Security News
Despite the companies' insistence that privacy will be "Of utmost importance," some in the security space remain wary of data privacy concerns around the newly announced technology. Many such coronavirus tracking apps are already available, such as COVID Symptom Tracker and Private Kit SafePaths.
Cloudflare is nixing Google's reCAPTCHA tool and replacing it with what the network services company's CEO calls "a better CAPTCHA" service, hCaptcha. Cloudflare said the main driver for the swap was that Google is now charging for use of its reCAPTCHA tool - but customer privacy and availability were other factors.
London-based data privacy company Privitar this week announced that it has raised $80 million in a Series C funding round, which brings the total amount raised to date to more than $143 million. Privitar provides a data privacy and anonymisation platform that enables organizations to obtain data-driven insights without putting sensitive employee, customer and partner information at risk.
Cloudflare on Wednesday said it is ditching Google's reCAPTCHA bot detector for a similar service called hCaptcha out of concerns about privacy and availability, but mostly cost. The biz held a bake-off to pick a new provider, and settled on hCaptcha, a service released last year as an alternative to reCAPTCHA. According to Prince and Isasi, hCaptcha doesn't sell personal data and made commitments to use info collected from Cloudflare only to improve the service.
Governments worldwide have released COVID-19 mobile apps to provide citizens with useful information and, in some cases, to track individuals in an effort to contain the coronavirus outbreak. An analysis of dozens of nation and government-sponsored mobile applications for Android released to help with the current COVID-19 pandemic has revealed the existence of privacy risks, vulnerabilities and backdoors, ZeroFOX says in a post highlighting three of the analyzed apps.
This raise enables Privitar to further accelerate the development of its data privacy platform, fuel continued innovation, and support key growth initiatives, with a focus on international expansion and increased hiring across sales, services, product development, and other areas of the business. "The Privitar platform enables our customers to unlock and use their data to create better products and services while minimizing friction and risk," said Jason du Preez, CEO of Privitar.
In Zoom's white paper, there is a list of "Pre-meeting security capabilities" that are available to the meeting host that starts with "Enable an end-to-end encrypted meeting." Later in the white paper, it lists "Secure a meeting with E2E encryption" as an "In-meeting security capability" that's available to meeting hosts. When reached for comment about whether video meetings are actually end-to-end encrypted, a Zoom spokesperson wrote, "Currently, it is not possible to enable E2E encryption for Zoom video meetings. Zoom video meetings use a combination of TCP and UDP. TCP connections are made using TLS and UDP connections are encrypted with AES using a key negotiated over a TLS connection."
Zoom, in particular, has witnessed a massive influx of new users, which lead to increased scrutiny from information security researchers. Zoombombing, additionally exacerbated by lax privacy and security choices made by users and vulnerabilities that allow for the creation of tools like zWarDial, which automates Zoom meeting discovery.
Video-conferencing app maker Zoom has promised to do better at security after a bruising week in which it was found to be unpleasantly leaky in several ways. Host a weekly webinar on Wednesdays at 10am PT to provide privacy and security updates to our community.
While newer regulations like the EU's General Data Protection Regulation and the California Consumer Privacy Act are steps in the right direction to protect consumer privacy, there is a need for tighter regulation for facial recognition technology. Facial recognition vs. facial authentication.