Brightest Flashlight app shared location data with advertisers
An app developer has settled with the Federal Trade Commission (FTC) over charges that it had shared user data without permission. GoldenShores Technologies, creators of the free Brightest Flashlight app, "deceived consumers" by collecting and sharing geolocation data and unique device identifiers to advertising networks and third parties.
Users can now print complete lists of saved items
AgileBits is today releasing v4.1 of 1Password for Mac, its flagship software for storing logins, credit card numbers, and other sensitive data. One major addition is an improved browser plugin, which will now let people use the auto-save function to update existing passwords, instead of just store new ones. Items can now also be tagged from the auto-save panel.
Obama sticks with BlackBerry due to security risks
President Barack Obama's administration is likely the most tech savvy the United States has seen, but the Commander in Chief can't rely on the best selling smartphone in the world for personal use. In a summit at the White House today, Obama revealed that he cannot use an iPhone for official business due to "security reasons." The President still uses a BlackBerry in the course of his daily duties, but even that device is quite limited in what it can be used for.
Supports major cloud services
Boxcryptor has released an OS X client for its self-titled encryption software. The tool is used to encrypt files before uploading them to a cloud storage service, such as Dropbox, Google Drive, SkyDrive, Box, or SugarSync. Using Boxcryptor's apps for various platforms, including iOS and Android, the files can be decrypted and accessed elsewhere.
Facebook, Gmail, ADP, Twitter amongst list of credentials stolen
A recently-discovered botnet has been accused of pilfering over two million logins to popular web services, including Facebook, Gmail, some payroll services, and an assortment of Russian social networking services, according to Trustwave SpiderLabs. The botnet, driven by the "pony" controller software, is infecting PC users in 102 countries.
Capped bills for stolen phones, early termination clauses in new agreement
Customers of mobile phone networks in the United Kingdom will be better protected from high bills after their phone is lost or stolen. EE, Virgin Media, Vodafone, and Three have all signed up to a government agreement that will, among other obligations, place a cap of £50 ($82) on the customer's liability for usage from the time the phone is reported as stolen.
Could be used to unlock future Apple devices
The US Patent and Trademark Office has granted Apple a new patent on a facial recognition system. The concept was first submitted in 2008, and would let people unlock a device like an iPhone or Mac simply by staring at a built-in camera. The device would store several images of a user, and only grant access if one of them matched. More significantly, Apple notes that the technology could be used to hide or reveal data on a per-case basis, instead of across the board.
Persistent security claims by US officials behind market exit
Huawei is planning to pull out of the United States, according to an interview with CEO Ren Zhengfei. The head of the company is effectively giving up on the US market, following two years of criticism and intense scrutiny by the US government, along with accusations that the telecommunications company is helping the Chinese government spy on US citizens and businesses.
Cross-carrier stolen phone database will connect with international versions
Work on a national stolen phone database covering AT&T, Sprint, T-Mobile, and Verizon Wireless handsets has been completed, according to an announcement from CTIA. The wireless association revealed that the multi-carrier database has been implemented before its November 30th deadline, one which it hopes to connect to overseas carriers to protect against thefts worldwide.
Commission blasts US data-collection methods
The European Commission has called on the US to change its data-collection policies to "restore trust" that has been eroded by recent revelations detailing the National Security Agency's foreign spying programs. The Commission has outlined several recommendations, including an EU-US data protection "umbrella" agreement that would give European citizens the right to legally challenge the US government whenever their personal data is intercepted in the US.
Password resets on European PSN accounts over possible irregular activity
Sony has reset the password on a number of PlayStation Network (PSN) accounts. The changes, made as a "precautionary measure" just in case the account was compromised, have taken place on European accounts just days before the company is due to launch its next-generation PlayStation 4 game console on the continent.
Up to 138 million Adobe CC accounts violated by data breach
Adobe has admitted that it is taking significantly longer than it expected to email all of the customers affected by the epic-scale security breach, with some victims still not being contacted more than 10 weeks after the data theft. Despite discovering the attack on September 17, Adobe did not go public with the information until October 3, with the company still having not informed all affected customers two full months after the breach.
Document kept out of public eye until after 5s launch
The US Patent and Trademark Office has published an Apple patent application for the technology inside its Touch ID fingerprint sensor. The document is titled Capacitive Sensor Packaging, and was originally submitted on March 15th. Like a number of Apple filings, though, it appears to have been kept secret until after the product associated with the technology launched.
LG firmware will fix TV fault over data transmission without user permission
LG has admitted that its smart televisions are sending data related to TV shows and content watched to its servers. The electronics producer will be releasing a future firmware update for the televisions, one that fixes an issue where user data got fed back to LG, even if the television's owner did not allow it in the device's options menu.
Channel information, file names on storage passed back to LG
Smart TVs from LG are collecting data on the owner's viewing habits and connected devices, and forwarding the information back to base, according to one customer. It is alleged that the data is also being fed back to LG, even if the customer selects an option in the television's software that supposedly prevents it from doing so.
CTIA argues nationwide database sufficient
Cellular carriers are reportedly rejecting calls for cellphone makers to implement "kill switch" technology to deactivate stolen devices. After reviewing e-mails between Samsung executives and software developers, San Francisco District Attorney George Gascón believes the carriers are hesitant to deploy anti-theft technology because it may leave less incentive for consumers to purchase highly profitable insurance plans, according to a New York Times report.
Search and ad giant placed tracking cookies on users' machines without asking
In a final settlement with a Federal Court, Google will pay a fine of just $17 million - on top of a separate FTC fine of $22.5 million from last year - to 37 US states and the District of Columbia over its illegal use of surreptitious tracking cookies in Apple's Safari web browser, deliberately bypassing Apple's built-in anti-tracking technology. Google failed to inform users that it was monitoring where they surfed after visiting any sites that used Google's DoubleClick ad network in 2011 and 2012.
Users will have more encryption options in Q1
Yahoo has announced plans to encrypt all information that moves between its data centers, in an attempt to prevent unauthorized access by the National Security Agency or other government agencies. The company is also preparing to add new encryption options for users, enabling all data to be encrypted on its way to and from Yahoo's servers.
Sentence derided as 'vengeful, spiteful act'
Hacker Jeremy Hammond has been dealt a 10-year prison sentence for his role in the 2011 theft of emails and credit card data from intelligence company Strategic Forecasting (Stratfor). The sentence was handed down in a federal court in Manhattan, where the 28-year-old pleaded guilty to violating the Computer Fraud and Abuse Act (CFAA).
Project brings awareness to botnets, other threats
Microsoft has built a new Cybercrime Center headquarters to highlight its fight against cybercrime. The Redmond-based project, which the company readily admits is a "CSI kind of place," appears to be focused on building awareness of potential threats and promoting Microsoft's efforts to combat cybercrime.
Hack similar to Ubuntu forums hack from earlier this year
The MacRumors user forums' database has been appropriated by hackers, who have likely obtained information on all 860,000 users of the site. Information available to the thieves include hashed passwords, MacRumors forum usernames, and email addresses of users, according to Editorial Director Arnold Kim. Users of the MacRumors forum are advised to change the password to their MacRumors account, as well as any other accounts on other sites using the same password.
Mac client going without web payment tech for now
Google has released Chrome 31, an update of its web browser for Windows, Mac, Linux, Android, and Chrome OS. The primary addition is better payment support, in the form of allowing site access to Chrome's auto-complete data (with user permission). This lets people save payment information in the browser for quicker access. Google says, however, that Mac compatibility will only be included "in a future release."
Voluntary contract for call data claimed between CIA, AT&T
The CIA has allegedly paid out more than $10 million per year to AT&T for access to data relating to international calls, according to a report. The transfer of metadata between the carrier and the agency is said by the New York Times to be a "voluntary contract," one that is performed freely rather than requiring court orders and subpoenas, unlike that of notorious surveillance program PRISM.
Bug bounty offers up to $5,000 for vulnerabilities in server software
Microsoft is teaming up with Facebook to offer more bounties for bugs and flaws in software used to by a vast majority of websites. The Internet bug bounty, HackerOne, sees the two companies paying cash prizes of between $300 and $5,000 in exchange for details for vulnerabilities in server-based software and frameworks such as PHP, Ruby, Rails, OpenSSL, and Apache httpd.
Cloud-based home surveillance
Dropcam recently introduced an upgraded "Pro" version of its cloud-based Wi-Fi video camera, improving nearly every aspect of the original Dropcam HD. The new model features a wider field of view, twice as much zoom, better low-light performance and a sharper image. In our full review, we spend a week with the new camera to determine if it is the best surveillance camera for the average consumer.
Suggests Apple may be complying with PRISM
Apple's data on requests by law enforcement indicates that the company is relying on a practice known as a "warrant canary," ArsTechnica observes. The concept involves publishing a notice that a warrant hasn't been served, and simply omitting/pulling the notice if the opposite is true. This can be a way of getting around gag orders that prevent organizations from disclosing their compliance with government surveillance.
Apple claims to have never received a Patriot Act request for user data
Apple has published a report on US government and law enforcement information requests that have been submitted to it. The report provides statistics on requests related to customer accounts, as well as those related to specific devices, limited by legal restrictions applied to it regarding disclosure.
Requires recent Mac, iPhone hardware
A new product, Knock, promises to let Mac owners unlock their computers by knocking twice on their iPhone. Users first have to download a $4 iPhone app and a free Mac client. Once both are installed, knocking on an iPhone sends a command to a Mac via Bluetooth, triggering an automatic login.
Encrypted private messaging platform officially launches after successful beta
CoverMe - a secure private texting, document sharing and phone call app -- has officially launched. During its beta period, over 500,000 users signed up for its service, exchanging 500 million messages with military-grade encryption. CoverMe protects personal contacts, call logs, messages, documents, and more, and provides the ability to recall or remotely wipe sent messages from a device. Its private 'vault' allows users to store photos, videos, documents and communication histories so that a lost device does not lead to a privacy breach. Users are immediately notified when a recipient has read a sent message, and the app provides an option to embed messages with a 'self-destruct' option. Available on iTunes and Google Play, CoverMe is free to download (with in-app purchases available).
Blueprint for OS X free until November 10
Blueprint, a business organizational app, has launched -- offering users an integrative project organizer that can sync with Apple's native apps. Blueprint features the ability to manage projects and track their progress using milestones, and link items together to get a full overview of a contact or project. Task management, note creation, and calendars are included, and imported files and folders can be managed with a drag-and-drop function. Currently available for free from the App Store until November 10, full pricing will be $60. System requirements for Blueprint are OS X 10.7.3 or later, and at least 2GB of RAM.
Duplicate finder and disk tidiness utility adds new UI, specified searching
Hyperbolic Software's utility app, Tidy Up!, has been updated with the release of Version 3. Tidy Up! can search for duplicate files and packages so users can eliminate unneeded information. Improvements to the latest version include a new user interface, as well as the ability to search for duplicate folders by content or in preferred playlists and albums. Prioritization is now available, with customization options featuring 'Smart Baskets', that sort files based on criteria input. Requiring OS X 10.6.6 or greater, Tidy up! 3 is currently available for $30 for new users, and $20 for those running version 2.0 or later.
Possible acquisition of Vodafone a politically difficult feat
AT&T's plan to acquire a carrier and operate in Europe may have to be put on hold for a long time, thanks to the National Security Agency (NSA). The revelations of national and international surveillance by the agency is now forcing European officials to scrutinize any attempt by AT&T or any other carrier to purchase a mobile phone network on the continent.
IN1's new multi-tool utility smartphone case TSA compliant
IN1, a phone case manufacturer, has released a smartphone case that contains space for its accompanying set of eight tools. Its toolset includes blue and red pens, phillips screwdriver, flathead screwdriver, nail-file, tweezers, scissors, toothpick, and a kickstand for to prop the phone. Made of high grade polycarbonate, the IN1 multi-tool utility case is TSA compliant. The IN1 is currently available for iPhone 5/5S, with models for Samsung GALAXY S4 and iPhone 5 coming soon. Color options are available for both the case itself as well as the tools, with the case offered in white, black, and clear, and the tools offered in white, black, pink, green, blue and orange. Priced at $45, the IN1 multi-tool case can be purchased online.
Source code to Photoshop, Adobe, ColdFusion taken
Updating its customers on a data theft it experienced a month ago, Adobe Systems said today that the magnitude of the lost information was far larger than it originally disclosed. Eclipsing previous estimates, Adobe has revealed that more than 38 million customer accounts, plus source code for Photoshop, Acrobat, ColdFusion, and ColdFusion Builder has been stolen by the hackers.
Problem with processors, motherboards supporting one instruction blocks update
Windows 8.1 brought with it a host of improvements to its core version, but a specific class of hardware is blocked from upgrading to the service pack from vanilla Windows 8. Adding to the problem is Microsoft's declaration that it will no longer provide security updates or other patches for the original Windows 8 release after 2015.
Could limit key attack vector
Flash is now a sandboxed plugin in OS X Mavericks, according to an Adobe blog post. Using the OS' App Sandbox feature, Adobe says it has been able to limit Flash's file read/write access and what assets the plugin can find in the first place. It can no longer reach local connections to device resources and IPC (interprocess communications) channels, for instance, and network privileges are restricted such that Flash-based malware can't communicate with servers set up by hackers.
Latest Evernote includes home screen customization, map notes
The latest update of Evernote's mobile app for iOS and Android has been released, offering new features and improvements. Evernote is a productivity organizer that lets users sync notes, to-do lists and photos across devices, as well as share notes through social media tools. Version 7.1 on iOS features the addition of displaying notes on map, as well as the ability to now customize the home screen layout.
New iTunes Trailers doesn't add features, just iOS 7 redesign
On Thursday, Apple released an updated version of its iOS app iTunes Movie Trailers, one that lets it work more smoothly with iOS devices running iOS 7. The update brought no new features to the app, which simply showcases and plays movie trailers on demand. The overhaul, however, brings the app fully in line with other Apple iOS 7 improvements, from the new icon to the redesign of the screens. The free app is available now from the App Store.
Fixes bugs in iMessage, Spotlight, other areas
Apple has quietly issued a minor update to iOS, v7.0.3. The firmware adds two new features, primarily iCloud Keychain, which can be used to sync logins, passwords, and credit card numbers between devices. Also new however is Password Generator, which lets Safari suggest complex password for user accounts.
Initiative to keep smaller activist sites active during attacks
Google has announced it will help website owners protect their sites from Distributed Denial of Service (DDoS) attacks. Project Shield hopes to keep smaller sites running during DDoS attacks, with the project's initial focus being to protect under-resourced sites serving "media, elections, and human rights related content."
Google, Microsoft, Facebook, Yahoo, Twitter memo over spying concerns
A group of technology companies has asked members of the UK government that there needs to be a debate about Internet surveillance. Facebook, Microsoft, Google, Yahoo, and Twitter have jointly written a memo to Members of Parliament (MPs) calling for more transparency in requests for information by government-controlled organizations, such as GCHQ.
Research group says mad-in-the-middle attack could be used
Apple is denying that it could or would want to intercept iMessage traffic, according to an official statement. In a white paper issued Thursday, security firm QuarksLab argued that despite Apple assurances in the past, Apple could use a man-in-the-middle attack to provide US agencies like the NSA or the FBI with demanded information. The attack would exploit the company's control of encryption keys to convince senders and recipients that they're communicating with each other, when in reality they're passing information through an unsecure point where Apple can listen. QuarksLab says it's not suggesting that Apple does listen, simply that it has the option if compelled.
Landmark settlement intended to send a message to future infringers
According to court records filed today, Canadian Gary Fung has until the end of the week to close his BitTorrent search engine IsoHunt in addition to related sites TorrentBox, and Podtropolis. Fung has also agreed to pay various movie studios and other media production groups $110 million in damages to end the seven year-old legal skirmish.
95 percent of enterprise apps, 90 percent of tablets, 72 percent overall
A new report by Good Technology notes that in addition to dominating the competition in corporate adoption, Apple's iOS platform is also gaining share as it sees a new wave of enterprise device adoption and activation. Overall business mobile device activations are up 60 percent, while iOS percentage of the market has grown to 72 percent, up from 69 percent in Q2. Apple's platform is also responsible for an astonishing 95 percent of all enterprise app use, and holds 90 percent of the tablet share.
Three Samsung motions meant to delay investigation of breach shot down
The presiding judge in the ongoing Apple-Samsung trial (the first stage of which ended with a complete victory for Apple and over $1 billion in damages awarded by a jury) is, to put it mildly, unhappy about Samsung's stonewalling of an investigation into the disclosure of confidential terms of an Apple-Nokia deal to Samsung executives. Rather than admit culpability, the company and its legal firm attempted to persuade the judge that the whole thing was a blameless accident. It didn't work.
Apple-provided update fixes issues, uninstalls the old Apple Java applet plug-in
For the fifth time this year, Apple has had to issue an update to Java for all three supported versions of OS X: Snow Leopard (10.6), Lion (10.7) and Mountain Lion (10.8). As has become the norm, the update was issued due to the discovery of "multiple vulnerabilities" in Java 1.6.0_51. The cross-platform development technology has been updated to version 1.6.0_65, and is referred to in Software Update as "Java for Mac OS X 10.6 Update 17" for Snow Leopard and "Java for OS X 2013-005" for newer systems.
Customers able to download data blocked after company shutdown
Encrypted e-mail service Lavabit has temporarily reopened, to allow customers to retrieve their stored data after the service's shutdown. Customers will be able to change their account password on the service for a 72-hour period starting at 7pm Central Time today, with personal account data being made available to download from Friday for a limited time.
Class could not prove that it was damaged by Google's actions
US District Judge Sue Robinson from the Delaware federal court has dismissed a class-action suit against Google, ruling that the class could not prove that Google's cookie deposition policies actually generated any harm. The plaintiffs, users of Apple's Safari and Microsoft's Internet Explorer alleged that Google had bypassed the respective firms' browser settings on cookie usage, and as a result were served targeted advertisements based on ill-gotten data from searches and web browsing habits.
INLET outlet adapter has three tamper resistant outlets, 2.1a USB port
LivingPlug has released its latest electrical outlet accessory, the Inlet. Installed over a conventional home outlet, Inlet extends its utility with the inclusion of three tamper-resistant electrical outlets, as well as a 2.1a USB port for device charging. A 'UnPlug' button is also included, which allows users to stop energy loss from devices that are connected, but not in use. An optional anchor screw is included, for parents to secure the Inlet more permanently to the standard outlet so children cannot access the non-tamper resistant wall outlets underneath. Able to cover a duplex outlet entirely, the Inlet base can run flush with a wall due to its quarter-inch reveal. The Inlet can be aesthetically customized, with LivingPlug's Faceplates prices starting at $15. Inlet is currently available through online pre-order for $25.
Pro model sells alongside basic Dropcam
Dropcam has introduced an upgraded version of its Wi-Fi video monitoring camera. The next-generation Dropcam Pro brings a long list of improvements, centering around a new six-element all-glass lens with a 130-degree field of view. Better optics are paired with a larger image sensor that is claimed to provide 2X sharper video during the day and a seven-fold sharpness improvement in low-light conditions or at night.