Another Facebook vulnerability has been found that could have exposed information about users and their friends.
The security company Imperva has released new details on a Facebook vulnerability that could have exposed user data. The bug allowed websites to obtain private information about Facebook users and their friends through unauthorized access to a company API, playing off a specific behavior in the Chrome browser. The bug was disclosed to Facebook and resolved in May.
At this point Facebook is a giant dumpster fire. Get out while you still can.
It will mix human curation and algorithms to suggest podcasts for you.
In another BGP hijack, Google traffic was rerouted yesterday through Russia and China. This included Google Cloud, YouTube, and other services.
Specifically, network connectivity to Google was instead routed through TransTelekom in Russia (
mskn17ra-lo1.transtelecom.net), and into a China Telecom gateway (
ChinaTelecom-gw.transtelecom.net) that black-holed the packets. Both hostnames have since stopped resolving to IP addresses.
Hijack me once, shame on you. Hijack me twice, shame on me.
Snapchat is adding some features to its app, like Friendship Profiles, new Bitmoji, Bitmoji Stories, and Bitmoji Merch.
A new HTTP version is coming, and it will work differently than previous versions. Instead of using TCP, it will use a Google technology called QUIC.
In its continued efforts to make Web networking faster, Google has been working on an experimental network protocol named QUIC: “Quick UDP Internet Connections.” QUIC reinstates the reliability and ordering that TCP has but without introducing the same number of round trips and latency.
For example, if a client is reconnecting to a server, the client can send important encryption data with the very first packet, enabling the server to resurrect the old connection, using the same encryption as previously negotiated, without requiring any additional round trips.
Black Friday deals seem to be appearing earlier than ever, but are they really deals? Here are some Black Friday tech deals I’ve found so far.
Volkswagen is now letting iPhone users unlock their car with Siri. The VW Car-Net app has support for shortcuts.
iOS users can now use Siri to lock and unlock their car, check estimate mileage with the fuel or charge left in their vehicle, and enable alarms. Cart-Net isn’t free to all VW owners, though: the app costs a specific subscription fee per month. It allows vehicle owners to pinpoint their car’s location, set a geofence for it, and access diagnostics remotely.
A support document from Apple found a problem with certain iPhone X models that may cause a certain component of the display module to fail.
LifeEar hearing aids can be calibrated with your iPhone. The LifeEar app connects LifeEar CORE hearing aids and your mobile device. Use your smartphone or tablet to control settings and personalize hearing aids for your specific needs. Life sounds better when you’re in control. Use the LifeEar app to create a personal profile for each ear to calibrate programs, adjust the volume of your LifeEar hearing aids, select your hearing aid programs to suit your environment, view hearing aid battery levels, and update your profile as your hearing needs change over time. Ears are like people, no two are exactly the same. That’s why the LifeEar app allows you to customize the CORE for your unique ears. Based on your response to a series of tones, it creates your profile and then calculates your personalized settings. App Store: LifeEar – Free
During the tests performed by Cure53, five vulnerabilities were found. Only one vulnerability needed immediate action.
Contactless payments and bank apps are introducing kids to a cashless society. Some parents are using these apps instead of forking over cash allowances.
“Young people are seeing less and less cash transactions, which just means that we have to be even more careful to talk about what is happening at each of those stages, because it has become more abstract,” said Winnard.
This is also how Apple seems to be marketing Apple Pay Cash in part. Parents can use iMessage to give their kids money.
The company wants to experiment with a fourth subscription tier in an effort to increase its user base.
An iPhone X seized as part of an investigation was remotely wiped by its owner. This begs the question: Does wiping an iPhone count as destruction of evidence?
Police believe Juelle L. Grant, 24, of Willow Avenue, may have been the driver of a vehicle involved in an Oct. 23 drive-by shooting on Van Vranken Avenue, near Lang Street, so they obtained her phone, according to police allegations filed in court.
No one was injured in the shooting. After police took her iPhone X, telling her it was considered evidence, “she did remotely wipe” the device, according to police.
This will be an interesting case to watch, and could set the tone for future phone-related incidents.
Named after the DNS address it uses—220.127.116.11—it promises a quick and easy privacy fix.
An ongoing study by Northeastern University and the University of Massachusetts claims that Sprint is throttling Skype without telling customers.
Choffnes and his team analyzed more than 719,417 tests conducted by 100,000 users across 135 countries, and discovered that wireless carriers routinely throttle streaming video applications. While carriers often claim this kind of throttling only occurs in response to network congestion, evidence suggests the practice is often tied to efforts to upsell users to pricier plans.
We need net neutrality more than ever.
The online shopping giant recently signed a deal to expand the selection of Apple offerings in its store.
Finisar, an Apple Face ID supplier that makes laser scanners, has been acquired by optical system producer II-VI, Inc. worth US$3.2 billion.
The USPS Informed Delivery Service is vulnerable to identity thieves. The services lets you see a preview of your mail on the web and mobile, and this week the U.S Secret Service issued a warning about it.
The internal alert — sent by the Secret Service on Nov. 6 to its law enforcement partners nationwide — references a recent case in Michigan in which seven people were arrested for allegedly stealing credit cards from resident mailboxes after signing up as those victims at the USPS’s Web site.
According to the Secret Service alert, the accused used the Informed Delivery feature “to identify and intercept mail, and to further their identity theft fraud schemes.”
Ugh, why can’t we have nice things?
Writing in his iPad Pro Diary series, Ben Lovejoy argues that the iPad needs a computer OS in order to be closer to a computer. He calls it “padOS.”
But while the iPad Pro isn’t trying to be a Mac, it is a grown-up device and it needs a grown-up operating system. Not macOS, but rather a tailored version of iOS, designed to take advantage of the additional capabilities of the iPad. What some people have termed padOS.
To Mr. Lovejoy I say this: Have no fear, this is what iOS 13 will be. *crosses fingers*
In iOS 12 you can create album folders in the Photos app, but the way to create them is a little hidden.