Security News

Released on August 10, Firefox 91 delivers HTTPS by Default in Private Browsing mode and an enhanced cookie clearing option. "While there remain many websites that don't use HTTPS by default, a large fraction of those sites do support the optional use of HTTPS. In such cases, Firefox Private Browsing Windows now automatically opt into HTTPS for the best available security and privacy," Mozilla explained.

"We solve something that had previously been thought impossible - achieving location privacy in mobile networks," said Paul Schmitt, an associate research scholar at the Center for Information Technology Policy at Princeton University, told The Register. In "Pretty Good Phone Privacy," [PDF] a paper scheduled to be presented on Thursday at the Usenix Security Symposium, Schmitt and Barath Raghavan, assistant professor of computer science at the University of Southern California, describe a way to re-engineer the mobile network software stack so that it doesn't betray the location of mobile network customers.

Apple on Thursday said it's introducing new child safety features in iOS, iPadOS, watchOS, and macOS as part of its efforts to limit the spread of Child Sexual Abuse Material in the U.S. To that effect, the iPhone maker said it intends to begin client-side scanning of images shared via every Apple device for known child abuse content as they are being uploaded into iCloud Photos, in addition to leveraging on-device machine learning to vet all iMessage images sent or received by minor accounts to warn parents of sexually explicit photos in the messaging platform. What's more, Apple is expected to use another cryptographic principle called threshold secret sharing that allows it to "Interpret" the contents if an iCloud Photos account crosses a threshold of known child abuse imagery, following which the content is manually reviewed to confirm there is a match, and if so, disable the user's account, report the material to NCMEC, and pass it on to law enforcement.

Mozilla on Tuesday released Firefox 91, a version of the web browser that brings enhanced cookie clearing, HTTPS by default in private browsing mode, and patches for several high-severity vulnerabilities. Once the user updates Firefox to version 91, the browser will automatically use an HTTPS connection when the Private Browsing feature is used.

Amazon was fined 746 million euros by Luxembourg authorities over allegations it flouted the EU's data protection rules, the online retail giant said Friday. The fine was issued July 16 by the Luxembourg National Commission for Data Protection following its determination that "Amazon's processing of personal data did not comply with the EU General Data Protection Regulation," Amazon said in a securities filing.

Zoom, the videoconferencing firm, has agreed to settle a class-action US privacy lawsuit for $85 million, it said Sunday. The suit charged that Zoom's sharing of users' personal data with Facebook, Google and LinkedIn was a breach of privacy for millions.

Kubient conducted a survey of marketing and advertising professionals to provide a snapshot of industry perspectives on increasing privacy regulations, including the postponement and eventual elimination of cookies and how it affects the larger marketing and advertising ecosystem. Two-thirds of marketers surveyed support federal consumer regulations such as the California Consumer Protection Act and the Colorado Consumer Protection Act.

Google has shared details of upcoming changes to Android including the ability to blank a device's advertising ID, and a new safety section for apps in the Play store. The advertising ID is an identifier unique to an Android device which is supplied by Google Play Services.

Google this week announced a series of updates to its Google Play policies that are meant to improve overall user privacy and security and provide more control over ads personalization. As per the new policy, all applications in Google Play will be required to detail their privacy and security practices by April 2022.

Google has announced today more details regarding their upcoming Google Play 'Safety section' feature that provides users information about the data collected and used by an Android app. In May, Google pre-announced upcoming changes to the Google Play Store requiring app developers to share what info their apps collect, how collected data is used, and what privacy/security features the apps utilize.