Matt at Buzzfeed points out that YouTube’s new face blurring feature could save lives in those parts of the world where people are prosecuted by totalitarian—and not so totalitarian—states. Here’s what YouTube has to say about it: More »
When one of your main services throws up a pretty embarrassing bug, you’re going to want to squash that quick. Skype has stepped up and done just that, according to its blog. The hotfix will be rolling out for version 5.10 for Windows, 5.8 for Mac, 4.0 for Linux and 1.2 for Windows Phone. Skype was also quick to point out that not all clients (and therefore users) were affected. If you were on 5.9 for Windows, version 2.8 for Android or Skype 4.0 for iOS, then the firm assures you that you won’t be affected. The official line is that the fix should start arriving in the next couple of days, so still best to keep a lid on those office gossip chats for now. Let us know if you start getting the update in the comments below.
Filed under: Internet
Skype confirms fix rolling out for instant messaging bug originally appeared on Engadget on Tue, 17 Jul 2012 09:28:00 EDT. Please see our terms for use of feeds.
Earlier today, we finally got word from Skype concerning a bug that some users have been plagued with since June. The bug occasionally sends IMs between two contacts to an unintended third contact, which of course brings up some very valid concerns about privacy. Aside from saying that a fix will be rolled out within the next few days, Skype kept this morning’s statement on the bug brief, but this evening it’s being a little more specific about the bug, and it turns out its occurrence isn’t all that random.
Apparently, messages are only forwarded to a third contact when the Skype client crashes during a conversation. When that happens, the “last IM entered or sent prior to the crash” will then be sent off to that unintended third contact, which could result in a pretty dire situation if that most recent IM was about them. Hearing Skype describe it, the bug sounds like it isn’t necessarily unavoidable, but it also isn’t random, so at least there’s that.
In its updated statement, Skype also shared a list of which clients are impacted by this bug: Skype 5.9 and 5.10 for Windows, 5.8 for Mac, 4.0 for Linux, 4.0 for iOS, 2.8 for Android, and 1.2 for Windows Phone. If you’re using one of those clients, you’re instructed to download the latest client once you’re notified that an update is available, as that will likely include the fix you need to prevent this from happening again.
So, we’ve made a good bit of progress with this bug today. Not only does Skype say it’s working on a fix, but it also told us which specific clients are affected and what exactly needs to happen for the bug to rear its ugly head. Like we said this morning though, it’s still probably a good idea to choose your words carefully while we wait for this update, otherwise they might end up being seen by exactly the wrong person.
[via Skype]
Skype elaborates on instant message bug is written by Eric Abent & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
Skype has acknowledged a bug that is affecting users in pretty much the most horrifying way possible. Instant messages sent over Skype are being sent to random contacts—even contacts you’ve never connected with before. More »
There’s a nasty little Skype bug that’s starting to do the rounds you may want to pay attention to. Engadget reports that the VOIP client has been hit by an issue that will cause messages to be randomly forwarded to other people in your contacts list. The bug was first discovered in June by members on Skype’s support forums, but the company is just getting around to acknowledging the issue, saying that they’re currently working on a fix.
It’s a pretty scary privacy issue, even if it’s only affecting a small number of people right now. Thankfully, Skype is aware of the bug, saying in a statement: “We are aware that in rare circumstances IM’s between two contacts could be sent to an unintended third contact. We are rolling out a fix for this issue in the next few days and will notify our users to download an updated version of Skype.”
Until then, you’ll just have to pay extra attention to what you’re sending out over Skype. We’ll keep an eye out and let you know when Skype issues the fix, but in the meantime it might be a good idea to think twice before hitting “send” on that private message.
Skype admits message leak bug but fix incoming is written by Ben Kersey & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
Only a handful of Skype users have reported this problem over at the support forum, but what they’re complaining about is pretty hair-raising. They say that, following an update in June, instant messages have repeatedly and unintentionally been forwarded to random people in their contact lists. In other words, third-parties are seeing stuff they were never meant to see, which constitutes a serious breach of privacy. Skype now tells us it’s aware of the issue and is working on a fix. Here’s the official response in full:
“We are aware that in rare circumstances IM’s between two contacts could be sent to an unintended third contact. We are rolling out a fix for this issue in the next few days and will notify our users to download an updated version of Skype.”
[Thanks, Kuldar]
Filed under: Internet
Skype confirms ‘rare’ bug that sends messages to unintended contacts, promises fix soon originally appeared on Engadget on Mon, 16 Jul 2012 09:37:00 EDT. Please see our terms for use of feeds.
Early this morning it was revealed by a group of hackers, and now confirmed by Yahoo, that they’d busted past Yahoo’s security forces and posted the passwords for 400,000 user accounts online. This posting was accompanied by a note that warned Yahoo and similar sites to re-think their security measures. Meanwhile Yahoo has stated that they are investigating the matter and that, of course, they encourage everyone in their network to change their passwords immediately and frequently thereafter to retain privacy for all of their accounts.
The first note to be pushed today was made by the group of hackers responsible for the incident, this note telling Yahoo that they do not mean to cause the organization any harm, but that they wish Yahoo to take action in the form of much higher security measures in the future. This note read thusly:
“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly.” – Anon
Not to be mistaken for the hacker collective known as “Anonymous”, this initiative simply did not sign their name anywhere in the document. According to the BBC, Yahoo has sent a message out to them to confirm the situation and their actions in short:
“We are currently investigating the claims of a compromise of Yahoo! user IDs. [We encourage users to] change their passwords on a regular basis.” – Yahoo Spokesperson
This would be a great opportunity for everyone out there reading this post to head to your many varied accounts and change your passwords from something silly like “password123″ to something a bit more challenging like “donot8pickthis9!” That way you’ll be a bit more secure and wont be dumped like the 400k users today were overnight.
Yahoo confirms 400k account hacks is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
Yahoo! has reportedly suffered a huge user account security breach, with login credentials for in excess of 453,000 users having been released into the wild. Details of which of Yahoo!’s services has been hacked have not been released, though TrustedSec speculates that it is Yahoo Voice based on some of the subdomains included with the leaked list of 453,492 accounts.
The login details were released by a hack collective calling itself D33Ds Company, which claimed to have accessed the usernames and passwords with a union-based SQL injection, Ars Technica reports. Such an attack overloads a poorly-secured server with database commands; “By injecting powerful database commands into them, attackers can trick back-end servers into dumping huge amounts of sensitive information” Ars says.
However, D33Ds Company claims to have mitigated the potential damage of the leak by purposefully withholding more sensitive data. ”We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure” the group wrote. “Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”
Yahoo! is yet to comment on the breach, though it’s not the first embarrassing security gaffe at the company. Back in March, the company’s new Axis browser for iOS, PC and Mac was identified as having a potential loophole through which malware could install in the user’s browser.
453,000 Yahoo! accounts reportedly hacked is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
Talk of a $22.5m fine for Google over Safari user tracking has thrown the search giant into the spotlight once more, with opinion split over whether the proposed penalty fits the misdemeanor. The sum – which, if approved, would be the US Federal Trade Commission’s biggest fine to-date – is a drop in the pond for Google, and it raises questions over whether quick checkbook fixes are encouraging cavalier attitudes toward privacy.
It’s hard not to see $22.5m, even if a vast amount by individual standards, as being little more than a mild rap on the knuckles for Google. The company made that much in the space of five hours in 2011, based on its overall income, and it represents a tiny slice of the sums Google execs are used to dealing with every day.
FTC regulations permit a potentially far more challenging penalty. Going by the book, the agency can apply a fine of $16,000 per violation, per day. That’s a tough thing to face if you’re a small business with one or two personal data spillages to cough up for, but Google’s privacy gaffe covers possibly millions of users over an extended period.
So, if the FTC had wanted, it could have presumably pushed for a significantly tougher punishment than the one it apparently “negotiated” with Google. Exactly why it did not is unclear; Google has always maintained that the tracking behavior was the inadvertent side-effect of it legitimately using Safari functionality that kept browsers logged into its services, and not an intentional workaround for tracking. It’s possible that Google’s protestations to that affect were what swayed the Commission into diluting the sanctions.
Undoubtedly it’s worse to have deliberately tracked users who wanted to opt out of such monitoring rather than to have unwittingly done so. However, there remain questions as to whether “I didn’t realize” is sufficient excuse to justify watering down a fine to the point where it’s all but negligible to a company. Google may not have meant to violate Safari users’ privacy, but it did, and you could well argue that further testing of the log-in system at fault could have identified the flaw prior to it being rolled out publicly.
Does the FTC have a responsibility to levy fines that dissuade beta-style software and subpar testing, when there’s user-rights at risk? That’s a question the FTC commissioners still to approve the $22.5m penalty will have to decide, lest they set a precedent that undervalues individual privacy.
The Price of Privacy is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.
