment on the amount after the claims are made.
Even if Facebook assured that the biometric information (Facial scan) for the photo-tagging feature was harmless – the users continued with the lawsuit and concluded with a settlement to prove their point. So, it is indeed an exciting news for privacy advocates.
Facebook Will Have To Pay $550 million To Illinois Users In A Privacy Settlement , original content from Ubergizmo. Read our Copyrights and terms of use.
Jan 30
On the same day that a Mississippi family is suing Amazon -owned smart camera maker Ring for not doing enough to prevent hackers from spying on their kids, the company has rolled out its previously announced “control center,” which it hopes will make you forget about its verifiably “awful” security practices.
In a blog post out Thursday, Ring said the new “control center,” “empowers” customers to manage their security and privacy settings.
Ring users can check to see if they’ve enabled two-factor authentication, add and remove users from the account, see which third-party services can access their Ring cameras, and opt-out of allowing police to access their video recordings without the user’s consent.
But dig deeper and Ring’s latest changes still do practically nothing to change some of its most basic, yet highly criticized security practices.
Questions were raised over these practices months ago after hackers were caught breaking into Ring cameras and remotely watching and speaking to small children. The hackers were using previously compromised email addresses and passwords — a technique known as credential stuffing — to break into the accounts. Some of those credentials, many of which were simple and easy to guess, were later published on the dark web.
Yet, Ring still has not done anything to mitigate this most basic security problem.
TechCrunch ran several passwords through Ring’s sign-up page and found we could enter any easy to guess password, like “12345678” and “password” — which have consistently ranked as some of the most common passwords for several years running.
To combat the problem, Ring said at the time users should enable two-factor authentication, a security feature that adds an additional check to prevent account breaches like password spraying, where hackers use a list of common passwords in an effort to brute force their way into accounts.
But Ring still uses a weak form of two-factor, sending you a code by text message. Text messages are not secure and can be compromised through interception and SIM swapping attacks. Even NIST, the government’s technology standards body, has deprecated support for text message-based two-factor. Experts say although text-based two-factor is better than not using it at all, it’s far less secure than app-based two-factor, where codes are delivered over an encrypted connection to an app on your phone.
Ring said it’ll make its two-factor authentication feature mandatory later this year, but has yet to say if it will ever support app-based two-factor authentication in the future.
The smart camera maker has also faced criticism for its cozy relationship with law enforcement, which has lawmakers concerned and demanding answers.
Ring allows police access to users’ videos without a subpoena or a warrant. (Unlike its parent company Amazon, Ring still does not published the number of times police demand access to customer videos, with or without a legal request.)
Ring now says its control center will allow users to decide if police can access their videos or not.
But don’t be fooled by Ring’s promise that police “cannot see your video recordings unless you explicitly choose to share them by responding to a specific video request.” Police can still get a search warrant or a court order to obtain your videos, which isn’t particularly difficult if police can show there’s reasonable grounds that it may contain evidence — such as video footage — of a crime.
There’s nothing stopping Ring, or any other smart home maker, from offering a zero-knowledge approach to customer data, where only the user has the encryption keys to access their data. Ring cutting itself (and everyone else) out of the loop would be the only meaningful thing it could do if it truly cares about its users’ security and privacy. The company would have to decide if the trade-off is worth it — true privacy for its users versus losing out on access to user data, which would effectively kill its ongoing cooperation with police departments.
Ring says that security and privacy has “always been our top priority.” But if it’s not willing to work on the basics, its words are little more than empty promises.
Jan 30
Nintendo has delivered a new round of financials, this one detailing the nine-month period ending on December 31st, 2019. In that financial report, we learned that the Switch has now sold a total of 52.48 million units. That, importantly, is enough to surpass the Super Nintendo’s lifetime sales. In Nintendo’s long history of making consoles, the SNES is generally looked … Continue reading
Jan 30
Today we’re looking at the first version of the ADT-3 Developer Kit, an Android TV streaming media player device made with plans from Google by Askey, an ASUS subsidiary. This is not a device that’s aimed at consumers – but you’ll find consumers buying it anyway. Here’s why you should avoid this device – and get something else instead. The … Continue reading
Jan 30
The Control Center first announced during CES 2020 is now available for Ring users to access. The company describes Control Center as a privacy dashboard that’ll enable users to view and manage their various connected devices and Linked Accounts, as well as Shared Users and certain important security and privacy features. Ring plans to expand this feature in the future. … Continue reading
Jan 30
Jan 30
Jan 30
Jan 30
It seems like it might be common sense, but recent rumblings have made it clear that a gentle PSA is due: Please do not allow for casual or overt racism in light of the recent outbreak of coronavirus.
Who's in charge here?
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.