John Lister

Wed
04
Sep
John Lister's picture

Use Chrome? Update Now to Fix Major Security Bug

Google has released a security update fixing a major flaw in the Chrome browser. While Chrome normally updates automatically, it's a serious enough problem that it's worth manually checking for updates to the browser in order to be certain. The bug ... was highlighted by the Center for Internet Security, a non-profit organization that crowd sources security problems and fixes. It says the flaw could be exploited simply by the user visiting a compromised web page. It says that: "Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the ... (view more)

Thu
29
Aug
John Lister's picture

Facebook Tightens Political Ad Rules, But is it Enough?

Facebook is taking new steps to prevent misleading political ads following the Cambridge Analytica scandal , which had millions of Facebook profiles harvested and used without consent for political advertising purposes. It says it's tightening the ... rules on buyers, which must now not only prove their identity, but also the organization they are associated with. Since 2018, anyone paying for an advertisement on Facebook relating to elections, politics or social issues has had to prove their identity to Facebook. They also have to include a disclaimer in the ad marked "Paid for by...", which is ... (view more)

Wed
28
Aug
John Lister's picture

How to Fix: Delete, Stop Google Calendar Spam

Google Calendar users have been hit by a spate of spam "events" that are nothing more than dubious web links. Users have several ways to stop the problem, but with some drawbacks. The problem involves mysterious entries appearing in Google Calendar, ... sometimes seeming to have been added by friends. Speaking from experience, I had several entries appear for an "event" which was supposedly a time-limited offer to pick up a free iPhone, along with a link to confirm I wanted to take advantage. Although I did not click on the link, it's a safe bet it would not have taken me to the Apple store. ... (view more)

Mon
26
Aug
John Lister's picture

Chrome to Check Passwords Against Hacked Databases

Chrome may soon warn users if their passwords have been compromised. It works by checking inputted passwords against those exposed in public data breaches. The feature is already available for Chrome from an official Google extension known as ... Password Checkup, but users need to actively install this extension to use it. Web browser Mozilla Firefox already has a similar feature built-in. Now a similar feature named "password leak detection" has been spotted in the code of Chrome Canary. That's a version of Chrome that includes test features planned for release in the main Chrome edition in a ... (view more)

Thu
22
Aug
John Lister's picture

iPhones, VLC Player Both At Risk

Users of both Apple devices and the VLC media player should watch out for potentially serious security bugs. The former is a particular embarrassment for Apple. It turns out the company fixed a security bug in iOS 12.3 in April, then accidentally ... removed the fix in iOS 12.4, which it released last month. It now plans to fix it imminently in an emergency update to be titled iOS 12.4.1. The bug is very serious as it potentially allows a rogue app to "execute arbitrary code with system privileges." That effectively means malware could have complete control over an iOS device, something that's ... (view more)

Wed
21
Aug
John Lister's picture

Facebook To Reveal User Tracking Secrets

Facebook is to show users what data it collects about their activity on other sites. It won't stop tracking, but will make the data anonymous if users ask. The changes will come in a new settings option called "Off-Facebook Activity." This will list ... all websites and apps that share data about user activity with Facebook. This most commonly happens through two methods. One is that the user has opted to log in to the third-party site through Facebook. In other words, as long as they haven't logged out of their Facebook account, they don't need to create or input user names and passwords for the ... (view more)

Tue
20
Aug
John Lister's picture

Can Keyboard Sound Expose Passwords? Experts Say No

Researchers say there's a risk that microphones and motion sensors in smartphones could make it possible to figure out information being typed on nearby keyboards. But media headlines that "hackers can work out your password" are a significant ... stretch. The research comes from the Darwin Deason Institute for Cyber Security at Southern Methodist University, based in Texas. It stemmed from the thought that smartphones could pick up sound in two ways: not just the sound waves in the air through the microphone, but vibrations such as on a table collected through the motion sensors in the phone. ... (view more)

Thu
15
Aug
John Lister's picture

Over 1 Million Fingerprints Exposed Online

More than one million fingerprints were exposed online for at least a week, according to security researchers. The company responsible for the data says it will take immediate action if there's a security threat. The data is held by Suprema, which ... operates a biometric lock system called Biostar 2. It lets building owners restrict access by fingerprint or facial recognition, rather than relying on measures such as physical keys or pass codes. The Guardian newspaper reports that Biostar 2 is used in a wider system that has 5,700 customers accessing 1.5 million locations across 83 countries. ... (view more)

Wed
14
Aug
John Lister's picture

Chrome, Firefox Ditch EV SSL Padlock System

Chrome and Firefox will stop indicating when websites have received an "extra level of verification" to prove they are in fact genuine. The move is largely due to the fact that most users aren't aware of the Extended Validation SSL (EV SSL) system. ... The Extended Validation SSL (secure socket layer) security certificates go beyond the standard SSL certification scheme, which browsers use to show that data being sent to and from a website is in fact encrypted and secure. This means that communication is encrypted, and that no one can eavesdrop or steal data mid-stream. In other words, ... (view more)

Mon
12
Aug
John Lister's picture

Apple Offers $1 Million For iPhone Hack

Apple is offering a million dollar bounty to anyone who can successfully hack an iPhone and shares the details. But its limited to specific circumstances that will mean the payout is well worth it for the company. Like several tech giants, Apple ... already had a reward scheme for people who find and report bugs. To date the biggest bounty Apple has offered is $200,000 and only to people who have previously been approved to explore Apple bugs. The million dollar bounty is officially open to anyone. The new offer was made at the Black Hat convention in Las Vegas, the leading annual gathering of ... (view more)

Pages

Subscribe to RSS - John Lister