Smart toilet’s bidet hacked via Bluetooth, gives new meaning to ‘backdoor vulnerability’

Smart toilet’s bidet hacked via Bluetooth, gives new meaning to ‘backdoor vulnerability’

The smart toilet is vulnerable via its built-in Bluetooth radio, allowing hackers to remotely open or close the lid, flush the toilet, or, perhaps most perturbingly, activate the built-in bidet function.

Troy Hunt: Beyond Passwords: 2FA, U2F and Google Advanced Protection

Troy Hunt: Beyond Passwords: 2FA, U2F and Google Advanced Protection

For example, if you physically have someone's mobile phone in your hand and it's unlocked, you could login to an account by initiating a password reset, receiving the email in their email client then entering the "2nd factor" token sent via SMS or generated by a soft token app on the device.

Minister in Charge of Japan’s Cybersecurity Says He Has Never Used a Computer

Minister in Charge of Japan’s Cybersecurity Says He Has Never Used a Computer

Japanese lawmakers were aghast on Wednesday when Yoshitaka Sakurada, 68, the minister who heads the government’s cybersecurity office, said during questioning in Parliament that he had no need for the devices, and appeared confused when asked basic technology questions.

Facing EPIC Lawsuit, FAA Scraps Secretive Drone Committees

The FAA's Drone Advisory Committee, facing an open government lawsuit from EPIC, has scrapped the secretive committees that developed drone policy. EPIC has a long history of promoting government transparency and advocating for privacy protections against drones.

Google accused of 'trust demolition' over health app

Google accused of 'trust demolition' over health app

Lawyer and privacy expert Julia Powles, who has closely followed the development of Streams, responded on Twitter: "DeepMind repeatedly, unconditionally promised to 'never connect people's intimate, identifiable health data to Google'.

Firefox Monitor Launches in 26 Languages and Adds New Desktop Browser Feature

Firefox Monitor Launches in 26 Languages and Adds New Desktop Browser Feature

Specifically, we are adding a notification to our Firefox Quantum browser that alerts desktop users when they visit a site that has had a recently reported data breach.

MHP introduces monitoring of employees' emotions

MHP introduces monitoring of employees' emotions

Myronivsky Hliboproduct (MHP), a large agricultural holding in Ukraine, with the purpose of boosting labor effectiveness introduced monitoring of employee's emotions, MHP Board Chairman Yuriy Kosiuk said at the fifth Conductors of Changes forum held in Kyiv on November 13.

Fake fingerprints can imitate real ones in biometric systems – research

Fake fingerprints can imitate real ones in biometric systems – research

Based on those insights, the researchers used a common machine learning technique, called a generative adversarial network, to artificially create new fingerprints that matched as many partial fingerprints as possible.

Dutch government report says Microsoft Office telemetry collection breaks GDPR

Dutch government report says Microsoft Office telemetry collection breaks GDPR

Investigators said that Microsoft collects up to 25,000 types of Office events, data which is made available to up to 30 engineering teams.

What the fork is happening with BCH? Bitcoin ABC & Bitcoin SV Conundrum

What the fork is happening with BCH? Bitcoin ABC & Bitcoin SV Conundrum

But if you go by the BCH trading data released by Poloniex, the traders are more inclined towards Bitcoin ABC, while on the other hand, the majority of the hash power on the network appears to be in favor of Bitcoin SV.

HTTP/3: Come for the speed, stay for the security

HTTP/3: Come for the speed, stay for the security

In 2013, Google introduced a new experimental protocol called Quick UDP Internet Connections (QUIC), that would make HTTP requests faster and more secure. Google estimates that traditional TCP-based HTTP requests take about 100ms because the client has to establish a connection with the server before it asks for anything.

Delay, Deny and Deflect: How Facebook’s Leaders Fought Through Crisis

Delay, Deny and Deflect: How Facebook’s Leaders Fought Through Crisis

This account of how Mr. Zuckerberg and Ms. Sandberg navigated Facebook’s cascading crises, much of which has not been previously reported, is based on interviews with more than 50 people.

SuperCooKey – A SuperCookie Built Into TLS 1.2 and 1.3

SuperCooKey – A SuperCookie Built Into TLS 1.2 and 1.3

TLS 1.3 has a heavily touted feature called 0-RTT that has been paraded by CloudFlare as a huge speed benefit to users because it allows sessions to be resumed quickly from previous visits. In the screen that pops up, enter security.tls.enable_0rtt_data into the search bar, and make sure that the setting is set to FALSE.

A new Venezuelan ID, created with China's ZTE, tracks citizen behavior

A new Venezuelan ID, created with China's ZTE, tracks citizen behavior

As part of a $70 million government effort to bolster “national security,” Venezuela last year hired ZTE to build a fatherland database and create a mobile payment system for use with the card, according to contracts reviewed by Reuters.

Google accused of 'trust demolition' over health app

Google accused of 'trust demolition' over health app

Lawyer and privacy expert Julia Powles, who has closely followed the development of Streams, responded on Twitter: "DeepMind repeatedly, unconditionally promised to 'never connect people's intimate, identifiable health data to Google'. DeepMind repeatedly, unconditionally promised to *never* connect people's intimate, identifiable health data to Google.

CBS6 Investigates: Internet Privacy

CBS6 Investigates: Internet Privacy

“There should be a right to privacy and we should establish standards and then who's going to implement those standards and enforcement,” said Congressman Paul Tonko, D-Amsterdam. He said that lawmakers have been holding hearings to figure out the best way to establish some privacy on the internet.

Google 'betrays patient trust' with DeepMind Health move

Google 'betrays patient trust' with DeepMind Health move

Google has been accused of breaking promises to patients, after the company announced it would be moving a healthcare-focused subsidiary, DeepMind Health, into the main arm of the organisation. Google says the restructure is necessary to allow DeepMind’s flagship health app, Streams, to scale up globally.

The Lie Behind the Lie Detector

The Lie Behind the Lie Detector

"As the lie behind the lie detector becomes more and more widely known, those agencies that rely on polygraphy will be able to fool fewer of the people less of the time. Chapter Three exposes the trickery on which polygraph "testing" depends.

Private by Design: How we built Firefox Sync

Private by Design: How we built Firefox Sync

Where does it go?” With the Firefox Sync design, you enter a passphrase of your choosing and it is used to derive an encryption key that never leaves your computer.

DigitalBits: An Economy Reimagined – DigitalBitsOrg – Medium

DigitalBits: An Economy Reimagined – DigitalBitsOrg – Medium

DigitalBits is a protocol layer Blockchain designed to help facilitate mass market liquidity of various digital assets and integrate with existing apps to drive market-adoption of Blockchain technology. Applications utilize DigitalBits technology to facilitate mass market liquidity of various digital assets.

Google’s G Suite Twitter account is the latest to get hacked in bitcoin scam

Google’s G Suite Twitter account is the latest to get hacked in bitcoin scam

Google’s official G Suite Twitter account is the latest victim of an ongoing bitcoin scam that has been plaguing the social media platform for the last few weeks, joining companies like Target (which saw a similar hack this morning), via The Next Web.

Unpatched Android OS Flaw Allows Adversaries to Track User Location

Unpatched Android OS Flaw Allows Adversaries to Track User Location

CVE-2018-9489, now patched as mentioned, allows adversaries to explore and attack the local WiFi network, or identify and physically track any Android device, by exposing a range of WiFi information.

Google’s “Smart City of Surveillance” Faces New Resistance in Toronto

Google’s “Smart City of Surveillance” Faces New Resistance in Toronto

The group represents the latest and largest effort by Torontonians to start having the kinds of public conversations, teach-ins, and debates that should have “taken place last year, when this project was first announced,” according to Bianca Wylie, co-founder of Tech Reset Canada and one of the lead organizers of the opposition to Sidewalk Toronto.

CDT Signs Onto Principles for Privacy Legislation, Calls On NTIA to Promote Robust Privacy Law in Congress

CDT Signs Onto Principles for Privacy Legislation, Calls On NTIA to Promote Robust Privacy Law in Congress

CDT hopes the administration champions this approach, and as the public interest privacy legislation principles demonstrate, there are many organizations that stand ready to work with the NTIA and Congress to propose concrete language to these ends.

Federal Researchers Complete Second Round of Problematic Tattoo Recognition Experiments

Federal Researchers Complete Second Round of Problematic Tattoo Recognition Experiments

The latest experiment was called Tatt-E, which is short for “Tattoo Recognition Technology Evaluation.” Using tattoo images collected by state and local law enforcement from incarcerated people, NIST tested algorithms created by state-backed Chinese Academy of Sciences and MorphoTrak, a subsidiary of the French corporation Idemia.

The father of the web is redefining the internet, and he’s not asking for permission

The father of the web is redefining the internet, and he’s not asking for permission

In response to the growing threat of data-hungry internet enterprises, Sir Tim Berners-Lee’s new initiative, Inrupt, is aiming to decentralize the web and rewrite the rules of online business with its new open-source project, Solid.

Carmakers are collecting data and cashing in – and most drivers have no clue

Carmakers are collecting data and cashing in – and most drivers have no clue

Now, carmakers are rushing to turn your car's data into a revenue stream, reselling blocks of location information and, one day, information from cars' on-board cameras and sensors could be bought by mapping companies or apps that monitor traffic conditions.

Facebook Failed to Police How Its Partners Handled User Data

Facebook Failed to Police How Its Partners Handled User Data

Facebook failed to closely monitor device makers after granting them access to the personal data of hundreds of millions of people, according to a previously unreported disclosure to Congress last month.

Facebook bug let websites read ‘likes’ and interests from a user’s profile

Facebook bug let websites read ‘likes’ and interests from a user’s profile

“This allowed information to cross over domains — essentially meaning that if a user visits a particular website, an attacker can open Facebook and can collect information about the user and their friends,” said Masas.

EPIC Supports Constitutionality of "Robocall" Law

EPIC has filed a "friend of the court" brief in a case concerning the constitutionality of the Telephone Consumer Protection Act, the law the prohibits unwanted "robocalls." In Gallion v.

More