The hidden side of politics

Browser Extensions Scraped Data From Millions of People

Reported by WIRED:

Europeans had to navigate by the stars this week—well, GPS, but still—after the continent’s burgeoning Galileo satellite navigation network went dark for a full seven days. The incident is a warning for everyone of how fallible the infrastructure of our modern lives really is.

In more uplifting news, security researchers made an app designed to kill, to prove a point about the intense risks of internet-connect health devices, and the need for the companies who make them to stop ignoring them. (Wait, sorry, murder apps are not uplifting.)

We explained how to clear out your zombie apps and online accounts, and why Microsoft’s very serious BlueKeep bug hasn’t wreaked havoc on the Windows devices of the world, yet.

Oh, and we—like everyone else—took note of this week’s viral app, FaceApp, which shows you how you’ll look when you’re old. Though people were quick to point out its security risks, we reminded you that if you’re worried about FaceApp, you’re going to panic when you learn about a little old app called Facebook.

But that’s not all. Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but which we think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.

DataSpii Reveals Some Browser Extensions are Spying on You—and Selling Your Private Data

If you use browser extensions, you’re going to want to pay attention to this one. Ars Technica reporter Dan Goodin brings the news of a major new privacy failure recently unearthed by security researchers: widely used Chrome and Firefox browser extensions scraped and sold the data of more than 4.1 million people, until the researcher alerted Google and Mozilla. These extensions took the URL and other details from your browsing history and sold them to a data firm called Nacho Analytics, which marketed itself as providing a “god mode for the internet.” Nacho Analytics then published them, for a fee. Because of the way many of the pages were protected—or rather, not protected—those published links often allowed people to see the content of the pages themselves. Among the sensitive pieces of information spilled? Tax returns, doctor-patient communications, and links to Nest cameras. The scariest thing about DataSpii is that it likely represents a small fraction of the extensions out there that invade your privacy. As Goodin found when he dug into the research, many of these extensions and Nacho Analytics reference this spying and selling in the fine print of their terms of service. So what can you do to protect yourself? First, read the whole Ars story to see if you were caught up in DataSpii, and second: read the fine print before installing any extensions.

NSO Group Says Its Spyware Can Scrape Your Data From the Cloud

An Israeli spyware company popular with intelligence agencies across the world, and famous for exploiting WhatsApp with just a phone call, has a new sales pitch. Citing unnamed sources, the Financial Times reports that NSO Group is now telling governments and potential customers that its spyware can access personal data from the servers of all of big tech’s companies. The important thing to note, though, is that it apparently claims to do so by compromising your device’s authentication tokens. In other words, they haven’t hacked the cloud, but the smartphones and computers of people who access it. Bottom line, as always: If a nation state targets you, you’re toast.

Microsoft Is Giving Away Free Security Software for Voting Machines

How do you hack an election? Let me count the ways. Through disinformation campaigns, gerrymandering, breaching voter roles, and—oh yeah—targeting the voting machines themselves. Though experts have warned for years that voting machines are insecure, companies and municipalities have been slow to upgrade and secure them—despite voting machines being listed as critical infrastructure by the US government. This week, software giant Microsoft announced it has developed a open source software that can help make voting machines more secure. The company is giving the software away for free in the hopes that it can help shore up systems ahead of the presidential election next year. Microsoft also announced it has found 781 attempted cyberattacks by foreign hackers targeting political organizations so far this year.

Slack Is Updating One Percent of All User Passwords

After Slack was breached in 2015, the company reset the passwords of those whose accounts had been affected. But recently, the company says it received a batch of breached credentials through its bug bounty program and realized they were from the same 2015 incident. On Thursday it announced it had decided to reset the passwords of all users who were active on Slack during the 2015 breach. If you, like me, are one of those people but haven’t had your password reset by Slack, that’s likely because you had already changed it since 2015, or you use some kind of single sign on authentication service, according to Slack.


More Great WIRED Stories

Source:WIRED

Share

38 Comments

  1. nike huarache Reply

    Thanks a lot for giving everyone a very special opportunity to check tips from this site. It’s usually so ideal and as well , jam-packed with a lot of fun for me personally and my office mates to visit your web site at minimum 3 times a week to learn the latest tips you have. And of course, I am at all times fulfilled with all the attractive principles you give. Certain 4 tips in this post are easily the most suitable we’ve ever had.

  2. yeezy boost 350 v2 Reply

    I precisely wanted to appreciate you yet again. I do not know what I might have achieved in the absence of these points discussed by you over my problem. It had been a real depressing setting for me, nevertheless encountering the very professional avenue you dealt with that forced me to jump with happiness. I’m just happier for this support and even wish you find out what a great job that you’re getting into instructing most people by way of your web page. I am certain you haven’t met any of us.

  3. coach handbags Reply

    My spouse and i felt now thankful that Peter could finish up his investigations through the ideas he grabbed out of the web page. It’s not at all simplistic to just possibly be giving for free information some others might have been trying to sell. Therefore we consider we have you to appreciate for this. Those illustrations you’ve made, the simple web site menu, the friendships you can give support to create – it’s everything exceptional, and it’s leading our son and us reckon that this topic is cool, and that’s rather essential. Thanks for all!

  4. hermes Reply

    I wanted to write a quick word so as to express gratitude to you for all the nice solutions you are showing here. My incredibly long internet research has at the end of the day been compensated with reliable insight to write about with my family. I would suppose that most of us site visitors actually are undoubtedly endowed to exist in a really good network with very many awesome professionals with great tips and hints. I feel really happy to have seen the website page and look forward to so many more excellent minutes reading here. Thanks again for all the details.

  5. supreme Reply

    I’m writing to let you be aware of what a cool encounter my friend’s child went through visiting your site. She learned numerous issues, which included what it is like to have an excellent giving style to let most people very easily learn a variety of impossible things. You actually did more than our own desires. Many thanks for presenting those necessary, dependable, revealing and also cool tips on your topic to Sandra.

  6. supreme shirt Reply

    I wanted to compose you the little word so as to thank you very much yet again for your splendid tactics you have contributed on this website. It has been surprisingly open-handed of you to give freely all that a number of people might have offered for sale as an e-book to help make some cash for their own end, precisely considering the fact that you could possibly have done it if you ever desired. These tactics also served to provide a good way to recognize that the rest have similar interest similar to my own to know the truth good deal more when considering this condition. Certainly there are a lot more fun moments up front for those who go through your website.

  7. yeezy wave runner 700 Reply

    Thank you a lot for providing individuals with remarkably wonderful possiblity to read from this website. It’s always very kind and full of a good time for me personally and my office co-workers to visit your web site at a minimum three times in one week to learn the newest guides you have got. And lastly, I am also actually fulfilled with your striking guidelines you give. Certain two facts in this posting are absolutely the simplest I have ever had.

  8. nike kd 11 Reply

    A lot of thanks for every one of your effort on this blog. Gloria really likes making time for internet research and it’s really simple to grasp why. My partner and i know all relating to the powerful way you make both useful and interesting tricks by means of your website and invigorate contribution from some other people on the issue plus our favorite girl is in fact becoming educated a whole lot. Have fun with the rest of the new year. You have been performing a fantastic job.

  9. lebron 14 Reply

    I really wanted to write down a brief word so as to express gratitude to you for these amazing items you are posting here. My time consuming internet look up has at the end of the day been paid with brilliant suggestions to talk about with my friends and family. I ‘d point out that many of us visitors are quite blessed to be in a notable network with many awesome people with good tips and hints. I feel truly grateful to have seen the web pages and look forward to so many more awesome times reading here. Thank you once again for all the details.

Leave a Reply

Your email address will not be published. Required fields are marked *

FOLLOW @ NATIONAL HILL