Saturday, October 19, 2019

China has built ‘massive global data-collection ecosystem’ to boost its interests

Chinese use state-owned enterprises, local tech companies and foreign partnerships, ASPI report saysThe Chinese government is sweeping up vast amounts of data from all around the world to bulwark the nation’s security, but most critically to secure the political...

Prevent database is secure but not secret | Letter

Describing a documented database as ‘secret’ risks causing unjustified distrust in a multi-agency programme that seeks to protect those vulnerable to all forms of radicalisation and keep our communities safe, writes Chief Constable Simon ColeYour front-page lead (7 October)...

Scientists invent new technology to print invisible messages

Messages can only be seen under UV light and can be erased using a hairdryerForget lemon juice and hot irons, there is a new way to write and read invisible messages – and it can be used again and...

YouTube’s fine and child safety online | Letters

Fining YouTube for targeting adverts at children as if they were adults shows progress is being made on both sides of the Atlantic, writes Steve Wood of the Information Commissioner’s OfficeThe conclusion of the Federal Trade Commission investigation into...

Data breach may affect 50,000 Australian university students using ‘Get’ app

Students using events app Get, previously known as Qnect, may have had their personal data exposed onlineThe personal details of an estimated 50,000 students involved in university clubs and societies around Australia may have been exposed online, in the...

Guardian investigations: how tech helps tackle big data … and big lawyers

Our head of investigations explains how a new IT system, Giant, has the power to find needles in journalistic haystacksThere aren’t too many places to hide at the Guardian. The offices are open-plan and most of the meeting rooms...

A ‘deep fake’ app will make us film stars – but will we regret our narcissism?

Users of Zao can now add themselves into the scenes of their favourite movies. But is our desire to insert ourselves into everything putting our privacy at risk?‘You oughta be in pictures,” goes the 1934 Rudy Vallée song. And,...

Uighurs in China were target of two-year iOS malware attack – reports

Android and Windows devices also targeted in campaign believed to be state-backedChinese Uighurs were the target of an iOS malware attack lasting more than two years that was revealed last week, according to multiple reports.Android and Windows devices were...

Chinese face-swap app triggers privacy fears after going viral

Zao lets users superimpose themselves on to celebrities but critics warn of data threatA new Chinese app that lets users swap their faces with celebrities, sports stars or anyone else in a video clip racked up millions of downloads...

Maths and tech specialists need Hippocratic oath, says academic

Exclusive: Hannah Fry says ethical pledge needed in tech fields that will shape futureMathematicians, computer engineers and scientists in related fields should take a Hippocratic oath to protect the public from powerful new technologies under development in laboratories and...

Myki data release breached privacy laws and revealed travel histories, including of Victorian MP

Researchers able to identify MP Anthony Carbines’s travel history using tweets and Public Transport Victoria datasetThe three-year travel history of a Victorian politician was able to be identified after the state government released the supposedly “de-identified” data of more...

Major breach found in biometrics system used by banks, UK police and defence firms

Fingerprints, facial recognition and other personal information from Biostar 2 discovered on publicly accessible databaseThe fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on...

From Watergate to El Paso: should we be relying on unelected bodies to protect us? | John Naughton

Web security firm Cloudflare’s decision to terminate 8chan as a customer is welcome, but risks setting a dangerous precedentLast Saturday morning, a gunman armed with an assault rifle walked into a Walmart store in El Paso, Texas, and shot...

Chinese cyberhackers ‘blurring line between state power and crime’

Cybersecurity firm FireEye says ‘aggressive’ APT41 group working for Beijing is also hacking video games to make money A group of state-sponsored hackers in China ran activities for personal gain at the same time as undertaking spying operations for...

Briton who helped stop 2017 WannaCry virus avoids jail over malware charges

Marcus Hutchins pleaded guilty to two malware chargesHutchins sentenced to time served and supervised releaseA British cybersecurity expert credited with helping stop a worldwide computer virus in May 2017 will not serve any additional time behind bars for...
The Register

Deus ex hackina: It took just 10 minutes to find data-divulging demons corrupting Pope’s Click to Pray eRosary app

Vatican coders exorcise API gremlins but, we must confess, they missed little monster.... Exclusive  The technology behind the Catholic Church’s latest innovation, an electronic rosary, is so insecure, it can be trivially hacked to siphon off worshipers' personal information.…
SC Magazine

Trojanized Russian-language Tor browser lets attacks steal from users’ e-wallets

Researchers have discovered a trojanized version of a Tor private browser that targets Russian-speaking dark web marketplace visitors and lets cybercriminals steal from their e-wallet transactions. The developers behind the malicious browser have so far stolen at least $40,000 in...
SC Magazine

UC Browser potentially endangers 500 million users

The popular Android browser UC Browser was found to break several Google mobile app rules possibly placing up to 500 million of its users at risk. UC Browser, which is available from the Google Play store, was found by Zscaler ThreatLabZ...
ZDNet

US stopped using floppy disks to manage nuclear weapons arsenal

US Air Force switches to secure solid-state-based solution to replace antiquated floppy disks in SACCS nuclear weapons management system.
Bruce Schneier

Friday Squid Blogging: Six-Foot-Long Mass of Squid Eggs Found on Great Barrier Reef

It's likely the diamondback squid. There's a video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.