fbpx

Download free GDPR compliance checklist!

Tag Archives for " software "

Google is open-sourcing a tool for data scientists to help protect private information

Google is open-sourcing its so-called differential privacy library, an internal tool the company uses to securely draw insights from datasets that contain the private and sensitive personal information of its users.

Differential privacy is a cryptographic approach to data science, particularly with regard to analysis, that allows someone relying on software-aided analysis to draw insights from massive datasets while protecting user privacy.

Source: Google is open-sourcing a tool for data scientists to help protect private information – The Verge

New DPIA on Microsoft Office and Windows software: still privacy risks remaining

Three new DPIAs, which Privacy Company has carried out for the central Dutch government, show that Microsoft has mitigated the eight previously identified privacy risks for Office 365 ProPlus through a combination of technical, organisational and contractual measures.

However, the new privacy conditions for the central Dutch government do not yet apply to the data processing via Windows 10 Enterprise or the mobile Office apps. Moreover, certain technical improvements that Microsoft has implemented in Office 365 ProPlus are not (yet) available in Office Online.

Therefore, SLM Rijk advises government institutions to, for the time being, refrain from using Office Online and the mobile Office apps, and to opt for the lowest possible level of data collection in Windows 10.

Full article: New DPIA on Microsoft Office and Windows software: still privacy risks remaining (long blog)

WhatsApp working on thumbprint authentication for chats

Facebook-owned WhatsApp is reportedly working on a fingerprint authentication feature to protect its users’ chats from being seen by others.

The fingerprint authentication feature will be available within the app under a new section. Once you enable the fingerprint feature, your WhatsApp will be completely protected from others to be seen.

Full article: Privacy at your fingertips: WhatsApp working on thumbprint authentication for chats – The Economic Times

How to Tell If Your Partner is Spying on Your Phone

“Stalkerware” apps let abusers monitor their partner’s phones and track their locations—without them knowing.

Here are some things to know about how Stalkerware works and questions to ask yourself if you think someone may be tracking you.

Full article: How to Tell If Your Partner is Spying on Your Phone – Motherboard

Instagram GDPR Tool Exposes Subscriber Passwords

A warning has been issued by Instagram that a number of users of the social media platform have had their password details exposed by a security leak.

Ironically, this breach occurred due to a flaw in the ‘Download Your Data’ tool that Instagram added to the platform to allow users to download a copy of their own data. Instagram sent these users their passwords in plain text. This feature was implemented in April in order to ensure compliance with the European Union General Data Protection legislation which became enforceable on May 25 this year. The tool was developed due to privacy concerns in the aftermath of Facebook’s Cambridge Analytica scandal.

Full article: Instagram GDPR Tool Exposes Subscriber Passwords – Compliance Junction

Google is Adding Force-Installed Extension Removal to the Chrome Cleanup Tool

Google Chrome includes a built-in utility called the Chrome Cleanup Tool that scans for and remove malware that injects ads or performs other unwanted behavior in Chrome. A problem, though, is that this tool does not allow the removal of Chrome extensions that are force-installed through Windows group policies.

This is about to change according to a Chrome source code commit, which has the description of “Update chrome_cleaner/chrome_utils to remove force-installed extensions.” According to this update, the Chrome Cleanup Tool will now be able to detect and remove force-installed extensions. It will, though, utilize a whitelist of Google extensions that should continue to be automatically installed.

Full article: Google is Adding Force-Installed Extension Removal to the Chrome Cleanup Tool

Widely used open source software contained bitcoin-stealing backdoor

A hacker or hackers sneaked a backdoor into a widely used open source code library with the aim of surreptitiously stealing funds stored in bitcoin wallets. The malicious code was inserted in two stages into event-stream, a code library with 2 million downloads that’s used by Fortune 500 companies and small startups alike.

In stage one, version 3.3.6, published on September 8, included a benign module known as flatmap-stream. Stage two was implemented on October 5 when flatmap-steam was updated to include malicious code that attempted to steal bitcoin wallets and transfer their balances to a server located in Kuala Lumpur. The backdoor came to light last Tuesday with this report from Github user Ayrton Sparling.

Full article: Widely used open source software contained bitcoin-stealing backdoor | Ars Technica

The Hack Millions of People Are Installing Themselves

Security conscious users keep their operating system and other software up to date, but a huge risk is often overlooked: the underground trade of malicious browser extensions that people install themselves.

Extensions are in such as prime position for hackers because, depending on the purpose of the extension, they may have special permissions to access information inside the web browser. These can range from the data on all the websites you visit, which lets the extension potentially read, request, or modify data on anything, from your online banking site to Facebook. Others may request access to your browsing history, your clipboard, or bookmarks. The security of the particular browser may be great—it is getting more and more expensive for someone to remotely hack Chrome, for example—but that protection can be undermined if a malicious extension is just sitting inside the browser.

Full article: The Hack Millions of People Are Installing Themselves – Motherboard

It’s Amateur Hour in the World of Spyware and Victims Will Pay the Price

We’re living in the golden age of spyware and government hacking, with companies rushing to join a blossoming billion dollar market. The weakest among us—activists or journalists—will suffer the consequences if we don’t regulate it appropriately.

Full article: It’s Amateur Hour in the World of Spyware and Victims Will Pay the Price – Motherboard

China surveillance tech can ID people by their walk

Chinese authorities have started using “gait recognition” software – artificial intelligence that identifies people by their body shape and the way they walk – for mass surveillance on the streets of Beijing and Shanghai. The tech can reportedly recognize people from up to 50 meters away, even if their face is hidden or their back is facing the camera.

Full article: China surveillance tech can ID people by their walk, report says – CNET

1 2 3
>