Security News

Roid security is always a hot topic and almost always for the wrong reason, including Google's failure to prevent malicious apps from being distributed through the Play Store, over-claim of permissions by apps, and privacy leakages. This feature is not new in Android but was earlier only available to use while downloading a new app from the Google Play Store.

A Case Western Reserve University computer and data sciences researcher is working to shore up privacy protections for people whose genomic information is stored in a vast global collection of vital, personal data. Erman Ayday pursued novel methods for identifying and analyzing privacy vulnerabilities in the genomic data sharing network known commonly as "The Beacons."

Apple has patched nearly a dozen vulnerabilities and it has introduced new privacy features with the release of iOS 14 and iPadOS 14 this week. The issues could result in applications causing a system crash or writing kernel memory, identifying other installed applications, leaking user information, or accessing restricted files; may allow attackers to download malicious content, execute arbitrary code, or view notification contents from the lockscreen; may lead to arbitrary code execution or a cross-site scripting attack; may allow a user to read kernel memory; or could result in the screen lock not engaging after the specified time period.

Apple has released Safari 14, which features many functional improvements, a Privacy Report that shows all the trackers the browser has neutralized, and and does not support Adobe Flash anymore. Safari 14 sports a redesign of the tab bar, which now displays site favicons by default and previews of the contents of some pages, and a customizable start page.

Popular mobile messengers expose personal data via discovery services that allow users to find contacts based on phone numbers from their address book, according to researchers. When installing a mobile messenger like WhatsApp, new users can instantly start texting existing contacts based on the phone numbers stored on their device.

Californians regularly opt-out of companies selling their personal information, with "Do-not-sell" being the most common CCPA right exercised, happening nearly 50% of the time over access and deletion requests, DataGrail's Mid-Year CCPA Trends Report shows. Do-not-sell requests are almost 50% of all DSRs. When CCPA went into effect in January 2020, DataGrail saw people exercise their rights immediately, with a surge of data subject requests going across its platform in January 2020.

Interesting privacy analysis of the Ambient Light Sensor API. And a blog post. Especially note the “Lessons Learned” section.

The U.S. nonprofit, which is aimed at protecting citizens' privacy and free speech, criticized the state's lack of any privacy standards for state COVID-19 mobile tracking apps, or for contracts that California may enter to deploy such programs. While California has not yet formally announced a program similar to ones other states already have launched that use mobile technology or apps to help people keep track of COVID-19 exposure in their local area, there are plans in the works, according to a blog post by Electronic Frontier Foundation's Hayley Tsukayama, a legislative activist.

Roid 11 is the seventh operating system release to include enterprise features since the introduction of the work profile in 2014 to separate work data on employees' personal devices. The new platform iteration, Google says, brings the work profile privacy protections to enterprise-issued devices.

A Swiss federal commissioner announced Tuesday that a U.S.-Swiss program aimed to protect personal information exchanged between the two countries doesn't go far enough, and has downgraded the United States to rank it as a country deemed to have inadequate data protection. Federal Data Protection and Information Commissioner Adrian Lobsiger, in a new policy paper, recommends that Swiss companies or government should disclose personal data to the U.S. only if safeguards are put in place to protect people from prying U.S. authorities.