Articles

404 ERROR: REQUEST COULD NOT BE FOUND

The page that you have requested could not be found at this time. We have provided you a list of related content below or you can use our site search to find the information that you are looking for.

Facebook Employees Had Access to Millions of User Passwords Stored in Plain Text

In a new blog post entitled "Keeping Passwords Secure" Facebook VP Engineering, Security and Privacy Pedro Canahuati explains how the social media giant accidentally stored Facebook user's passwords on internal data storage systems in plain text. Pedro explains how "these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them. We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users." To keep your account safe, Facebook suggests changing your Facebook and Instagram passwords, pick strong passwords, use a password manager, and enable a security key or two-factor authentication. In recent months, Facebook has vowed to clean up its act as it has been accused of sharing user data, one click account takeover bugs, paying minors to harvest their data without parental consent, had its enterprise certificate revoked by Apple, access token hack, Cambridge Analytica, and many more fines and hacks. I would suggest picking a password so long and complex that Facebook employees would get tired from writing it down.

As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems. This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable. We have fixed these issues and as a precaution we will be notifying everyone whose passwords we have found were stored in this way.

Discussion
Posted by cageymaru March 21, 2019 1:17 PM (CDT)

Health Apps Sell User Data

A recent study from the BMJ found that many popular health apps share more data with advertisers than they probably should. The researchers analyzed 24 Android apps with scripts that simulate real world usage, and found that 19 of them shared potentially sensitive user data (PDF Warning) with 55 "unique entities." 14 of the apps transmitted the data over an unencrypted connection. The researchers stressed that the entities collecting the data not only have the ability to aggregate it with user information from other sources, but that they turn around and sell this information to other 3rd parties, which represents a huge potential privacy violation.

Sharing of user data is routine, yet far from transparent. Clinicians should be conscious of privacy risks in their own use of apps and, when recommending apps, explain the potential for loss of privacy as part of informed consent. Privacy regulation should emphasise the accountabilities of those who control and process user data. Developers should disclose all data sharing practices and allow users to choose precisely what data are shared and with whom.

Discussion
Posted by alphaatlas March 21, 2019 10:34 AM (CDT)

Google Fined $1.7 Billion Over Monopolistic Practices

The European commission has reportedly slapped Google with a 1.49 billion Euro (or $1.69 billion USD) fine for "abusing its monopoly in online advertising." More specifically, the report alleges that Google prevented companies that using its search service from running any third party adverts, and the commission claims that "Google's rivals were not able to compete on the merits, either because there was an outright prohibition for them to appear on publisher websites or because Google reserved for itself by far the most valuable commercial space on those websites, while at the same time controlling how rival search adverts could appear." Google apparently changed these practices in 2016, but it took some time for the repercussions to catch up with them.

Margrethe Vestager, the EU's competition commissioner, said: "Google has cemented its dominance in online search adverts and shielded itself from competitive pressure by imposing anti-competitive contractual restrictions on third-party websites. This is illegal under EU antitrust rules. The misconduct lasted over 10 years and denied other companies the possibility to compete on the merits and to innovate - and consumers the benefits of competition."

Discussion
Posted by alphaatlas March 20, 2019 10:30 AM (CDT)

JPMorgan Chase Uses AI Powered Video Game as a Recruitment Tool

Recent reports claim that JPMorgan Chase are trialing "neuroscience-based video games" from pymetrics as a intern recruiting tool. The games supposedly assess applicants' "social, cognitive and behavioral features, such as attention, memory and altruism," and attempt to identify what job the applicant might be best suited for. But, unlike Amazon's "biased" AI recruiting tool, pymetrics says their "Netflix-like recommendation algorithm" is fair and accurate. As the report mentions, it appears that companies are getting more comfortable with the use of machine learning powered recruitment tools, in spite of the potential pitfalls associated with their use.

Large firms have been increasingly turning to technology to make recruitment and other human resources processes more fair. Systems also include applications that scan performance reviews for unconscious bias or that monitor job ads for phrases that might dissuade a certain demographic from applying ."Our re-imagining of how we hire is part of a broader objective at the firm where we are asking ourselves: 'Can we better meet our diversity goals by broadening the pool of candidates we are considering?'," Mitro said. JPMorgan's pilot will continue with applicants for 2020 internships in the United States, he added, noting that this technology would only be one step of the selection process.

Discussion
Posted by alphaatlas March 18, 2019 10:00 AM (CDT)

Get Ready for Targeted Ads on Your Smart TV

Disney, Comcast, NBCUniversal, and other top media companies have teamed up with VIZIO for a new standard that will bring targeted ads to television viewers. VIZIO, which recently lost $2.2 million after being caught tracking and selling viewing data using software on its Smart TVs, claims targeted ads, which are "relevant" to the household, will "drastically enhance" the viewing experience.

The companies are calling themselves a consortium, and they've dubbed this "Project OAR," or Open Addressable Ready. Once developed, the new, open standard will make it possible for all connected TV companies to sell targeted ads in scheduled and on-demand programs. While this will theoretically make ads more successful and therefore more valuable, it also means viewers' data will be shared with third parties. That raises the usual data privacy concerns.

Discussion
Posted by Megalith March 17, 2019 2:45 PM (CDT)

Microsoft Will Pester Windows 7 Users to Upgrade to W10 with Pop-Up Notifications

Microsoft has come up with another way to convince users to upgrade to Windows 10: corporate vice president Matt Barlow explained in a blog post this week Windows 7 users would be subjected to regular pop-up messages urging them to update to the latest version of the OS. That may not be the worst idea, as support for W7 officially ends January 14, 2020.

This is a courtesy reminder that you can expect to see a handful of times in 2019. By starting the reminders now, our hope is that you have time to plan and prepare for this transition. These notifications are designed to help provide information only and if you would prefer not to receive them again, you'll be able to select an option for "do not notify me again", and we will not send you any further reminders. Just as software has changed over the years, so has hardware.

Discussion
Posted by Megalith March 16, 2019 5:00 PM (CDT)

File Abnormality Causes Duplicate Tax Refunds

66,000 Louisiana residents are collectively $26 million richer as a file ran "abnormally," causing duplicate tax refunds on Wednesday, March 13. Many of these "double refunds" were direct deposited and banks are being notified of the overages. Refunds sent to debit cards are being "backed out." Division of Administration spokesman, Jacques Berry "urges anyone who received a larger refund than what they are actually due to not spend the money."

"It was a file abnormality," Berry said. "The file ran twice when it was only supposed to run once." "Hopefully we'll recover the vast majority of it before anyone mistakenly spends it," he said. "We appreciate taxpayers' cooperation while we recoup the overpayments," Commissioner of Administration Jay Dardenne said in a statement.

Discussion
Posted by cageymaru March 15, 2019 2:00 PM (CDT)

Chinese Commuters Use Facial Recognition to Pay for Subway Tickets

China is leveraging the power of 5G technology and facial recognition to improve its transportation infrastructure. At Shenzhen's Futian station, commuters will be able to use their face to pay for subway tickets. The ultra-fast 5G network provides a high quality network connection while lowering the cost of the subway equipment. This innovation allows the city's subway riders to "scan their faces on a tablet-sized screen mounted on the entrance gate and have the fare automatically deducted from their linked accounts." The new system is expected to increase the efficiency of the city's subway network as it handles up to 5 million rides per day. Chinese cities have become digitally savvy and its residents are ditching cash in favor of electronic payments with a smartphone. Chinese consumers pay for fried chicken at KFC with its "Smile to Pay" facial recognition system. Huawei Technologies backed the innovation laboratory that developed the technology.

"To use facial ticketing in the future, passengers will also need preregistration of their facial information and link their payment methods to their accounts, just like them making payments at the KFC restaurant," said a staff member at the Futian station's demonstration area in Shenzhen. Passers-by at the demonstration area in Futian station will see their information displayed on a big screen, including their facial photos captured by surveillance cameras, their gender, age, and the length of stay in the area.

Discussion
Posted by cageymaru March 15, 2019 10:10 AM (CDT)

Samsung Launches 12GB Smartphone Memory Packages

Samsung just announced what it claims to be the world's highest-capacity mobile DRAM package in production. The Korean company's new LPDDR4X modules combine six 16-gigabit, "10nm-class" DRAM ICs into a package that's 1.1 millimeters tall, allowing manufacturers to stuff just as much RAM as the desktop I'm typing this on into razor-thin phones. Samsung also says the module can hit transfer rates of up to 34.1GB per second, and claims that power consumption is only minimally increased in spite of the dramatic capacity boost. Thanks to cageymaru for the tip.

Since introducing 1GB mobile DRAM in 2011, Samsung continues to drive capacity breakthroughs in the mobile DRAM market, moving from 6GB (in 2015) and 8GB (2016) to today's first 12GB LPDDR4X. From its cutting-edge memory line in Pyeongtaek, Korea, Samsung plans to more than triple the supply of its 1y-nm-based 8GB and 12GB mobile DRAM during the second half of 2019 to meet the anticipated high demand.

Discussion
Posted by alphaatlas March 14, 2019 10:43 AM (CDT)

Facebook Outage Caused by BGP Routing Error

NETSCOUT has released a statement to BleepingComputer that the Facebook and Instagram outages were caused by a BGP routing error.

"'At approximately 12:52PM EST on March 13th, 2019, it appears that an accidental BGP routing leak from a European ISP to a major transit ISP, which was then propagated onwards to some peers and/or downstreams of the transit ISP in question, resulted in perceptible disruption of access to some well-known Internet properties for a short interval. While not malicious in nature, such events can prove disruptive on a widespread basis. It is very important that all network operators implement BGP peering best current practices (BCPs), including prefix-lists, max-prefixes, 'peer-locking' via AS-PATH filters, RPKI Origin Validation (RFC6811), and other techniques incorporated into the industry Mutually Agreed Norms for Routing Security (MANRS) detailed at .' -Roland Dobbins, NETSCOUT Principal Engineer"

Discussion
Posted by cageymaru March 13, 2019 5:30 PM (CDT)

Flickr Photos Were Used to Train IBM Facial Recognition

IBM, and a number of other researchers and institutions, have made extensive use of a Yahoo!-curated Flickr database for their facial recognition development efforts, and according to a recent report from NBC, this is raising concerns among privacy experts and the subjects within those photos. While IBM says they'll remove photos from the database upon receiving a request, they don't provide an easy way to tell if a particular user's photos are contained within the database, hence NBC has set up a tool to do exactly that. While the report largely focuses on the privacy and social issues surrounding IBM's database, it also touches on another big issue in the world of AI training: licensing. Machine learning algorithms can require huge datasets to effectively train, and many of the images in datasets I've seen are scraped from the web without much thought about their associated restrictions. That's already a legal and ethical issue for researchers, but it becomes even more problematic when those neural networks start showing up in commercial software, which happens more and more every day.

Academics often appeal to the noncommercial nature of their work to bypass questions of copyright. Flickr became an appealing resource for facial recognition researchers because many users published their images under "Creative Commons" licenses, which means that others can reuse their pictures without paying license fees... Experts note that the distinction between the research wings and commercial operations of corporations such as IBM and Facebook is a blurry one. Ultimately, IBM owns any intellectual property developed by its research unit... Holzer was concerned that a company like IBM - even its research division - had used photos he published under a noncommercial license. "Since I assume that IBM is not a charitable organization and at the end of the day wants to make money with this technology, this is clearly a commercial use," he said.

Discussion
Posted by alphaatlas March 13, 2019 10:57 AM (CDT)

Windows Update Fixes Previous Patch's Mouse Issues

Microsoft has released a fix to a previous update that reportedly caused "graphics and mouse performance degradation with desktop gaming when playing certain games, such as Destiny 2." KB4482887 contained the performance enhancing "Retpoline" Spectre mitigation, and in addition to the new mouse and graphics fixes, the newly released KB4489899 update patches some Microsoft Hololens calibration and tracking issues as well.

After installing this update on machines that have multiple audio devices, applications that provide advanced options for internal or external audio output devices may stop working unexpectedly. This issue occurs for users that select an audio output device different from the "Default Audio Device." Examples of applications that may stop working include: Windows Media Player, Realtek HD Audio Manager, Sound Blaster Control Panel

Discussion
Posted by alphaatlas March 13, 2019 10:19 AM (CDT)