Security News

The leader of far-right political group Britain First has been handed a judicial slap on the wrist after refusing to give his phone PIN to police at Heathrow Airport. He told police the party was "Not liberal like the Lib Dems in the UK, they're nationalist and right wing like Le Pen and Trump".

Governments and organizations are unleashing new technologies to fight the spread of the coronavirus, adding to privacy and data collection concerns. A new Pew Research poll takes a look at the current sentiment regarding these new contact tracing applications and data collection.

A Forbes report last week outlined how some Xiaomi Android phones track their owners' web browsing and online activities. It was claimed the handsets' bundled Xiaomi browser collects things like browsing history, search queries, and news feed activity, and sends the data off to servers in China, even in private incognito mode.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

Any developer currently using image importers or other image handling libraries should read this document to see how to use the Image I/O framework instead. In other words, instead of laboriously adding support for dozens of different image formats to your app by writing code for each new filetype one-by-one, you can just use ImageIO functions and let the operating system take care of figuring out what image type it is, whether it's supported, and how to read it in. You don't need to worry, or even care, whether it's JPEG, GIF, PNG, BMP, TIFF or even a file format you've never heard off such as KTX. So the drawcard here for a security researcher is the juxtaposition of the word fuzzing, which means going all-out to find weirdly-corrupted files that reveal bugs in the underlying code, and the word ImageIO, which refers to the core code that gets triggered pretty much any time any iPhone app encounters an image file.

Version 5.0 gains the ability to display conversation histories and secret chats in Telegram, one of the world's most popular instant messaging apps. Elcomsoft Phone Viewer 5.0 gains the ability to display Telegram conversations by analyzing the iPhone file system image.

The Android ecosystem continues to become more fragmented: several Android versions are supported at the same time, and unsupported end-of-life versions continue to be widely used. Only 30% of the observed devices were running Android 9 or newer in 2019, 40% were running Android 8, and 30% were running Android 7.

You may have heard that today's phone fraudsters like to use caller ID spoofing services to make their scam calls seem more believable. You probably didn't know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account - data that can then be abused to make their phone scams more believable and expose you to additional forms of identity theft.

A weird combination of Unicode characters that make up a nonsense word can crash your iPhone, apparently by confusing the iOS operating system when it tries to figure out how to display the "Word". We don't know how to read Arabic writing, or indeed the text of any Semitic language, but we do know that the writing systems of these languages generally differ from most European languages.

The records held Facebook users' IDs, which are unique, public numbers associated with specific accounts that can be used to figure out an account's username and other profile info. The initial breach exposed 267,140,436 records of what were mostly Facebook users in the US. Diachenko said that all of the records seemed to be valid.